21 matches found
Microsoft DirectShow (msvidctl.dll) MPEG-2 Memory Corruption
No description provided by source. $Id: msvidctlmpeg2.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...
AoA DVD Creator 2.6.2 - ActiveX Exploit
No description provided by source. !-- Exploit Title: AoA DVD Creator ActiveX Date: 19.05.2014 Author: metacom Website: www.rstforums.com Software Link: www.aoamedia.com/aoadvdcreator.exe Version: 2.6.2 Tested on: Windows xp sp3EN IE 6.0 -- html object...
Novell iPrint Client 5.52 - ActiveX Control Buffer Overflow (Metasploit)
$Id: novelliprintgetdriversettings2.rb 11888 2011-03-07 02:28:15Z bannedit $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Image Viewer CP Gold v5.5 Image2PDF() Buffer Overflow (msf)
Exploit for windows platform in category remote exploits =========================================================== Image Viewer CP Gold v5.5 Image2PDF Buffer Overflow msf =========================================================== Image Viewer CP gold v5.5 Buffer Overflow Found by: bz1p AT...
IP2location.dll 1.0.0.1 Initialize() Buffer Overflow
IP2Location.dll v1.0.0.1 Initialize Buffer Overflow by sinn3r / IP2Location.dll v1.0.0.1 Initialize Buffer Overflow Vulnerable version : v1.0.0.1 checksum: d86933ab58720c384bdc081d33684f7d patched version : v1.0.0.1 checksum: bf66e2ef8be3c301b381cfb424ad0afc, v3.0.1.0 Found and coded by sinn3r...
Autodesk IDrop ActiveX Control Heap Memory Corruption
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Autodesk IDrop ActiveX Control Heap Memory Corruption', 'Description' = %q This module exploits a heap-based memory corruption...
EMC ApplicationXtender (KeyWorks) ActiveX Control Buffer Overflow
This module exploits a stack buffer overflow in the KeyWorks KeyHelp ActiveX Control KeyHelp.ocx 1.2.3120.0. This ActiveX Control comes bundled with EMC's Documentation ApplicationXtender 5.4. This module requires Metasploit: https://metasploit.com/download Current source:...
IBM Access Support ActiveX Control Buffer Overflow
This module exploits a stack buffer overflow in IBM Access Support. When sending an overly long string to the GetXMLValue method of IbmEgath.dll 3.20.284.0 an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...
Apple QuickTime 7.27.3 - RSTP Response Universal
Apple QuickTime 7.27.3 - RSTP Response Universal Everyone Loves O|0+|O the Hypnotoad... |...| | | =o0O=====O0o=============================== | QuickTime RTSP Response Content-type | | remote stack rewrite exploit for IE 6/7 | | by Yag Kohha skyhole at gmail.com |...
vmware-vielib-exec.txt
:. GOODFELLAS Security Research TEAM .: :. http://goodfellas.shellcode.com.ar .: vielib.dll 2.2.5.42958 VmWare Inc version 6.0.0 Remode Code Execution Exploit ============================================================================= Internal ID: VULWAR200707290. ----------- Introduction...
VMware Inc 6.0.0 CreateProcess Remote Code Execution Exploit
Exploit for unknown platform in category remote exploits ============================================================ VMware Inc 6.0.0 CreateProcess Remote Code Execution Exploit ============================================================ :. GOODFELLAS Security Research TEAM .: :...
avaxswf-write.txt
:. GOODFELLAS Security Research TEAM .: :. http://goodfellas.shellcode.com.ar .: Avaxswf.dll v.1.0.0.1 from Avax Vector software ActiveX Arbitrary Data Write ============================================================================ Internal ID: VULWAR200706264. Introduction ------------...
ms07-004.txt
and slightly modified - 2007.1.15 -- v: behavior: urlVMLRender; shellcode =...
MS Internet Explorer VML Remote Buffer Overflow Exploit (MS07-0 0 4)-vulnerability warning-the black bar safety net
In addition there is attention to detail: tested on WinXP SP2 Korean version fully patched except kb929969 & IE 6.0 sorry about that virus hit ratio is only about 1/5 The test environment is WinXP SP2 Korean version, in addition to kb929969, the other patch is complete, IE 6.0 The success rate of...
Technical note by Amit Klein: "Sending arbitrary HTTP requests with Flash 7/8 (+IE 6.0)"
Sending arbitrary HTTP requests with Flash 7/8 +IE 6.0 Amit Klein, August 2006 The trick ========= In 1, I showed how to forge parts of HTTP requests containing CRs and LFs using Flash. In that write-up, the data was part of the HTTP body section. However, combining the Content-Length overriding...
Sending multipart/form-data requests from Flash (with arbitrary headers)
Hello lists, In my original "Forging HTTP request headers with Flash" paper http://www.securityfocus.com/archive/1/441014, I mentioned forcing multipart/form-data input format to ensure that Flash's LoadVars isn't used to forge the request. However, there's a work-around for the attacker - using...
XSS Bug in OpenGear Server Website
0x0 Advisory ============== Web Penetrated By:- [email protected] ======================================= Hit :- Site Manipulation. ==== Vulnerability :- XSS Injection && CSS Injection OpenGear WebSite ============== BrowserStatus :- Windows IE 6.0 ============== Injections :- ========== 0x01 ' ...
icq-xss.txt
Title: ICQ Cross Site Scripting Author: Simo Ben youssef aka 6mOHaCk Date: 10 January 2006 MorX Security Research Team http://www.morx.org Service: Web/Chat Vendor: ICQ.com Vulnerability: Cross Site Scripting / Cookie-Theft / Relogin attacks Severity: Medium/High Tested on: Microsoft IE 6.0 and...
CVE-2002-0190
CVE-2002-0190 affects Microsoft Internet Explorer 5.01, 5.5 and 6.0. A malformed web page that requires NetBIOS connectivity can cause Zone Spoofing, allowing remote code execution under fewer security restrictions. OpenVAS entries reference the IE cumulative patch 890923 (MS05-020) as a remediat...
CVE-2002-0026
IE 5.5/6.0 remote code execution via an object handling asynchronous events after initial security checks. Exploitation would bypass scripting restrictions, enabling arbitrary script execution. Remediation notes in connected docs point to Microsoft MS02-005 (and MS05-020) patches; OpenVAS entries...