Microsoft HSC URL RemoteCodeExecution (MS04-011) - Ver2 (CVE-2003-0907)

A vulnerability exist in the way Help and Support Center HSC validates URLs with the scheme hcp://. There is a vulnerability in the way the Microsoft Help and Support Center processes URL strings. The vulnerability could be exploited to run malicious JavaScript code in the security context of "My...

Intrasrv 1.0 Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Intrasrv 1.0 Buff...

CVE-2013-3129

Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...

RealPlayer 16.0.2.232 Multiple Vulnerabilities 0-Day

Remote Code Excution Proof Of Concept Mouse tracking Heap OverFlow This is private exploit. You can buy it at https://0day.today...

Mozilla Firefox ESR Multiple Vulnerabilities -01 (Feb 2013) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-0874

The 1 JMXInvokerHAServlet and 2 EJBInvokerHAServlet invoker servlets in JBoss Enterprise Application Platform EAP before 5.2.0, Web Platform EWP before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 do not require authentication by default in certain profiles, which might allow...

LShell 0.9.15 - Remote Code Execution

import paramiko import traceback from time import sleep Exploit lshell pathing vulnerability in = 0.9.15. Runs commands on the remote system. @dronesec if lensys.argv 4: print '%s: USER PW IP opt: port'%sys.argv0 sys.exit1 try: print '! .............................' print '! lshell = 0.9.15 remo...

CVE-2012-1916

@Mail WebMail Client in AtMail Open-Source before 1.05 allows remote attackers to execute arbitrary code via an e-mail attachment with an executable extension, leading to the creation of an executable file under tmp/...

LotusCMS 3.0 eval() Remote Command Execution

Exploit for php platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Microsoft .NET Framework and Microsoft Silverlight RCE Vulnerabilities (2651026)

This host is missing a critical security update according to Microsoft Bulletin MS12-016. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2009-3743

Off-by-one error in the InsMINDEX function in the TrueType bytecode interpreter in Ghostscript before 8.71 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via a malformed TrueType font in a document that trigger an integer overflow and a...

Microsoft Security Bulletin MS10-008 - Critical Cumulative Security Update of ActiveX Kill Bits (978262)

Microsoft Security Bulletin MS10-008 - Critical Cumulative Security Update of ActiveX Kill Bits 978262 Published: February 09, 2010 Version: 1.0 General Information Executive Summary This security update addresses a privately reported vulnerability for Microsoft software. This security update is...

AOL 9.1 SuperBuddy ActiveX Control remote code execution

Exploit for unknown platform in category remote exploits ======================================================== AOL 9.1 SuperBuddy ActiveX Control remote code execution ======================================================== Title: AOL 9.1 SuperBuddy ActiveX Control remote code execution CVE-I...

x10 Media Adult Script 1.7 Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ========================================================== x10 Media Adult Script 1.7 Multiple Remote Vulnerabilities ==========================================================...

ChinaGames - 'CGAgent.dll' ActiveX Remote Code Execution

ChinaGames CGAgent.dll ActiveX Remote Code Execution Exploit Exploit made by etirah Download: www.chinagames.com Problem DLL : CGAgent.dll Problem Func : CreateChinagamesparam1 Problem Param : param1 References: 1. http://bbs.pediy.com/showthread.php?t=87615 2. http://www.milw0rm.com/exploits/857...

CVE-2008-4472

The UpdateEngine class in the LiveUpdate ActiveX control LiveUpdate16.DLL 17.2.56, as used in Revit Architecture 2009 SP2 and Autodesk Design Review 2009, allows remote attackers to execute arbitrary programs via the second argument to the ApplyPatch method...

openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-5098)

This update brings Mozilla Thunderbird to security update version 2.0.0.12 Following security problems were fixed : - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling ...

xml2owl 0.1.1 showCode.php Remote Command Execution Vulnerability

Exploit for unknown platform in category web applications ================================================================= xml2owl 0.1.1 showCode.php Remote Command Execution Vulnerability =================================================================...

SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 3932)

This update brings Mozilla Firefox to security update version 2.0.0.5 Following security problems were fixed : - Crashes with evidence of memory corruption The usual collection of stability fixes for crashes that look suspicious but haven't been proven to be exploitable. MFSA 2007-18 25 were in t...

MyBulletinBoard (MyBB) < 1.1.3 - Remote Code Execution

!/usr/bin/perl Tue Jun 13 12:37:12 CEST 2006 [email protected] Exploit HOWTO - read this before flood my Inbox you bitch! - First you need to create the special user to do this use: ./mybibi.pl --host=http://www.example.com --dir=/mybb -1 this step needs a graphic confirmation so the exploit writ...