Wampserver 3.0.6 - Insecure File Permissions Privilege Escalation Vulnerability

Exploit for windows platform in category local exploits ===================================================== Vendor Homepage: http://www.wampserver.com/ Date: 10 Dec 2016 Version : Wampserver 3.0.6 32 bit x86 Tested on: Windows 7 Ultimate SP1 EN Author: Heliand Dema Contact: email protected...

CVE-2016-10006

In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input a tag that supports style with active content, you could bypass the library protections and supply executable code. The impact is XSS...

Cross site scripting

In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input a tag that supports style with active content, you could bypass the library protections and supply executable code. The impact is XSS...

CVE-2016-10006

In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input a tag that supports style with active content, you could bypass the library protections and supply executable code. The impact is XSS...

CVE-2016-10006

In OWASP AntiSamy before 1.5.5, by submitting a specially crafted input a tag that supports style with active content, you could bypass the library protections and supply executable code. The impact is XSS...

Malwarebytes Handles PE Files with Memory Corruption Vulnerability

Malwarebytes is an antivirus program. Malwarebytes handles PE files with a memory corruption vulnerability. Due to by constructing malformed PE format samples can crash the antivirus program. If successfully exploited, it can lead to arbitrary code execution...

CVE-2016-7300

Untrusted search path vulnerability in Microsoft Auto Updater for Mac allows local users to gain privileges via a Trojan horse executable file, aka "Microsoft MAU Office Elevation of Privilege Vulnerability."...

Privilege escalation

Untrusted search path vulnerability in Microsoft Auto Updater for Mac allows local users to gain privileges via a Trojan horse executable file, aka "Microsoft MAU Office Elevation of Privilege Vulnerability."...

CVE-2016-7300

CVE-2016-7300 affects Microsoft Auto Update (MAU) for Mac. The root cause is an untrusted search path and improper update validation that lets a local attacker place a crafted executable to execute code with elevated privileges. Impact is local privilege escalation; public exploits exist and were...

Analyze Suspected Malware Documents: QuickSand

Analyze Suspected Malware Documents QuickSand is a compact C framework to analyze suspected malware documents to 1 identify exploits in streams of different encodings, 2 locate and extract embedded executables. By having the ability to locate embedded obfuscated executables, QuickSand could detec...

Python JSON Fuzzer: PyJFuzz

Python JSON Fuzzer PyJFuzz is a small, extensible and ready-to-use framework used to fuzz JSON inputs , such as mobile endpoint REST API, JSON implementation, Browsers, cli executable and much more. Dependencies In order to work PyJFuzz need a single dependency, bottle , you can install it from...

Adobe Animate Detection (Windows SMB Login)

Detects the installed version of Adobe Animate. The script logs in via smb, searches for SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2016-6848

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client "Reflected File Download". Malicious platform specific e.g. Microsoft Windows batch file can be created via a trusted domain without...

Design/Logic Flaw

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client "Reflected File Download". Malicious platform specific e.g. Microsoft Windows batch file can be created via a trusted domain without...

CVE-2016-6848

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. API requests can be used to inject, generate and download executable files to the client "Reflected File Download". Malicious platform specific e.g. Microsoft Windows batch file can be created via a trusted domain without...

Microsoft Bowser.sys Information Disclosure (MS16-135: CVE-2016-7218)

An information disclosure vulnerability exists in Microsoft Windows regarding bowser.sys . A local attacker could exploit this vulnerability by running a specially crafted malicious executable file. Successful exploitation of this vulnerability could lead to information disclosure...

Adobe InDesign Server Detection (Mac OS X SSH Login)

Detects the installed version of Adobe InDesign Server on Mac OS X. The script logs in via ssh, searches for folder SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Adobe DNG Converter Detection (Windows SMB Login)

SMB login and WMI file search based detection of Adobe DNG Converter. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-9192

A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. More Information: CSCvb68043. Known Affected...

Design/Logic Flaw

A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. More Information: CSCvb68043. Known Affected...