1153 matches found
Imera ImeraIEPlugin ActiveX控件任意文件下载漏洞
Imera TeamLinks是桌面客户端软件,允许物理分不断组成员之间进行协作。 TeamLinks客户端的ImeraIEPlugin.dll库所提供的ImeraIEPlugin.Pilot.1 ActiveX控件没有正地的处理DownloadHost属性参数,如果用户受骗访问了恶意站点并向该属性传送了恶意参数的话,就可能导致向用户系统下载并执行任意文件。 Imera ImeraIEPlugin.dll 1.0.2.54 临时解决方法: 为CLSID 75CC8584-86D4-4A50-B976-AA72618322C6设置kill-bit。 厂商补丁: Imera -----...
FreeBSD/x86 - kill all processes - 12 bytes
No description provided by source. CoDed bY suN8Hclf DaRk-CodeRs Group productions, kid FreeBSD x86 kill all procesess 12 bytes shellcode Compile: nasm -f elf code.asm ld -e start -o code code.o Assembly code: ---------------------code.asm------------------- section .text global start start: xor...
Linux/x86 - Kill service apache2 + pure-ftpd + sshd - 81 bytes
No description provided by source. / Linux x86 | Kill Service - Apache2 - Pure-Ftpd - sshd Shellcode 81 bytes Auhtor: Jonathan Salwan js.rac.projet AT gmail.com Web: http://www.shell-storm.org Disassembly of section .text: 08048060 start: 8048060: 6a 0b push $0xb 8048062: 58 pop %eax 8048063: 99...
Enomaly ECP多个安全漏洞
BUGTRAQ ID: 33544 CVECAN ID: CVE-2008-4990,CVE-2009-0390 Enomaly ECP(之前名为Enomalism)是用于管理虚拟机的软件。 ECP的enomalism2.sh中存在多个安全漏洞,本地攻击者可以通过符号链接攻击以root用户权限覆盖任意系统文件、向kill命令注入参数以终止任意进程或向进程发送信号,或导致虚拟机无法启动。 Enomaly Elastic Computing Platform 2.1 临时解决方法: 将PIDFILE从/tmp/enomalism2.pid更改为/var/run/enomalism2.pid。...
Nokia Phoenix Service Software ActiveX控件多个缓冲区溢出漏洞
BUGTRAQ ID: 33726 Nokia Phoenix Service Software是用于刷机诺基亚手机的软件。 Nokia Phoenix Service...
Use the split function perfectly free to kill the marine to the top such as asp Trojan-vulnerability warning-the black bar safety net
We all know the“marine top”of the asp Trojan is very famous. But in fact really use it, but not much. The main reason is because it is too well known to be mollusc stare very tight, the feature code also many, so doingfree killis very difficult. A few days ago, in the Black anti-of on see hack214...
Design/Logic Flaw
Argument injection vulnerability in Enomaly Elastic Computing Platform ECP, formerly Enomalism, before 2.1.1 allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program...
CVE-2009-0390
Argument injection vulnerability in Enomaly Elastic Computing Platform ECP, formerly Enomalism, before 2.1.1 allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program...
CVE-2009-0390
Argument injection vulnerability in Enomaly Elastic Computing Platform ECP, formerly Enomalism, before 2.1.1 allows local users to send signals to arbitrary processes by populating the /tmp/enomalism2.pid file with command-line arguments for the kill program...
MetaProducts MetaTreeX ActiveX控件SaveToBMP()方式任意文件覆盖漏洞
BUGTRAQ ID: 33318 MetaTreeX是用于在Visual Basic、C++、VBA和Delphi应用程序中显示多级树状信息的ActiveX控件。 SaveToBMP.MetaTreeX ActiveX控件(MTXControl.OCX)没有正确地验证SaveToBMP方式的输入参数,如果远程攻击者受骗访问了恶意网页并向该方式传送了特制参数的话,就可能导致以当前登录用户权限覆盖任意系统文件。 MetaProducts MetaTreeX 1.5.100 临时解决方法: 为Clsid:67E66985-F81A-11D6-BC0F-F7B40157DC26设置kill...
AxisCamControl ActiveX Control Buffer Overflow
The remote host contins the AxisCamControl ActiveX control, which is used to control Axis network cameras. This control reportedly has a stack-based buffer overflow in its 'imagepantilt' property. If an attacker can trick a user on the affected host into viewing a specially crafted HTML document,...
Microsoft Works WkImgSrv.dll ActiveX Control WksPictureInterface vulnerability
Added: 01/08/2009 CVE: CVE-2008-1898 BID: 28820 OSVDB: 44458 Background Microsoft Works is a suite of productivity tools for home users. Problem The WkImgSrv.dll ActiveX control included in Microsoft Works allows command execution when a user loads a web page which instantiates the control with a...
Microsoft Works WkImgSrv.dll ActiveX Control WksPictureInterface vulnerability
Added: 01/08/2009 CVE: CVE-2008-1898 BID: 28820 OSVDB: 44458 Background Microsoft Works is a suite of productivity tools for home users. Problem The WkImgSrv.dll ActiveX control included in Microsoft Works allows command execution when a user loads a web page which instantiates the control with a...
Microsoft Works WkImgSrv.dll ActiveX Control WksPictureInterface vulnerability
Added: 01/08/2009 CVE: CVE-2008-1898 BID: 28820 OSVDB: 44458 Background Microsoft Works is a suite of productivity tools for home users. Problem The WkImgSrv.dll ActiveX control included in Microsoft Works allows command execution when a user loads a web page which instantiates the control with a...
Microsoft Works WkImgSrv.dll ActiveX Control WksPictureInterface vulnerability
Added: 01/08/2009 CVE: CVE-2008-1898 BID: 28820 OSVDB: 44458 Background Microsoft Works is a suite of productivity tools for home users. Problem The WkImgSrv.dll ActiveX control included in Microsoft Works allows command execution when a user loads a web page which instantiates the control with a...
Visual FoxPro vfp6r.dll ActiveX Control DoCmd command execution
Added: 12/19/2008 CVE: CVE-2008-0236 BID: 27205 OSVDB: 40380 Background Visual FoxPro is a tool for developing database applications. Problem The vfp6r.dll ActiveX control allows command execution when a user opens a web page which uses the DoCmd method. Resolution Set the kill bit for class ID...
Linksys WVC54GC NetCamPlayerWeb11gv2.ocx ActiveX控件栈溢出漏洞
BUGTRAQ ID: 32665 CVECAN ID: CVE-2008-4391 Linksys WVC54GC是一款支持802.11g协议的无线网络摄像头。 Linksys WVC54GC摄像头的NetCamPlayerWeb11gv2.ocx文件提供一个名为NetCamPlayerWeb11gv2的ActiveX控件,该控件没有正确地过滤对SetSource方式所传送的输入参数。如果用户受骗浏览了特制的HTML文档并向该方式提供了超长输入参数的话,就可以触发栈溢出,导致浏览器崩溃或执行任意指令。 0 Linksys WVC54GC 1.19 临时解决方法:...
DEBIAN-CVE-2008-5378
arb-kill in arb 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/arbpids temporary file...
CVE-2008-5378
arb-kill in arb 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/arbpids temporary file...
Arbitrary file deletion
arb-kill in arb 0.0.20071207.1 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/arbpids temporary file...