Code injection

Vikingboard 0.1.2 allows remote attackers to obtain sensitive information via the debug parameter to 1 forum.php, 2 cp.php, and possibly other unspecified components...

CVE-2007-4089

Vikingboard 0.1.2 allows remote attackers to obtain sensitive information via the debug parameter to 1 forum.php, 2 cp.php, and possibly other unspecified components...

[Full-disclosure] heise Security: Password exposure in Lotus Notes

Excerpt from: http://www.heise-security.co.uk/news/92958 ------ Password exposure in Lotus Notes A debug function in version 5 and up of Lotus Notes can be used to write a file containing the new password in plain text when a user password is changed. This function has been designed to bring more...

CVE-2007-3494

Papoo CMS 3.6, and possibly earlier, does not verify user privileges when accessing the backend administration plugins, which allows remote authenticated users to 1 read the entire database by accessing the database backup plugin via a devtools/templates/newdumpbackend.html argument in the templa...

CVE-2007-3494

CVE-2007-3494 affects Papoo CMS 3.6 and possibly earlier. The vulnerability stems from a missing privilege check in backend administration plugin access (via interna/plugin.php and a devtools/templates/newdump_backend.html argument), enabling remote authenticated users to perform actions beyond t...

Stack overflow

Stack-based buffer overflow in peviewer.spl in Altap Servant Salamander 2.5 with Portable Executable Viewer 2.02 English Trial, and 2.0 with Portable Executable Viewer 1.00 English Trial, allows remote attackers to execute arbitrary code via a long PDB debug filename in a PE file...

CVE-2007-3314

Stack-based buffer overflow in peviewer.spl in Altap Servant Salamander 2.5 with Portable Executable Viewer 2.02 English Trial, and 2.0 with Portable Executable Viewer 1.00 English Trial, allows remote attackers to execute arbitrary code via a long PDB debug filename in a PE file...

Ace-FTP Client 1.24a Remote Buffer Overflow PoC

No description provided by source. !/usr/bin/python Credit to n00b for finding the bug. Ace-Ftp client buffer over flow p0c. This is possible to exploit as we Smash the seh handlers and there are Plenty of registers that had our buffer Im still new to seh over writes I haven't Had much experience...

Ace-FTP Client 1.24a Remote Buffer Overflow PoC

Exploit for unknown platform in category dos / poc =============================================== Ace-FTP Client 1.24a Remote Buffer Overflow PoC =============================================== !/usr/bin/python Credit to n00b for finding the bug. Ace-Ftp client buffer over flow p0c. This is...

MoviePlay 4.76 - '.lst' Local Buffer Overflow

!/usr/bin/env ruby MoviePlay 4.76 .lst file Local buffer over-flow. Credit to n00b for writing poc code..Pmsl Tested on :Win xp sp2 eng. Vendor web site: Netfarer.com MoviePlay 4.76 Buffer-over flow reported : Jan 02 2007 12:00AM Credit goes to Parvez Anwar for finding the bug. MoviePlay is prone...

RealPlayer 1 0 (. ra file) Remote Denial of Service Exploit-vulnerability warning-the black bar safety net

!/ usr/bin/python Real player 1 0 Gold . Ra file remote Dos. Credits to n00b for finding this bug This bug is a nasty memory leak with in Real player 1 0 gold please remember if your guna test it out save all your info you need first..Coz your probly guna have to reboot also remember all other...

Heap practice overflow point location of the 2 methods-vulnerability warning-the black bar safety net

Vulnerability software: War-Ftpd version 1.65 Debugging software: Ollydbg Program write: perl Vulnerability is described: the configuration of the USER, resulting in stack overflow. On some debugging of the issue please refer to: the Win32 buffer overflow combat of...

Microsoft Visual Basic 6.0 Project (Company Name) Stack overflow PoC

No description provided by source. !/usr/local/bin/perl Discovered By UmZ Umair Manzoor comments are welcome at umz32.dllatgmail.com Dated 23-02-2007 Time : 02:00 AM PST Visual Basic Project Company Name Stack Overflow Affected Version : Tested on Visual basic 6...

Microsoft Visual Basic 6.0 Project (Company Name) Stack overflow PoC

Exploit for unknown platform in category dos / poc ==================================================================== Microsoft Visual Basic 6.0 Project Company Name Stack overflow PoC ==================================================================== !/usr/local/bin/perl Discovered By UmZ...

Microsoft Visual Basic 6.0 Project - Company Name Stack Overflow (PoC)

!/usr/local/bin/perl Discovered By UmZ Umair Manzoor comments are welcome at umz32.dllatgmail.com Dated 23-02-2007 Time : 02:00 AM PST Visual Basic Project Company Name Stack Overflow Affected Version : Tested on Visual basic 6 Threats : DoS, Previlidges Escilation System become unstable for more...

MagicISO <= 5.4(build239) .cue File Heap Overflow PoC

Exploit for linux platform in category dos / poc ===================================================== MagicISO = 5.4build239 .cue File Heap Overflow PoC ===================================================== !/usr/bin/env ruby Credits to n00b for finding this bug. Magic iso has a stacked based...

Moderate: gcc security and bug fix update

3.4.6-8.0.1 - add gcc34-pr23591-tls-model-fix.patch - this patch fixes a bug with exception handlers and threads 3.4.6-8 - add gnu.java.util.ZoneInfo class, use tzdata files for libgcj timezone stuff instead of builtin simple and outdated rules 227884 - add missing @GCC4.0.0 and @GCC4.2.0 libgcc...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Exponent CMS 0.96.6 Alpha and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 url parameter to a magpiedebug.php and b magpiesimple.php in external/magpierss/scripts/, the 2 rssurl parameter to c magpieslashbox.p...

Foxit Reader 2.0 (PDF) Remote Denial of Service Exploit

Exploit for unknown platform in category dos / poc ======================================================= Foxit Reader 2.0 PDF Remote Denial of Service Exploit ======================================================= / Created Friday, April 20 2007 Moderator of http://igniteds.net Foxit Reader 2....

Foxit Reader 2.0 - PDF Remote Denial of Service

Foxit Reader 2.0 - PDF Remote Denial of Service / Created Friday, April 20 2007 Moderator of http://igniteds.net Foxit Reader 2.0 for Windows Remote dos exploit created by n00b Foxit pdf viewer is prone to a dos exploit by opening a malformed pdf document it is possible to crash foxit reader whic...