Unreal Tournament - Remote Buffer Overflow (SEH)

Unreal Tournament - Remote Buffer Overflow SEH Unreal Tournament Remote Buffer Overflow Exploit SEH Windows Discovered by: Luigi Auriemma http://aluigi.altervista.org/adv/unsecure-adv.txt Coded By: Fulcrum 08/02/2011 Patch: http://www.unrealadmin.org/forums/showthread.php?t=15616 Vulnerable: all...

A-PDF All to MP3 Converter 2.0.0 - '.wav' Local Buffer Overflow (SEH)

Exploit Title: A-PDF All to MP3 Converter v.2.0.0 SEH overflow Software Link: http://www.a-pdf.com/all-to-mp3/download.htm Version: = 2.0.0 Tested on: Win XP SP2 English Date: 29/01/2011 Author: m0nna Email: [email protected] triggering details: Open the app, drag the crafted .wav file, cal...

CVE-2010-3965

Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrat...

Design/Logic Flaw

Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrat...

CVE-2010-3965

The CVE-2010-3965 issue is an Insecure Library Loading (untrusted search path) vulnerability in Windows Media Encoder 9. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, and Windows Server 2008 Gold/SP2. The root cause is that Windows Media Encoder loa...

CVE-2010-3965

Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrat...

PT-2010-5200 · Microsoft · Windows Server 2003 +4

Name of the Vulnerable Software and Affected Versions: Windows Media Encoder 9 versions on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 Description: The issue allows local users to gain privileges via a Trojan horse DLL...

Microsoft Media Decompression Remote Code Execution Vulnerability (2447961)

This host is missing a critical security update according to Microsoft Bulletin MS10-094. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

MS10-094: Vulnerability in Windows Media Encoder Could Allow Remote Code Execution (2447961)

The remote Windows host contains a version of Windows Media Encoder that incorrectly restricts the path used for loading external libraries. If an attacker can trick a user on the affected system into opening a specially crafted Windows Media Profile .prx file located in the same network director...

Microsoft Windows Media Encoder Insecure Library Loading (MS10-094; CVE-2010-3965)

Microsoft Windows Media Encoder is a production tool for converting both live and prerecorded audio and video to Windows Media Format. A remote code execution vulnerability has been reported in the way that Microsoft Office handles the loading of DLL files. The vulnerability is caused when the...

SnackAmp 3.1.3 SMP Buffer Overflow

Exploit Title: SnackAmp 3.1.3 Malicious SMP Buffer Overflow Vulnerability SEH Date: 12/12/10 Author: james AT learnsecurityonline DOT com Software Link: http://snackamp.sourceforge.net/ Version: 3.1.3 Tested on: Windows XP SP3 EN CVE: N/A This version was just released as of 12/5/10 ! /usr/bin/en...

OTSTurntables 1.00.048 (m3u/ofl) Local BOF Exploit (SEH)

Exploit for windows platform in category local exploits ======================================================== OTSTurntables 1.00.048 m3u/ofl Local BOF Exploit SEH ======================================================== Exploit Title: OTSTurntables 1.00.028 m3u/ofl Local BOF Exploit SEH Date:...

Xion Audio Player 1.0.127 Buffer Overflow

Exploit Title: Xion Audio Player 1.0.127 m3u Buffer Overflow Vulnerability Date: 11/23/2010 Author: 0v3r Software Link: http://www.r2.com.au/downloads/files/xionv1.0b127.exe Version: 1.0.127 Tested on: Windows XP SP3 EN CVE: N/A !/usr/bin/python encoded with alpha3 encoder by skylined egghunter =...

Sothink Video Encoder for Adobe Flash DLL Hijacking Exploit (dwmapi.dll)

Exploit for windows platform in category local exploits ======================================================================== Sothink Video Encoder for Adobe Flash DLL Hijacking Exploit dwmapi.dll ======================================================================== || || | || o,7 || . o7 |...

Sothink Video Encoder For Adobe Flash DLL Hijacking

=================================================== Sothink Video Encoder for Adobe Flash DLL Hijacking Exploit dwmapi.dll =================================================== || || | || o,7 || . o7 || 4||| ow, : / / . 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 ...

Amlibweb NetOpacs - 'webquery.dll' Remote Stack Buffer Overflow (Metasploit)

$Id: amlibwebwebquerydllapp.rb 11039 2010-11-14 19:03:24Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Free CD to MP3 Converter 3.1 - Local Buffer Overflow (SEH)

Exploit Title: Free CD to MP3 Converter 3.1 Buffer Overflow Exploit SEH Date: 10/18/10 Credit/Bug found by: C4SS!0 G0M3S Software Link: http://www.eusing.com/Download/cdtomp3freeware.exe Version: 3.1 Tested on: Windows XP SP3 EN VMWARE FUSION - Version 3.1.1 CVE: N/A ! /usr/bin/env ruby filename ...

Minishare 1.5.5 Buffer Overflow

Exploit Title: Minishare 1.5.5 Buffer Overflow Vulnerability SEH Date: 11/03/2010 Author: Muhamad Fadzil Ramli - mind1355atgmaildotcom Credit/Bug Found By: Chris Gabriel Software Link: http://sourceforge.net/projects/minishare Version: 1.4.0 - 1.5.5 Tested on: Windows XP SP3 EN VMWARE FUSION -...

printf(1) via PHP magic_quotes Utility Command Encoder

This encoder uses the printf1 utility to avoid restricted characters. Some shell variable substitution may also be used if needed symbols are blacklisted. Some characters are intentionally left unescaped since it is assumed that PHP with magicquotesgpc enabled will escape them during request...

MSN Messenger 8.1 DLL Hijacking Exploit (lPK.dll)

Exploit for windows platform in category local exploits ================================================= MSN Messenger 8.1 DLL Hijacking Exploit lPK.dll ================================================= / Exploit Title: MSN Messenger 8.1 DLL Hijacking Exploit lPK.dll Date: Octobre 7, 2010 Author...