ISC DHCP dhclient stack buffer overflow

Overview The ISC DHCP dhclient application contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code with root privileges. Description As described in RFC 2131, "The Dynamic Host Configuration Protocol DHCP provides a framework for passing...

Microsoft Internet Explorer 'AddFavorite'方法拒绝服务漏洞

Bugraq ID: 35620 Microsoft Internet Explorer是一款流行的WEB浏览器。 Microsoft Internet Explorer添加收藏夹功能存在问题，远程攻击者可以利用漏洞使应用程序崩溃。 构建使用特殊构建的'AddFavorite'方法的恶意WEB页，诱使用户打开，可导致应用程序崩溃。 Microsoft Internet Explorer 8 Microsoft Internet Explorer 7.0 目前没有解决方案提供： http://www.microsoft.com/windows/ie/...

Microsoft Internet Explorer (AddFavorite) Remote Crash PoC

No description provided by source. ------------------------------------------- IE Add Favourites Stack Buffer Overflow POC Sberry, Compaq ------------------------------------------- html head script language="JavaScript" type="Text/Javascript" function go var str =unescape'%u4141'; var finalstr =...

Microsoft Internet Explorer - AddFavorite Remote Crash (PoC)

Microsoft Internet Explorer - AddFavorite Remote Crash PoC ------------------------------------------- IE Add Favourites Stack Buffer Overflow POC Sberry, Compaq ------------------------------------------- function go var str =unescape'%u4141'; var finalstr = createInlineBufferstr, 5150000; var l...

MS Internet Explorer (AddFavorite) Remote Crash PoC

Exploit for unknown platform in category dos / poc ========================================================== Microsoft Internet Explorer AddFavorite Remote Crash PoC ========================================================== ------------------------------------------- IE Add Favourites Stack...

Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow

Added: 07/07/2009 CVE: CVE-2008-0015 BID: 35558 OSVDB: 55651 Background DirectX is a feature of the Windows operating system used for streaming media. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation and rendering. Problem A stack buffer overfl...

Microsoft DirectShow Video ActiveX Control Stack Buffer Overflow (CVE-2008-0015)

The Microsoft Video Control object is a Microsoft ActiveX control that connects Microsoft DirectShow filters for use in capturing, recording, and playing video. A stack buffer overflow vulnerability has been discovered in Microsoft DirectShow. The flaw is in the way Microsoft Video ActiveX contro...

Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow

Added: 07/07/2009 CVE: CVE-2008-0015 BID: 35558 OSVDB: 55651 Background DirectX is a feature of the Windows operating system used for streaming media. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation and rendering. Problem A stack buffer overfl...

Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow

Added: 07/07/2009 CVE: CVE-2008-0015 BID: 35558 OSVDB: 55651 Background DirectX is a feature of the Windows operating system used for streaming media. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation and rendering. Problem A stack buffer overfl...

MDaemon WorldClient form2raw.cgi Stack Buffer Overflow

This module exploits a stack buffer overflow in Alt-N MDaemon SMTP server for versions 6.8.5 and earlier. When WorldClient HTTP server is installed default, a CGI script is provided to accept html FORM based emails and deliver via MDaemon.exe, by writing the CGI output to the Raw Queue. When...

VideoLAN VLC Media Player 0.9.9 - smb: URI Stack Buffer Overflow (PoC)

VideoLAN VLC Media Player 0.9.9 - smb: URI Stack Buffer Overflow PoC !/usr/bin/ruby VideoLAN VLC Media Player 0.9.9 smb:// URI Stack-based Buffer Overflow Proof-of-Concept Bugtraq ID: 35500 The vulnerability can also be triggered via the VLC web interface disabled by default:...

