Russian payment processor ChronoPay.com Hacked !

Criminals this week hijacked ChronoPay.com, the domain name for Russia's largest online payment processor, redirecting hundreds of unsuspecting visitors to a fake ChronoPay page that stole customer financial data. Reached via phone in Moscow, ChronoPay chief executive Pavel Vrublevsky said the...

CVE-2010-3970

Stack-based buffer overflow in the CreateSizedDIBSECTION function in shimgvw.dll in the Windows Shell graphics processor aka graphics rendering engine in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary...

Stack overflow

Stack-based buffer overflow in the CreateSizedDIBSECTION function in shimgvw.dll in the Windows Shell graphics processor aka graphics rendering engine in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary...

CVE-2010-3832

Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS before 4.2 on the iPhone and iPad allows remote attackers to execute arbitrary code on the baseband processor via a crafted Temporary Mobile Subscriber Identity TMSI field...

Heap overflow

Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS before 4.2 on the iPhone and iPad allows remote attackers to execute arbitrary code on the baseband processor via a crafted Temporary Mobile Subscriber Identity TMSI field...

CVE-2010-3832

Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS before 4.2 on the iPhone and iPad allows remote attackers to execute arbitrary code on the baseband processor via a crafted Temporary Mobile Subscriber Identity TMSI field...

Researchers Working Toward Processor-Specific Attacks

The last two decades have been a cake walk for malware authors. More than nine-tenths of the world’s computers run some variation of the same operating system – Microsoft’s Windows. A similarly sized super-majority use an array of applications from the same vendor: Microsoft Office, the Internet...

Microsoft Unicode Scripts Processor Remote Code Execution

Exploit for windows platform in category dos / poc ========================================================= Microsoft Unicode Scripts Processor Remote Code Execution ========================================================= Title : Microsoft Unicode Scripts Processor Remote Code Execution Versio...

Microsoft Unicode Scripts Processor - Remote Code Execution (MS10-063)

''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | Final Binary Analysis | | | | || / \ || | | | || ||// \/|/ ''' ''' Title : Microsoft Unicode Scripts Processor Remote Code Execution Version : usp10.dll XP , Vista Analysis : http://www.abysssec.com Vendor :...

Microsoft Unicode Scripts Processor - Remote Code Execution (MS10-063)

Microsoft Unicode Scripts Processor - Remote Code Execution MS10-063 ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | Final Binary Analysis | | | | || / \ || | | | || ||// \/|/ ''' ''' Title : Microsoft Unicode Scripts Processor Remote Code Execution Version :...

DEBIAN-CVE-2010-3476

Open Ticket Request System OTRS 2.3.x before 2.3.6 and 2.4.x before 2.4.8 does not properly handle the matching of Perl regular expressions against HTML e-mail messages, which allows remote attackers to cause a denial of service CPU consumption via a large message, a different vulnerability than...

MS10-063: Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution (2320113)

The version of Microsoft Windows or Microsoft Office on the remote host includes a version of the Unicode Script Processor Usp10.dll, also known as Uniscribe, which incorrectly validates a table in OpenType fonts. If an attacker can trick a user on the affected system into visiting a malicious...

Embedded Base-64 Encoded TTF Files (CVE-2010-2738)

Unicode Script Processor is a Windows component that enables a text layout client to format complex scripts. A remote code execution vulnerability has been reported in the way affected versions of Microsoft Windows incorrectly parse specific font types. A remote attacker could exploit this issue...

Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Route Switch Processor 720

Certain Cisco Catalyst 6500 Series and Cisco 7600 Router devices that run branches of Cisco IOS based on 12.2 can be vulnerable to a denial of service vulnerability that can prevent any traffic from entering an affected interface. For a device to be vulnerable, it must be configured for Open...

Microsoft Windows SMB Registry : OS Version and Processor Architecture

Nessus was able to determine the processor architecture, build lab strings, and the Windows OS version installed on the remote system by connecting to the remote registry with the supplied credentials. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid48942;...

Payment Processor Script (faq.htm farea) SQL Injection Exploit (.py)

Exploit for php platform in category web applications ==================================================================== Payment Processor Script faq.htm farea SQL Injection Exploit .py ==================================================================== !/usr/bin/env python -- coding:utf-8 --...

OpenOffice.org Microsoft Word File Processing Integer Underflow (CVE-2009-3301; CVE-2009-3302)

OpenOffice.org is an open source office suite that includes a word processor, a spreadsheet application, a presentation creator, an illustration drawer, a desktop database, and an equation editor. The product is made available for multiple platforms and languages. An integer underflow vulnerabili...

Solaris/x86 - Halt shellcode - 36 bytes

Solaris/x86 - Halt shellcode - 36 bytes. Shellcode exploit for solarisx86 platform / Title: Solaris/x86 - Halt shellcode - 36 bytes Auhtor: Jonathan Salwan Web: http://www.shell-storm.org Twitter: http://twitter.com/jonathansalwan Date: 2010-05-20 Tested: SunOS opensolaris 5.11 snv111b i86pc i386...

solaris/x86 - Halt shellcode - 36 bytes

Exploit for solaris/x86 platform in category shellcode ======================================= Solaris/x86 - Halt shellcode - 36 bytes ======================================= / Title: Solaris/x86 - Halt shellcode - 36 bytes Auhtor: Jonathan Salwan Web: http://www.shell-storm.org Twitter:...

Novell Netware FTP Remote Stack Overflow

No description provided by source. Application: Novell Netware FTP Remote Stack Overflow Platforms: Novell Netware 6.5 SP8 Exploitation: Remote Code Execution CVE Number: CVE-2010-0625 Novell TID: 3238588 Discover Date: 2009-07-23 Author: Francis Provencher Protek Research Lab's Blog:...