59 matches found
Real Player 12.0.0.879 - Code Execution
Real Player 12.0.0.879 - Code Execution Exploit Title: Real Player 12.0.0.879 0day for WinXP Date: 09/07/2010 Author: webDEViL Version: 12.0.0.879 Tested on: WinXP This bug utilizes Microsoft Help vuln for RCE. You can test by browsing to http://krash.in/real-exp/exploit.ram...
Real Player 12.0.0.879 - Code Execution
Exploit Title: Real Player 12.0.0.879 0day for WinXP Date: 09/07/2010 Author: webDEViL Version: 12.0.0.879 Tested on: WinXP This bug utilizes Microsoft Help vuln for RCE. You can test by browsing to http://krash.in/real-exp/exploit.ram...
Microsoft Help Files (.CHM): 'Locked File' Feature Bypass
, , . .' '. ', . , '. , ., , / / / ==/ / / / / / / | Y Y / /| / /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. Microsoft Help Files .CHM: 'Locked File' Bypass Versions Affected: Windows XP, Windows Vista, Windows 7 pdf: http://www.security-assessment.com/files/advisories/WindowsLockedHelpFiles.pdf...
Microsoft Help Workshop HPJ OPTIONS Section Buffer Overflow (CVE-2007-0427)
The Microsoft Help Workshop product is a development tool that allows the design and development of help files frequently packaged with Windows based applications. The program is used to author help content and package it in Microsoft Help files such as HLP. There exists a buffer overflow...
Exodus 0.10 (uri handler) Arbitrary Parameter Injection Exploit
No description provided by source. !-- Exodus v0.10 remote code execution exploit by Nine:Situations:Group::strawdog This uses the "-l" argument to overwrite a file inside Microsoft Help and Support Center folders oh rgod... Firstly run netcat in listen mode to drop the vbscript shell run this...
Exodus 0.10 - URI Handler Arbitrary Parameter Injection (2)
Exodus 0.10 - URI Handler Arbitrary Parameter Injection 2 testfile echo Dim wshShell testfile echo Set wshShell = CreateObject"WScript.Shell" testfile echo wshShell.Run"cmd /c start calc" testfile echo ^ testfile nc -L -s 192.168.0.1 -p 5222 -vv click me click me milw0rm.com 2008-11-20...
Exodus 0.10 - URI Handler Arbitrary Parameter Injection (2)
testfile echo Dim wshShell testfile echo Set wshShell = CreateObject"WScript.Shell" testfile echo wshShell.Run"cmd /c start calc" testfile echo ^ testfile nc -L -s 192.168.0.1 -p 5222 -vv click me click me milw0rm.com 2008-11-20...
Exodus 0.10 (uri handler) Arbitrary Parameter Injection Exploit
Exploit for unknown platform in category remote exploits =============================================================== Exodus 0.10 uri handler Arbitrary Parameter Injection Exploit =============================================================== testfile echo Dim wshShell testfile echo Set...
exodus-injection.txt
testfile echo Dim wshShell testfile echo Set wshShell = CreateObject"WScript.Shell" testfile echo wshShell.Run"cmd /c start calc" testfile echo ^ testfile nc -L -s 192.168.0.1 -p 5222 -vv click me click me...
[Full-disclosure] iDefense Security Advisory 04.08.08: Microsoft HxTocCtrl ActiveX Control Invalid Param Heap Corruption Vulnerability
iDefense Security Advisory 04.08.08 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 08, 2008 I. BACKGROUND The HxTocCtrl ActiveX Control is a library used by the Microsoft Help engine. More information is available at the following website. http://en.wikipedia.org/wiki/MicrosoftHelp2 I...
Microsoft Help Workshop .CNT file buffer overflow
Added: 01/31/2007 CVE: CVE-2007-0352 BID: 22100 OSVDB: 31898 Background Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product. Problem A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user...
Microsoft Help Workshop .CNT file buffer overflow
Added: 01/31/2007 CVE: CVE-2007-0352 BID: 22100 OSVDB: 31898 Background Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product. Problem A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user...
Microsoft Help Workshop .CNT file buffer overflow
Added: 01/31/2007 CVE: CVE-2007-0352 BID: 22100 OSVDB: 31898 Background Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product. Problem A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user...
Microsoft Help Workshop .CNT file buffer overflow
Added: 01/31/2007 CVE: CVE-2007-0352 BID: 22100 OSVDB: 31898 Background Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product. Problem A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user...
Microsoft Help Workshop .HPJ file HLP field buffer overflow
Added: 01/26/2007 CVE: CVE-2007-0427 BID: 22135 OSVDB: 31899 Background Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product. Problem A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user...
Microsoft Help Workshop .HPJ file HLP field buffer overflow
Added: 01/26/2007 CVE: CVE-2007-0427 BID: 22135 OSVDB: 31899 Background Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product. Problem A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user...
Microsoft Help Workshop .HPJ file HLP field buffer overflow
Added: 01/26/2007 CVE: CVE-2007-0427 BID: 22135 OSVDB: 31899 Background Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product. Problem A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user...
Microsoft Help Workshop .HPJ file HLP field buffer overflow
Added: 01/26/2007 CVE: CVE-2007-0427 BID: 22135 OSVDB: 31899 Background Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product. Problem A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user...
CVE-2007-0427
Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 allows user-assisted remote attackers to execute arbitrary code via a help project .HPJ file with a long HLP field in the OPTIONS section...
Stack overflow
Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 allows user-assisted remote attackers to execute arbitrary code via a help project .HPJ file with a long HLP field in the OPTIONS section...