28 matches found
Microsoft Windows Remote Desktop Protocol CVE-2019-1489 Information Disclosure Vulnerability
Description Microsoft Windows Remote Desktop Protocol is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Windows XP SP3 Recommendations Block external acce...
KL-001-2015-004 : XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 KL-001-2015-004 : XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation Title: XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation Advisory ID: KL-001-2015-004 Publication Date: 2015.09.01 Publication URL:...
SiS Windows VGA Display Manager 6.14.10.3930 - Write-What-Where (PoC)
KL-001-2015-003 : SiS Windows VGA Display Manager Multiple Privilege Escalation Title: SiS Windows VGA Display Manager Multiple Privilege Escalation Advisory ID: KL-001-2015-003 Publication Date: 2015.09.01 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2015-003.txt 1...
XGI Windows VGA Display Manager 6.14.10.1090 - Arbitrary Write PoC
Exploit for windows platform in category dos / poc Title: XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2015-004.txt 1. Vulnerability Details Affected Vendor: Silicon Integrated Systems Corporation...
Advantech AdamView 4.30.003 - .gni Local Buffer Overflow (SEH)
Advantech AdamView 4.30.003 - .gni Local Buffer Overflow SEH !/usr/bin/env ruby Exploit Title: Advantech AdamView .gni SEH Buffer Overflow Date: Dec 09 2014 Vulnerability Discovery: Daniel Kazimirow and Fernando Paez - Core Security Exploit Author: Muhamad Fadzil Ramli Software Link:...
Microsoft XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation
No description provided by source. Title: Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-003 Publication Date: 2014.07.18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt 1. Vulnerability Details Affected Vendor: Microsof...
Microsoft XP SP3 MQAC.sys - Arbitrary Write Privilege Escalation Exploit
Exploit for windows platform in category local exploits Title: Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation Publication Date: 2014.07.18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt 1. Vulnerability Details Affected Vendor: Microsoft Affect...
Microsoft Windows XP SP3 - MQAC.sys Arbitrary Write Privilege Escalation
Microsoft Windows XP SP3 - MQAC.sys Arbitrary Write Privilege Escalation Title: Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-003 Publication Date: 2014.07.18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-003.txt 1...
Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation
Vulnerability Details Affected Vendor: Microsoft Affected Product: Bluetooth Personal Area Networking Affected Versions: 5.1.2600.5512 Platform: Microsoft Windows XP SP3 CWE Classification: CWE-123: Write-what-where Condition Impact: Privilege Escalation Attack vector: IOCTL CVE ID:...
HP Managed Printing Administration jobAcct Remote Command Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
HP Managed Printing Administration jobAcct Remote Command Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'HP Managed Printing Administration...
CVE-2012-1852
Heap-based buffer overflow in the Remote Administration Protocol RAP implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka "Remote Administration Protocol Heap Overflow...
CVE-2012-1853
CVE-2012-1853 is a stack-based buffer overflow in the Remote Administration Protocol (RAP) handling of the LanmanWorkstation service on Microsoft Windows XP SP3. The vulnerability arises from the RAP response processing in the LAN Manager/Remote Administration Protocol stack, allowing a remote at...
CVE-2012-1853
Stack-based buffer overflow in the Remote Administration Protocol RAP implementation in the LanmanWorkstation service in Microsoft Windows XP SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka "Remote Administration Protocol Stack Overflow Vulnerability."...
Race condition
Race condition in the thread-creation implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allows local users to gain privileges via a crafted application, aka "Win32k.sys Race Condition Vulnerability."...
Tivoli Provisioning Manager Express ActiveX RunAndUploadFile vulnerability
Added: 04/13/2012 CVE: CVE-2012-0198 BID: 52252 OSVDB: 79735 Background Tivoli Provisioning Manager Express for Software Distribution is a software inventory and distribution solution. Problem A buffer overflow vulnerability in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control...
HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution
Added: 01/26/2012 CVE: CVE-2011-4786 BID: 51396 OSVDB: 78306 Background HP Easy Printer Care Software is a tool to control and monitor up to 20 HP printers. Problem HP Easy Printer Care Software 2.5 and prior versions are vulnerable to remote code execution. The CacheDocumentXMLWithId method from...
CVE-2010-2743
The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layouts from disk, which allows local users to gain privileges via a crafted application, as demonstrated in the wild in July 2010 by the Stuxnet worm, a...
CVE-2010-3138
Untrusted search path vulnerability in the Indeo Codec in iac2532.ax in Microsoft Windows XP SP3 allows local users to gain privileges via a Trojan horse iacenc.dll file in the current working directory, as demonstrated by access through BS.Player or Media Player Classic to a directory that...
South River Technologies WebDrive Service Bad Security Descriptor Local Privilege Escalation
South River Technologies WebDrive Service Bad Security Descriptor Local Privilege Escalation. This module exploits a privilege escalation vulnerability in South River Technologies WebDrive. Due to an empty security descriptor, a local attacker can gain elevated privileges. Tested on South River...