Timbuktu Pro < 8.6.7 PlughNTCommand Named Pipe Remote Stack Buffer Overflow

The remote Windows host contains a version of Motorola Inc.'s Timbuktu Pro that is earlier than 8.6.7. Timbuktu Pro allows remote access to a computer's desktop, and versions before 8.6.7 reportedly contain a stack-based buffer overflow that can be triggered when the 'PlughNTCommand' named pipe...

iDefense Security Advisory 06.25.09: Unisys Business Information Server Stack Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDefense Security Advisory 06.25.09 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 25, 2009 I. BACKGROUND The Unisys Business Information Server is a business information management package providing data access, analysis and reporting for...

TELUS Security Labs VR - Microsoft Office Excel Malformed Records Stack Buffer Overflow

Microsoft Office Excel Malformed Records Stack Buffer Overflow TSL ID : FSC20090609-01 Reference: http://telussecuritylabs.com/threats/show/FSC20090609-01 1. Affected Software Microsoft Office Excel 2000 Microsoft Office Excel 2002 Reference: http://office.microsoft.com/en-us/excel/default.aspx 2...

Atomix Virtual Dj Pro 6.0 - Local Stack Buffer Overflow (SEH)

Atomix Virtual Dj Pro 6.0 - Local Stack Buffer Overflow SEH include include include include include unsigned char rawData = 0x23, 0x56, 0x69, 0x72, 0x74, 0x75, 0x61, 0x6C, 0x44, 0x4A, 0x20, 0x50, 0x6C, 0x61, 0x79, 0x6C, 0x69, 0x73, 0x74, 0x0D, 0x0A, 0x23, 0x4D, 0x69, 0x78, 0x54, 0x79, 0x70, 0x65,...

AIMP 2.51 build 330 (ID3v1/ID3v2 Tag) Remote Stack BOF PoC (SEH)

Exploit for unknown platform in category dos / poc ================================================================ AIMP 2.51 build 330 ID3v1/ID3v2 Tag Remote Stack BOF PoC SEH ================================================================ | | / | AIMP 2.51 build 330 ID3v1/ID3v2 Tag | /---, |...

AIMP 2.51 build 330 - ID3v1/ID3v2 Tag Remote Stack Buffer Overflow (PoC) (SEH)

| | / | AIMP 2.51 build 330 ID3v1/ID3v2 Tag | /---, | Remote Stack Buffer Overflow PoC SEH | ----- ==| | | | : ==| |......................................................| -----'---- | || | ' |==== | /,-,"--"------ //,-, ,-,\\ |/ //,-, ,-, ,-,\ 0 |===|| 0 0 ||- o ' 0 0 0 ||...

AIMP 2.51 build 330 - ID3v1ID3v2 Tag Remote Stack Buffer Overflow (PoC) (SEH)

AIMP 2.51 build 330 - ID3v1ID3v2 Tag Remote Stack Buffer Overflow PoC SEH | | / | AIMP 2.51 build 330 ID3v1/ID3v2 Tag | /---, | Remote Stack Buffer Overflow PoC SEH | ----- ==| | | | : ==| |......................................................| -----'---- | || | ' |==== | /,-,"--"------ //,-,...

NTP 'ntpd' Autokey栈缓冲区溢出漏洞

Bugraq ID: 35017 CVE ID：CVE-2009-1252 CNCVE ID：CNCVE-20091252 NTP Network Time Protocol是一款客户端用于与时间服务器同步日期和时间的协议。 NTPd在以OpenSSL支持的情况下编译时存在栈缓冲区溢出，远程攻击者可以利用漏洞以应用程序权限执行任意指令。 ntpd/ntpcrypto.c中cryptorecv函数使用sprintf存在缓冲区溢出，此漏洞需要配置使用autokey才会触发ntpd配置使用公钥加密进行NTP报文验证。远程未授权攻击者可以以ntpd守护程序权限执行任意代码。 Ubuntu...

Microsoft PowerPoint Converter TPrint Record Handling Error (MS09-017; CVE-2009-0227)

Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A stack buffer overrun vulnerability has been identified in Microsoft PowerPoint. The vulnerability is due to a memory corruption error in Microsoft PowerPoint when reading sound data from specially crafte...