Java Web Start tempbuff Stack Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Web Start. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the useEncodingDecl function used while...

Microsoft Office Web Components Spreadsheet ActiveX control URL parsing stack buffer overflow

Overview The Microsoft Office Web Components ActiveX controls contain a stack buffer overflow in the processing of URLs, which allows a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Office Web Components are ActiveX controls that provide...

Programmer's Notepad ctags栈缓冲区溢出漏洞

BUGTRAQ ID: 28119 Programmer's Notepad是免费的开源文本编辑器。 Programmer's Notepad在处理ctags输出时存在栈溢出漏洞，攻击者可能利用此漏洞控制用户系统。 如果用户受骗打开了特制的.c文件并使用了Jump To对话框的话，就可以触发这个溢出，导致执行任意指令。 pnotepad.org Programmer's Notepad 2.0.6.1 pnotepad.org ------------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Winamp Ultravox Streaming Metadata (in_mp3.dll) Buffer Overflow

This module exploits a stack buffer overflow in Winamp 5.24. By sending an overly long artist tag, a remote attacker may be able to execute arbitrary code. This vulnerability can be exploited from the browser or the Winamp client itself. This module requires Metasploit:...

GKrellM GKrellWeather 0.2.7 Plugin - Local Stack Buffer Overflow

GKrellM GKrellWeather 0.2.7 Plugin - Local Stack Buffer Overflow // source: https://www.securityfocus.com/bid/27744/info The GKrellWeather plugin for GKrellM is prone to a local stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying i...

SAP SAPLPD 6.28 Buffer Overflow

This module exploits a stack buffer overflow in SAPlpd 6.28 SAP Release 6.40 . By sending an overly long argument, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework cla...

Total Video Player 1.20 M3U File Local Stack Buffer Overflow Exploit

Exploit for unknown platform in category local exploits ==================================================================== Total Video Player 1.20 M3U File Local Stack Buffer Overflow Exploit ==================================================================== /0day Total Video Player V1.20 .M3...

Yahoo! Music Jukebox Yahoo! MediaGrid ActiveX control stack buffer overflow

Overview The Yahoo! Music Jukebox Yahoo! MediaGrid ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Yahoo! Music Jukebox is a music player for Microsoft Windows, which includes multip...

Aurigma ImageUploader ActiveX control stack buffer overflows

Overview The Aurigma ImageUploader ActiveX control contains multiple stack buffer overflow vulnerabilities, which may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Aurigma ImageUploader is an ActiveX control that provides the ability to upload pictures usin...

Novell NetWare LSASS CIFS.NLM Driver Stack Buffer Overflow

This module exploits a stack buffer overflow in the NetWare CIFS.NLM driver. Since the driver runs in the kernel space, a failed exploit attempt can cause the OS to reboot. This module requires Metasploit: https://metasploit.com/download Current source:...

Debian Security Advisory DSA 184-1 (krb4)

The remote host is missing an update to krb4 announced via advisory DSA 184-1. OpenVAS Vulnerability Test $Id: deb1841.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 184-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 183-1 (krb5)

The remote host is missing an update to krb5 announced via advisory DSA 183-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AOL Radio AOLMediaPlaybackControl.exe stack buffer overflow

Overview The AOL AOLMediaPlaybackControl application contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description AOL Radio includes several ActiveX controls to stream audio in web pages. The AOL AmpX and...

CVE-2007-6561

Multiple stack-based buffer overflows in PDFLib allow user-assisted remote attackers to execute arbitrary code via a long filename argument to the PDFloadimage function that results in an overflow in the pdcfsearchfopen function, and possibly other vectors...

ProWizard 4 PC 1.62 - Multiple Remote Stack Buffer Overflow Vulnerabilities

ProWizard 4 PC 1.62 - Multiple Remote Stack Buffer Overflow Vulnerabilities // source: https://www.securityfocus.com/bid/26953/info ProWizard 4 PC is prone to multiple stack-based buffer-overflow issues because it fails to perform adequate boundary checks on user-supplied data. Successfully...

Apple Mac OSX - mount_smbfs Local Stack Buffer Overflow

Apple Mac OSX - mountsmbfs Local Stack Buffer Overflow / Copyright C 2007-2008 Subreption LLC. All rights reserved. Visit http://blog.subreption.com for exploit development notes. References: CVE-2007-3876 http://docs.info.apple.com/article.html?artnum=307179...

Apple Mac OSX - 'mount_smbfs' Local Stack Buffer Overflow

/ Copyright C 2007-2008 Subreption LLC. All rights reserved. Visit http://blog.subreption.com for exploit development notes. References: CVE-2007-3876 http://docs.info.apple.com/article.html?artnum=307179 http://seclists.org/fulldisclosure/2007/Dec/0445.html...

iDefense Security Advisory 12.11.07: Microsoft DirectX 7 and 8 DirectShow Stack Buffer Overflow Vulnerability

iDefense Security Advisory 12.11.07 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 11, 2007 I. BACKGROUND Microsoft DirectShow, part of Microsoft DirectX, is used for the capture and playback of multimedia streams on Microsoft Windows systems. Synchronized Accessible Media Interchange...

samba security update

CentOS Errata and Security Advisory CESA-2007:1114-01 Updated samba packages that fix a security issue and a bug are now available for Red Hat Enterprise Linux. This update has been rated as having critical security impact by the Red Hat Security Response Team. Samba is a suite of programs used b...

Microsoft Message Queuing Service Stack Buffer Overflow Vulnerability

Description Microsoft Message Queuing MSMQ is prone to a stack-based buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges, facilitating the...