Borland InterBase畸形报文远程栈溢出漏洞

BUGTRAQ ID: 29302 Borland InterBase是跨平台的高性能商业数据库。 Borland Interbase数据库在处理发送给默认TCP 3050端口的畸形报文时存在整数溢出漏洞，最终可能导致栈溢出，允许以系统权限执行任意指令。 Solaris版本中的漏洞代码段： /----------- inetacceptconnection+0x164: srl %o5, 0x10, %o7 inetacceptconnection+0x168: ld %l0 + 0xcc, %l1 inetacceptconnection+0x16c: sth %o7, %l1 + 8...

Tumbleweed SecureTransport vcst_eu.dll ActiveX控件远程栈溢出漏洞

BUGTRAQ ID: 28666 Tumbleweed SecureTransport是安全的文件传输解决方案，允许用户通过Internet传输敏感文件。 SecureTransport的FileTransfer ActiveX控件（vcsten.dll，CLSID：38681fbd-d4cc-4a59-a527-b3136db711d3）中存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞控制用户系统。 相关代码： interface IActiveXTransfer : IDispatch id0x00000007, helpstring"method TransferFile"...

Microsoft Visual FoxPro FPOLE.OCX ActiveX控件远程栈溢出漏洞（MS08-010）

BUGTRAQ ID: 25571 CVECAN ID: CVE-2007-4790 Visual FoxPro是微软发布的数据库开发工具。 Visual FoxPro的AcitveX控件实现上存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞控制用户系统。 Visual FoxPro的Foxtlib.ocx和fpole.ocx ActiveX控件没有正确地验证对FoxDoCmd方式的输入，如果用户受骗访问了恶意站点，就可能触发栈溢出，导致在用户浏览器会话中执行任意指令。 Microsoft Internet Explorer 7.0 Microsoft Internet Explorer 6...

aquick-overflow.txt

Application: QuickTime sub test bar = String515305, "A" foo.SetBgColor bar End Sub ===== 5Credits ===== laurent gaffié laurent.gaffieremovethisatgmaildotcom...

QuickTime 7.4.1 - 'QTPlugin.ocx' Multiple Stack Overflow Vulnerabilities

Application: QuickTime sub test bar = String515305, "A" foo.SetBgColor bar End Sub ===== 5Credits ===== laurent gaffié laurent.gaffieremovethisatgmaildotcom milw0rm.com 2008-02-13...

jetAudio <= 7.0.5 (.ASX) Remote Stack Overflow

Application: jetAudio 7.0.5 .ASX Remote Stack Overflow Web Site: http://www.cowonamerica.com/download/ Platform: Windows Bug:Remote Stack Overflow Extension: ASX special condition: none ------------------------------------------------------- 1 Introduction 2 Bug 3 Proof of concept 4 Credits...

jetAudio 7.0.5 - .asx Remote Stack Overflow (PoC)

jetAudio 7.0.5 - .asx Remote Stack Overflow PoC Application: jetAudio = 7.0.5 .ASX Remote Stack Overflow Web Site: http://www.cowonamerica.com/download/ Platform: Windows Bug:Remote Stack Overflow Extension: ASX special condition: none ------------------------------------------------------- 1...

jetAudio 7.0.5 - '.asx' Remote Stack Overflow (PoC)

Application: jetAudio = 7.0.5 .ASX Remote Stack Overflow Web Site: http://www.cowonamerica.com/download/ Platform: Windows Bug:Remote Stack Overflow Extension: ASX special condition: none ------------------------------------------------------- 1 Introduction 2 Bug 3 Proof of concept 4 Credits...

jetAudio <= 7.0.5 (.ASX) Remote Stack Overflow Exploit PoC

Exploit for unknown platform in category dos / poc ========================================================== jetAudio = 7.0.5 .ASX Remote Stack Overflow Exploit PoC ========================================================== Application: jetAudio = 7.0.5 .ASX Remote Stack Overflow Web Site:...

jetaudioasx-overflow.txt

Application: jetAudio 7.0.5 .ASX Remote Stack Overflow Web Site: http://www.cowonamerica.com/download/ Platform: Windows Bug:Remote Stack Overflow Extension: ASX special condition: none ------------------------------------------------------- 1 Introduction 2 Bug 3 Proof of concept 4 Credits...

Debian Security Advisory DSA 026-1 (bind)

The remote host is missing an update to bind announced via advisory DSA 026-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft DirectX SAMI File Parsing - Remote Stack Overflow

!/usr/bin/python Bug discovered by Jun Mao of VeriSign iDefense https://www.securityfocus.com/bid/26789 CVE-2007-3901 Coded by Matteo Memelli aka ryujin http://www.gray-world.net http://www.be4mind.com Tested on: Windows 2000 SP4 English, DirectX 7.0 4.07.00.0700...

Microsoft DirectX SAMI File Parsing - Remote Stack Overflow

Microsoft DirectX SAMI File Parsing - Remote Stack Overflow !/usr/bin/python Bug discovered by Jun Mao of VeriSign iDefense https://www.securityfocus.com/bid/26789 CVE-2007-3901 Coded by Matteo Memelli aka ryujin http://www.gray-world.net http://www.be4mind.com Tested on: Windows 2000 SP4 English...

skyfex-dos.txt

----------------------------------------------------------------------------- SkyFex Client 1.0 "Start" Method Remote Stack Overflow url: https://skyfex.com/ Author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org Technical details: File: SkyFexClient.ocx Ver.: 1.0.2.77...

SkyFex Client 1.0 - ActiveX &#039;Start()&#039; Method Remote Stack Overflow

----------------------------------------------------------------------------- SkyFex Client 1.0 "Start" Method Remote Stack Overflow url: https://skyfex.com/ Author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org Technical details: File: SkyFexClient.ocx Ver.: 1.0.2.77...

[ISR] - Novell Groupwise client remote stack overflow silently patched.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 || ISR || || Infobyte Security Research || www.infobyte.com.ar || 12.14.2007 || .:: SUMMARY Novell GroupWise Client Remote Stack Overflow Version: GroupWise 6.5.6, It is suspected that all previous versions of Groupwise Client are vulnerable. .::...

[Full-disclosure] [UPDATE]CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability

UPDATECA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability by cocoruderfrankruderathotmail.com http://ruder.cdut.net, updated on 2007.12.06 Summary: A remote stack overflow vulnerability exist in the RPC interface of CA BrightStor ARCServe BackUp. An arbitrary anonymou...

QuickTime RTSP Response Content-type remote stack rewrite exploit

Everyone Loves O|0+|O the Hypnotoad... |...| | | =o0O=====O0o=============================== | QuickTime RTSP Response Content-type | | remote stack rewrite exploit for IE 6/7 | | by Yag Kohha skyhole at gmail.com | =========================================== Exploit tested on: - Windows Vista -...

Apple QuickTime 7.2/7.3 RSTP Response Universal Exploit (cool)

No description provided by source. Everyone Loves O|0+|O the Hypnotoad... |...| | | =o0O=====O0o=============================== | QuickTime RTSP Response Content-type | | remote stack rewrite exploit for IE 6/7 | | by Yag Kohha skyhole at gmail.com |...

Apple QuickTime 7.2/7.3 - RSTP Response Universal

Everyone Loves O|0+|O the Hypnotoad... |...| | | =o0O=====O0o=============================== | QuickTime RTSP Response Content-type | | remote stack rewrite exploit for IE 6/7 | | by Yag Kohha skyhole at gmail.com | =========================================== Exploit tested on: - Windows Vista -...