CVE-2022-32441

A memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service DoS via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at msvcrt!memcpy+0x0000000000000056...

Memory corruption

A memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service DoS via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at msvcrt!memcpy+0x0000000000000056...

HackTool.Win32.IpcScan.c Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/8f44374d587eb1657d25da9628cb2b87.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HackTool.Win32.IpcScan.c Vulnerability: Local Stack Buffer Overflow Description: Loading a specially...

CVE-2017-10736

XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at msvcrt!VECmemzero+0x000000000000006a."...

CVE-2017-10736

XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "User Mode Write AV starting at msvcrt!VECmemzero+0x000000000000006a."...

Firefox onreadystatechange Event DocumentViewerImpl Use After Free

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

Adobe Flash Player Object Type Confusion

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

Alt-N WebAdmin 2.0.x USER Parameter Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/8024/info Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM level privileges. /...

win32/xp sp3 (Ru) WinExec+ExitProcess cmd shellcode 12 bytes

No description provided by source. 68 9D 61 F9 77 push 0x77C01345 B8 C7 93 C1 77 mov eax,msvcrt.system FF D0 call eax In msvcrt.dll at 0x77C01344 We have string .cmd, that's the trick. Code will work in WinXP SP3 Pro Rus, in other versions you'd better search the string and systemchar address for...

Firefox XMLSerializer Use After Free

This module exploits a vulnerability found on Firefox 17.0 'Firefox XMLSerializer Use After Free', 'Description' = %q This module exploits a vulnerability found on Firefox 17.0 MSFLICENSE, 'Author' = 'regenrecht', Vulnerability Discovery, Analysis and PoC 'juan vazquez' Metasploit module ,...

Firefox onreadystatechange Event DocumentViewerImpl Use After Free

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Firefox...

Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Lianja SQL 1.0.0RC5.1 dbnetserver Sta...

Microsoft Internet Explorer - SLayoutRun Use-After-Free (MS13-009) (Metasploit) (1)

Microsoft Internet Explorer - SLayoutRun Use-After-Free MS13-009 Metasploit 1 This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

MS12-063 Microsoft Internet Explorer execCommand Use-After-Free Vulnerability

This module exploits a vulnerability found in Microsoft Internet Explorer MSIE. When rendering an HTML page, the CMshtmlEd object gets deleted in an unexpected manner, but the same memory is reused again later in the CMshtmlEd::Exec function, leading to a use-after-free condition. Please note tha...

MS12-037 Microsoft Internet Explorer Fixed Table Col Span Heap Overflow

This module exploits a heap overflow vulnerability in Internet Explorer caused by an incorrect handling of the span attribute for col elements from a fixed table, when they are modified dynamically by javascript code. This module requires Metasploit: https://metasploit.com/download Current source...

ComSndFTP 1.3.7 Beta USER Format String (Write4)

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'ComSndFTP v1.3.7 Beta USER Buffe...

MS12-004 midiOutPlayNextPolyEvent Heap Overflow

This module exploits a heap overflow vulnerability in the Windows Multimedia Library winmm.dll. The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using the Windows Media Player ActiveX control. Exploitation is done by supplying a speciall...

CVE-2012-0150

CVE-2012-0150 describes a buffer overflow in the C runtime library (msvcrt.dll) used by multiple Windows versions (Vista SP2, Server 2008 SP2/R2, Windows 7/7 SP1). The vulnerability arises when parsing a crafted media file, copying a version string into a fixed-length stack buffer, allowing remot...

KnFTP 1.0.0 Server Multiple Buffer Overflow Exploit (DoS PoC)

Exploit for windows platform in category dos / poc !/usr/bin/python Title: KnFTP Server Buffer Overflow Exploit DoS PoC From: The eh?-Team || The Great White Fuzz we're not sure yet Found by: loneferret kinda Bug that made me fuzz this app by Blake: http://www.exploit-db.com/exploits/17819/ Date...

MP3-Nator Buffer Overflow SEH-DEP Bypass

Exploit Title: Exploit Buffer Overflow MP3-Nator SEH - DEP BYPASS Date: 18-11-2010 Author: Muhamad Fadzil Ramli - mind1355atgmaildotcom Credit/Bug Found By: C4SS!0 G0M3S Software Link: http://www.brothersoft.com/d.php?softid=16524&url=http://files.brothersoft.com/mp3audio/players/mp3nator.zip...