IrfanView FlashPix PlugIn - Double-Free

IrfanView FlashPix PlugIn - Double-Free Application: IrfanView FlashPix PlugIn Double-Free Vulnerability Platforms: Windows Exploitation: Remote code execution Secunia Number: SA47322 PRL: 2011-11 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter:...

IrfanView - .tiff Image Processing Buffer Overflow

IrfanView - .tiff Image Processing Buffer Overflow Application: IrfanView TIFF Image Processing Buffer Overflow Vulnerability Platforms: Windows Exploitation: Remote code execution Secunia Number: SA47065 PRL: 2011-10 Author: Francis Provencher Protek Research Lab's Website:...

CVE-2011-5045

creationtimestamp| type| source ---|---|--- 2011-12-19 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36468...

Mini-Stream 3.0.1.1 Buffer Overflow Exploit

Exploit for windows platform in category local exploits $Id: ministream.rb 14155 2011-11-04 08:20:43Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on...

MicroP 0.1.1.1600 (MPPL File) Stack Buffer Overflow

Exploit for windows platform in category local exploits $Id: micropmppl.rb 13114 2011-07-07 06:29:37Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on...

TutorialMS v1.4 (show) Remote SQL Injection Vulnerability

Summary TutorialMS is a free content management system, developed specifically for tutorial pages. It is written in PHP and uses MySQL as a database. TutorialMS offers all the usual features you need to build quick and easy your own tutorial page, without great programming knowledge. Description...

CA ARCserve D2D r15 - Web Service Servlet Code Execution

CA ARCserve D2D r15 - Web Service Servlet Code Execution Computer Associates ARCserve D2D r15 Web Service Apache Axis2 World Accessible Servlet Code Execution Vulnerability Poc product homepage: https://support.ca.com/phpdocs/0/8363/support/arcserved2dsupport.html vulnerability: The Tomcat Server...

CVE-2011-1021

creationtimestamp| type| source ---|---|--- 2010-12-18 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/15774...

Acrobat Reader 9.4 - Memory Corruption

Acrobat Reader 9.4 - Memory Corruption https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/15419.bin xplpdf.bin http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html...

Trend Micro Internet Security Pro ActiveX extSetOwner() Code Execution

Exploit for windows platform in category remote exploits ====================================================================== Trend Micro Internet Security Pro ActiveX extSetOwner Code Execution ====================================================================== trendmicroextsetowner.rb Tren...

Microsoft Internet Explorer - MSHTML Findtext Processing

/textarea function Search var textinput = document.getElementById"Abysssec"; var textRange = textinput.createTextRange; textRange.findTextunescape"%u4141",-1; textRange.selectdocument.getElementById'd'; document.body.appendChildtextinput; Abysssec...

Mozilla Firefox CSS - font-face Remote Code Execution

''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moabu-15-mozilla-firefox-css-font-face-remote-code-execution-vulnerability/...

CVE-2010-2752

creationtimestamp| type| source ---|---|--- 2010-09-25 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/15104...

Intel Video Codecs 5.0 - Remote Denial of Service

Intel Video Codecs 5.0 - Remote Denial of Service Intel Video Codecs 5 Remote Denial of Service Author: Matthew Bergin Website: http://berginpentesting.com/ Email: [email protected] Date: August 27, 2010 Filename: ir5032.dll Version: 5.2562.15.55 Description: A remote user can cause denia...

Adobe ExtendedScript Toolkit CS5 v3.5.0.52 (dwmapi.dll) DLL Hijacking Exploit

Summary The ExtendScript Toolkit ESTK 3.5.0 is a scripting utility included with Adobe® Creative Suite CS5 and other Adobe applications. The ESTK is used for creating, editing, and debugging JavaScript to be used for scripting Adobe applications. Description Adobe ExtendScript Toolkit CS5 suffers...

μTorrent (uTorrent) 2.0.3 - DLL Hijacking

Title: uTorrent =2.0.3 Dll Hijacking Local Exploits By: DrIDE Tested: Windows 7RC Note: These are additional DLL's with unsafe Load Paths Reference: http://www.exploit-db.com/exploits/14726/ If the payload .DLL file is renamed to any of these files and placed in the utorrent.exe directory, the...

CVE-2007-3336

creationtimestamp| type| source ---|---|--- 2010-08-14 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/14646...

Acrobat Acrobat - Font Parsing Integer Overflow

Acrobat Acrobat - Font Parsing Integer Overflow From the authors site: In this article, I'm going to share with you my observations and analysis on recent Adobe Acrobat Font Parsing vulnerability. Source document exists here: http://securityevaluators.com/files/papers/CrashAnalysis.pdf page 51-58...

LILDBI 1.2 Shell Upload

Exploit Title: LILDBI Shell Upload Vulnerability Date: 23.07.2010 Author: EraGoN Software Link: http://productos.bvsalud.org/product.php?id=lildbi-web〈=en Version: 1.2 Tested on: Ubuntu Linux - WinXP sp2/sp3 Dark Hackers Team Dork : allinurl:"/lildbi/ POC : The shell upload page :...

Sun Java Web Server 7.0 u7 Denial Of Service

Sun Java Web Sever 7.0 u7 Admin Interface DOS Software Package sjsws-70u7-windows-i586.zip 4fb8d1fb700d5649234a2891a4ecedea While attempting to verify http://www.exploit-db.com/exploits/14194/ which was not verified, I stumbled across semi amusing DOS: root@bt: nc -nv 192.168.48.134 8800 UNKNOWN...