BlazeVideo HDTV Player PLF文件堆栈缓冲区溢出漏洞

BUGTRAQ ID: 30442 CNCAN ID：CNCAN-2008073108 BlazeVideo HDTV Player是一款支持HDTV播放的媒体播放程序。 BlazeVideo HDTV Player处理播放列表文件存在缓冲区溢出，远程攻击者可以利用漏洞以应用程序权限执行任意指令。 构建恶意的PLF文件，诱使用户使用BlazeVideo HDTV Player处理，可触发此漏洞。 BlazeVideo HDTV Player 3.5 目前没有解决方案提供： http://www.blazevideo.com/ /Blaze Video HDTV Player V 3.5...

Novell iPrint Client ActiveX Control Stack Buffer Overflow (CVE-2008-2908)

Novell iPrint is an application that enables users to install and manage printers, or submit print job from a web browser. A stack buffer overflow vulnerability has been reported in Novell iPrint Client. The vulnerability is due to a boundary error in a Novell iPrint ActiveX control. To trigger...

BakBone NetVault 6.x/7.x Local Stack Buffer Overflow Exploit

No description provided by source. / for more informations class101.org/netv-locsbof.pdf / include stdio.h include string.h ifdef WIN32 include "winsock2.h" pragma commentlib, "ws232" else include sys/socket.h include sys/types.h include netinet/in.h include netinet/insystm.h include netinet/ip.h...

Novell GroupWise Messenger Client Buffer Overflow

This module exploits a stack buffer overflow in Novell's GroupWise Messenger Client. By sending a specially crafted HTTP response, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

Novell iPrint Client ActiveX Control Buffer Overflow

This module exploits a stack buffer overflow in Novell iPrint Client 4.34. When sending an overly long string to the GetDriverSettings property of ienipp.ocx an attacker may be able to execute arbitrary code. -- coding: binary -- This module requires Metasploit: https://metasploit.com/download...

Novell iPrint Client ActiveX control stack buffer overflows

Overview The Novell iPrint Client ActiveX control contains multiple stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Novell iPrint is a software printing solution that allows for printing over the internet. On...

Creative Software AutoUpdate Engine ActiveX Control Buffer Overflow

This module exploits a stack buffer overflow in Creative Software AutoUpdate Engine. When sending an overly long string to the cachefolder property of CTSUEng.ocx an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

Asus Dpcproxy Buffer Overflow

This module exploits a stack buffer overflow in Asus Dpcroxy version 2.0.0.19. It should be vulnerable until version 2.0.0.24. Credit to Luigi Auriemma This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

CA Secure Content Manager HTTP Gateway Service FTP Vulnerabilities

The remote host is running Computer Associates' Secure Content Manager, a gateway product for filtering messaging and web traffic. The HTTP Gateway component 'icihttp.exe' of the version of Secure Content Manager installed on the remote host does not sufficiently check responses to FTP 'LIST' and...

GLD (Greylisting Daemon) Postfix Buffer Overflow

This module exploits a stack buffer overflow in the Salim Gasmi GLD 'GLD Greylisting Daemon Postfix Buffer Overflow', 'Description' = %q This module exploits a stack buffer overflow in the Salim Gasmi GLD 'aushack' , 'Arch' = ARCHX86, 'Platform' = 'linux', 'References' = 'CVE', '2005-1099' ,...

DoubleTake/HP StorageWorks Storage Mirroring Service Authentication Overflow

This module exploits a stack buffer overflow in the authentication mechanism of NSI Doubletake which is also rebranded as HP Storage Works. This vulnerability was found by Titon of Bastard Labs. This module requires Metasploit: https://metasploit.com/download Current source:...

NASA Ames Research Center BigView 1.8 - .PNM Stack Buffer Overflow (PoC)

NASA Ames Research Center BigView 1.8 - .PNM Stack Buffer Overflow PoC source: https://www.securityfocus.com/bid/29517/info NASA Ames Research Center BigView is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying ...

CA ETrust Secure Content Manager Gateway FTP PASV Stack Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates eTrust Secure Content Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the HTTP Gateway service icihttp.exe running on port 8080. By...

Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX stack buffer overflows

Overview The Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control contains multiple stack buffer overflows, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Online Media Technologies, which was formerly known as NCT...

Online Media Technologies NCTSoft NCTAudioGrabber2 ActiveX stack buffer overflows

Overview The Online Media Technologies NCTSoft NCTAudioGrabber2 ActiveX control contains multiple stack buffer overflows, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Online Media Technologies, which was formerly known as NCT...

Borland Interbase integer overflow

Integer overflow on TCP/3050 traffic parsing leads to stack based buffer overflow...

Debian DSA-1579-1 : netpbm-free - insufficient input sanitizing

A vulnerability was discovered in the GIF reader implementation in netpbm-free, a suite of image manipulation utilities. Insufficient input data validation could allow a maliciously-crafted GIF file to overrun a stack buffer, potentially permitting the execution of arbitrary code. %NASLMINLEVEL...

PhotoStockPlus Uploader Tool ActiveX stack buffer overflows

Overview The PhotoStockPlus Uploader Tool ActiveX control contains several stack buffer overflows, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description PhotoStockPlus provides an image uploader ActiveX control, which is provided by the...

BigAnt Server 2.2 Buffer Overflow

This module exploits a stack buffer overflow in BigAnt Server 2.2. By sending a specially crafted packet, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

cdf3 -- Buffer overflow vulnerability

NASA Goddard Space Flight Center reports: The libraries for the scientific data file format, Common Data Format CDF version 3.2 and earlier, have the potential for a buffer overflow vulnerability when reading specially-crafted invalid CDF files. If successful, this could trigger execution of...