987 matches found
CVE-2006-6578
Microsoft Internet Information Services IIS 5.1 permits the IUSRMachine account to execute non-EXE files such as .COM files, which allows attackers to execute arbitrary commands via arguments to any .COM file that executes those arguments, as demonstrated using win.com when it is in a web directo...
CVE-2006-6578
Microsoft Internet Information Services IIS 5.1 permits the IUSRMachine account to execute non-EXE files such as .COM files, which allows attackers to execute arbitrary commands via arguments to any .COM file that executes those arguments, as demonstrated using win.com when it is in a web directo...
PT-2006-7199 · Hyperaccess · Hyperaccess
Name of the Vulnerable Software and Affected Versions: HyperAccess version 8.4 Description: The issue allows user-assisted remote attackers to execute arbitrary vbscript and commands. This is achieved via the /r option in a telnet:// URI, which is configured to use hawin32.exe. Recommendations: F...
Hacking tricks of using pictures do Trojan applications completely resolution-vulnerability warning-the black bar safety net
What is a BMP web page Trojan. It and last long with the stink of a MIME header vulnerability of Trojans different, MIME Trojans is to put an EXE file with a MIME-encoded as an EMLOUT LOOK mailthe file, put it on a web page using IE and OE coding vulnerability to automatically download and execut...
Microsoft Windows Help存在多个漏洞
Microsoft Help WINHLP32.EXE处理.hlp文件存在多个远程代码执行和拒绝服务问题。 攻击者可以在WEB页上防止恶意帮助文件,或者通过EMAIL附件形式发送,诱使用户打开来触发此漏洞,成功利用此漏洞可以以进程权限执行任意指令。 Microsoft Windows XP Tablet PC Edition SP2 Microsoft Windows XP Tablet PC Edition SP1 Microsoft Windows XP Tablet PC Edition Microsoft Windows XP Professional x64 Edition...
PT-2006-6935 · Symantec · Symantec Livestate 7.1 Agent For Windows
Name of the Vulnerable Software and Affected Versions: Symantec LiveState 7.1 Agent for Windows Description: The issue allows local users to potentially gain privileges by stopping the shstart.exe process and opening "Web Self-Service" from the system tray icon. This action opens a browser window...
CVE-2006-5940
Unspecified vulnerability in Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors related to "Integer Issues" and parsing of .EXE files...
CVE-2006-5940
Unspecified vulnerability in Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors related to "Integer Issues" and parsing of .EXE files...
CVE-2006-5940
CVE-2006-5940 affects Grisoft AVG Anti-Virus prior to 7.1.407 . The available documents describe an unspecified vulnerability with unknown impact and remote attack vectors related to integer issues and the parsing of .EXE files . The exact affected components, root cause specifics, impacted versi...
Use of pictures do Trojan applications completely resolution-vulnerability warning-the black bar safety net
What is a BMP web page Trojan? It and last long with the stink of a MIME header vulnerability of Trojans different,MIME Trojans is to put an EXE file with a MIME-encoded as an EMLOUT LOOK mailthe file,put in on a web page using IE and OE coding vulnerability to automatically download and execute...
AVG Anti-Virus多个远程代码执行漏洞
AVG Anti-Virus是一款功能完备的杀毒软件。 AVG Anti-Virus的文件解析引擎存在多个漏洞,目前已确定的漏洞包括: - 解析.CAB文件时的整数溢出可能导致堆溢出; - 解析.CAB文件时未初始化变量; - 解析.DOC文件时会分隔为0; - 解析.RAR文件时的整数溢出可能导致堆溢出; - 解析.EXE文件时存在整数问题。 如果攻击者创建了特制文件的话,这些漏洞就可能导致远程执行任意代码。 Grisoft AVG Anti-Virus 7.1.407 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
AVG Antivirus multiple security vulnerabilities
Heap overflow on CAB and RAR archives parsing, integer overflow on EXE parsing...
MS06-049 Windows ZwQuerySystemInformation Local Privilege Escalation Vulnerability Exploit
No description provided by source. / MS06-049 Windows ZwQuerySystemInformation Local Privilege Escalation Vulnerability Exploit Created by SoBeIt Main file of exploit Tested on: Windows 2000 PRO SP4 Chinese Windows 2000 PRO SP4 Rollup 1 Chinese Windows 2000 PRO SP4 English Windows 2000 PRO SP4...
On the net. exe with net1. exe relationship-vulnerability warning-the black bar safety net
C:\WINDOWS\system32net user \\FUCK in the user account ------------------------------------------------------------------------------- admin Administrator Guest SUPPORT388945a0 The command completed successfully. C:\WINDOWS\system32net1 user \\FUCK in the user account...
CVE-2006-4138
CVE-2006-4138 affects the Microsoft Windows Help File viewer (winhlp32.exe). It involves multiple unspecified vulnerabilities that could allow user-assisted attackers to execute arbitrary code via crafted HLP files. The NVD entry lists a high impact with a base CVSS v2 score of 7.6 (AV:N/AC:H/Au:...
Microsoft Internet Explorer - MDAC Remote Code Execution (MS06-014)
Microsoft Internet Explorer - MDAC Remote Code Execution MS06-014 !/bin/sh - "exec" "python" "-O" "$0" "$@" doc = """BL4CK - MS06-014 RDS.DataStore - Data Execution CVS-2006-0003 MS06-014 April 2006 this is a bit out-dated, but works very well Usage: ./bl4ckms06014.py...
From encryption software and with the mouth to save back to the file-vulnerability warning-the black bar safety net
Today dad just bought a U disk, but no encryption function, then check the Internet the following folder encryption software, but see there are people asking how to get back has been encrypted, the software today get up to people and claiming to defense-level encryption of the“high strength folde...
Adobe Acrobat < 6.0.5 PDF Distillation Overflow
The version of Adobe Acrobat installed on the remote host is earlier than 6.0.5 and is reportedly affected by a buffer overflow that may be triggered when distilling a specially crafted file to PDF. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid22035;...
Quake 3 Engine Client CS_ITEMS Remote Overflow Exploit (Win32)
Exploit for unknown platform in category dos / poc ============================================================== Quake 3 Engine Client CSITEMS Remote Overflow Exploit Win32 ============================================================== / Quake 3 Engine Client CSITEMS Remote Stack Overflow Exploi...
Quake 3 Engine Client (Windows x86) - CS_ITEms Remote Overflow
Quake 3 Engine Client Windows x86 - CSITEms Remote Overflow / Quake 3 Engine Client CSITEMS Remote Stack Overflow Exploit Win32 Written by RunningBon E-Mail: [email protected] IRC: irc.rizon.net kik This is a DLL, which gets injected into the server exe. You will need Microsoft Detours library...