Lucene search
K

172 matches found

0day.today
0day.today
added 2012/01/28 12:0 a.m.71 views

MS12-004 midiOutPlayNextPolyEvent Heap Overflow

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

7.1AI score0.69499EPSS
Exploits12
Packet Storm
Packet Storm
added 2012/01/28 12:0 a.m.46 views

MS12-004 midiOutPlayNextPolyEvent Heap Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "MS12-004...

9.3CVSS0.3AI score0.69499EPSS
Exploits12
CERT
CERT
added 2011/11/08 12:0 a.m.35 views

Aviosoft DTV Player buffer overflow vulnerability

Overview Aviosoft DTV Player contains a buffer overflow in the handling of playlist .plf files, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Aviosoft DTV Player is a multiple format video player application. Aviosoft DTV Player...

8.5AI score
Exploits0References1
ThreatPost
ThreatPost
added 2011/10/24 12:36 p.m.9 views

ASLR Added to Android 4.0

The newest version of the Android mobile operating system includes a major security upgrade, the presence of address space layout randomization ASLR, which gives users some better protection against memory-corruption exploits. The inclusion of ASLR in Android 4.0, also known as “Ice Cream...

1.6AI score
Exploits0References2
ThreatPost
ThreatPost
added 2011/02/22 5:20 p.m.11 views

Windows 7 Service Pack 1: 39 Security Fixes, Few Major Changes

With Microsoft set to release the first Service Pack for its Windows 7 Operating System to the general public on Tuesday, businesses and consumers are preparing for an update that fixes hundreds of security and functional problems, but this Service Pack is more housekeeping than a radical home...

2.4AI score
Exploits0References2
The Hacker News
The Hacker News
added 2010/12/23 11:37 p.m.17 views

Unpatched Flaw in IE Bypasses Key Windows Security Features

An exploit exploiting an unpatched vulnerability in Internet Explorer IE has gone public. Security researcher Shahin Ramezany announced in a Tuesday tweet that he successfully exploited the flaw, which involves how IE handles CSS style sheets on Windows 7 and Vista machines. Offensive Security, a...

7.7AI score
Exploits0
ThreatPost
ThreatPost
added 2010/12/23 1:44 p.m.13 views

Microsoft Warns On New Browser Vulnerability

Microsoft on Wednesday issued a security advisory to users of its Internet Explorer Web browser about a newly disclosed vulnerability that could be exploited and used to run malicious code on vulnerable Windows systems. The Redmond, Washington company said it is investigating new, public reports ...

0.7AI score
Exploits0References4
ThreatPost
ThreatPost
added 2010/11/11 5:25 p.m.21 views

Amnesty International Site Found Hosting Malware, IE Zero Day

Researchers at security firm Websense have found that Amnesty International’s Hong Kong site, amnesty.org.hk, is serving up a cocktail of malware that includes last week’s Internet Explorer 0-day. Visitors to the human rights organization’s site operating versions 6 and 7 of IE are being targeted...

0.6AI score
Exploits0References5
exploitpack
exploitpack
added 2010/09/19 12:0 a.m.10 views

Audiotran 1.4.2.4 - Local Overflow (SEH) (DEP Bypass)

Audiotran 1.4.2.4 - Local Overflow SEH DEP Bypass Exploit Title: Audiotran 1.4.2.4 SEH Overflow Exploit DEP Bypass Date: 09/20/10 Credit/Bug found by : Author Abhishek Lyall - abhilyallatgmaildotcom, infoataslitsecuritydotcom Author: Muhamad Fadzil Ramli - mind1355 at gmail dot com Software Link:...

0.5AI score
Exploits0
ThreatPost
ThreatPost
added 2010/09/02 6:54 p.m.13 views

Microsoft Releases New Version of EMET Exploit Mitigation Toolkit

Mitigation has become the word of the moment at Microsoft, and the company on Thursday continued its recent flow of tools designed to lessen the effectiveness of certain attacks with the release of version 2.0 of its Enhanced Mitigation Experience Toolkit. The new version of the toolkit includes ...

0.1AI score
Exploits0References2
ThreatPost
ThreatPost
added 2010/05/13 6:4 p.m.42 views

End of Support for XP SP2 is End of an Era

Microsoft’s announcement this week that it is preparing to end support for machines running Windows XP SP2 not only represents a challenge for the thousands of businesses still running SP2, but also is the end of an era for both Microsoft and its customers. By the time Microsoft drops support for...

