6692 matches found
Avast! - Out-of-Bounds Write Decrypting PEncrypt Packed executables
Source: https://code.google.com/p/google-security-research/issues/detail?id=554 The attached PEncrypt packed executable causes an OOB write on Avast Server Edition. gdb bt 0 0xf6f5e64a in EmulatePolyCodePOLYINFO, int from /proc/self/cwd/defs/15092301/engine.so 1 0xf6f7d334 in...
Cyclope Employee Surveillance 8.6.1 Insecure File Permissions
Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution again Version: = 6.8.1 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Link: http://www.cyclope-series.com/setups/setup.exe Software descriptio...
JRSoft InnoSetup DLL Hijack
Hi @ll, executable installers ° created with JRSoft InnoSetup see ; this includes of course InnoSetup itself too are vulnerable: 1. They load and execute a rogue/bogus/malicious UXTheme.dll ' eventually found in the directory they are started from the "application directory". For software...
Cyclope Employee Surveillance 8.6.1 - Insecure File Permissions
Cyclope Employee Surveillance 8.6.1 - Insecure File Permissions Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution again Version: = 6.8.1 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Link:...
Cyclope Employee Surveillance v8.6.1 Insecure File Permissions Vulnerability
Exploit for windows platform in category local exploits Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution again Version: = 6.8.1 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Link:...
Oracle BeeHive 2 - 'voice-servlet processEvaluation()' Write File (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Oracle BeeHive 2 voice-servlet processEvaluation Vulnerability", 'Description' = %q This module exploits a vulnerability found in...
Valve Steam Privilege Acquisition Vulnerability
Valve Steam is a Linux-based operating system for living room gaming from the American company Valve. A security vulnerability exists in Valve Steam version 2.10.91.91, which originates when the program assigns weak permissions user: read/write to the Install folder. This vulnerability can be...
Chkrootkit Local Privilege Escalation
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class Metasploit4 'Chkrootkit Local Privilege Escalation', 'Description' = %q Chkrootkit before 0.50 will run any executable file named /tmp/update as root, allowing a...
file: multiple denial of service issues (resource consumption)
Multiple flaws were found in the way the File Information fileinfo extension parsed Executable and Linkable Format ELF files. A remote attacker could use either of these flaws to cause a PHP application using fileinfo to consume an excessive amount of system resources...
binutils: out-of-bounds write when parsing specially crafted PE executable
A stack-based buffer overflow flaw was found in the way various binutils utilities processed certain files. If a user were tricked into processing a specially crafted file, it could cause the utility used to process that file to crash or, potentially, execute arbitrary code with the privileges of...
Chkrootkit Local Privilege Escalation
Chkrootkit before 0.50 will run any executable file named /tmp/update as root, allowing a trivial privilege escalation. WfsDelay is set to 24h, since this is how often a chkrootkit scan is scheduled by default. This module requires Metasploit: https://metasploit.com/download Current source:...
CVE-2010-1451
The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the Linux kernel before 2.6.33 on the SPARC platform does not properly obtain the value of a certain PAGEEXEC4U bit and consequently does not properly implement a non-executable stack, which makes it easier for context-dependent...
IBM Cognos Disclosure Management Input Validation Vulnerability
IBM Cognos Disclosure Management CDM is a suite of financial reporting and process automation solutions from IBM USA. A security vulnerability exists in IBM CDM version 10.2.4 and earlier. An attacker can exploit this vulnerability to conduct a man-in-the-middle attack and gain access by forging ...
CVE-2015-5014
IBM Cognos Disclosure Management CDM 10.1.x and 10.2.x before 10.2.4 IF10 allows man-in-the-middle attackers to obtain access by spoofing an executable file during a client upload operation...
Lenovo System Update Elevation of Privilege Vulnerability
Lenovo System Update aka ThinkVantage System Update is a system update software from Lenovo. The service component of Lenovo System Update, SUService.exe, creates a named pipe to provide system update services to a low-privileged process.A security vulnerability in Lenovo System Update software...
CVE-2015-5888
The Install Framework Legacy component in Apple OS X before 10.11 allows local users to obtain root privileges via vectors involving a privileged executable file...
Code injection
The Install Framework Legacy component in Apple OS X before 10.11 allows local users to obtain root privileges via vectors involving a privileged executable file...
h5ai arbitrary file upload vulnerability
h5ai is a software developer Lars Jung developed a set of HTTP Web server for creating file indexing software. An arbitrary file upload vulnerability exists in versions of h5ai prior to 0.25.0. A remote attacker can exploit this vulnerability by uploading an executable file and sending a direct...
NTP ntpd Input Validation Vulnerability
ntpd Network Time Protocol daemon is an operating system daemon that uses the Network Time Protocol NTP to keep synchronized with the system time of a time server. A security vulnerability exists in the ntpcrypto.c file in ntpd in NTP 4.2.8 and earlier versions. A remote attacker could exploit th...
GLPI Arbitrary Code Execution Vulnerability
GLPI is an open source IT resource management suite maintained by the Indepnet Association. The suite includes features such as device status management, asset inventory storage, management processes and work log management. An arbitrary file upload vulnerability exists in versions of GLPI prior ...