2194 matches found
Microsoft Internet Explorer - VML Remote Buffer Overflow
Microsoft Internet Explorer - VML Remote Buffer Overflow / ----------------------------------------------------------------------- vml.c - Internet Explorer VML Buffer Overflow Download Exec Exploit !!! 0day !!! Public Version !!! Copyright C 2006 XSec All Rights Reserved. Author : nop :...
CVE-2006-4826
PHP remote file inclusion vulnerability in bottom.php in Shadowed Portal 5.599 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter...
SIPfoundry sipXezPhone 0.35a CSeq Field Overflow
This module exploits a buffer overflow in SIPfoundry's sipXezPhone version 0.35a. By sending an long CSeq header, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the affected application. This module requires Metasploit:...
Microsoft Internet Explorer - COM Object Remote Heap Overflow
Microsoft Internet Explorer - COM Object Remote Heap Overflow / ----------------------------------------------------------------------- daxctle2.c - Internet Explorer COM Object Heap Overflow Download Exec Exploit !!! 0day !!! Public Version !!! Copyright C 2006 XSec All Rights Reserved. Author :...
CVE-2006-4714
The CVE-2006-4714 entry describes a PHP remote file inclusion in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier. When register_globals is enabled, an attacker can cause arbitrary PHP code execution via a URL supplied to the classified_path parameter in index.php. Affect...
USN-341-1: libxfont vulnerability
An integer overflow has been discovered in X.org's font handling library. By using a specially crafted font file, this could be exploited to crash the X server or execute arbitrary code with root privileges...
CVE-2006-4618
PHP remote file inclusion vulnerability in adodb-postgres7.inc.php in John Lim ADOdb, possibly 4.01 and earlier, as used in Intechnic In-link 2.3.4, allows remote attackers to execute arbitrary PHP code via a URL in the ADODBDIR parameter...
CVE-2006-4456
PHP remote file inclusion vulnerability in functions.php in phpECard 2.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter...
gtetrinet -- remote code execution
The Debian Security Team reports: Michael Gehring discovered several potential out-of-bounds index accesses in gtetrinet, a multiplayer Tetris-like game, which may allow a remote server to execute arbitrary code...
EZContents 2.0.3 - 'review_summary.php?GLOBALS[admin_home]' Remote File Inclusion
source: https://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code a...
Easy File Sharing FTP Server 2.0 (PASS) Remote Exploit (PoC)
Exploit for unknown platform in category remote exploits ============================================================ Easy File Sharing FTP Server 2.0 PASS Remote Exploit PoC ============================================================ !/usr/bin/python Easy File Sharing FTP Server 2.0 PASS 0day P...
python -- buffer overrun in repr() for unicode strings
Benjamin C. Wiley Sittler reports: I discovered a buffer overrun in repr for unicode strings. This causes an unpatched non-debug wide UTF-32/UCS-4 build of python to abort. Ubuntu security team reports: If an application uses repr on arbitrary untrusted data, this bug could be exploited to execut...
ImageMagick 6.x - '.SGI' Image File Remote Heap Buffer Overflow
source: https://www.securityfocus.com/bid/19507/info ImageMagick is prone to a remote heap buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. This issue allows attackers to execute...
CVE-2006-4076
Multiple PHP remote file inclusion vulnerabilities in Wim Fleischhauer docpile: wim's edition docpile:we 0.2.2 allow remote attackers to execute arbitrary PHP code via a URL in the INITPATH parameter to 1 lib/access.inc.php, 2 lib/folders.inc.php, 3 lib/init.inc.php or 4 lib/templates.inc.php...
CVE-2006-4050
PHP remote file inclusion vulnerability in autocheckrenewals.php in phpAutoMembersArea phpAMA 3.2.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the installedconfigfile parameter...
win64 (URLDownloadToFileA) download and execute 218+ bytes
Exploit for win64 platform in category shellcode ========================================================== win64 URLDownloadToFileA download and execute 218+ bytes ========================================================== ; ; dexec64.asm - 218+ bytes unoptimised ; ; Win64 asm code, download &...
CVE-2006-3460
CVE-2006-3460 is a heap-based buffer overflow in the JPEG decoder of the TIFF library (libtiff) before 3.8.2. An encoded JPEG stream longer than the scan line size (TiffScanLineSize) can be exploited by a context-dependent attacker to cause a denial of service and possibly execute arbitrary code....
CVE-2006-3465
Unspecified vulnerability in the custom tag support for the TIFF library libtiff before 3.8.2 allows remote attackers to cause a denial of service instability or crash and execute arbitrary code via unknown vectors...
CVE-2006-3119
The fbgs framebuffer Postscript/PDF viewer in fbi before 2.01 has a typo that prevents a filter from working correctly, which allows user-assisted attackers to bypass the filter and execute malicious Postscript commands...
CVE-2006-3792
UFO2000 is affected by CVE-2006-3792, with a SQL injection in ServerClientUfo::recv_packet (server_protocol.cpp) that allows remote execution of arbitrary SQL commands via unspecified vectors in svn 1057. Public advisories (Gentoo GLSA 200702-10) confirm multiple vulnerabilities including this SQ...