Essentia Web Server 2.1 Long URL Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4159/info Essentia Web Server is a multi-threaded HTTP server designed for Microsoft Windows and Linux environments. Essentia is maintained by Essen. Essentia is prone to a remote denial of service. This condition may be...

Softek MailMarshal 4,Trend Micro ScanMail 1.0 SMTP Attachment Protection Bypass

No description provided by source. source: http://www.securityfocus.com/bid/3097/info At least two SMTP gateway products have been identified which contain flaws in the handling of restricted filetypes as attachments. An attacker can insert extraneous characters in the filename extension of a...

Qualcomm Eudora 5/6 File Attachment Spoofing Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/5432/info Eudora is reported to be prone to an issue which may allow attackers to spoof the file extension in an attachment. This may aid an attacker in enticing a user of the e-mail client into executing malicious conten...

GDB 6.6 - Process_Coff_Symbol UPX File Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24291/info GDB is prone to a buffer-overflow vulnerability because it fails to properly check bounds when handling specially crafted executable files. Attackers could leverage this issue to run arbitrary code outside of a...

Solaris 2.6/7.0/8 netpr Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/1200/info A buffer overrun exists in the 'netpr' program, part of the SUNWpcu LP package included with Solaris, from Sun Microsystems. Versions of netpr on Solaris 2.6 and 7, on both Sparc and x86 have been confirmed as...

S.u.S.E. Linux 6.3/6.4 Gnomelib Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1155/info A vulnerability exists in the handling of the DISPLAY variable, in versions of Gnomelib shipped with S.u.S.E. Linux, version 6.3. By supplying a long buffer containing machine executable code in the DISPLAY...

Microsoft Internet Explorer 6.0 Codebase Double Backslash Local Zone File Execution Weakness

No description provided by source. source: http://www.securityfocus.com/bid/10344/info A vulnerability has been reported that may potentially permit HTML documents to gain unauthorized access to local resources by using specific syntax when referencing said resource as a value for the CODEBASE...

kpopup 0.9.x Privileged Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8915/info It has been alleged that it is possible for local attackers to gain root privileges through kpopup, which is is installed setuid root by default. According to the report, kpopup uses the system3 C-library functi...

IBM ACPRunner 1.2.5 ActiveX Control Dangerous Method Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10561/info It is reported that the IBM acpRunner ActiveX control contains dangerous methods that may result in a remote compromise of a system on which the ActiveX control is installed. These methods may be accessed by a...

Microsoft SQL Server Payload Execution

No description provided by source. $Id: mssqlpayload.rb 11392 2010-12-21 20:36:34Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...

Linux Kernel (<= 2.4.27 , 2.6.8) binfmt_elf Executable File Read Exploit

No description provided by source. / binfmtelf executable file read vulnerability gcc -O3 -fomit-frame-pointer elfdump.c -o elfdump Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED AS IS AND WITHOUT ANY WARRANTY. COPYING,...

Microsoft Internet Explorer 5/6 Self Executing HTML File Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6961/info Microsoft Internet Explorer contains a vulnerability that can allow script code within an HTML document to run an embedded executable file. Since the file is an HTML file, Internet Explorer will open and parse t...

Gadu-Gadu 6.0 File Download Filename Obfuscation Weakness

No description provided by source. source: http://www.securityfocus.com/bid/11017/info Gadu-Gadu is a Polish instant messaging application for Microsoft Windows operating systems. It is reported that the Gadu-Gadu instant messenger application contains a weakness allowing attackers to obfuscate...

Clearswift MailSweeper 4.x Malformed MIME Attachment Filter Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7044/info Clearswift MailSweeper does not properly process certain malformed MIME email message attachments. If the attachment does not contain a MIME-Version field, MailSweeper does not recognize the attachment as being ...

LinPopUp 1.2 - Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11997/info LinPopUp is reported prone to a remote buffer overflow vulnerability. This issue arises because the application fails to carry out proper boundary checks before copying user-supplied data in to sensitive proces...

Michael Kohn VB2C 0.02 FRM File Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12020/info VB2C is reported prone to a remote buffer overflow vulnerability. This issue arises because the application fails to carry out proper boundary checks before copying user-supplied data in to sensitive process...

Exploit: NCMedia Sound Editor Pro 7.5.1 - SEH & DEP

No description provided by source. !/usr/bin/python --------------------------------------------------------------------------- Exploit: NCMedia Sound Editor Pro v7.5.1 SEH&DEP Author: b33f - http://www.fuzzysecurity.com/ OS: Windows 7 Pro SP1 probably universal across 32-bit POC - Julien Ahrens ...

HP Instant Support 1.0.22 - 'HPISDataManager.dll' 'StartApp' ActiveX Control Insecure Method Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29533/info HP Instant Support 'HPISDataManager.dll' ActiveX control is prone to an insecure-method vulnerability. Successfully exploiting this issue allows remote attackers to launch arbitrary applications with the...

Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (ppc)

No description provided by source. !/usr/bin/perl http://www.digitalmunition.com/FailureToLaunch-ppc.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom Much appreciation goes to John H for all kindsa random shit like exploiting Veritas and other random things in the past core... where the...

Mac OS X <= 10.4.7 Mach Exception Handling Local Root Exploit

No description provided by source. / excploit.c - 28 Nov 2005 - [email protected] Exploitable Mach Exception Handling Affected: Mac OS X 10.4.6 darwin 8.6.0 and older When a process executes a setuid executable, all existing rights to the task port are invalidated, to make sure unauthorize...