4 matches found
Contract Selfdestruct via delegatecall
Handle elprofesor Vulnerability details Impact Using a malicious Module the ModuleRegistry admin can trigger a selfdestruct via delegate call in the Executioner.sol contract. ModuleRegistry and Executioner separate the logic between ModuleRegistry.sol admin and systems admin. Executioner.sol reli...
DOS attack possible for Token->ETH trades
Handle pmerkleplant Vulnerability details Impact Any user's trade from some token to a native token e.g. ETH can be DOSed if an attacker sends native tokens to the Executioner contract. If the attacker watches for trades, he/she could either make the whole trade fail or, depending on the...
Leftover balance in the Executioner contract can be drained
Handle gzeon Vulnerability details Impact Leftover balance in the Executioner contract can be drained by swapping the target assetnative/erc20 into another asset. Slingshot.executeTrades allow user to execute trade using modules as long as the module is registered in the ModuleRegistry. The...
GOM Media Player 2.1.6.3499 - Buffer Overflow (Denial of Service) (PoC)
!/usr/bin/perl +Exploit Title: GOM Media Player 2.1.6.3499 0day Buffer overflow/DOS Exploit +Software Link: download.cnet.com/GOM-Media-Player/3000-21394-10701768.html +Software : GOM Media Player +Version : 2.1.6.3499 +Tested On : WIN-XP SP3 + Date : 31.03.2011 + Hour : 3:37 PM Similar Bug was...