1393 matches found
MercurySteam Scrapland Game Server 1.0 - Remote Denial of Service Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/12680/info Scrapland game server is reported prone to various denial of service vulnerabilities. These issues present themselves because the application fails to handle exceptional conditions. It is reported that the game...
Adobe Flash Player <= 10.0.22 and AIR - 'intf_count' Integer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/35907/info Adobe Flash Player and Adobe AIR are prone to an integer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks may cause a...
HP Data Protector 6.11 Remote Buffer Overflow + DEP Bypass
No description provided by source. !/usr/bin/python HP Data Protector 6.11 Remote Buffer Overflow Tested on Windows 2003 R2 + DEP Enabled Authors: muts & dookie Reference: http://www.exploit-db.com/exploits/17458/ Reference:...
LibTiff 3.x Multiple Denial of Service Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/17730/info LibTIFF is affected by multiple denial-of-service vulnerabilities. An attacker can exploit these vulnerabilities to cause a denial of service in applications using the affected library...
eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Crash SEH (PoC)
No description provided by source. Title: eDisplay Personal FTP server 1.0.0 Multiple Post-Authentication Crash PoC From: The eh?-Team || The Great White Fuzz we're not sure yet Found by: loneferret Hat's off to dookie2000ca Disvovery date: 16/03/2010 Software link:...
OSX <= 10.8.4 - Local Root Privilege Escalation (py)
No description provided by source. !/usr/bin/python Original MSF Module: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/local/sudopasswordbypass.rb Exploit Title: OSX = 10.8.4 Local Root Priv Escalation Root Reverse Shell Date: 08-27-2013 Exploit Author: David...
PGP 5.x/6.x/7.0 ASCII Armor Parser Arbitrary File Creation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2556/info ASCII Armor is a text based encoding format used by PGP Pretty Good Privacy. While it is possible to encode any file using ASCII Armor, it is used by PGP to encode signature files and public keys to facilitate...
Apache Struts < 2.2.0 - Remote Command Execution
No description provided by source. $Id: strutscodeexec.rb 13586 2011-08-19 05:59:32Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms ...
Adobe Flash Player < 10.1.53 .64 Action Script Type Confusion Exploit (DEP+ASLR bypass)
No description provided by source. Source: http://www.abysssec.com/blog/2011/04/exploiting-adobe-flash-player-on-windows-7/ Adobe Flash player Action script type confusion exploit DEP+ASLR bypass advisory text : Here is another reliable windows 7 exploit . the main method used for exploitation is...
IrfanView 4.33 DJVU Image Processing Heap Overflow
No description provided by source. Application: IrfanView DJVU Image Processing Heap Overflow Version: The vulnerability is confirmed in version 4.33. Other versions may also be affected Plateform: Windows Exploitation: Remote code execution Secunia Number: SA49176 PRL: 2012-23 Author: Francis...
ecoCMS 18.4.2010 'admin.php' Cross Site Scripting Vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register from urlparse import urljoin class TestPOCPOCBase: vulID = 'SSV-87089' vul ID version = '1' author = 'fenghh' vulDate =...
MS14-012 Internet Explorer CMarkup Use-After-Free
No description provided by source. !-- MS14-012 Internet Explorer CMarkup Use-After-Free Vendor Homepage: http://www.microsoft.com Version: IE 10 Date: 2014-03-31 Exploit Author: Jean-Jamil Khalife Tested on: Windows 7 SP1 x64 fr, en Flash versions tested: Adobe Flash Player 12.0.0.70, 12.0.0.77...
Novell iPrint Client ActiveX Control call-back-url Buffer Overflow Exploit (meta)
No description provided by source. novelliprintcallbackurl.rb Novell iPrint Client ActiveX Control call-back-url Buffer Overflow exploit for the Metasploit Framework Exploit successfully tested on the following platforms: - Novell iPrint Client 5.40 on Internet Explorer 7, Windows XP SP3 - Novell...
CMScout (XSS/HTML Injection) Multiple Vulnerabilities
No description provided by source. ======================================================================= CMScout XSS/HTML Injection Multiple Vulnerabilities =======================================================================...
Microsoft Excel 95-2004 Malformed Graphic File Code Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16181/info Microsoft Excel is susceptible to a code-execution vulnerability. The issue presents itself when Excel tries to process malformed or corrupted XLS files. Attackers may exploit this issue to execute arbitrary...
Radasm 2.2.1.6 - (.rap) Universal Buffer Overflow Exploit
No description provided by source. !/usr/bin/python + Radasm .rap Universal buffer overflow Exploit + Original : http://www.exploit-db.com/exploits/11392 + Exploit : Dzattacker [email protected] header1= \x5b\x50\x72\x6f\x6a\x65\x63\x74\x5d\x0d\x0a\x41\x73\x73\x65\x6d\x62\x6c\x65\x72...
NASM 0.98.x Error Preprocessor Directive Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11991/info NASM is prone to a buffer overflow. This condition is exposed when the application attempts to assemble a source file that contains malformed '%error' preprocessor directive arguments. Since the source file may...
Netrw 125 Vim Script Multiple Command Execution Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/30115/info Netrw is prone to multiple command-execution vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Successfully exploiting these issues can allow an attacker to execute...
Ultra Shareware Office Control ActiveX HttpUpload Buffer Overflow
No description provided by source. $Id: ultraofficehttpupload.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
Winamp 5.572 - whatsnew.txt SEH (meta)
No description provided by source. Title: Winamp 5.572 whatsnew.txt SEH MSF Author: Blake Published: 2010-04-15 Tested on Windows XP SP3 This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for...