CUPS 1.1.x HPGL File Processor Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11968/info CUPS is reported prone to a remote buffer overflow vulnerability. The issue is reported to exist in the 'hpgl-input.c' source file and is because of a lack of sufficient boundary checks performed on data...

Subtitle Processor 7.7.1 SEH Unicode Buffer Overflow Exploit

No description provided by source. !/usr/bin/python I wanted to first of all thank all the people who took the time to help me. Peter Van Eeckhoutte AKA corelanc0d3r. Awesome tutorials and thanks for putting up with me! Jason Kratzer. Thanks a lot for helping me finish this exploit and showing me...

XIGLA Absolute Form Processor XE 1.5 'login.asp' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34463/info Absolute Form Processor XE is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker ...

Ruby on Rails XML Processor YAML Deserialization Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

Bajie Webserver 0.78/0.90 Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2388/info It is possible to execute arbitrary commands on a host running Bajie Webserver. A remote user can use Bajie's built-in upload feature to place malicious scripts on Bajie webservers. These uploaded scripts are...

Microsoft Unicode Scripts Processor - Remote Code Execution

No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | Final Binary Analysis | | | | || / \ || | | | || ||// \/|/ ''' ''' Title : Microsoft Unicode Scripts Processor Remote Code Execution Version : usp10.dll XP , Vista Analysis :...

Check Point Software Firewall-1 4.0/1 4.1 Fragmented Packets DoS

No description provided by source. source: http://www.securityfocus.com/bid/1312/info By sending illegally fragmented packets directly to or routed through Check Point FireWall-1, it is possible to force the firewall to use 100% of available processor time logging these packets. The FireWall-1...

Subtitle Processor 7.7.1 .M3U SEH Unicode Buffer Overflow

No description provided by source. $Id: subtitleprocessorm3ubof.rb 12461 2011-04-28 08:12:32Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

AMD K6 Processor Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/105/info A bug in Advance Micro Devices K6 processor allows non-privileged code to crash the machine. Under Linux 2.1.x a bug stops this vulnerability. $ cat a.s .text .align 4096 / r1 / .globl start start: movl start, %e...

SQLite Browser 2.0b1 - Local DoS Vulnerability

No description provided by source. Exploit Title: SQLite Browser 2.0b1 Local DoS Vulnerability Author: Nishant Das Patnaik Tested on: Windows XP SP2/SP3 x86, Vista x86, Windows 7 x64 Code : A specially crafted SQL file query can cause the the application to freeze and finally crash. The bug is th...

Liferay XSL - Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'activesupport/json'...

Solaris/x86 - Halt shellcode - 36 bytes

No description provided by source. / Title: Solaris/x86 - Halt shellcode - 36 bytes Auhtor: Jonathan Salwan submit AT shell-storm.org Web: http://www.shell-storm.org Twitter: http://twitter.com/jonathansalwan Date: 2010-05-20 Tested: SunOS opensolaris 5.11 snv111b i86pc i386 i86pc Solaris !Databa...

Absolute Form Processor XE-V 1.5 - Remote Change Pasword Exploit

No description provided by source. title Absolute Form Processor XE-V 1.5 Remote Change Pasword /title body bgcolor=FFFFFF text=000000 form name=form1 method=post action=http://www.xigla.com/absolutefp/demo/edituser.asp table width=96% border=0 cellspacing=2 cellpadding=2 align=center tr...

Absolute Form Processor XE-V 1.5 - (Auth Bypass) SQL Injection Vulnerability

No description provided by source. ----------------------------------------------------- ----------------------------------------------------- Absolute Form Processor XE-V 1.5 auth Bypass Remote Sql Injecion ----------------------------------------------------- Founder: ThE g0bL!NDz Home:...

ModSecurity < 2.5.9 - Remote Denial of Service Vulnerability

No description provided by source. ============================================= INTERNET SECURITY AUDITORS ALERT 2009-001 - Original release date: February 25th, 2009 - Last revised: March 19th, 2009 - Discovered by: Juan Galiana Lara - Severity: 7.8/10 CVSS Base Scored...

CVE-2014-1817

CVE-2014-1817 concerns a vulnerability in usp10.dll (Uniscribe) that affects multiple Windows versions (Server 2003 SP2, Vista, Server 2008/2008 R2, Windows 7/8/8.1, Server 2012/R2) and related Office components. The issue arises from processing a crafted EMF+ record in a font file, enabling remo...

Microsoft Lync Attendee Remote Code Execution Vulnerabilities (2967487)

This host is missing a critical security update according to Microsoft Bulletin MS14-036. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Live Meeting Remote Code Execution Vulnerability (2967487)

This host is missing a critical security update according to Microsoft Bulletin MS14-036. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Microsoft Lync Remote Code Execution Vulnerabilities (2967487)

This host is missing a critical security update according to Microsoft Bulletin MS14-036. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the Januar...