Internet Explorer 'winhlp32.exe' 'MsgBox()' Remote Code Execution Vulnerability

No description provided by source. Microsoft Internet Explorer is prone to a remote code execution vulnerability. Source iSEC Security Research: http://isec.pl/vulnerabilities10.html Attackers can exploit this issue to execute arbitrary code in the context of the user running the application...

Audio File Library 0.2.6 - (libaudiofile) 'msadpcm.c' WAV File Processing Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33066/info Audio File Library 'libaudiofile' is prone to a heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data. An attacker can exploit this issue to execute arbitrary...

Fat Player Media Player 0.6b0 Buffer Overflow

No description provided by source. $Id: fatplayerwav.rb 10998 2010-11-11 22:43:22Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...

Microsoft Windows Tracing Registry Key ACL Privilege Escalation Vulnerability

No description provided by source. Source: http://www.securityfocus.com/bid/42269/info Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will result in the comple...

BlazeVideo HDTV Player 6.6 Professional (Direct Retn)

No description provided by source. Exploit Title: BlazeVideo HDTV Player 6.6 Professional Direct Retn Date: 11-25-2012 Exploit Author: Nezim @nezimlufni Vendor Homepage: http://www.blazevideo.com/ Version: BlazeVideo HDTV Player 6.6 Professional Tested on: Windows XP SP3 Reference :...

Microsoft Excel - HFPicture Record Parsing Memory Corruption (0day)

No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | day 23 0day binary anlysis | | | | || / \ || | | | || ||// \/|/ ''' Title : Microsoft Excel HFPicture Record Parsing Memory Corruption 0day Version : Excel 2002 SP3 Analysis :...

bcoos 1.0.10 /myalbum/ratephoto.php lid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/26629/info The 'bcoos' program is prone to multiple input-validation vulnerabilities, including SQL-injection issues and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. These...

Pragma Systems InterAccess TelnetD Server 4.0 Build 4 Buffer Overflow

No description provided by source. source: http://www.securityfocus.com/bid/995/info The Pragma Systems InterAccess TelnetID Server 4.0 Build 4 has an unchecked buffer in the code that handles login commands. Arbitrary code is capable of being executed on the InterAccess TelnetD Server if a strin...

Kolibri <= 2.0 - HTTP Server HEAD Buffer Overflow

No description provided by source. $Id: kolibrihttp.rb 10887 2011-08-03 12:19:19Z mrme $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Windows RSH daemon <= 1.8 - Remote Buffer Overflow Exploit

No description provided by source. Windows RSH daemon = 1.8 Remote Buffer Overflow Exploit Exploit-DB mirror: http://www.exploit-db.com/sploits/2008-prdelka-vs-MS-rshd.tar.gz milw0rm.com 2008-01-21...

TeamHelpdesk Customer Web Service (CWS) 8.3.5 & Technician Web Access (TWA) 8.3.5 - Remote User Credential Dump

No description provided by source. Exploit Title: Team Helpdesk Customer Web Service CWS Remote User Credential Dump exploit Exploit Title: Team Helpdesk Technician Web Access TWA Remote User Credential Dump exploit Date: May 5, 2014 Exploit Author: bhamb [email protected] Vendor Homepage:...

Microsoft Windows 98SE User32.DLL Icon Handling Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13791/info The Microsoft 'user32.dll' library is prone to a denial of service vulnerability. The issue manifests when the library handles icon .ico files containing large size values. Reports indicate that this issue exis...

Wietse Venema Rpcbind Replacement 2.1 - Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1893/info A remote root vulnerability exists in certain versions of rpcbind portmapper. RPC Remote Procedure Call allows a program to request a service from a program located in another computer in a network without...

Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Remote Configuration Retrieval

No description provided by source. !/bin/bash Exploit by ShadowHatesYou [email protected] The resulting output is an SQL dump containing the Barracuda's configuration, which includes goodies such as: The administrative password for the BSFsystempassword MTA LDAP passwordsmtaldapadvancedpasswor...

Easy~Ftp Server 1.7.0.2 - Post-Authentication BoF (PoC)

No description provided by source. !/usr/bin/python Title: EasyFtp Server v1.7.0.2 Post-Authentication BoF PoC From: The eh?-Team || The Great White Fuzz we're not sure yet Found by: loneferret Hat's off to dookie2000ca Date Found: 13/02/2010 Developer contacted: 14/02/2010 Software link:...

Borland StarTeam 2008 10.0 .57 - Multiple Remote Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/28080/info Borland StarTeam is prone to multiple issues, including multiple integer-overflow vulnerabilities, a heap-overflow vulnerability, and a denial-of-service vulnerability. Successfully exploiting these issues allo...

Bontago Game Server 1.1 - Remote Nickname Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12603/info The Bontago game server is reported to be affected by a remote buffer overrun vulnerability. The issue is reported to exist due to a lack of sufficient boundary checks performed on client-supplied 'nickname'...

Adobe Device Central CS5 DLL Hijacking Exploit (qtcf.dll)

No description provided by source. / Exploit Title: Adobe Device Central CS5 DLL Hijacking Exploit qtcf.dll Date: August 24, 2010 Author: Glafkos Charalambous glafkos@astalavistadotcom Version: Latest CS5 v3.0.0376 Tested on: Windows 7 x64 Ultimate Vulnerable extensions: .adcp Greetz: Astalavista...

Outpost Firewall PRO 4.0 - Local Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22069/info Outpost Firewall PRO is prone to a local privilege-escalation vulnerability because it fails to perform adequate SSDT System Service Descriptor Table hooking on files in its installation directory. A local...

magiciso 5.0 build 0166 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17725/info Reportedly, an attacker can carry out attacks using directory-traversal strings. These issues occur when the application processes malicious archives. A successful attack can allow the attacker to place...