Lucene search
+L

266 matches found

myhack58
myhack58
added 2015/04/15 12:0 a.m.96 views

Return-into-libc attack and Defense-bug warning-the black bar safety net

This article first analyzes the return-into-libc attack principle, were introduced in different platforms for the traditional return-into-libc attack of the experimental process and results. Then, this paper further introduces and explains the return-oriented programming attacks, this attack can...

2AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

Mac OS X <= 10.4.7 fetchmail Privilege Escalation Exploit (x86)

No description provided by source. !/usr/bin/perl getpwnedmail.pl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom This is a canibalized version of Kansas City POP Daemon Version 0.0 - Copyright c 1999 David Nicol [email protected] kevin-finisterres-mac-mini:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

LHA 1.x Multiple extract_one Buffer Overflow Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/10354/info LHA has been reported prone to multiple vulnerabilities that may allow a malicious archive to execute arbitrary code or corrupt arbitrary files when the archive is operated on. These issues are triggered in the...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Oracle Java 6 OBJECT tag "launchjnlp"/"docbase" Param Buffer Overflow Exploit

No description provided by source. Source: http://code.google.com/p/skylined/issues/detail?id=23 SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS ,dSSSSSSSSSSSS SSSS ,dSSY' SSSS SSSS SSSS SSSS SSSSb, SSSS ,dSSSSSSSSSSSS SSSSSSSSSSSSb,...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

MySQL 3.23.x mysqld Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7052/info A vulnerability has been discovered for MySQL that may allow the mysqld service to start with elevated privileges. An attacker can exploit this vulnerability by creating a DATADIR/my.cnf that includes the line...

7.1AI score
Exploits0
OSV
OSV
added 2014/04/09 10:57 a.m.4 views

UBUNTU-CVE-2014-1720

Use-after-free vulnerability in the HTMLBodyElement::insertedInto function in core/html/HTMLBodyElement.cpp in Blink, as used in Google Chrome before 34.0.1847.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving attributes...

7.5CVSS7.4AI score0.01369EPSS
Exploits0References5
seebug.org
seebug.org
added 2014/03/01 12:0 a.m.27 views

Srun3000计费系统 注入漏洞2

简要描述: Srun3000计费系统 注入漏洞2 详细说明: /srun3/srun/web/douser.php case "checkip": $user-userip=$POST"userip";//注入变量 $user-userloginname=$POST"userloginname"; if$user-checkUserIp//直接注入 echo "ok"; exit; break; function checkUserIp $sql = "SELECT COUNT FROM user WHERE userip='".$this-userip."' OR...

7.1AI score
Exploits0
UbuntuCve
UbuntuCve
added 2013/11/02 7:55 p.m.3 views

CVE-2013-4349

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4540. Reason: This candidate was MERGED into CVE-2012-4540, since it was later discovered that it affected an additional version, but it does not constitute a regression error. Notes: All CVE users should reference...

5.8AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2013/08/22 12:0 a.m.3 views

CVE-2013-4257

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-4256. Reason: This issue was MERGED into CVE-2013-4256 because it is the same type of vulnerability. Notes: All CVE users should reference CVE-2013-4256 instead of this candidate. All references and descriptions in this...

5.8AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2013/07/12 8:13 p.m.7 views

php: xml_parse_into_struct buffer overflow when parsing deeply nested XML

ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing depth, which allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted document that is processed by the xmlparseintostruct function...

6.8CVSS7.5AI score0.05186EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2013/01/15 12:0 a.m.17 views

Fedora Update for pl FEDORA-2013-0211

Check for the Version of pl OpenVAS Vulnerability Test Fedora Update for pl FEDORA-2013-0211 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of the...

7.5CVSS6.4AI score0.04019EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2012/11/12 12:0 a.m.22 views

vBulletin vBay 11.9 SQL Injection

!/usr/bin/env python -W ignore::DeprecationWarning """ VBay input variable "type" being assigned with the datatype NOHTML. Using this data type allows malicious attacks to still be executed. At line 448, it is used within the insert into statement, without any sanitization. POC - You will need to...

0.5AI score
Exploits0
The Hacker News
The Hacker News
added 2012/10/23 9:12 p.m.6 views

Sony PlayStation 3 hacked with custom firmware

The PlayStation 3 has been hacked before, originally with the PSJailbreak dongle and fail0verflow, but Sony managed to fight back with Firmware 3.60 which managed to ingeniously re-secure the console. But Hackers have released a custom firmware which allows compromised consoles to log into PSN,...

6.9AI score
Exploits0
NVD
NVD
added 2012/09/10 10:55 p.m.15 views

CVE-2012-2800

Unspecified vulnerability in the ffiviprocessemptytile function in libavcodec/ivicommon.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors in which the "tile size ... mismatches parameters" and triggers "writing into a too small...

10CVSS6.2AI score0.02891EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2012/09/10 12:0 a.m.22 views

CVE-2012-2800

Unspecified vulnerability in the ffiviprocessemptytile function in libavcodec/ivicommon.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors in which the "tile size ... mismatches parameters" and triggers "writing into a too small...

10CVSS7.2AI score0.02891EPSS
Exploits0References8
Packet Storm
Packet Storm
added 2011/06/18 12:0 a.m.18 views

myBloggie 2.1.6 SQL Injection

myBloggie 2.1.6 SQL-Injection, Advanced INSERT INTO Injection technique Software: myBloggie 2.1.6 Severity: High Author: Robin Verton Date: Jun. 12 2011 Vendor: http://mybloggie.mywebland.com/ Software Description: "myBloggie is considered one of the most simple, user-friendliest yet packed with...

0.6AI score
Exploits0
OSV
OSV
added 2011/03/18 4:55 p.m.3 views

DEBIAN-CVE-2009-5056

Open Ticket Request System OTRS before 2.4.0-beta2 does not properly enforce the moveinto permission setting for a queue, which allows remote authenticated users to bypass intended access restrictions and read a ticket by watching this ticket, and then selecting the ticket from the watched-ticket...

2.1CVSS6.7AI score0.00892EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2011/03/18 4:55 p.m.4 views

CVE-2009-5056

Open Ticket Request System OTRS before 2.4.0-beta2 does not properly enforce the moveinto permission setting for a queue, which allows remote authenticated users to bypass intended access restrictions and read a ticket by watching this ticket, and then selecting the ticket from the watched-ticket...

2.1CVSS5.6AI score0.00892EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2011/01/31 12:0 a.m.17 views

Fedora Update for chm2pdf FEDORA-2011-0454

Check for the Version of chm2pdf OpenVAS Vulnerability Test Fedora Update for chm2pdf FEDORA-2011-0454 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

6.9CVSS0.1AI score0.00362EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2010/11/08 12:0 a.m.42 views

ProFTPD IAC Remote Root Exploit

Exploit Title: ProFTPD IAC Remote Root Exploit Date: 7 November 2010 Author: Kingcope use IO::Socket; $numtargets = 13; @targets = Plain Stack Smashing Confirmed to work "FreeBSD 8.1 i386, ProFTPD 1.3.3a Server binary", PLATFORM SPEC "FreeBSD", OPERATING SYSTEM 0, EXPLOIT STYLE 0xbfbfe000, OFFSET...

0.5AI score
Exploits0
Rows per page
Query Builder