Microsoft Windows - GDI+ EMR_EXTTEXTOUTA EMR_POLYTEXTOUTA Heap Buffer Overflow (MS16-097)

Microsoft Windows - GDI+ EMREXTTEXTOUTA EMRPOLYTEXTOUTA Heap Buffer Overflow MS16-097 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=828 The Microsoft GDI+ implementation of the EMF format supports records corresponding to the ExtTextOutA and PolyTextOutA API functions. Both...

Microsoft Windows - GDI+ EMR_EXTTEXTOUTA / EMR_POLYTEXTOUTA Heap Buffer Overflow (MS16-097)

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=828 The Microsoft GDI+ implementation of the EMF format supports records corresponding to the ExtTextOutA and PolyTextOutA API functions. Both CEmfPlusEnumState::ExtTextOutA and CEmfPlusEnumState::PolyTextOutA handlers suffer from ...

UniPDF 1.1 - Crash PoC (SEH overwritten)

UniPDF version 1.1 suffers from a buffer overflow vulnerability. This is a SEH overwrite denial of service proof of concept exploit. Exploit Title: UniPDF v1.1 BufferOverflow, SEH overwrite DoS PoC Google Dork: none Date: 01/28/2015 Exploit Author: bonze Email: email protected Vendor Homepage:...

UniPDF 1.1 - Crash (PoC) (SEH)

UniPDF 1.1 - Crash PoC SEH Exploit Title: UniPDF v1.1 BufferOverflow, SEH overwrite DoS PoC Google Dork: none Date: 01/28/2015 Exploit Author: bonze Email: [email protected] Vendor Homepage: http://unipdf.com/ Software Link: http://unipdf.com/file/unipdf-setup.exe Redirect to:...

UniPDF 1.1 Buffer Overflow / Denial Of Service

Exploit Title: UniPDF v1.1 BufferOverflow, SEH overwrite DoS PoC Google Dork: none Date: 01/28/2015 Exploit Author: bonze Email: [email protected] Vendor Homepage: http://unipdf.com/ Software Link: http://unipdf.com/file/unipdf-setup.exe Redirect to: http://unipdf-converter.en.softonic.com/downlo...

UniPDF 1.1 - Crash (PoC) (SEH)

Exploit Title: UniPDF v1.1 BufferOverflow, SEH overwrite DoS PoC Google Dork: none Date: 01/28/2015 Exploit Author: bonze Email: [email protected] Vendor Homepage: http://unipdf.com/ Software Link: http://unipdf.com/file/unipdf-setup.exe Redirect to: http://unipdf-converter.en.softonic.com/downlo...

Orbit Downloader URL Unicode Conversion Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Orbit Downloader...

Orbit Downloader - URL Unicode Conversion Overflow (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Orbit Downloader...

Orbit Downloader URL Unicode Conversion Overflow

This module exploits a stack-based buffer overflow in Orbit Downloader. The vulnerability is due to Orbit converting a URL ascii string to unicode in an insecure way with MultiByteToWideChar. The vulnerability is exploited with a specially crafted metalink file that should be opened with Orbit...

Tencent's online security check controls the overflow analysis(not running it)-vulnerability warning-the black bar safety net

Software files: TSOBase. ocxUPX shell Software name: Tencent Online Safety Center Software description: Tencent's online security check controls Software version: 2 0 0 6, 1 2, 2 0, 4 Test platform: VC6+xp sp1 Affirm: This article is only for learning and exchange with,all the consequences of the...