19 matches found
NTR ActiveX Control Check() Method Buffer Overflow
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
NTR ActiveX Control StopModule() Remote Code Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
NTR ActiveX Control StopModule() Remote Code Execution (CVE-2012-0267)
A remote code execution vulnerability has been reported in the NTR ActiveX 1.1.8...
NTR ActiveX Control Check() Method buffer overflow (CVE-2012-0266)
A remote code execution vulnerability has been reported in the NTR ActiveX 1.1.8...
NTR ActiveX Control Check() Method Buffer Overflow
Exploit for windows platform in category local exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...
NTR ActiveX Control Check() Method Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 HttpClients::IE, :uaminver = "6.0",...
NTR ActiveX Control Check() Method Buffer Overflow
This module exploits a vulnerability found in NTR ActiveX 1.1.8. The vulnerability exists in the Check method, due to the insecure usage of strcat to build a URL using the bstrParams parameter contents note: this is also the reason why the module won't allow you to modify the URIPATH, which leads...
Secunia Research: NTR ActiveX Control "StopModule()" Input Validation Vulnerability
====================================================================== Secunia Research 11/01/2012 - NTR ActiveX Control "StopModule" Input Validation Vulnerability - ====================================================================== Table of Contents Affected...
Secunia Research: NTR ActiveX Control Four Buffer Overflow Vulnerabilities
====================================================================== Secunia Research 11/01/2012 - NTR ActiveX Control Four Buffer Overflow Vulnerabilities - ====================================================================== Table of Contents Affected...
NTR ActiveX security vulnerabilities
Buffer overflow, unsafe method...
NTR ActiveX Control < 2.0.4.8 Multiple Vulnerabilities
At least one version of the NTR ActiveX control installed on the remote Windows host is earlier than 2.0.4.8. As such, it reportedly is affected by the following vulnerabilities : - Four stack-based buffer overflows exist involving the 'bstrUrl' parameter of the 'StartModule' method, the...
CVE-2012-0266
Multiple stack-based buffer overflows in the NTR ActiveX control before 2.0.4.8 allow remote attackers to execute arbitrary code via 1 a long bstrUrl parameter to the StartModule method, 2 a long bstrParams parameter to the Check method, a long bstrUrl parameter to the 3 Download or 4...
CVE-2012-0267
The StopModule method in the NTR ActiveX control before 2.0.4.8 allows remote attackers to execute arbitrary code via a crafted lModule parameter that triggers use of an arbitrary memory address as a function pointer...
DSquare Exploit Pack: D2SEC_NTR
Name| d2secntr ---|--- CVE| CVE-2012-0266 Exploit Pack| D2ExploitPack Description| NTR ActiveX Buffer Overflow Vulnerability Notes|...
Stack overflow
Multiple stack-based buffer overflows in the NTR ActiveX control before 2.0.4.8 allow remote attackers to execute arbitrary code via 1 a long bstrUrl parameter to the StartModule method, 2 a long bstrParams parameter to the Check method, a long bstrUrl parameter to the 3 Download or 4...
Null pointer dereference
The StopModule method in the NTR ActiveX control before 2.0.4.8 allows remote attackers to execute arbitrary code via a crafted lModule parameter that triggers use of an arbitrary memory address as a function pointer...
CVE-2012-0267
The StopModule method in the NTR ActiveX control before 2.0.4.8 allows remote attackers to execute arbitrary code via a crafted lModule parameter that triggers use of an arbitrary memory address as a function pointer...
CVE-2012-0266
CVE-2012-0266 : The NTR ActiveX control (pre-2.0.4.8) is affected by multiple stack-based buffer overflows. The vulnerability allows remote code execution via long inputs to: StartModule(bstrUrl), Check(bstrParams), and Download/DownloadModule (bstrUrl) during .ntr pathname or URL construction. E...
CVE-2012-0267
CVE-2012-0267 : The StopModule method of the NTR ActiveX control (before version 2.0.4.8) allows remote attackers to execute arbitrary code by passing a crafted lModule parameter that dereferences an arbitrary memory address as a function pointer. This vulnerability results in remote code executi...