Microsoft Outlook Express 6.0 MHTML Forced File Execution Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem occurs due to the component...

Microsoft Outlook Express 6.0 MHTML Forced File Execution Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem occurs due to the component...

Adobe Shockwave Director tSAC - Chunk Memory Corruption

No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ ''' ''' Title : Adobe Shockwave Director tSAC Chunk memory corruption Version : dirapi.dll 11.5.7 Analysis : http://www.abysssec.com Vendor...

Music Animation Machine MIDI Player SEH BOF

No description provided by source. Exploit Title: Music Animation Machine MIDI Player MAMX SEH BOF Date 1/4/2011 Author: Acidgen mailto:spama t hgrayhat.se Software Link: http://www.musanim.com/player/MAMPlayer2006aug19035.zip Version: 2006aug19 Release 035 Tested on: Windows XP SP2 SE Virtualbox...

Windows RSH daemon <= 1.8 - Remote Buffer Overflow Exploit

No description provided by source. Windows RSH daemon = 1.8 Remote Buffer Overflow Exploit Exploit-DB mirror: http://www.exploit-db.com/sploits/2008-prdelka-vs-MS-rshd.tar.gz milw0rm.com 2008-01-21...

Gearbox Software Halo Game 1.x Client Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11724/info The Halo game client is reported prone to a remote denial of service vulnerability. It is reported that when using the in game browser to view a server list, a malicious reply from a server may crash the affect...

Raven Software Soldier Of Fortune 2 Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11735/info It is reported that Soldier of Fortune 2 is susceptible to a buffer overflow vulnerability. This issue is due to a failure of the application to perform sufficient bounds checking on user-supplied input prior t...

Elecard AVC_HD/MPEG Player 5.7 - Buffer Overflow

No description provided by source. !/usr/bin/env python Software: Elecard AVCHD/MPEG Player 5.7 SEH Author: sickness Download : http://www.elecard.com/en/products/end-user-software/playback/avchd-player.html PoC for Elecard MPEG: http://www.exploit-db.com/exploits/16237/ Tested : Windows XP...

PHP-Nuke 6.0 Web Mail Remote PHP Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6399/info A vulnerability has been discovered in the PHP-Nuke Web Mail module. When a user opens an email that contains an attachment, the file will be put in a remotely accessible web directory. It has been reported that...

PHP-Nuke 6.0 Web Mail Script Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6400/info A vulnerability has been discovered in the PHP-Nuke web mail module. Due to insufficient sanitization of HTML emails it is possible for an attacker to embed script code into malicious messages. Opening an email...

Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution

No description provided by source. !-- | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | Day 3 Binary Analysis | | | | || / \ || | | | || ||// \/|/ Title : Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Version : UfPBCtrl.DLL...

openSite 0.2.2 beta - Local File Inclusion Vulnerbility

No description provided by source. opensite-v0.2.2-beta === Local File Include vuln By n0n0x Homepage: http://priasantai.uni.cc/ Download script :http://sourceforge.net/projects/contentone/files/openSite/opensite-v0.2.2-beta/opensite-v0.2.2-beta.zip/download...

eDisplay Personal FTP server 1.0.0 - Multiple Post-Authentication Crash SEH (PoC)

No description provided by source. Title: eDisplay Personal FTP server 1.0.0 Multiple Post-Authentication Crash PoC From: The eh?-Team || The Great White Fuzz we're not sure yet Found by: loneferret Hat's off to dookie2000ca Disvovery date: 16/03/2010 Software link:...

Quicktech SQL Injection Vulnerability

No description provided by source. + Exploit Title : Quicktech Sql Injection Vulnerability + Author : eXeSoul + Contact : [email protected] + Date : 02-03-2011 + category: Web Apps SQli + HomePage : www.indishell.in + Version : all + Tested on : windows/linux + Vulnerability Style : PHP Sql...

plexusCMS 0.5 - XSS Remote Shell Exploit & Credentials Leak

No description provided by source. Exploit Title: plexusCMS 0.5 XSS Remote Shell Exploit Google Dork: allinurl: plx-storage Date: 22.02.2013 Exploit Author: neglomaniac Vendor Homepage: http://plexus-cms.org/ Version: 0.5 --- FILES backdoor.php simple commend execute backdoor commands.txt list of...

Clam AntiVirus <= 0.88.4 (rebuildpe) Remote Heap Overflow PoC

No description provided by source. Clam AntiVirus = 0.88.4 rebuildpe Remote Heap Overflow PoC Damian Put pucikatgazeta.pl [email protected] http://overflow.pl http://www.exploit-db.com/sploits/10172006-clampetiteheap.exe.bz2 milw0rm.com 2006-10-17...

Winamp 5.5.8 (in_mod plugin) Stack Overflow Exploit (SEH)

No description provided by source. !/usr/bin/python finally got time to finish what I started... Winamp 5.5.8.2985 inmod plugin Stack Overflow SEH WINDOWS XP SP3 EN Fully Patched Bug found by http://www.exploit-db.com/exploits/15248/ POC and Exploit by fdisk @fdiskyou e-mail: fdiskyou at...

Easy~Ftp Server 1.7.0.2 - Post-Authentication BoF (PoC)

No description provided by source. !/usr/bin/python Title: EasyFtp Server v1.7.0.2 Post-Authentication BoF PoC From: The eh?-Team || The Great White Fuzz we're not sure yet Found by: loneferret Hat's off to dookie2000ca Date Found: 13/02/2010 Developer contacted: 14/02/2010 Software link:...

Valve Software Source Engine - Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/36061/info Source Engine is prone to a format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. An attacker may...

OSX <= 10.8.4 - Local Root Privilege Escalation (py)

No description provided by source. !/usr/bin/python Original MSF Module: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/local/sudopasswordbypass.rb Exploit Title: OSX = 10.8.4 Local Root Priv Escalation Root Reverse Shell Date: 08-27-2013 Exploit Author: David...