10 matches found
PHP 5.4.3 'com_print_typeinfo()'远程代码执行漏洞
PHP是一种HTML内嵌式的语言 PHP comprinttypeinfo存在一个安全漏洞,允许攻击者执行任意代码。此漏洞影响windows平台上的php版本,在windows平台上其"COM"函数作为PHP核心的一部分。攻击者需要上传恶意PHP代码到服务器,攻击者可以通过"exec"使用PHP运行SHELL命令 0 PHP 5.4.3 厂商解决方案 目前没有详细解决方案提供: http://www.php.net/ // Exploit Title: PHP 5.4 5.4.3 Code Execution 0day Win32 // Exploit author: 0in...
PHP 5.4 Win32 Code Execution
// Exploit Title: PHP 5.4 5.4.3 Code Execution 0day Win32 // Exploit author: 0in Maksymilian Motyl // Email: 0indotemailatgmail.com // Bug with Variant type parsing originally discovered by Condis // Tested on Windows XP SP3 fully patched Polish =================== offset-brute.html...
CVE-2012-2423
The intu-help-qb aka Intuit Help System Async Pluggable Protocol handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, provide different responses to remote requests depending on whether a ZIP pathname is valid, which allows remote...
Design/Logic Flaw
The intu-help-qb aka Intuit Help System Async Pluggable Protocol handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, provide different responses to remote requests depending on whether a ZIP pathname is valid, which allows remote...
CVE-2012-2423
The intu-help-qb aka Intuit Help System Async Pluggable Protocol handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, provide different responses to remote requests depending on whether a ZIP pathname is valid, which allows remote...
Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption
Sources: http://skypher.com/index.php/2010/08/10/ms10-051/ http://code.google.com/p/skylined/issues/detail?id=17 import os, re, socket; webserverport = 28876; replies = r'^/$': 'text/html', """ iCounter = 0 function go var requesturl = location.protocol + "//" + location.host +...
Microsoft Msxml2.XMLHTTP.3.0 - Response Handling Memory Corruption (MS10-051)
Microsoft Msxml2.XMLHTTP.3.0 - Response Handling Memory Corruption MS10-051 Sources: http://skypher.com/index.php/2010/08/10/ms10-051/ http://code.google.com/p/skylined/issues/detail?id=17 import os, re, socket; webserverport = 28876; replies = r'^/$': 'text/html', """ iCounter = 0 function go va...
Microsoft Msxml2.XMLHTTP.3.0 - Response Handling Memory Corruption (MS10-051)
Sources: http://skypher.com/index.php/2010/08/10/ms10-051/ http://code.google.com/p/skylined/issues/detail?id=17 import os, re, socket; webserverport = 28876; replies = r'^/$': 'text/html', """ iCounter = 0 function go var requesturl = location.protocol + "//" + location.host +...
CVE-2007-6502
Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to obtain sensitive information via 1 the AdminName and AdminLevel parameters to fp2000/NEWSRVR.asp, which discloses usernames; and 2 certain XML HTTP requests to hosting/css.asp using Microsoft.XMLHTTP or...
Microsoft Windows XMLHTTP proxy problem
Because of insufficient request validation Msxml2.XMLHTTP ActiveX object can be used to proxy HTTML request via client browser...