IrfanView Formats插件'MrSID.dll'栈缓冲区溢出漏洞

BUGTRAQ ID: 64385 CVECAN ID: CVE-2013-3944 IrfanView是一款快速、免费的图像查看器、浏览器、转换器。FORMATS插件可允许IrfanView读取不常见图形格式。 Formats PlugIn 4.36版本处理 "IMAGE::" 标签中，MrSID插件MrSID.dll存在边界错误，成功利用后可造成栈缓冲区溢出。 0 IrfanView Formats Plug-in 4.36 厂商补丁： IrfanView --------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

IBM Forms Viewer 'fontname' Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Forms Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within a document...

Castripper 2.50.70 - '.pls' DEP Bypass

Castripper 2.50.70 .pls exploit Stack buffer overflow/DEP bypass Download: http://www.mini-stream.net/castripper/ Tested on Wind0ws XP SP3 DEP:OptOut Author: Lucfer ------ [email protected] All ROP gadgets are from the APP's DLLs except for the hardcoded SetProcessDEPPolicy address import struct f =...

Castripper 2.50.70 - .pls DEP Bypass

Castripper 2.50.70 - .pls DEP Bypass Castripper 2.50.70 .pls exploit Stack buffer overflow/DEP bypass Download: http://www.mini-stream.net/castripper/ Tested on Wind0ws XP SP3 DEP:OptOut Author: Lucfer ------ [email protected] All ROP gadgets are from the APP's DLLs except for the hardcoded...

Castripper 2.50.70 - (.pls) DEP Exploit

Exploit for windows platform in category local exploits Castripper 2.50.70 .pls exploit Stack buffer overflow/DEP bypass Download: http://www.mini-stream.net/castripper/ Tested on Wind0ws XP SP3 DEP:OptOut Author: Lucfer ------ email protected All ROP gadgets are from the APP's DLLs except for th...

Notepad++ Plugin Notepad 1.5 - Local Overflow

Exploit Title: Notepad++ - Notepad plugin local exploit Google Dork: Date: 2013-12-01 Exploit Author: Sun Junwen Vendor Homepage: http://notepad-plus-plus.org/ Software Link: http://notepad-plus-plus.org/download/ Version: Notepad ++ 6.3.2 with Notepad plugin 1.5 and Explorer plugin 1.8.2 Tested...

ABB MicroSCADA wserver.exe Remote Code Execution Vulnerability

Exploit for windows platform in category remote exploits require 'msf/core' class Metasploit3 'ABB MicroSCADA wserver.exe Remote Code Execution', 'Description' = %q This module exploits a remote stack buffer overflow vulnerability in ABB MicroSCADA. The issue is due to the handling of...

Oracle Outside In OS 2 Metafile Parser Stack Buffer Overflow (CVE-2013-5763)

A stack buffer overflow vulnerability exists in Oracle Outside-In, a set of libraries used to decode many file formats...

ABB MicroSCADA wserver.exe Remote Code Execution

This Metasploit module exploits a remote stack buffer overflow vulnerability in ABB MicroSCADA. The issue is due to the handling of unauthenticated EXECUTE operations on the wserver.exe component, which allows arbitrary commands. The component is disabled by default, but required when a project...

ABB MicroSCADA wserver.exe Remote Code Execution

This module exploits a remote stack buffer overflow vulnerability in ABB MicroSCADA. The issue is due to the handling of unauthenticated EXECUTE operations on the wserver.exe component, which allows arbitrary commands. The component is disabled by default, but required when a project uses the SCI...

Updated poppler packages fix multiple vulnerabilities

Updated poppler packages fix security vulnerabilities: Poppler is found to be affected by a stack based buffer overflow vulnerability in the pdfseparate utility. Successfully exploiting this issue could allow remote attackers to execute arbitrary code in the context of the affected application...

CVE-2013-1324

Stack-based buffer overflow in Microsoft Office 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT allows remote attackers to execute arbitrary code via a crafted WordPerfect document .wpd file, aka "Word Stack Buffer Overwrite Vulnerability."...

Final Draft 8 File Format Stack Buffer Overflow Vulnerability

This Metasploit module exploits a stack-based buffer overflow in Final Draft 8. Multiple fields are vulnerable to the overflow, however Word in IgnoredWords is the only field to accept mixed-case characters. require 'msf/core' class Metasploit3 'Final Draft 8 File Format Stack Buffer Overflow',...

Corel PDF Fusion XPS Stack Buffer Overflow (CVE-2013-3248)

A code execution vulnerability exists in Corel PDF Fusion...

HP Data Protector CRS Opcode 260 Stack Buffer Overflow (CVE-2013-2332)

A stack buffer overflow has been discovered in HP Data Protector...

HP LoadRunner micWebAjax.dll ActiveX Control Stack Buffer Overflow (CVE-2013-2368)

A stack buffer overflow vulnerability has been reported in HP LoadRunner...

HP Data Protector CRS Opcode 264 Stack Buffer Overflow (CVE-2013-2327)

A stack buffer overflow has been discovered in HP Data Protector...

HP Data Protector CRS Opcode 1091 Stack Buffer Overflow (CVE-2013-2334)

A stack buffer overflow has been reported in HP Data Protector...

HP LoadRunner magentproc.exe Stack Buffer Overflow (CVE-2013-4800)

A stack buffer overflow vulnerability has been detected in HP LoadRunner. The vulnerability is due to insufficient validation of a length value in SSL communication with the magentproc.exe. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted request to...

HP System Management Homepage iprange Stack Buffer Overflow (CVE-2013-2362)

A stack buffer overflow exists in HP System Management Homepage...