Microsoft Windows Media Center Library Parsing RCE Vulnerability aka "self-executing" MC

Exploit for windows platform in category remote exploits Title: Microsoft Windows Media Center Library Parsing RCE Vuln aka "self-executing" MCL file CVE-2015-6131 Software Vendor: Microsoft Software version : MS Windows Media Center latest version on any Windows OS. Software Vendor Homepage:...

Mageia: Security Advisory (MGASA-2015-0414)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2010-0819)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox memory corruption vulnerability (CNVD-2015-05349)

Mozilla Firefox is a web browser developed by the Mozilla Foundation in conjunction with the open source community. A memory corruption vulnerability exists in Mozilla Firefox, which could be exploited by an attacker to cause a denial of service by executing arbitrary code in the user's context...

CVE-2015-5353

Directory traversal vulnerability in Novius OS 5.0.1 Elche allows remote attackers to include and execute arbitrary local files via a .. dot dot in the tab parameter to admin/...

Exploit-Tutorial-1

This is a module that will help you learn the basics of exploit development, the focus on this one is a stack-buffer type of overflow and the platform used is GNU/Linux. Basic Buffer Overflow for Linux - Part of the Exploit Pack Tutorials The following exploit code has been written in Python and...

Microsoft Windows XP Self-Executing Folder Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10363/info A vulnerability has been reported in Microsoft Windows XP that may cause malicious code to run in the context of the currently logged-in user. The flaw exists in Windows Explorer and may allow executable conten...

[USN-2253-1] LibreOffice vulnerability

========================================================================== Ubuntu Security Notice USN-2253-1 June 23, 2014 libreoffice vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Passenger passenger witkey system CSRF+getshell-a vulnerability warning-the black bar safety net

Registered members 2, The http://127.0.0.1/index.php?do=user&view=message&msgtype=write 3, is sent to the admin, the following is a csrf, the purpose is to add an administrator account kppw password kppwkppw script src=http://127.0.0.1/control/admin/index. php?...

CVE-2013-1927

The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR."...

ATutor 2.1 - tool_file Local File Inclusion

ATutor 2.1 - toolfile Local File Inclusion source: https://www.securityfocus.com/bid/56600/info ATutor is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts i...

OSX Meterpreter, Bind TCP Stager

Inject the mettle server payload staged. Listen, read length, read buffer, execute This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 185 include Msf::Payload::Stager def initializein...

Small windows can be used in several ways to trick users into executing downloads

When the download dialog is displayed, it should always be visible to the user, to ensure that the user realizes it is there. If the dialog is displayed in a small enough window, the user may not realize it is being displayed, and if the right keyboard sequence is carefully followed, they can end...

Winamp 5.13 Exception Handling

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...

Shockwave.com Cross Site Scripting

Exploit Title: shockwave.com Cross Site Scripting Vulnerability Date: 12/11/2011 - 04:00am Author: Ryuzaki Lawlet Website: http://jusryuz.blogspot.com Tested On: WinXP Platform: - Email: [email protected] $ Vulnerable : http://www.domain.com/search.jsp?q= $ Preview Sites:...

SiteStar the establishment of the station star V2. 0 security-vulnerability warning-the black bar safety net

author: cnryan 1vulnerability overview: SiteStar V2. 0 does not properly restrict file uploads, a remote attacker could exploit this vulnerability to upload arbitrary files to the Web directory, The final result in the server executing arbitrary commands. 2vulnerability analysis: Vulnerability is...

pam security update

1.1.1-4.1 - fix insecure dropping of priviledges in pamxauth, pamenv, and pammail - CVE-2010-3316 637898, CVE-2010-3435 641335 - fix insecure executing of scripts with user supplied environment variables in pamnamespace - CVE-2010-3853 643043...

GSPlayer 1.83a Win32 Buffer Overflow

Exploit Title: GSPlayer 1.83a Win32 Release Buffer Overflow Vulnerability Date: 2010/11/04 Author: moigai e-mail: [email protected] Software Link: http://www.vector.co.jp/download/file/win95/art/fh296344.html Version: 1.83a Win32 Release Tested on: Windows XP SP3 En VM my $file = "GSPlayer.m3u"...

Google Releases Chrome 4.1.249.1059

Google has released Chrome 4.1.249.1059 for Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, conduct cross-site scripting attacks, or conduct cross-site request forgery attacks. US-CERT encourages users and administrators to revie...

CVE-2009-4764

Adobe Reader 8.x and 9.x on Windows is able to execute EXE files that are embedded in a PDF document, which makes it easier for remote attackers to trick users into executing arbitrary code via a crafted document...