Libmimedir - .VCF Memory Corruption (PoC)

Libmimedir - .VCF Memory Corruption PoC !/usr/bin/python libmimedir-free.py Libmimedir VCF Memory Corruption PoC CVE-2015-3205 Jeremy Brown jbrown3264/gmail June 2015 -Synopsis- Adding two NULL bytes to the end of a VCF file allows a user to manipulate free calls which occur during it's lexer's...

Libmimedir - '.VCF' Memory Corruption (PoC)

!/usr/bin/python libmimedir-free.py Libmimedir VCF Memory Corruption PoC CVE-2015-3205 Jeremy Brown jbrown3264/gmail June 2015 -Synopsis- Adding two NULL bytes to the end of a VCF file allows a user to manipulate free calls which occur during it's lexer's memory clean-up procedure. This could lea...

1 Click Audio Converter v2.3.6 - Activex Buffer Overflow

Document Title: =============== 1 Click Audio Converter v2.3.6 - Activex Buffer Overflow References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1505 View Video: https://www.youtube.com/watch?v=Ad0wHlHz0KU Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1504 Releas...

ZTE AC 3633R USB Modem - Multiple Vulnerabilities

Exploit Title: ZTE AC 3633R USB Modem Multiple Vulnerabilities Date: 4/06/2015 Exploit Author: Vishnu @dH3wK Vendor Homepage: http://zte.com.cn Version: 3633R Tested on: Windows, Linux Greetings from vishnu @dH4wk 1. Vulnerable Product Version - ZTE AC3633R MTS Ultra Wifi Modem 2. Vulnerability...

Golden FTP 5.00 Denial Of Service

!/usr/bin/python Both Golden Pro And Free FTP server is prone to a remote DOS vulnerability.POC Attackers can exploit this issue to execute arbitrary code or cause denial-of-service conditions. ------------------------------------------------------------------------- Exploit Title : Golden FTP...

Siemens SIMATIC S7-1200 CSRF Vulnerability

OVERVIEW Siemens has identified an CSRF Cross-Site Request Forgery vulnerability in the SIMATIC S7‑1200 CPUs. This vulnerability was reported directly to Siemens by Ralf Spenneberg, Hendrik Schwartke, and Maik Brüggemann from OpenSource Training. Siemens has produced a firmware update to mitigate...

YASUO - Scans for Vulnerable & Exploitable 3rd-party Web Applications

Yasuo is a ruby script that scans for vulnerable 3rd-party web applications. While working on a network security assessment internal, external, redteam gigs etc., we often come across vulnerable 3rd-party web applications or web front-ends that allow us to compromise the remote server by exploiti...

http-vuln-cve2015-1635 NSE Script

Checks for a remote code execution vulnerability MS15-034 in Microsoft Windows systems CVE2015-2015-1635. The script sends a specially crafted HTTP request with no impact on the system to detect this vulnerability. The affected versions are Windows 7, Windows Server 2008 R2, Windows 8, Windows...

Sendio ESP Information Disclosure Vulnerability

1. Advisory Information Title: Sendio ESP Information Disclosure Vulnerability Advisory ID: CORE-2015-0010 Advisory URL: Date published: 2015-05-22 Date of last update: 2015-05-22 Vendors contacted: Sendio Release mode: Coordinated release 2. Vulnerability Information Class: OWASP Top Ten 2013...

WordPress Video Gallery 2.8 Unprotected Mail Page

Exploit Title : Wordpress Video Gallery 2.8 Unprotected Mail Page Exploit Author : Claudio Viviani Website Author: http://www.homelab.it http://archive-exploit.homelab.it/1 Full HomelabIT Vulns Archive Vendor Homepage : http://www.apptha.com/category/extension/Wordpress/Video-Gallery Software...

SUSE SLES10 Security Update : Mozilla Firefox (SUSE-SU-2013:0306-1)

Mozilla Firefox is updated to the 10.0.12ESR version. This is a roll-up update for LTSS. It fixes a lot of security issues and bugs. 10.0.12ESR fixes specifically : MFSA 2013-01: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other...

[CORE-2015-0009] - SAP LZC/LZH Compression Multiple Vulnerabilities

Advisory Information Title: SAP LZC/LZH Compression Multiple Vulnerabilities Advisory ID: CORE-2015-0009 Advisory URL: http://www.coresecurity.com/advisories/sap-lzc-lzh-compression-multiple-vulnerabilities Date published: 2015-05-12 Date of last update: 2015-05-12 Vendors contacted: SAP Release...

Remotely Exploitable Vulnerabilities in SAP Compression Algorithms

The two primary compression algorithms used by SAP SE products, some of the most popular enterprise and business management software platforms on the market, contain multiple, remotely exploitable security vulnerabilities. Martin Gallo of Core Security Consulting Services found vulnerabilities in...

SAP LZC/LZH Compression Multiple Vulnerabilities

Advisory ID Internal CORE-2015-0009 1. Advisory Information Title: SAP LZC/LZH Compression Multiple Vulnerabilities Advisory ID: CORE-2015-0009 Advisory URL:https://www.coresecurity.com/core-labs/advisories/sap-lzc-lzh-compression-multiple-vulnerabilities Date published: 2015-05-12 Date of last...

Use-after-free due to Media Decoder Thread creation during shutdown — Mozilla

Security researchers Tyson Smith and Jesse Schwartzentruber reported a use-after-free during the shutdown process. This was caused by a race condition when media decoder threads are created during the shutdown process in some circumstances. This leads to a potentially exploitable crash when...

Out-of-bounds read and write in asm.js validation — Mozilla

Security researcher Dougall Johnson reported an out-of-bounds read and write in asm.js during JavaScript validation due to an error in how heap lengths are defined. This results in a potentially exploitable crash and could allow for the reading of random memory which may contain sensitive data...

Use-after-free during text processing with vertical text enabled — Mozilla

Security researcher Scott Bell used the Address Sanitizer tool to discover a use-after-free error during the processing of text when vertical text is enabled. This leads to a potentially exploitable crash...

Buffer overflow and out-of-bounds read while parsing MP4 video metadata — Mozilla

Security researcher laf.intel reported a buffer overflow and out-of-bounds read in the libstagefright library while parsing invalid metadata in MPEG4 video files. This can lead to a potentially exploitable crash...

Buffer overflow with SVG content and CSS — Mozilla

Using the Address Sanitizer tool, security researcher Atte Kettunen found a buffer overflow during the rendering of SVG format graphics when combined with specific CSS properties on a page. This results in a potentially exploitable crash...

Buffer overflow parsing H.264 video with Linux Gstreamer — Mozilla

Security researcher Aki Helin used the Address Sanitizer tool to find a buffer overflow during video playback on Linux systems. This was due to a problem in older versions of the Gstreamer plugin during the parsing of H.264 formatted video. This issue could be used to induce a possibly exploitabl...