Backdoor.Win32.WinShell.30 Remote Stack Buffer Overflow / Missing Authentication

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/56a2b135c8d35561ea5b04694155eb77.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.WinShell.30 Vulnerability: Remote Stack Buffer Overflow / Missing Authentication...

Email-Worm.Win32.Zhelatin.ago Remote Stack Buffer Overflow

Discovery / credits: malvuln - Malvuln.com c 2021 Original source: http://malvuln.com/advisory/0418e7f95a8b94c035e10749234f8378.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Zhelatin.ago Vulnerability: Remote Stack Buffer Overflow Description: Buffer overflo...

CVE-2019-18931

Western Digital My Cloud EX2 Ultra firmware 2.31.195 allows a Buffer Overflow with Extended Instruction Pointer EIP control via crafted GET/POST parameters...

CVE-2019-18931

CVE-2019-18931 affects Western Digital My Cloud EX2 Ultra firmware up to 2.31.195. The issue is a buffer overflow that enables control of the Extended Instruction Pointer (EIP) via crafted GET/POST parameters. Affected firmware version is stated, but no remediation or patch version is provided in...

ActivePDF Toolkit Code Execution

ActivePDF Toolkit 8.1.0 multiple RCE Introduction ============ The ActivePDF Toolkit is a Windows library which enhances business processes to stamp, stitch, merge, form-fill, add digital signatures, barcodes to PDF. Both .NET and native APIs are provided. Amongst many other operations, this...

Freefloat FTP Server 1.0 - 'SITE ZONE' Command Buffer Overflow

Vulnerability background An ftp server seems to be very small,the feeling should be not many people use this to open the ftp service, but there is a vulnerability, and zoomeye be able to search to a lot of equipment to use the service,and the analysis very simple. Vulnerability details Treatment...

uSQLite 1.0.0 Denial Of Service

!/usr/bin/python Exploit Title: Remote buffer overflow vulnerability in uSQLite 1.0.0 PoC Date: 27/10/1016 Exploit Author: Peter Baris Software Link: https://sourceforge.net/projects/usqlite/?source=directory Version: 1.0.0 Tested on: windows 7 and XP SP3 Longer strings will cause heap based...

Internet Bug Bounty: gdImageTrueColorToPaletteBody allows arbitrary write/read access

Upstream bug report ================ 2016-06-29 04:03 UTC https://bugs.php.net/bug.php?id=72512 Patch ===== 2016-07-19 07:47 UTC http://git.php.net/?p=php-src.git;a=commit;h=928aecc002e906b309b28f0062f03d4e5eda3e45 Fixed for PHP 5.5 security only mode, PHP 5.6, PHP 7.0...

Internet Bug Bounty: EIP control using type confusion in json encoding

https://bugs.python.org/issue24683 File 'eip.py' posted on the issue page proves EIP control...

PHP yaml_parse_url Double Free Vulnerability

The yaml parsing functions suffers from an exploitable double free caused by the error path for the phpvarunserialize call on line 797 of pecl/fileformats/yaml.git/parse.c. Title: PHP yamlparseurl Double Free Credit: John Leitch email protected Url1:...

LanSpy 2.0.0.155 - Buffer Overflow (PoC)

LanSpy 2.0.0.155 - Buffer Overflow PoC ''' + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-LANSPY-BUFFER-OVERFLOW-10052015.txt Vendor: ================================ www.lantricks.com Product: ================================...

Internet Bug Bounty: PHP yaml_parse/yaml_parse_file/yaml_parse_url Double Free

https://bugs.php.net/bug.php?id=69616 Description: ------------ The yaml parsing functions suffers from an exploitable double free caused by the error path for the phpvarunserialize call on line 797 of pecl/fileformats/yaml.git/parse.c: if ISNOTIMPLICITANDTAGISevent, YAMLPHPTAG const unsigned cha...

TestDisk 6.14 - 'Check_OS2MB' Stack Buffer Overflow (PoC)

, , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. TestDisk 6.14 CheckOS2MB Stack Buffer Overflow Affected versions: TestDisk 6.14 - Linux, Windows and Mac OSX PDF:...

Hero big eye processing of the TGA File format buffer overflow vulnerability, the EIP can be controlled-the vulnerability warning-the black bar safety net

Brief description: Software description: http://baike.baidu.com/view/222352.html Download: http://www.onlinedown.net/soft/2704.htm http://dl.pconline.com.cn/html2/1/114/id=1879&pn=0.html In the processing of the TGA File format when there is a buffer overflow vulnerability, the eip can be...

Malx Media Player handle malformed m3u file stack overflow local arbitrary code execution-vulnerability warning-the black bar safety net

Malx Media Player 3.2.2 handle malformed m3u file will occur when the stack overflows, which can allow an attacker to successfully control EIP, and execute arbitrary code. （Win7 SP1 with MacType for ROP） Malx Media Player is using MAXPATH as initialization parameters on the stack variable, but th...

Python - socket.recvfrom_into() Remote Buffer Overflow

Python - socket.recvfrominto Remote Buffer Overflow !/usr/bin/env python ''' Exploit Title: python socket.recvfrominto remote buffer overflow Date: 21/02/2014 Exploit Author: @sha0coder Vendor Homepage: python.org Version: python2.7 and python3 Tested on: linux 32bit + python2.7 CVE : CVE-2014-19...

Microsoft IE "ReleaseInterface()"远程代码执行漏洞

BUGTRAQ ID: 45639 Internet Explorer是Windows操作系统中默认捆绑的WEB浏览器。 IE在实现上存在远程代码执行漏洞，远程攻击者可利用此漏洞在受影响的应用程序中运行任意代码或造成拒绝服务。 漏洞存在于mshtml.dll模块中的ReleaseInterface函数，可导致修改EIP控制程序执行流程。 Microsoft Internet Explorer 8.0.7600.16385 厂商补丁： Microsoft --------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

Oracle Java 6 - OBJECT tag 'launchjnlp'/'docbase' Remote Buffer Overflow

Source: http://code.google.com/p/skylined/issues/detail?id=23 SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS ,dSSSSSSSSSSSS SSSS ,dSSY' SSSS SSSS SSSS SSSS SSSSb, SSSS ,dSSSSSSSSSSSS SSSSSSSSSSSSb, SSSS SSSS ,dSSY' SSSS SSSS SSSS SSS...

MediaCoder v0.7.3.4605 Local Buffer Overflow Exploit

Exploit for unknown platform in category local exploits ==================================================== MediaCoder v0.7.3.4605 Local Buffer Overflow Exploit ==================================================== / Download: http://www.mediacoderhq.com/download.htm Compilation:...

Mediacoder 0.7.3.4605 - Local Buffer Overflow

/ Download: http://www.mediacoderhq.com/download.htm Compilation: mediac.c.......Win32cygwin,Devcpp Tested on Windows xp sp3 Date: 24.02.2010 1.We get control of EIP by overwriting a seh handler with pop pop retn instr and pass exception. 2.We position shellcode where is convienientbasicly anywhe...