Exploit for Improper Access Control in Microsoft

CVE-2025-33073 PoC Exploit for the NTLM reflection SMB flaw...

Microsoft Windows 10.0.17134.648 HTTP -> SMB NTLM Reflection Leads to Privilege Elevation Exploit

Exploit for windows platform in category local exploits Microsoft Windows 10.0.17134.648 - HTTP - SMB NTLM Reflection Leads to Privilege Elevation Exploit VULNERABILITY DETAILS It's possible to use the NTLM reflection attack to escape a browser sandbox in the case where the sandboxed process is...

Microsoft Windows 10.0.17134.648 - HTTP -> SMB NTLM Reflection Leads to Privilege Elevation

VULNERABILITY DETAILS It's possible to use the NTLM reflection attack to escape a browser sandbox in the case where the sandboxed process is allowed to create TCP sockets. In particular, I was able to combine the issues mentioned below with a bug in Chromium to escape its sandbox. HTTP - SMB NTLM...

Microsoft Exchange Server NTLM Reflection EWS User Impersonation Vulnerability

This vulnerability allows remote attackers to impersonate arbitrary users on vulnerable installations of Microsoft Exchange Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the use of NTLM authentication in Exchange Server. NTLM responses produced ...

Microsoft Windows 8.1 - DCOM DCERPC Local NTLM Reflection Privilege Escalation (MS15-076)

Microsoft Windows 8.1 - DCOM DCERPC Local NTLM Reflection Privilege Escalation MS15-076 Source: https://github.com/monoxgas/Trebuchet Trebuchet MS15-076 CVE-2015-2370 Privilege Escalation Copies a file to any privileged location on disk Compiled with VS2015, precompiled exe in Binary directory...

Default Setting in Windows 7, 8.1 Could Allow Privilege Escalation

A default setting in both Windows 7 and 8.1 could allow local users to elevate privileges and in some situations, escape application sandboxes. The issue, something that leaves all current Windows client installations vulnerable, lies in the way the operating system handles authentication. In som...

SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6735)

The Mozilla Firefox was updated to version 3.5.6, fixing lots of bugs and various security issues. The following issues were fixed : - Crashes with evidence of memory corruption rv:1.9.1.6. MFSA 2009-65 / CVE-2009-3979 / CVE-2009-3980 / CVE-2009-3982 - bmo504843,bmo523816 Memory safety fixes in...

SuSE 10 Security Update : XULRunner (ZYPP Patch Number 6734)

The Mozilla XULRunner engine was updated to version 1.9.0.16, fixing lots of bugs and various security issues. The following issues were fixed : - Crashes with evidence of memory corruption 1.9.0.16. MFSA 2009-65 / CVE-2009-3979 / CVE-2009-3981 - bmo487872 NTLM reflection vulnerability. MFSA...

SuSE9 Security Update : epiphany (YOU Patch Number 12616)

This update brings Mozilla SeaMonkey to 1.1.19 fixing various bugs and security issues. The following security issues are fixed : - Mozilla developers took fixes from previously fixed memory safety bugs in newer Mozilla-based products and ported them to the Mozilla 1.8.1 branch so they can be...

Mozilla SeaMonkey < 1.1.19 Multiple Vulnerabilities

Binary data 801348.prm...

SeaMonkey < 1.1.19 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 1.1.19. Such versions are potentially affected by the following security issues : - The columns of a XUL tree element can be manipulated in a particular way that would leave a pointer owned by the column pointing to freed memory. MFSA 2009-49 - A...

SeaMonkey < 1.1.19 Multiple Vulnerabilities

Binary data 5479.prm...

mozilla -- multiple vulnerabilities

Mozilla Project reports: MFSA 2010-07 Fixes for potentially exploitable crashes ported to the legacy branch MFSA 2010-06 Scriptable plugin execution in SeaMonkey mail MFSA 2009-68 NTLM reflection vulnerability MFSA 2009-62 Download filename spoofing with RTL override MFSA 2009-59 Heap buffer...

openSUSE Security Update : seamonkey (seamonkey-1738)

The Mozilla SeaMonkey browser suite was updated to version 2.0.1, fixing lots of bugs and various security issues. The following issues were fixed : - MFSA 2009-65/CVE-2009-3979/CVE-2009-3981 Crashes with evidence of memory corruption 1.9.0.16 - MFSA 2009-68/CVE-2009-3983 bmo487872 NTLM reflectio...

SUSE: Security Advisory for MozillaFirefox (SUSE-SA:2009:063)

The remote host is missing updates announced in advisory SUSE-SA:2009:063. Copyright C 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...

openSUSE Security Update : MozillaFirefox (MozillaFirefox-1727)

The Mozilla Firefox was updated to version 3.0.16, fixing lots of bugs and various security issues. The following issues were fixed : - MFSA 2009-65/CVE-2009-3979/CVE-2009-3981 Crashes with evidence of memory corruption 1.9.0.16 - MFSA 2009-68/CVE-2009-3983 bmo487872 NTLM reflection vulnerability...

openSUSE Security Update : MozillaFirefox (MozillaFirefox-1727)

The Mozilla Firefox was updated to version 3.0.16, fixing lots of bugs and various security issues. The following issues were fixed : - MFSA 2009-65/CVE-2009-3979/CVE-2009-3981 Crashes with evidence of memory corruption 1.9.0.16 - MFSA 2009-68/CVE-2009-3983 bmo487872 NTLM reflection vulnerability...

SuSE 10 Security Update : XULRunner (ZYPP Patch Number 6736)

The Mozilla XULRunner engine was updated to version 1.9.0.16, fixing lots of bugs and various security issues. The following issues were fixed : - Crashes with evidence of memory corruption 1.9.0.16. MFSA 2009-65 / CVE-2009-3979 / CVE-2009-3981 - bmo487872 NTLM reflection vulnerability. MFSA...

SuSE 11 Security Update : XULRunner (SAT Patch Number 1716)

The Mozilla XULRunner engine was updated to version 1.9.0.16, fixing lots of bugs and various security issues. The following issues were fixed : - Crashes with evidence of memory corruption 1.9.0.16. MFSA 2009-65 / CVE-2009-3979 / CVE-2009-3981 - bmo487872 NTLM reflection vulnerability. MFSA...

SuSE 11 Security Update : Mozilla Firefox (SAT Patch Number 1709)

The Mozilla Firefox was updated to version 3.5.6, fixing lots of bugs and various security issues. The following issues were fixed : - Crashes with evidence of memory corruption rv:1.9.1.6. MFSA 2009-65 / CVE-2009-3979 / CVE-2009-3980 / CVE-2009-3982 - bmo504843,bmo523816 Memory safety fixes in...