AZL-41176 CVE-2012-3425 affecting package syslinux for versions less than 6.04-11

The pngpushreadzTXt function in pngpread.c in libpng 1.0.x before 1.0.58, 1.2.x before 1.2.48, 1.4.x before 1.4.10, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service out-of-bounds read via a large availin field value in a PNG image...

Authentication flaw

Cisco Small Business IP phones with SPA 500 series firmware 7.4.9 and earlier do not require authentication for Push XML requests, which allows remote attackers to make telephone calls via an XML document, aka Bug ID CSCts08768...

CVE-2012-0333

Cisco Small Business IP phones with SPA 500 series firmware 7.4.9 and earlier do not require authentication for Push XML requests, which allows remote attackers to make telephone calls via an XML document, aka Bug ID CSCts08768...

Apple iOS < 7.0 Multiple Vulnerabilities

Binary data 8013.prm...

Nokia under scanner of Indian Intelligence Agency for its Push Email service and SMS !

Department of Telecommunication DOT has been asked by The Intelligence Bureau IB0 to stop the messaging services of Nokia in India until they can be monitored. Once again security concerns have clouded Intelligence department's mind and the incident is not first of its kind. Earlier too similar...

Car thieves can easily hack remote keyless systems !

Those remote key fobs nearly all automakers offer -- turns out they're fairly easy to hack so the bad guys can unlock your car and high-tail it before you even finish your shopping. Your only advantage: If your car has a remote that still requires a key, the bad guys can't start it easily, even...

NCH Officeintercom <= v5.20 Remote Denial of Service

Exploit for windows platform in category dos / poc ==================================================== NCH Officeintercom = v5.20 Remote Denial of Service ==================================================== !/usr/bin/python Exploit Title: NCH Officeintercom = v5.20 Remote Denial of Service...

NCH Officeintercom 5.20 - Remote Denial of Service

NCH Officeintercom 5.20 - Remote Denial of Service !/usr/bin/python Exploit Title: NCH Officeintercom = v5.20 Remote Denial of Service Vulnerability Date: 11/24/2010 Author: xsploited security URL: http://www.x-sploited.com/ Contact: xsploitedsecurity at x-sploited.com Software Link:...

Bugzilla Response Splitting

The version of Bugzilla hosted on the remote web server allows injection of arbitrary HTTP headers and content when Server Push is enabled in a browser. Note that the install also likely creates restricted reports in a known location and with predictable names, which can lead to a loss of...

Realtek HD Audio Control Panel 2.1.3.2 - Local Buffer Overflow

Realtek HD Audio Control Panel 2.1.3.2 - Local Buffer Overflow done by BraniX www.hackers.org.pl found: 2010.08.24 tested on: Windows XP SP3 Home Edition SafeSEH bypass App. has classic buffer overflow vulnerability it can be triggered by passing a too long argument as a startup parameter...

CVE-2010-3172

CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4.0.x before 4.0rc1, when Server Push is enabled in a web browser, allows remote attackers to inject arbitrary HTTP headers and content, and conduct HTTP response splitting attacks, via a crafted UR...

bds/x86-bindshell on port 2525 shellcode - 167 bytes

bds/x86-bindshell on port 2525 shellcode - 167 bytes. Shellcode exploit for bsd platform / ================================================== bds/x86-bindshell on port 2525 shellcode 167 bytes ================================================== / / -------------- bds/x86-bindshell on port 2525 167...

bds/x86 bindshell on port 2525 shellcode 167 bytes

Exploit for bsd/x86 platform in category shellcode ================================================== bds/x86-bindshell on port 2525 shellcode 167 bytes ================================================== / -------------- bds/x86-bindshell on port 2525 167 bytes ------------------------- AUTHOR :...

CVE-2009-2999

The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service application restart and network disconnection via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly a related issue to...

Design/Logic Flaw

The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service application restart and network disconnection via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly a related issue to...

CVE-2009-2999

The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service application restart and network disconnection via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly a related issue to...

WAP Push SI Impersonation

Security Advisory: Multiple Smartphones SMS Sender Obfuscation via WAP Push SI ------------------------------------------------------------------------------ Discovered by: Michael Mueller a.k.a. c0rnholio Contact: c0rnholio on domain netcologne.de Advisory Homepage:...

HTMLDOC html文件处理栈溢出漏洞

BUGTRAQ ID: 35727 HTMLDOC是用于将HTML文件和网页转换为适合在线查看和打印的索引HTML、PostScript和PDF文件的工具。 HTMLDOC的htmldoc/util.cxx文件中的sscanf和setpagesize函数存在栈溢出漏洞。如果用户受骗打开了包含有特制MEDIA SIZE标注的HTML文档的话，就可以触发这个溢出，导致执行任意指令。 Easy Software Products HTMLDOC 1.8.27 厂商补丁： Easy Software Products ----------------------...

BSD/x86 - execve(/bin/sh) &amp; setuid(0) - 29 bytes

No description provided by source. / BSD version FreeBSD, OpenBSD, NetBSD. [email protected] 29 bytes. -setuid0; -execve/bin/sh; / char shellcode= "\x31\xc0" // xor %eax,%eax "\x50" // push %eax "\xb0\x17" // mov $0x17,%al "\x50" // push %eax "\xcd\x80" // int $0x80 "\x50" // push %eax...

Linux/x86 - execve(&quot;/bin//sh/&quot;,[&quot;/bin//sh&quot;],NULL)

No description provided by source. / revenge-execve.c, v1.0 2006/10/14 16:32 Yet another linux execve shellcode.. linux/x86 execve"/bin//sh/","/bin//sh",NULL shellcode http://www.0xcafebabe.it [email protected] But this time it's 22 bytes We could start the shellcode with a mov instead of pus...