Default configuration

An issue was discovered in Appalti & Contratti 9.12.2. The target web applications LFS and DL229 expose a set of services provided by the Axis 1.4 instance, embedded directly into the applications, as hinted by the WEB-INF/web.xml file leaked through Local File Inclusion. Among the exposed...

Exploit for Path Traversal in Microsoft

Fully Weaponized CVE-2021-40444 Malicious docx generator to e...

January 17, 2019—KB4480955 (Preview of Monthly Rollup)

January 17, 2019—KB4480955 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4480970 released January 8, 2019 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an...

June 21, 2018—KB4284842 ( Preview of Monthly Rollup)

June 21, 2018—KB4284842 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4284826 released June 12, 2018 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Updates the...

Cisco AnyConnect Secure Mobility Client 4.2.x < 4.2.5015.0 / 4.3.x < 4.3.2039.0 Privilege Escalation Vulnerability

The version of Cisco AnyConnect Secure Mobility Client installed on the remote Windows host is 4.2.x prior to 4.2.5015.0 or 4.3.x prior to 4.3.2039.0. It is, therefore, affected by a privilege escalation vulnerability due to incomplete validation of path names and file names at installation time....

CVE-2016-6369

Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x before 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464...

CVE-2016-6369

Cisco AnyConnect Secure Mobility Client before 4.2.05015 and 4.3.x before 4.3.02039 mishandles pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCuz92464...

Cisco AnyConnect Secure Mobility Client Local Privilege Escalation Vulnerability

A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. The vulnerability is due to incomplete input...

CVE-2015-4211

Cisco AnyConnect Secure Mobility Client 3.160 on Windows does not properly validate pathnames, which allows local users to gain privileges via a crafted INF file, aka Bug ID CSCus65862...

CVE-2015-4211

Cisco AnyConnect Secure Mobility Client on Windows has a local privilege escalation via path validation failure in the vpndownloader launcher (CMainThread::launchDownloader). A crafted DLL load path (DLL planting) and the downloader’s location bypass the intended checks, enabling a local user to ...

Cisco AnyConnect Client for Windows Privilege Escalation Vulnerability

A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to install and execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. The vulnerability is due to a lack of checks...

Windows OLE Package Manager CPackage::DoVerb() INF File Download Vulnerability

Added: 10/24/2014 CVE: CVE-2014-4114 BID: 70419 OSVDB: 113140 Background OLE Object Linking and Embedding is a technology that allows applications to share data and functionality, such as the ability to create and edit compound data, i.e., data that contains information in multiple formats. For...

Windows OLE Package Manager CPackage::DoVerb() INF File Download Vulnerability

Added: 10/24/2014 CVE: CVE-2014-4114 BID: 70419 OSVDB: 113140 Background OLE Object Linking and Embedding is a technology that allows applications to share data and functionality, such as the ability to create and edit compound data, i.e., data that contains information in multiple formats. For...

Windows OLE Package Manager CPackage::DoVerb() INF File Download Vulnerability

Added: 10/24/2014 CVE: CVE-2014-4114 BID: 70419 OSVDB: 113140 Background OLE Object Linking and Embedding is a technology that allows applications to share data and functionality, such as the ability to create and edit compound data, i.e., data that contains information in multiple formats. For...

Microsoft Windows - OLE Package Manager SandWorm

Microsoft Windows - OLE Package Manager SandWorm !/usr/bin/env python import os import zipfile import sys ''' Full Exploit: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/35019.tar.gz Very quick and ugly SandWorm CVE-2014-4114 exploit builder Exploit Title:...

MS14-060 Microsoft Windows OLE Package Manager Code Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "MS14-060 Microsoft Windows OLE Package Manager Code Execution", 'Description' = %q This module exploits a vulnerability found in...

MS14-060 Microsoft Windows OLE Package Manager Code Execution Exploit

This Metasploit module exploits a vulnerability found in Windows Object Linking and Embedding OLE allowing arbitrary code execution, publicly known as "Sandworm". Platforms such as Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable. This module...

MS14-060 Microsoft Windows OLE Package Manager Code Execution

This module exploits a vulnerability found in Windows Object Linking and Embedding OLE allowing arbitrary code execution, publicly known as "Sandworm". Platforms such as Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable. However, based on our...

Immunity Canvas: SANDWORM

Name| sandworm ---|--- CVE| CVE-2014-4114 Exploit Pack| CANVAS Description| Sandworm - MS14-060 - Windows OLE Remote Code Execution Vulnerability. Notes| Repeatability: Infinite Notes: This exploit creates a blank PPSX file Powerpoint show presentation, to use it you just have to add some stuff t...

CVE-2012-4054

Buffer overflow in the readfile function in CPE17 Autorun Killer 1.7.1 and earlier allows physically proximate attackers to execute arbitrary code via a crafted inf file...