6726 matches found
SAP NetWeaver Business Client SapThemeRepository ActiveX Control Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP NetWeaver Business Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
Novell ZENWorks Remote Management Agent DN Name Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENWorks. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ZenRem32.exe process which listens by default on TCP and UDP ports 1761. When...
Novell iPrint Client GetDriverSettings Stack Buffer Overflow (CVE-2011-3173)
Novell iPrint Client is an application that allows users to install and manage printers, or submit print job from a web browser. Novell iPrint Client is bundled with a set of ActiveX controls that implement various functions. A stack buffer overflow exists in Novell iPrint Client. The vulnerabili...
PHP 5.3.3 GD Stack Buffer Overflow
Description: Prior to version 5.3.4, PHP's GD extension did not properly validate the number of anti-aliasing steps passed to the function imagepstext. The value of this parameter is expected to be either 4 or 16. To accommodate this, an array of 16 integers, aa, is located on the stack. Before t...
HP Data Protector Manager MMD Service Stack Buffer Overflow
Added: 12/10/2010 BID: 45128 Background HP Data Protector is a backup solution for enterprise and distributed environments. The Data Protector environment consists of a Cell Manager, backup agents, and backup device servers. The Cell Manager is the central point from which backup agents and devic...
HP Data Protector Manager MMD Service Stack Buffer Overflow
Added: 12/10/2010 BID: 45128 Background HP Data Protector is a backup solution for enterprise and distributed environments. The Data Protector environment consists of a Cell Manager, backup agents, and backup device servers. The Cell Manager is the central point from which backup agents and devic...
HP Data Protector Manager MMD Service Stack Buffer Overflow
Added: 12/10/2010 BID: 45128 Background HP Data Protector is a backup solution for enterprise and distributed environments. The Data Protector environment consists of a Cell Manager, backup agents, and backup device servers. The Cell Manager is the central point from which backup agents and devic...
HP Data Protector Manager MMD Service Stack Buffer Overflow
Added: 12/10/2010 BID: 45128 Background HP Data Protector is a backup solution for enterprise and distributed environments. The Data Protector environment consists of a Cell Manager, backup agents, and backup device servers. The Cell Manager is the central point from which backup agents and devic...
Winamp "in_midi"组件MIDI时间戳栈缓冲区溢出漏洞
BUGTRAQ ID: 45221 Winamp是一款流行的媒体播放器,支持多种文件格式。 Winamp在实现上存在漏洞,攻击者可利用此漏洞以用户权限在受影响的应用程序中执行任意代码,造成拒绝服务。 此漏洞源于未能对用户提供的数据执行足够的边界检查。Winamp的栈分配是可预测的。攻击者可选择写入到已保存的基本指针的值,因此当恢复了基础指针后,调用函数的栈报文将被移动到攻击者控制的返回地址。 Nullsoft Winamp 5.01 - 5.5.8 厂商补丁: Nullsoft -------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Winamp < 5.601 MIDI Timestamp Stack Buffer Overflow
Binary data 5726.prm...
Xion Audio Player 1.0.126 Unicode Stack Buffer Overflow
This module exploits a stack buffer overflow in Xion Audio Player prior to version 1.0.126. The vulnerability is triggered when opening a malformed M3U file that contains an overly long string. This results in overwriting a structured exception handler record. This module requires Metasploit:...
POP Peeper 3.4 - UIDL Buffer Overflow (Metasploit)
$Id: poppeeperuidl.rb 11180 2010-11-30 20:19:18Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...
DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10) - SCPC_INITIALIZE Buffer Overflow (Metasploit)
$Id: realwinscpcinitialize.rb 11180 2010-11-30 20:19:18Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
DATAC RealWin SCADA Server SCPC_TXTEVENT Buffer Overflow
This module exploits a stack buffer overflow in DATAC Control International RealWin SCADA Server 2.0 Build 6.1.8.10. By sending a specially crafted packet, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...
FreeBSD : proftpd -- remote code execution vulnerability (533d20e7-f71f-11df-9ae1-000bcdf0a03b)
Tippingpoint reports : This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ProFTPD. Authentication is not required to exploit this vulnerability. The flaw exists within the proftpd server component which listens by default on TCP port 21. When readi...
Hewlett-Packard (HP) Power Manager Administration - Remote Buffer Overflow (Metasploit)
$Id: hppowermanagerlogin.rb 11127 2010-11-24 19:35:38Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Novell NetIdentity Agent - XTIERRPCPIPE Named Pipe Buffer Overflow (Metasploit)
$Id: netidentityxtierrpcpipe.rb 11127 2010-11-24 19:35:38Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Microsoft Visual Studio - Msmask32.ocx ActiveX Buffer Overflow (MS08-070) (Metasploit)
$Id: ms08070visualstudiomsmask.rb 11127 2010-11-24 19:35:38Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow
$Id: foxittitlebof.rb 11096 2010-11-22 17:43:42Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...
Foxit PDF Reader v4.1.1 Title Stack Buffer Overflow
This module exploits a stack buffer overflow in Foxit PDF Reader prior to version 4.2.0.0928. The vulnerability is triggered when opening a malformed PDF file that contains an overly long string in the Title field. This results in overwriting a structured exception handler record. NOTE: This...