EUVD-2017-2412

Malware in sbrugna...

EUVD-2017-2397

Malware in sbrugna...

SUSE CVE-2005-4560

The Windows Graphical Device Interface library GDI32.DLL in Microsoft Windows allows remote attackers to execute arbitrary code via a Windows Metafile WMF format image with a crafted SETABORTPROC GDI Escape function call, related to the Windows Picture and Fax Viewer SHIMGVW.DLL, a different...

CVE-2020-0791

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka ‘Windows Graphics Component Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0898. Recent assessments: zeroSteiner at April 24, 2020 10:02pm UTC...

Microsoft Windows gdi32 Icon Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Description of the security update for the information disclosure vulnerabilities in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009: September 11, 2018

Description of the security update for the information disclosure vulnerabilities in Windows Embedded POSReady 2009 and Windows Embedded Standard 2009: September 11, 2018 Summary An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its...

Ayukov NFTP FTP Client Buffer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ayukov NFTP FTP Client Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability against Ayukov NFTPD...

Ayukov NFTP FTP Client 2.0 - Remote Buffer Overflow (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ayukov NFTP FTP Client Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability against Ayukov NFTPD...

Microsoft Windows Kernel - win32k!NtGdiGetFontResourceInfoInternalW Stack Memory Disclosure Exploit

Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1275 We have discovered that the nt!NtGdiGetFontResourceInfoInternalW system call discloses portions of uninitialized kernel stack memory to user-mode clients. This is caused by...

Microsoft Windows Kernel - win32k!NtGdiGetFontResourceInfoInternalW Stack Memory Disclosure

Microsoft Windows Kernel - win32k!NtGdiGetFontResourceInfoInternalW Stack Memory Disclosure / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1275 We have discovered that the nt!NtGdiGetFontResourceInfoInternalW system call discloses portions of uninitialized kernel stack memory...

CVE-2017-10775

XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to a "Read Access Violation starting at GDI32!ScriptGetCMapWithSurrogate+0x00000000000001cb."...

Design/Logic Flaw

XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to a "Read Access Violation starting at GDI32!ScriptGetCMapWithSurrogate+0x00000000000001cb."...

Design/Logic Flaw

XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at GDI32!ScriptStringAnalyse+0x00000000000001c8."...

CVE-2017-10775

CVE-2017-10775 affects XnView Classic for Windows (Version 2.40). A crafted .rle file can trigger a denial of service and potentially other unspecified impact due to a Read Access Violation starting at GDI32!ScriptGetCMapWithSurrogate+0x00000000000001cb. Root cause indicated is this access violat...

CVE-2017-10751

XnView Classic for Windows Version 2.40 might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to "Data from Faulting Address controls Branch Selection starting at GDI32!GenericEngineGetGlyphs+0x0000000000000133."...

Microsoft Windows 'GDI32.DLL' Information Disclosure Vulnerability (KB4019206)

This host is missing an important security update according to Microsoft KB4019206. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

PCMAN FTP Server 2.0.7 NLST Buffer Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'PCMAN FTP Server Buffer Overflow - NLST Command', 'Description' = %q This module exploits a buffer overflow vulnerability found...

PCMAN FTP Server 2.0.7 NLST Buffer Overflow Exploit

This Metasploit module exploits a buffer overflow vulnerability found in the NLST command of the PCMAN FTP version 2.0.7 Server. This requires authentication but by default anonymous credentials are enabled. This module requires Metasploit: http://metasploit.com/download Current source:...

Forticlient 5.2.3 Windows 10 x64 (Post Anniversary) - Privilege Escalation Exploit

Exploit for windows platform in category local exploits / Check these out: - https://www.coresecurity.com/system/files/publications/2016/05/Windows%20SMEP%20bypass%20U%3DS.pdf - https://labs.mwrinfosecurity.com/blog/a-tale-of-bitmaps/ Tested on: - Windows 10 Pro x64 Post-Anniversary - hal.dll:...

Microsoft Office PowerPoint 2010 GDI - GDI32!ConvertDxArray Insufficient Bounds Check Exploit

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=951 Platform: GDI on Windows 7 x86 reachable from Microsoft Office 2010 Class: Out of bounds memory access The following crash was observed in Microsoft Office 2010 running under...