5408 matches found
Nokia Multimedia Player v1.1 .m3u Heap Overflow PoC exploit
Nokia Multimedia Player version 1.1 .m3u Heap Overflow PoC exploit by 0in aka zer0in from Dark-Coders Group! 0in.emailatgmail.com / 0inatdark-coders.pl http://www.Dark-Coders.pl Special thx to doctor for together analyse this shi and sun8hclf for tell me.. "to unicode." Greetings to:...
Nokia MultiMedia Player 1.1 - .m3u Heap Buffer Overflow
Nokia MultiMedia Player 1.1 - .m3u Heap Buffer Overflow source: https://www.securityfocus.com/bid/33586/info Nokia Multimedia Player is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Successfully exploiting this iss...
Hex Workshop v6 (ColorMap files .cmap) