Microsoft Office Excel PivotTable Cache Data Record Handling Overflow

Added: 08/19/2010 CVE: CVE-2010-2562 BID: 42199 OSVDB: 66991 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Excel is vulnerable to a stack buffer overflow due to a logic error when parsing...

Owning Virtual Worlds For Fun and Profit

I’m a security researcher. I find bugs in software, they get fixed. I write exploits, they give me a shell. It’s more or less always the same and it gets kind of boring. But there was one exploit I helped write back in 2007 that was a little different. This is the story of that exploit. Second Li...

A-PDF WAV to MP3 Converter 1.0.0 - '.m3u' Local Stack Buffer Overflow

Exploit Title: A-PDF WAV to MP3 Converter 1.0.0 .m3u Stack Buffer Overflow Author: d4rk-h4ck3r Date: 2010-07-17 Software Link: http://www.brothersoft.com/a-pdf-wav-to-mp3-converter-394393.html Greetz 2 : PASSEWORD , KAiSER-J , sec4ever , tli7a , All Tun!Sian h4ck3rz Spacial thanks 2 : MadjiX el...

Apple Releases QuickTime 7.6.7

Apple has released QuickTime 7.6.7 for Windows to address a vulnerability. This vulnerability is due to a stack buffer overflow that exists in QuickTime error logging. By convincing a user to open a specially crafted movie file, a remote attacker may be able to execute arbitrary code or cause a...

Xion Player 1.0.125 - Local Stack Buffer Overflow

Xion Player 1.0.125 - Local Stack Buffer Overflow !/usr/bin/python Title: Xion 1.0.125 Stack Buffer Overflow Date: August 13, 2010 Author: corelanc0d3r and dijital1 Grtz to dijital1 : I had a lot of fun working with you on this one ! : Grtz to dookie2000ca : Original Advisory:...

Xion Player 1.0.125 - Local Stack Buffer Overflow

!/usr/bin/python Title: Xion 1.0.125 Stack Buffer Overflow Date: August 13, 2010 Author: corelanc0d3r and dijital1 Grtz to dijital1 : I had a lot of fun working with you on this one ! : Grtz to dookie2000ca : Original Advisory: http://www.exploit-db.com/exploits/14517 hadji samir Platform: Window...

Microsoft Windows - ANI LoadAniIcon() Chunk Size Stack Buffer Overflow (HTTP) (MS07-017) (Metasploit)

$Id: ms07017aniloadimagechunksize.rb 9984 2010-08-12 16:56:41Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Sonique 2.0 - '.xpl' Remote Stack Buffer Overflow

source: https://www.securityfocus.com/bid/42434/info Sonique is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute arbitrary code in the context of the...

Apple Zaps JailbreakMe Bugs in Record Time

Less than two weeks after exploits for a pair of serious security vulnerabilities were fitted into an automated JailbreakMe.com exploit, Apple has rushed out a patch to block the jailbreaking of iPhone, iPad and iPod Touch devices. The iOS 3.2.2 for iPad and iOS 4.0.2 iPhone and iPod Touch update...

SopCast New 0Day Remote Exploit

Exploit for windows platform in category remote exploits =============================== SopCast New 0Day Remote Exploit =============================== Sopcast POC by Sud0 Tested on XP SP3 EN on VBox with IE 7 Spraying a lot to get a nice unicode usable address 0x20260078 I sprayed with a set of...

Mini-stream Ripper 3.1.2.1 - Local Buffer Overflow (DEP Bypass)

Mini-stream Ripper 3.1.2.1 - Local Buffer Overflow DEP Bypass / DISCLAIMER THIS PROGRAM IS NOT INTENDED TO BE USED ON OTHER COMPUTERS AND IT IS DESTINED FOR PERSONAL RESEARCH ONLY!!!! The programs are provided as is without any guarantees or warranty. The author is not responsible for any damage ...

Mini-stream Ripper v3.1.2.1 Buffer Overflow (DEP Bypass)

Exploit for windows platform in category local exploits ======================================================== Mini-stream Ripper v3.1.2.1 Buffer Overflow DEP Bypass ======================================================== / DISCLAIMER THIS PROGRAM IS NOT INTENDED TO BE USED ON OTHER COMPUTERS...

Apple QuickTime Streaming Debug Error Logging Buffer Overflow

Added: 08/05/2010 BID: 41962 OSVDB: 66636 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime is vulnerable to a stack buffer overflow in QuickTimeStreaming.qtx when processing specially crafted SMIL files. The crafted SMIL files contain an invalid and...

Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control stack buffer overflow

Overview The Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control contains a stack buffer overflow that could allow a remote attacker to execute arbitrary code on an affected system Description The Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control,...

Amlibweb NetOpacs webquery.dll Stack Buffer Overflow

This module exploits a stack buffer overflow in Amlib's Amlibweb Library Management System NetOpacs. The webquery.dll API is available through IIS requests. By specifying an overly long string to the 'app' parameter, SeH can be reliably overwritten allowing for arbitrary remote code execution. In...

EasyFTP Server 1.7.0.11 - 'LIST' Stack Buffer Overflow (Metasploit)

$Id: easyftplistfixret.rb 9953 2010-08-03 16:17:43Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Mini-stream RM-MP3 Converter/WMDownloader/ASX to MP3 Converter - Local Stack Buffer Overflow

Exploit Title: Mini-stream RM-MP3 Converter/WMDownloader/ASX to MP3 Converter Stack Buffer Overflow Exploit Tested on Windows XP SP3 Pro Found By : Cyber-Zone ABDELKHALEK https://www.securityfocus.com/bid/34494 The way exploit written is slightly different than above Vulnerability Refer:...

Hyleos ChemView - ActiveX Control Stack Buffer Overflow (Metasploit)

$Id: hyleoschemviewxactivex.rb 9935 2010-07-27 02:25:15Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

EasyFTP Server <= 1.7.0.11 LIST Command Stack Buffer Overflow

$Id: easyftplistfixret.rb 9935 2010-07-27 02:25:15Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Microsoft DNS RPC Service extractQuotedChar() Overflow (SMB)

$Id: ms07029msdnszonename.rb 9929 2010-07-25 21:37:54Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...