iDefense Security Advisory 05.24.11: IBM Lotus Notes Applix Attachment Viewer Stack Buffer Overflow

iDefense Security Advisory 05.24.11 http://labs.idefense.com/intelligence/vulnerabilities/ May 24, 2011 I. BACKGROUND IBM Corp.'s Lotus Notes software is an integrated desktop client option for accessing e-mail, calendars and applications on an IBM Corp. Lotus Domino server. More information can ...

PHP Socket connect() Stack Buffer Overflow

Hi there, This is a quick writeup about some fun with apache based on CVE-2011-1938 that was disclosed yesterday. While the first POC was literally just a trivial POC - the second one was written for self-educational purposes we leared quite a lot which is the most important thing and we hope it...

Magix Musik Maker 16 .mmm Stack Buffer Overflow

$Id: magixmusikmaker16mmm.rb 12688 2011-05-22 23:41:15Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Magix Musik Maker 16 .mmm Stack Buffer Overflow

This module exploits a stack buffer overflow in Magix Musik Maker 16. When opening a specially crafted arrangement file .mmm in the application, an unsafe strcpy will allow you to overwrite a SEH handler. This exploit bypasses DEP & ASLR, and works on XP, Vista & Windows 7. Egghunter is used, and...

7-Technologies IGSS IGSSdataServer.exe Stack Buffer Overflow

This module exploits a vulnerability in the igssdataserver.exe component of 7-Technologies IGSS up to version 9.00.00 b11063. While processing a ListAll command, the application fails to do proper bounds checking before copying data into a small buffer on the stack. This causes a buffer overflow...

ZDI-11-163: HP 3COM/H3C Intelligent Management Center tftpserver mode Remote Code Execution Vulnerability

ZDI-11-163: HP 3COM/H3C Intelligent Management Center tftpserver mode Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-163 May 10, 2011 -- CVE ID: CVE-2011-1851 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products:...

HP 3COM/H3C Intelligent Management Center tftpserver mode Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP 3com/H3C Intelligent Management Center. Authentication is not required to exploit this vulnerability. The flaw exists within the tftpserver.exe component which listens by default on UDP port 69...

BlueVoda Website Builder 11 - .bvp Local Stack Buffer Overflow

BlueVoda Website Builder 11 - .bvp Local Stack Buffer Overflow source: https://www.securityfocus.com/bid/47753/info BlueVoda Website Builder is prone to a stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it into an...

openSUSE Security Update : libmodplug (openSUSE-SU-2011:0350-1)

Libmodplug is vulnerable to a stack based buffer overflow when handling malicious S3M media files. CVE-2011-1574 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Updat...

WRF files (CVE-2010-3269)

The Cisco WebEx Player is an application that is used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. Cisco WebEx uses the proprietary WRF file format .wrf extension to store WebEx meeting recordings on the computer of an on-line meeti...

MJM QuickPlayer 1.00 beta 60a / QuickPlayer 2010 .s3m Stack BOF

Exploit for windows platform in category local exploits $Id: mjmquickplayers3m.rb 12474 2011-04-30 02:37:14Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information o...

ZDI-11-151: HP Data Protector Backup Client Service bm Message Processing Remote Code Execution Vulnerability

ZDI-11-151: HP Data Protector Backup Client Service bm Message Processing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-151 April 29, 2011 -- CVE ID: CVE-2011-1735 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected...

MJM Core Player 2011 .s3m Stack Buffer Overflow

Exploit for windows platform in category local exploits $Id: mjmcoreplayer2011s3m.rb 12473 2011-04-30 02:36:14Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more informatio...

ZDI-11-148: HP Data Protector Backup Client Service stutil Message Processing Remote Code Execution Vulnerability

ZDI-11-148: HP Data Protector Backup Client Service stutil Message Processing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-148 April 29, 2011 -- CVE ID: CVE-2011-1732 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected...

ZDI-11-145: HP Data Protector Backup Client Service GET_FILE Remote Code Execution Vulnerability

ZDI-11-145: HP Data Protector Backup Client Service GETFILE Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-145 April 29, 2011 -- CVE ID: CVE-2011-1729 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products:...

MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 .s3m Stack Buffer Overflow

This module exploits a stack buffer overflow in MJM QuickPlayer 1.00 beta 60a and QuickPlayer 2010 Multi-target exploit. When opening a malicious s3m file in one of these 2 applications, a stack buffer overflow can be triggered, resulting in arbitrary code execution. This exploit bypasses DEP &...

MJM Core Player 2011 .s3m Stack Buffer Overflow

$Id: mjmcoreplayer2011s3m.rb 12473 2011-04-30 02:36:14Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

MJM QuickPlayer 1.00 beta 60a / QuickPlayer 2010 .s3m Stack Buffer Overflow

$Id: mjmquickplayers3m.rb 12474 2011-04-30 02:37:14Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

MJM Core Player 2011 - '.s3m' Local Stack Buffer Overflow (Metasploit)

$Id: mjmcoreplayer2011s3m.rb 12473 2011-04-30 02:36:14Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 - '.s3m' Local Stack Buffer Overflow (Metasploit)

$Id: mjmquickplayers3m.rb 12474 2011-04-30 02:37:14Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...