PT-2021-17671 · Pillow +9 · Pillow +9

Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 8.1.1 Description: The issue allows attackers to cause a denial of service due to memory consumption. This occurs because the reported size of a contained image is not properly checked for an ICNS container, leading t...

Mozilla Firefox and Firefox ESR Information Disclosure Vulnerability

Mozilla Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. Mozilla Firefox and Firefox ESR programs retain network connections for icon resource retrieval after the browser window is closed, allowing remote attackers to exploit this vulnerability to trac...

Microsoft Windows Shell LNK Code Execution

This module exploits a vulnerability in the handling of Windows Shortcut files .LNK that contain an icon resource pointing to a malicious DLL. This creates an SMB resource to provide the payload inside a DLL, and generates a LNK file which must be sent to the target. This module requires...

Microsoft Windows Shell SMB LNK Code Execution Exploit

This Metasploit module exploits a vulnerability in the MS10-046 patch to abuse again the handling of Windows Shortcut files .LNK that contain an icon resource pointing to a malicious DLL. This creates an SMB resource to provide the payload and the trigger, and generates a LNK file which must be...

Microsoft Windows Shell File Format LNK Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Microsoft Windows Shell LNK Code Execution', 'Description' = %q This module exploits a vulnerability in the MS10-046 patch to abuse...

Microsoft Windows Shell File Format LNK Code Execution Exploit

This Metasploit module exploits a vulnerability in the MS10-046 patch to abuse again the handling of Windows Shortcut files .LNK that contain an icon resource pointing to a malicious DLL. This Metasploit module creates the required files to exploit the vulnerability. They must be uploaded to an U...

Microsoft Windows - Shell LNK Code Execution (MS10-046) (Metasploit)

$Id: ms10046shortcuticondllloader.rb 10404 2010-09-21 00:13:30Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Microsoft Windows Shell LNK Code Execution

This module exploits a vulnerability in the handling of Windows Shortcut files .LNK that contain an icon resource pointing to a malicious DLL. This module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path. This module requires Metasploit:...