4529 matches found
Xunlei Elevation of Privilege Vulnerability
Thunderbolt is a popular P2P download tool. Xunlei has a security vulnerability, as the system service installed by Xunlei provides the function of loading dynamic link libraries, but is not validated, allowing an attacker to exploit the vulnerability by executing code as SYSTEM under any user,...
Igreks MilkyStep OS Command Injection Vulnerability
Igreks MilkyStep is a CGI for pushing magazines through the email system. A security vulnerability exists in Igreks MilkyStep that allows remote attackers to exploit the vulnerability to submit a special request to execute arbitrary OS commands...
ManageEngine Desktop Central StatusUpdate Arbitrary File Upload
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'ManageEngine Desktop Central StatusUpdate Arbitrary File Upload', 'Description' = %q This module exploits an arbitrary file upload...
Appologics AirBeam v1.9.2 iOS - Multiple Web Vulnerabilities
Document Title: =============== Appologics AirBeam v1.9.2 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1140 Release Date: ============= 2013-11-20 Vulnerability Laboratory ID VL-ID: ==================================...
HP Data Protector Express Opcode 0x320 Overflow
Added: 07/23/2012 CVE: CVE-2012-0121 BID: 52431 OSVDB: 80102 Background HP Data Protector Express is a backup and recovery solution for single machines and small networks. Problem A stack overflow vulnerability exists in dpwindtb.dll. Validation of parameters to Opcode 0x320 requests are not...
Lomtec ActiveWeb Professional 3.0 CMS Shell Upload / SYSTEM Execution
------------------------------------------------------------------------------------- www.ExploitDevelopment.com 2010-WEB-002 CERT VU870532 Security Focus BID 45985 ------------------------------------------------------------------------------------- TITLE: Lomtec ActiveWeb Professional 3.0 CMS...
PC Tools AntiVirus本地权限提升漏洞
PC Tools AntiVirus是一款功能强大的个人电脑杀毒软件。 PC Tools AntiVirus对自身文件的保护上存漏洞,本地攻击者可能利用此漏洞提升自己的权限。 PC Tools AntiVirus目录及其所有子对象没有设置安全的默认权限,给予了Everyone组Full Control权限,因此本地攻击者可能获得权限提升,以系统权限执行任意代码。 PC Tools AntiVirus 2.1.0.51 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.pctools.com/anti-virus/...
Microsoft Internet Explorer 5/6 - Object Type Validation
source: https://www.securityfocus.com/bid/8456/info The problem occurs when Internet Explorer receives a response from the server when a web page containing an object tag is parsed. Successful exploitation of this vulnerability could allow a malicious object to be trusted and as such be executed ...
Локальная дырка в Windows 2000 - переполнение буфера в Still Image Service
Переполнение буфре в сервисе позволяет выполнение кода с привилегией Local System...