New Heap-Spray Exploit Tied To LZH Archive Decompression

Researchers found a vulnerability in the classic compression standard Lhasa, once a mainstay for game developers in the mid-’90s and still in use today. Researchers at Cisco’s security research arm, Cisco Talos, identified the vulnerability calling it as a classic heap-spray exploit. In a report...

Tango DropBox 3.1.5 + PRO - Activex HeapSpray

Tango DropBox 3.1.5 + PRO - Activex HeapSpray Tango DropBox Activex Heap Spray Exploit Version:3.1.5 + PRO The vulnerability lies in the COM component used eSellerateControl350.dll 3.6.5.0 method of the ''GetWebStoreURL' member. Vendor Homepage:http://etonica.com/dropbox/index.html Software...

Embarcadero ER/Studio XE2 Server Portal Code Execution

See: CVE-2011-2217 reference url: http://www.securityfocus.com/bid/48099 The mentioned product is vulnerable to the same issue. download url: https://downloads.embarcadero.com/free/erstudioportal ActiveX settings: ProgID: TomSawyer.DefaultExtFactory.5.5.3.238.VS7.1 CLSID:...

Mozilla Firefox 3.5 (Font tags) Remote Heap Spray Exploit

Exploit for windows platform in category remote exploits ========================================================= Mozilla Firefox 3.5 Font tags Remote Heap Spray Exploit ========================================================= !/usr/bin/env python FireFox 3.5 Heap Spray Exploit Originally...