eXtremail <= 2.1.1 memmove() Remote Denial of Service Exploit

No description provided by source. !/usr/bin/perl extremail-v3.pl Copyright c 2006 by [email protected] eXtremail =2.1.1 remote root POC x86-lnx by mu-b - Fri Oct 06 2006 Tested on: eXtremail 2.1.1 lnx eXtremail 2.1.0 lnx - Private Source Code -DO NOT DISTRIBUTE - http://www.digit-labs.org/ --...

Adobe Reader 10.1.4 JP2KLib&CoolType Crash PoC

No description provided by source. Title : Adobe Reader 10.1.4 JP2KLib&CoolType WriteAV Vulnerability Version : 10.1.4.38 Date : 2012-11-20 Vendor : http://www.adobe.com/ Impact : Med/High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : XP SP3 ENG Author : coolkaveh...

Nvidia Display Driver Service (Nsvr) - Local Buffer Overflow

Nvidia Display Driver Service Nsvr - Local Buffer Overflow / NVidia Display Driver Service Nsvr Exploit - Christmas 2012 - Bypass DEP + ASLR + /GS + CoE ============================================================= @peterwintrsmith Initial release 25/12/12 Update 25/12/12 - Target for 30 Aug 2012...

Researcher Who Found Nvidia Bug Confirms Security Update Clears Up Driver Zero Day

Nvidia has released a new driver for its graphics cards that includes a security update for a zero-day vulnerability in the Nvidia Display Driver Service that came to light on Christmas day. UK researcher Peter Winter-Smith posted vulnerability details and an exploit to Pastebin describing a stac...

Adobe Reader 10.1.4 - JP2KLib&amp;CoolType Crash (PoC)

Title : Adobe Reader 10.1.4 JP2KLib&CoolType WriteAV Vulnerability Version : 10.1.4.38 Date : 2012-11-20 Vendor : http://www.adobe.com/ Impact : Med/High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : XP SP3 ENG Author : coolkaveh...

Adobe Reader 10.1.4 - JP2KLibCoolType Crash (PoC)

Adobe Reader 10.1.4 - JP2KLibCoolType Crash PoC Title : Adobe Reader 10.1.4 JP2KLib&CoolType WriteAV Vulnerability Version : 10.1.4.38 Date : 2012-11-20 Vendor : http://www.adobe.com/ Impact : Med/High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : XP SP3 ENG Author : coolkav...

Adobe Reader 10.1.4 JP2KLib&CoolType WriteAV Vulnerability

The parsing routine is really complicated :D Write AV by some kind of not properly initialized array But the parameters of memmove, the counter And destiny pointer seems controllable with data from flatedecoded data. The wierd thing is the stream encoded with flatedecode can't decode properly via...

Winamp MAKI Buffer Overflow

This module exploits a stack based buffer overflow in Winamp 5.55. The flaw exists in the genff.dll and occurs while parsing a specially crafted MAKI file, where memmove is used in an insecure way with user controlled data. To exploit the vulnerability the attacker must convince the victim to...

ZDI-11-214: Adobe Shockwave CASt Chunk Parsing Remote Code Execution Vulnerability

ZDI-11-214: Adobe Shockwave CASt Chunk Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-214 June 14, 2011 -- CVE ID: CVE-2011-2112 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Player --...

Microsoft Reader 2.1.1.3143 - Integer Overflow (2)

Microsoft Reader 2.1.1.3143 - Integer Overflow 2 Source: http://aluigi.org/adv/msreader3-adv.txt Luigi Auriemma Application: Microsoft Reader http://www.microsoft.com/reader Versions: = 2.1.1.3143 PC version = 2.6.1.7169 Origami version the non-PC versions have not been tested Platforms: Windows,...

Microsoft Reader 2.1.1.3143 - Integer Overflow (2)

Source: http://aluigi.org/adv/msreader3-adv.txt Luigi Auriemma Application: Microsoft Reader http://www.microsoft.com/reader Versions: = 2.1.1.3143 PC version = 2.6.1.7169 Origami version the non-PC versions have not been tested Platforms: Windows, Windows Mobile, Tablet PC and UMPC devices Bug:...

Winamp 5.5.8.2985 (in_mod plugin) - Local Stack Overflow

!/usr/bin/python Pwn And Beans by Mighty-D and 7eK presents: Winamp 5.5.8.2985 inmod plugin Stack Overflow A Script Kiddie Friendly Production WINDOWS XP SP3 FULLY PATCHED - NO ASLR OR DEP BYPASS... yet Bug found by http://www.exploit-db.com/exploits/15248/ An improvement to...

Google Chrome HTTP响应处理缓冲区溢出漏洞

BUGTRAQ ID: 35462 CVECAN ID: CVE-2009-2121 Google Chrome是Google发布的开源WEB浏览器。 Google Chrome在处理HTTP服务器的响应时存在缓冲区溢出漏洞。如果用户受骗访问了恶意网站并从服务器接收到了包含有超长分块编码块大小的响应报文，就会在memmove中触发溢出，导致浏览器崩溃或执行任意代码。 Google Chrome 2.0.172.33 厂商补丁： Google ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

WinAMP 5.551 MAKI Parsing Integer Overflow

/ Winamp 5.551 MAKI Parsing Integer Overflow Exploit !!! Tested on :Vista sp1 and Xpsp3 Release Date :May 22 2009 Venders web site :http://www.winamp.com/ Version Tested:Winamp 5.551 Not vulnerable :Winamp 5.552 Credits to Monica Sojeong Hong down at vrt-sourcefire for the overflow...

DEBIAN-CVE-2008-1367

gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag DF from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signa...

CVE-2008-1367

CVE-2008-1367 corresponds to a Linux kernel issue where gcc 4.3.x may not emit a cld instruction while compiling string manipulation code (e.g., memcpy/memmove), preventing the direction flag (DF) from being reset and potentially causing memory copy in the wrong direction during signal handling. ...

CVE-2008-1367

gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag DF from being reset in violation of ABI conventions and cause data to be copied in the wrong direction during signa...

Integer overflow

Integer overflow in eXtremail 2.1.1 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long USER command containing "%s" sequences to the pop3 port 110/tcp, which are expanded to "%%s" before being used in the memmove function, possibly du...

eXtremail 2.1.1 - memmove() Remote Denial of Service

eXtremail 2.1.1 - memmove Remote Denial of Service !/usr/bin/perl extremail-v3.pl Copyright c 2006 by eXtremail 1,50 $maxlen = intrand50 + 1; 0, $maxlen 0.75 - 0, $maxlen 0x75 - 1 $pad1len = intrand$maxlen 0.75; 0, $maxlen - $pad1len/2 - 1, $maxlen - $pad1len/2 $pad2len = intrand$maxlen -...

eXtremail <= 2.1.1 memmove() Remote Denial of Service Exploit

Exploit for linux platform in category dos / poc ============================================================= eXtremail eXtremail 1,50 $maxlen = intrand50 + 1; 0, $maxlen 0.75 - 0, $maxlen 0x75 - 1 $pad1len = intrand$maxlen 0.75; 0, $maxlen - $pad1len/2 - 1, $maxlen - $pad1len/2 $pad2len =...