650 matches found
facebook-overflow.txt
FaceBook PhotoUploader Buffer Overflow Exploit function Check var buf = unescape"%u4141"; while buf.length = 261 buf = buf + unescape"%u4141"; // win32exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378 Encoder=Alpha2 http://metasploit.com var shellcode1 =...
FaceBook PhotoUploader - 'ImageUploader4.ocx 4.5.57.0' Remote Buffer Overflow
FaceBook PhotoUploader Buffer Overflow Exploit function Check var buf = unescape"%u4141"; while buf.length = 261 buf = buf + unescape"%u4141"; // win32exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378 Encoder=Alpha2 http://metasploit.com var shellcode1 =...
CVE-2007-5657
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets...
DEBIAN-CVE-2007-6279
Multiple double free vulnerabilities in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed 1 Seektable values or 2 Seektable Data Offsets in a .FLAC file...
Double free
Multiple double free vulnerabilities in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed 1 Seektable values or 2 Seektable Data Offsets in a .FLAC file...
CVE-2007-6279
Multiple double free vulnerabilities in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed 1 Seektable values or 2 Seektable Data Offsets in a .FLAC file...
CVE-2007-6279
Multiple double free vulnerabilities in Free Lossless Audio Codec FLAC libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed 1 Seektable values or 2 Seektable Data Offsets in a .FLAC file...
texinfo-poc.txt
--==+=============================================+==-- --==+ texinfo = 4.9 format string vuln PoC +==-- --==+=============================================+==-- DISCOVERED BY: Cody Rester WEBSITE: www.codyrester.com --==+=============================================+==-- TIMELINE:...
Apple iOS Command Shell, Reverse TCP Inline
Connect back to attacker and spawn a command shell This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 152 include Msf::Payload::Single include Msf::Payload::Osx include...
MOPB-session.txt
?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan...
MS Windows (.doc File) Malformed Pointers Denial of Service Exploit
No description provided by source. / Microsoft Windows .doc File Malformed Pointers DoS &...
Microsoft Windows - .doc Malformed Pointers Denial of Service
Microsoft Windows - .doc Malformed Pointers Denial of Service /\ Microsoft Windows .doc File Malformed Pointers DoS Just move your mouse on the file and explorer crashes. If it does not try to look at file properties. Bug comes from Ole32.dll: CMP DWORD PTR DS:EAX+EBX,3 and we can set EAX, EDX an...
Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)
TIFF library libtiff before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecified vectors involving "unchecked arithmetic...
PHP 4.4.35.1.4 - sscanf Local Buffer Overflow
PHP 4.4.35.1.4 - sscanf Local Buffer Overflow ? / hoagiephpsscanf.php PHP = 4.4.3 / 5.1.4 local buffer overflow exploit howto get offsets: set $baseaddr to 0x41414141 ulimit -c 20000 /etc/init.d/apache restart execute script via web browser tail /var/log/apache/error.log ... Wed Aug 16 15:07:10...
Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)
TIFF library libtiff before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecified vectors involving "unchecked arithmetic...
Code injection
Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via malformed cell comments, which lead to modification of "critical data offsets" during the rebuilding process...
CVE-2006-2388
Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via malformed cell comments, which lead to modification of "critical data offsets" during the rebuilding process...
CVE-2006-2388
Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via malformed cell comments, which lead to modification of "critical data offsets" during the rebuilding process...
Microsoft Office Excel File Rebuilding Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. The specific flaw exists within the rebuilding of malformed cell comments. When Excel...
Sasser Worm ftpd Remote Buffer Overflow Exploit (port 5554)
Exploit for unknown platform in category remote exploits =========================================================== Sasser Worm ftpd Remote Buffer Overflow Exploit port 5554 =========================================================== / / // / / / / \ / / / / / / / // // / // / // //// -...