CVE-2008-4063

CVE-2008-4063 affects Mozilla Firefox 3.x up to 3.0.2. The issue involves memory corruption in the layout engine via multiple vectors: (1) this==0 in nsContentList::Item, (2) Hindi/Indic IME interaction with the g key, and (3) inline frame protection when SortByContentOrder is invoked. Impact is ...

Mozilla crashes with evidence of memory corruption

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to the layout engine and 1 a zero value of the "this" variable in the...

CVE-2008-4063

Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to the layout engine and 1 a zero value of the "this" variable in the...

Linux Kernel 2.4.x-2.6.x Assembler Inline Function Local DoS Exploit

No description provided by source. / ----------------------------------------------------------------------------- frstor Local Kernel exploit Crashes any kernel from 2.4.18 to 2.6.7 because frstor in assembler inline offsets in memory by 4. Original proof of concept code by [email protected]. Added...

Kill IceSword-vulnerability warning-the black bar safety net

Posted By Inking This article is a study of the Rootkit... and the SSDT Hook magical－against ring0 inline hook after the results. According to the SSDT Hook magical－against ring0 inline hook said, IceSword inline Hook the NtOpenProcess function, but when I wrote out the code when how also unable ...

The Flash vulnerability used in shellcode analysis-vulnerability warning-the black bar safety net

Title: 【original】flash vulnerability used in shellcode analysis Author: Regulus small Cong Time: 2008-06-02,1 9:2 9 Links: http://bbs.pediy.com/showthread.php?t=65907 Author home page: http://hi.baidu.com/yicong2007 The purpose: purely to learn, do not for malicious purposes In recent days flash...

the flash vulnerability used in shellcode analysis-vulnerability warning-the black bar safety net

Title: 【original】flash vulnerability used in shellcode analysis Author: Regulus small Cong Time: 2008-06-02,1 9:2 9 Links: http://bbs.pediy.com/showthread.php?t=65907 Author home page: http://hi.baidu.com/yicong2007 The purpose: purely to learn, do not for malicious purposes In recent days flash...

Kill KV 2 0 0 8, Rising, etc. most of the mollusc-vulnerability warning-the black bar safety net

Article author: sudami [email protected] Information source: evil octal information security team www.eviloctal.com） Original source: http://hi.baidu.com/sudami/blog/item/a0f114dac68fe3dfb6fd481a.html Preface: Writing this article is not to spread the virus technology,but for the majority of compute...

maxthon2(voyagers 2) mxsafe. dll for web Trojan protection, and bypass-vulnerability warning-the black bar safety net

author: voidph4nt0m.org publish: 2007-09-27 http://www.ph4nt0m.org Text Mode maxthon2voyagers 2 mxsafe. dll for web Trojan protection as well as bypass ----------------------------------------------------------------------- maxthon2 boot time loading mxsafe. dll for some of the api hook. In the...

Apple iOS Command Shell, Bind TCP Inline

Listen for a connection and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 200 include Msf::Payload::Single include Msf::Payload::Osx include...

php523browse-overflow.txt

7ffdf020 7c911005 7c9110ed 00000001 00000000 shoutz go to Kevin Finisterre / if!functionexists'winbrowsefile' die'win32std extension is not available'; $shellcode= "\x2b\xc9\xb1\x51\xba\xbb\xb2\xd5\x31\xda\xda\xd9\x74\x24\xf4". "\x58\x31\x50\x0e\x83\xc0\x04\x03\xeb\xb8\x37\xc4\xf7\xd7\x5c"...

PHP <= 5.2.3 (php_win32sti) Local Buffer Overflow Exploit

No description provided by source. ?php / Inphex 317 Bytes , Windows Command Shell Bind TCP Inline , Architecture x86 , Windows TinyXP - vm. GET /script.php HTTP/1.1\n telnet 192.168.2.32 4444 Microsoft Windows XP Version 5.1.2600 C Copyright 1985-2001 Microsoft Corp. C:\apache...

PHP 5.2.3 - 'PHP_win32sti' Local Buffer Overflow (1)

7ffdf020 7c911005 7c9110ed 00000001 00000000 shoutz go to Kevin Finisterre / if!functionexists'winbrowsefile' die'win32std extension is not available'; $shellcode= "\x2b\xc9\xb1\x51\xba\xbb\xb2\xd5\x31\xda\xda\xd9\x74\x24\xf4". "\x58\x31\x50\x0e\x83\xc0\x04\x03\xeb\xb8\x37\xc4\xf7\xd7\x5c"...

phpmsql-local.txt

/ if!functionexists'msqlconnect' die'mSQL extension is not available'; $ret = "\xA3\x3D\x92\x7C"; shell32.dll -CALL EBP WindowsXP $shellcode= "\xbd\xdb\xc6\x38\x8f\xd9\xc9\xd9\x74\x24\xf4\x58\x31\xc9" . "\xb1\x51\x83\xc0\x04\x31\x68\x0e\x03\xb3\xc8\xda\x7a\xbf"...

CVE-2007-3452

SQL injection vulnerability in essentials/minutes/doc.php in eDocStore allows remote attackers to execute arbitrary SQL commands via the docid parameter in an inline action...

Snort Inline模式碎片重组拒绝服务漏洞

Snort是广泛部署的开放源码网络入侵检测系统（IDS）。很多其他IDS产品中也使用了Snort及其组件。 Snort Inline在处理畸形的碎片报文时存在漏洞，远程攻击者可能利用此漏洞导致Snort崩溃。 如果在Linux平台上以Inline模式运行Snort的话，且启用了Frag3同时禁用了ipconntrack，则如果向Snort发送了特制的碎片报文的话就会导致拒绝服务。 Snort Project Snort 2.7.0 beta 1 Snort Project Snort 2.6.1.2 Snort Project Snort 2.6.1.1...

snort-dos.txt

/ DOS Snort Inline Affected Versions: 2.6.1.1, 2.6.1.2, 2.7.0beta Requirements : Frag3 Enabled, Inline, Linux, ipconntrack disabled Antimatt3r [email protected] Offset needs to be supplied that would cause reassembly for different snort fragmentation reassembly policies. Since the first packet...

Snort 2.6.1.1/2.6.1.2/2.7.0 (fragementation) Remote DoS Exploit

Exploit for multiple platform in category dos / poc =============================================================== Snort 2.6.1.1/2.6.1.2/2.7.0 fragementation Remote DoS Exploit =============================================================== / DOS Snort Inline Affected Versions: 2.6.1.1, 2.6.1.2,...

Snort 2.6.1.12.6.1.22.7.0 - fragementation Remote Denial of Service

Snort 2.6.1.12.6.1.22.7.0 - fragementation Remote Denial of Service / DOS Snort Inline Affected Versions: 2.6.1.1, 2.6.1.2, 2.7.0beta Requirements : Frag3 Enabled, Inline, Linux, ipconntrack disabled Antimatt3r [email protected] Offset needs to be supplied that would cause reassembly for...

Windows Disable Windows ICF, Command Shell, Bind TCP Inline

Disable the Windows ICF, then listen for a connection and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 529 include Msf::Payload::Windows include...