9.3CVSS1.6AI score0.99945EPSS
Exploits33References4
securityvulns
securityvulns
added 2010/03/18 12:0 a.m.33 views

CORE-2009-0803: Virtual PC Hypervisor Memory Protection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Virtual PC Hypervisor Memory Protection Vulnerability 1. Advisory Information Title: Virtual PC Hypervisor Memory Protection Vulnerability Advisory Id: CORE-2009-0803...

7.6AI score
Exploits0
exploitpack
exploitpack
added 2010/03/17 12:0 a.m.59 views

Virtual PC Hypervisor - Memory Protection

Virtual PC Hypervisor - Memory Protection -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Virtual PC Hypervisor Memory Protection Vulnerability 1. Advisory Information Title: Virtual PC Hypervisor Memory Protection...

0.5AI score
Exploits0
Core Security
Core Security
added 2010/03/16 12:0 a.m.15 views

Virtual PC Hypervisor Memory Protection Vulnerability

1. Advisory Information Title: Virtual PC Hypervisor Memory Protection Vulnerability Advisory Id: CORE-2009-0803 Advisory URL:http://www.coresecurity.com/core-labs/advisories/virtual-pc-2007-hypervisor-memory-protection-bug Date published: 2010-03-16 Date of last update: 2010-03-16 Vendors...

8AI score
Exploits0
CERT
CERT
added 2010/03/09 12:0 a.m.44 views

Microsoft Internet Explorer iepeers.dll use-after-free vulnerability

Overview Microsoft Internet Explorer contains a use-after-free vulnerability in the iepeers.dll file, which may allow a remote, unauthenticated attacker to execute arbitrary code. Description Microsoft Internet Explorer provides support for Web Folders and printing through the use of the...

9.3CVSS6.5AI score0.82172EPSS
Exploits15References3
ThreatPost
ThreatPost
added 2010/01/19 2:32 p.m.57 views

How DEP Can Mitigate IE Zero-Day Attacks

Jonathan Ness of Microsoft’s Security Research and Defense team explains the inner workings of the Data Execution Prevention technology that can help mitigate the targeted attacks exploiting the vulnerability in Internet Explorer right now...

9.3CVSS0.7AI score0.99945EPSS
Exploits33References2
ThreatPost
ThreatPost
added 2010/01/19 1:35 p.m.18 views

Microsoft: Emergency IE Patch Coming

Microsoft has started dropping broad hints that an emergency patch for Internet Explorer will be released very soon to counter targeted attacks and the publication of exploit code for a “browse and you’re owned” vulnerability in its flagship Web browser. UPDATE: Here is the official confirmation...

1.5AI score
Exploits0References5
CERT
CERT
added 2010/01/14 12:0 a.m.59 views

Microsoft Internet Explorer HTML object memory corruption vulnerability

Overview An invalid pointer reference within Microsoft Internet Explorer may lead to execution of arbitrary code. Description Microsoft Internet Explorer contains a memory corruption vulnerability, which can result in an invalid pointer being accessed after an object is incorrectly initialized or...

9.3CVSS8.7AI score0.91885EPSS
Exploits16References8
CERT
CERT
added 2009/12/15 12:0 a.m.37 views

Adobe Acrobat and Reader contain a use-after-free vulnerability in the JavaScript Doc.media.newPlayer method

Overview The Doc.media.newPlayer method in Adobe Acrobat and Reader contains a use-after-free vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Adobe Reader and the Adobe Acrobat family of software are designed to creat...

9.3CVSS8.7AI score0.81933EPSS
Exploits21References8
seebug.org
seebug.org
added 2008/12/10 12:0 a.m.19 views

Microsoft IE对象处理内存破坏漏洞

Internet Explorer是微软公司开发的广为流行的网络浏览器。 IE在处理畸形格式的网页标记时存在内存对象处理错误,远程攻击者可能利用此漏洞通过精心构造恶意标记数据导致IE处理时执行攻击者指定的任意指令。 此漏洞目前被挂马攻击者积极利用来向用户系统植入恶意软件,而且微软还未发布针对此漏洞的补丁。 Microsoft Internet Explorer 7.0 临时解决方法: 如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁: 暂时不要使用IE 7浏览网页,可以使用Opera或Firefox。...

7.1AI score
Exploits0
Rows per page
Query Builder