Visual Basic for Applications Single-Byte Stack Overwrite Vulnerability

CVE-2010-0815 在Microsoft Visual Basic的应用程序（VBA）的中，可以被恶意的人利用来可能危及用户的系统。 该漏洞是由于在一些分析代码时，在文件中搜索支持VBA中的ActiveX控件（如Office文档文本在 Vbe6.dll的错误）。这可以被利用来转换外的缓冲区的范围为0x00值0x2E通过一个特制的带有嵌入式的ActiveX文件一个字节的控制传递给VBA运行。 Microsoft Office 2003 Professional Edition Microsoft Office 2003 Small Business Edition Microsof...

Microsoft Patches Worm Holes in Mail Server, Visual Basic for Apps

Microsoft today issued patches for a pair of critical remote code execution vulnerabilities in Windows and Microsoft Office and urged affected users to apply the fixes as soon as possible. The most serious issue, addressed in the MS10-030 bulletin, affects Outlook Express, Windows Mail and Window...

HMS HICP Protocol + Intellicom - NetBiterConfig.exe Remote Buffer Overflow

HMS HICP Protocol + Intellicom - NetBiterConfig.exe Remote Buffer Overflow More info http://reversemode.com/index.php?option=comcontent&task=view&id=65&Itemid=1 ----- 1st PART "HMS HICP Protocol" AFAIK there is no public documentation about this protocol, if not so please let me know and I'll...

McAfee ePolicy Orchestrator / ProtectionPilot Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ class Metasploit3 'McAfee ePolicy Orchestrator /...

GLD (Greylisting Daemon) Postfix Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'GLD...

Format string

The silcasn1encoder function in lib/silcasn1/silcasn1encode.c in Secure Internet Live Conferencing SILC Toolkit before 1.1.8 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted OID value, related to incorrect use of a %lu format string...

Altap Salamander 2.5 PE Viewer Buffer Overflow

This module exploits a buffer overflow in Altap Salamander 'Altap Salamander 2.5 PE Viewer Buffer Overflow', 'Description' = %q This module exploits a buffer overflow in Altap Salamander MSFLICENSE, 'Author' = 'aushack' , 'References' = 'CVE', '2007-3314' , 'BID', '24557' , 'OSVDB', '37579' ,...

WINMOD 1.4 (.lst) Local Stack Overflow Exploit XP SP3 (RET+SEH) #3

Exploit for unknown platform in category local exploits ================================================================== WINMOD 1.4 .lst Local Stack Overflow Exploit XP SP3 RET+SEH 3 ================================================================== Winmod 1.4 .lst Local Stack Overflow Exploit...

Immunity Canvas: ACROBAT_JBIG

Name| acrobatjbig ---|--- CVE| CVE-2009-0658 Exploit Pack| CANVAS Description| Adobe Acrobat Reader 9.0 JBIG Parser Stack Overwrite Notes| CVE Name: CVE-2009-0658 VENDOR: Adobe Notes: Not to be used from IE via the HTTP Server as memory moves around too much. Instead, generate a PDF file and emai...

FileZilla FTP Server Admin Interface Denial of Service

This module triggers a Denial of Service condition in the FileZilla FTP Server Administration Interface in versions 0.9.4d and earlier. By sending a procession of excessively long USER commands to the FTP Server, the Administration Interface FileZilla Server Interface.exe when running, will...

WinVNC Web Server GET Overflow

This module exploits a buffer overflow in the AT WinVNC version 'WinVNC Web Server GET Overflow', 'Description' = %q This module exploits a buffer overflow in the AT&T WinVNC version 'aushack', 'License' = MSFLICENSE, 'References' = 'BID', '2306' , 'OSVDB', '6280' , 'CVE', '2001-0168' , ,...

RHEL 2.1 / 3 / 4 : gnupg (RHSA-2006:0754)

Updated GnuPG packages that fix two security issues are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. GnuPG is a utility for encrypting data and creating digital signatures. Tavis Ormandy discovered a stack overwrite flaw in t...

CVE-2006-6235

A "stack overwrite" vulnerability in GnuPG gpg 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory...

CVE-2006-6235

A "stack overwrite" vulnerability in GnuPG gpg 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory...

CVE-2006-6235

A "stack overwrite" vulnerability in GnuPG gpg 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory...

CVE-2006-6235

The CVE-2006-6235 vulnerability is a stack overwrite flaw in GnuPG (gpg) affecting 1.x versions before 1.4.6, 2.x before 2.0.2, and 1.9.0–1.9.95. A crafted OpenPGP packet can cause GnuPG to dereference a function pointer from deallocated stack memory, enabling arbitrary code execution. Multiple a...

CVE-2006-6235

A "stack overwrite" vulnerability in GnuPG gpg 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory...

CVE-2006-6235

A "stack overwrite" vulnerability in GnuPG gpg 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory...

gnupg security update

CentOS Errata and Security Advisory CESA-2006:0754 Updated GnuPG packages that fix two security issues are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. GnuPG is a utility for encrypting data and creating digital signatures...

security flaw

A "stack overwrite" vulnerability in GnuPG gpg 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory...