288 matches found
CVE-2010-1818
CVE-2010-1818 affects Apple QuickTime QTPlugin.ocx (QuickTime 6.x and 7.x before 7.6.8). The vulnerability arises from an input validation error in the _Marshaled_pUnk parameter, triggering unmarshalling of an untrusted pointer and allowing remote code execution with the user’s privileges. Public...
Avast! 4.7 - 'aavmker4.sys' Local Privilege Escalation
!/usr/bin/python avast! 4.7 aavmker4.sys privilege escalation http://www.trapkit.de/advisories/TKADV2008-002.txt CVE-2008-1625 Tested on WindXpSp2/Sp3 Dep ON Matteo Memelli ryujin A-T offensive-security.com www.offensive-security.com Spaghetti & Pwnsauce - 17/04/2010 Tested on WinXPSP2/SP3 englis...
Mozilla Thunderbird < 2.0.0.24 Multiple Vulnerabilities
The installed version of Thunderbird is earlier than 2.0.0.24. Such versions are potentially affected by multiple vulnerabilities : - The columns of a XUL tree element can be manipulated in a particular way that would leave a pointer owned by the column pointing to freed memory. MFSA 2009-49 - A...
openSUSE Security Update : MozillaFirefox (MozillaFirefox-1312)
This update brings Mozilla Firefox to the 3.0.14 stable release. It also fixes various security issues: MFSA 2009-47 / CVE-2009-3069 / CVE-2009-3070 / CVE-2009-3071 / CVE-2009-3072 / CVE-2009-3073 / CVE-2009-3074 / CVE-2009-3075: Mozilla developers and community members identified and fixed sever...
IPSwitch WhatsUp Gold 8.03 Remote Buffer Overflow Exploit
Exploit for unknown platform in category remote exploits ========================================================= IPSwitch WhatsUp Gold 8.03 Remote Buffer Overflow Exploit ========================================================= !/usr/bin/perl LoWNOISE NotmuchG.pl v.1.5...
Real security information is hard to come by
Before you read this, I recommend you type "man memfrob" and "man strfry" on your nearest Linux system. I had no idea Linux libC had so many inside jokes. I think it says a lot about the character of the system. In other news, Real was finally told about my HelixServer remote, after a copy of...
Remote buffer overflow condition in post-query (CGI).
The overflow condition is very easily exploitable, since the code actually supplies the pointer to the exploit code itself, odd as it maye seem. The pointer thusly does not need to be second-guessed at all, making life much easier for crackers. Code excerpts; ... define MAXENTRIES 10000 typedef...
XFree86 server overflow - exploit issues
While trying to exploit this overflow, I noticed that the problem lies in lovely strcpy call, which overwrites stack. Unfortunately, any 'offending' non-alphanumeric characters are replaced with '' somewhere before. Uh, most of people will say "it's impossible to write alphanumeric shellcode, so ...