HP unveils Flash vulnerability scanner

HP has released a free static-analysis tool designed to find vulnerabilities in applications developed on the Adobe Flash platform. But HP SWFScan is no security geek plaything. It’s meant specifically for developers without much in the way of security training. The tool is the brainchild of the...

CVE-2009-0368

OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a 1 low level APDU command or 2 debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program...

DEBIAN-CVE-2009-0368

OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a 1 low level APDU command or 2 debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program...

Code injection

OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a 1 low level APDU command or 2 debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program...

CVE-2009-0368

OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a 1 low level APDU command or 2 debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program...

Fedora Update for kdevelop FEDORA-2007-2985

Check for the Version of kdevelop OpenVAS Vulnerability Test Fedora Update for kdevelop FEDORA-2007-2985 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

IntelliTamper 2.072.08 - .map Local Overwrite (SEH)

IntelliTamper 2.072.08 - .map Local Overwrite SEH !/usr/bin/python IntelliTamper 2.07/2.08 MAP File 0-day Local SEH Overwrite Exploit Bug discovered by cN4phux Tested on: IntelliTamper 2.07/2.08 / win32 SP3 FR Shellcode: Windows Execute Command calc Here's the debugger output like what u see, the...

IntelliTamper 2.07/2.08 - '.map' Local Overwrite (SEH)

!/usr/bin/python IntelliTamper 2.07/2.08 MAP File 0-day Local SEH Overwrite Exploit Bug discovered by cN4phux Tested on: IntelliTamper 2.07/2.08 / win32 SP3 FR Shellcode: Windows Execute Command calc Here's the debugger output like what u see, the EIP overwritten & attempt to read from address...

CVE-2008-5688

MediaWiki 1.8.1, and other versions before 1.13.3, when the wgShowExceptionDetails variable is enabled, sometimes provides the full installation path in a debugging message, which might allow remote attackers to obtain sensitive information via unspecified requests that trigger an uncaught...

CVE-2008-5688

MediaWiki 1.8.1, and other versions before 1.13.3, when the wgShowExceptionDetails variable is enabled, sometimes provides the full installation path in a debugging message, which might allow remote attackers to obtain sensitive information via unspecified requests that trigger an uncaught...

CVE-2008-5688

CVE-2008-5688 affects MediaWiki 1.8.1 through 1.13.3 (and variants) where, if wgShowExceptionDetails is enabled, an uncaught exception can reveal the full installation path in a debugging message. This may allow remote attackers to obtain sensitive information via unspecified requests triggering ...

CVE-2008-5688

MediaWiki 1.8.1, and other versions before 1.13.3, when the wgShowExceptionDetails variable is enabled, sometimes provides the full installation path in a debugging message, which might allow remote attackers to obtain sensitive information via unspecified requests that trigger an uncaught...

MS Visual Basic ActiveX Controls mscomct2.ocx Buffer Overflow PoC

No description provided by source. !/usr/bin/perl Microsoft Visual Basic ActiveX Controls mscomct2.ocx Animation Object Buffer Overflow CVE-2008-4255 PoC You'll need Debugging Tools for Windows http://www.microsoft.com/whdc/devtools/debugging/default.mspx /JA Come to FRHACK! www.frhack.org print...

Microsoft Visual Basic ActiveX Buffer Overflow

!/usr/bin/perl Microsoft Visual Basic ActiveX Controls mscomct2.ocx Animation Object Buffer Overflow CVE-2008-4255 PoC You'll need Debugging Tools for Windows http://www.microsoft.com/whdc/devtools/debugging/default.mspx /JA Come to FRHACK! www.frhack.org print "\nMicrosoft Visual Basic ActiveX...

Microsoft Visual Basic - ActiveX Controls mscomct2.ocx Buffer Overflow (PoC)

Microsoft Visual Basic - ActiveX Controls mscomct2.ocx Buffer Overflow PoC !/usr/bin/perl Microsoft Visual Basic ActiveX Controls mscomct2.ocx Animation Object Buffer Overflow CVE-2008-4255 PoC You'll need Debugging Tools for Windows http://www.microsoft.com/whdc/devtools/debugging/default.mspx /...

MS Visual Basic ActiveX Controls mscomct2.ocx Buffer Overflow PoC

Exploit for unknown platform in category dos / poc ================================================================= MS Visual Basic ActiveX Controls mscomct2.ocx Buffer Overflow PoC ================================================================= !/usr/bin/perl Microsoft Visual Basic ActiveX...

Microsoft Visual Basic - ActiveX Controls mscomct2.ocx Buffer Overflow (PoC)

!/usr/bin/perl Microsoft Visual Basic ActiveX Controls mscomct2.ocx Animation Object Buffer Overflow CVE-2008-4255 PoC You'll need Debugging Tools for Windows http://www.microsoft.com/whdc/devtools/debugging/default.mspx /JA Come to FRHACK! www.frhack.org print "\nMicrosoft Visual Basic ActiveX...

MS Windows Server Service Code Execution PoC (MS08-067)

No description provided by source. In vstudio command prompt: mk.bat next: attach debugger to services.exe 2k or the relevant svchost xp/2k3/... net use \IPADDRESS\IPC$ /user:user creds die \IPADDRESS \pipe\srvsvc In some cases, /user:"" "", will suffice i.e., anonymous connection You should get...

Gentoo Security Advisory GLSA 200408-16 (glibc)

The remote host is missing updates announced in advisory GLSA 200408-16. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows WRITE_ANDX SMB command handling Kernel DoS

Some days ago i have discovered a DoS in Windows Vista. Here is the advisory with a detailed description about the vulnerability that will help to Microsoft they have been already notified about the bug to correct it as soon as possible, and it will help you if you need to add any rule for your...