Windows Browser Example Exploit

This template covers IE8/9/10, and uses the user-agent HTTP header to detect the browser version. Please note IE8 and newer may emulate an older IE version in compatibility mode, in that case the module won't be able to detect the browser correctly. This is an example Metasploit module to be used...

Windows Browser Example Exploit

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This exploit sample demonstrates how a typical browser exploit is written using commonly used components such as: HttpServer, BrowserAutopwn, RopDB, DOM Element Property...

Description of Windows Small Business Server 2008 Update Rollup 5

Description of Windows Small Business Server 2008 Update Rollup 5 Summary Windows Small Business Server Windows SBS 2008 Update Rollup 5 is now available. Windows SBS 2008 Update Rollup 5 will upgrade Windows Live ID Sign-in Assistant to version 6.5. Additionally, this update rollup includes the...

CVE-2016-3259

CVE-2016-3259 concerns memory corruption in Microsoft JScript 9, VBScript, and Chakra JavaScript engines used by Internet Explorer 9–11 and Edge, per the CVE entry and multiple related advisories. The connected documents corroborate a Chakra/JScript/VBScript memory corruption vulnerability that e...

CVE-2015-6134

Microsoft Internet Explorer 9 is affected by CVE-2015-6134 (Memory Corruption Vulnerability) where a crafted web site can trigger remote code execution or memory corruption. Root cause is memory corruption triggered by processing crafted content, with impact of potential remote code execution or ...

CVE-2015-0048

CVE-2015-0048 concerns Microsoft Internet Explorer 9, described as a remote memory corruption vulnerability that allows arbitrary code execution or a memory‑corruption–related DoS when visiting a crafted web page. The provided sources indicate remediation via security update MS15-009; affected sy...

CVE-2015-0028

CVE-2015-0028 affects Internet Explorer 9. The supplied connected data identifies a memory corruption vulnerability in IE9 that can be triggered via a crafted web site, enabling remote code execution or a denial of service. The issue is part of a broader set of memory‑corruption IE vulnerabilitie...

Advantech WebAccess dvs.ocx GetColor Buffer Overflow Exploit

This Metasploit module exploits a buffer overflow vulnerability in Advantec WebAccess. The vulnerability exists in the dvs.ocx ActiveX control, where a dangerous call to sprintf can be reached with user controlled data through the GetColor function. This Metasploit module has been tested...

CVE-2014-2791

CVE-2014-2791 affects Microsoft Internet Explorer (notably IE 9) and is a remote memory-corruption vulnerability triggered via a crafted web site. The issue allows remote code execution or memory corruption leading to a potential denial of service when a user visits a malicious page. Several conn...

MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

WSN Classifieds 6.2.12 and 6.2.18 - Multiple Vulnerabilities

No description provided by source. Exploit Title: WSN Classifieds v.6.2.12 & 6.2.18 Multiple Vulnerabilities Script Page : http://www.wsnclassifieds.com Date: 1-12-2011 Author : RandomStorm - http://www.randomstorm.com Avram Marius Gabriel d3v1l Tested on: Windows XP & Vista IE9 - Firefox 8.0 Not...

IBM Lotus iNotes dwa85W ActiveX Buffer Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

Adobe Reader X Atom Type Confusion Vulnerability Exploit

No description provided by source. Exploit Title: Adobe Reader X Atom Type Confusion Vulnerability Exploit Date: 7/3/2011 Author: Snake Shahriyar.j at gmail Version: Adobe Reader X 10.1 Tested on: 10.0.0 - 10.0.1 - Windows 7 - IE/FF/Opera CVE : CVE-2011-0611 This is the exploit I wrote for Abysss...

Novell GroupWise Client gwcls1.dll ActiveX Remote Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

More Details about Security Advisory 2963983 IE 0day

Today we released Security Advisory 2963983 regarding a potential vulnerability in Internet Explorer reported by FireEye and currently under investigation. We are working closely with FireEye to investigate this report of a vulnerability which was found used in very limited targeted attack: - the...

Immunity Canvas: IE_CARDSPACECLAIMCOLLECTION

Name| iecardspaceclaimcollection ---|--- CVE| CVE-2013-3918 Exploit Pack| CANVAS Description| iecardspaceclaimcollection Notes| CVE Name: CVE-2013-3918 VENDOR: Microsoft NOTES: - This exploits leaks a vtable pointer of a CTable object in order to bypass ASLR - We also leak the shellcode's address...

SIEMENS Solid Edge ST4 SEListCtrlX ActiveX Remote Code Execution Vulnerability

This Metasploit module exploits the SEListCtrlX ActiveX installed with the SIEMENS Solid Edge product. The vulnerability exists on several APIs provided by the control, where user supplied input is handled as a memory pointer without proper validation, allowing an attacker to read and corrupt...

SIEMENS Solid Edge ST4 SEListCtrlX - ActiveX Remote Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...

Siemens Solid Edge ST4 SEListCtrlX ActiveX Remote Code Execution

This module exploits the SEListCtrlX ActiveX installed with the Siemens Solid Edge product. The vulnerability exists on several APIs provided by the control, where user supplied input is handled as a memory pointer without proper validation, allowing an attacker to read and corrupt memory from th...

Default application configuration files are available for download

h3. Summary of The Bug By browsing to the following URL path user would be able to download any files under /confluence/WEB-INF/... code/s/1519/3/1.0//WEB-INF/...code The above URL will be accessible by any users including anonymous even to an instance that does not allow anonymous access h5. Not...