44 matches found
EUVD-2011-3466
Malware in sbrugna...
CVE-2011-3494
WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 a long StyleTemplate element in a QUO, SUM or POR file, which triggers a stack-based buffer overflow, or 2 a long Font-FaceName field aka FaceName...
share.esignal.com XSS vulnerability
Open Bug Bounty ID: OBB-568838 Description| Value ---|--- Affected Website:| share.esignal.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Interactive Data eSignal Listener Buffer Overflow - Ver2 (CVE-2004-1868)
eSignal is a real-time market data and support tool provided by Interactive Data Corporation. The product supplies financial market data and more for traders over the internet. To facilitate the receipt of incoming data, eSignal opens a local, listening socket on TCP Port 80. There exists a buffe...
eSignal and eSignal Pro <= 10.6.2425.1208 - File Parsing Buffer Overflow in QUO
No description provided by source. $Id: esignalstyletemplatebof.rb 13765 2011-09-20 17:39:53Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
eSignal and eSignal Pro <= 10.6.2425.1208 Multiple Vulnerabilites
No description provided by source. Luigi Auriemma Application: eSignal and eSignal Pro http://www.esignal.com/esignal/default.aspx Versions: = 10.6.2425.1208 Platforms: Windows Bugs: A code execution B heap overflow Exploitation: file Date: 06 Sep 2011 Author: Luigi Auriemma e-mail:...
Interactive Data eSignal Stack Buffer Overflow (CVE-2011-3494)
A stack buffer overflow vulnerability exists in Interactive Data eSignal. The vulnerability is due to insufficient string length validation when copying input into a fixed size stack buffer in certain file types.A remote attacker may exploit this issue by enticing a target user to open a speciall...
eSignal WinSig.exe long StyleTemplate buffer overflow
Added: 11/21/2011 CVE: CVE-2011-3494 BID: 49600 OSVDB: 75456 Background eSignal is a tool which provides real-time financial and market information. Problem WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code v...
eSignal WinSig.exe long StyleTemplate buffer overflow
Added: 11/21/2011 CVE: CVE-2011-3494 BID: 49600 OSVDB: 75456 Background eSignal is a tool which provides real-time financial and market information. Problem WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code v...
eSignal WinSig.exe long StyleTemplate buffer overflow
Added: 11/21/2011 CVE: CVE-2011-3494 BID: 49600 OSVDB: 75456 Background eSignal is a tool which provides real-time financial and market information. Problem WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code v...
eSignal WinSig.exe long StyleTemplate buffer overflow
Added: 11/21/2011 CVE: CVE-2011-3494 BID: 49600 OSVDB: 75456 Background eSignal is a tool which provides real-time financial and market information. Problem WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code v...
eSignal / eSignal Pro 10.6.2425.1208 Buffer Overflow
$Id: esignalstyletemplatebof.rb 13768 2011-09-21 11:55:56Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
eSignal and eSignal Pro File Parsing Buffer Overflow in QUO
The software is unable to handle the "" files even those original included in the program like those with the registered extensions QUO, SUM and POR. Successful exploitation of this vulnerability may take up to several seconds due to the use of egghunter. Also, DEP bypass is unlikely due to the...
eSignal and eSignal Pro 10.6.2425.1208 - File Parsing Buffer Overflow in QUO (Metasploit)
$Id: esignalstyletemplatebof.rb 13765 2011-09-20 17:39:53Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
eSignal and eSignal Pro <= 10.6.2425.1208 File Parsing Buffer Overflow
Exploit for windows platform in category local exploits $Id: esignalstyletemplatebof.rb 13765 2011-09-20 17:39:53Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more...
CVE-2011-3503
Untrusted search path vulnerability in eSignal 10.6.2425.1208, and possibly other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse JRSUT.dll that is located in the same folder as a .quo QUOTE file. NOTE: th...
Design/Logic Flaw
Untrusted search path vulnerability in eSignal 10.6.2425.1208, and possibly other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse JRSUT.dll that is located in the same folder as a .quo QUOTE file. NOTE: th...
CVE-2011-3503
Untrusted search path vulnerability in eSignal 10.6.2425.1208, and possibly other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse JRSUT.dll that is located in the same folder as a .quo QUOTE file. NOTE: th...
CVE-2011-3503
CVE-2011-3503 describes an untrusted search path vulnerability in eSignal 10.6.2425.1208 (and possibly other versions), where local/possibly remote attackers could cause arbitrary code execution through a Trojan horse JRS_UT.dll placed in the same directory as a .quo file. The affected component ...
CVE-2011-3494
WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 a long StyleTemplate element in a QUO, SUM or POR file, which triggers a stack-based buffer overflow, or 2 a long Font-FaceName field aka FaceName...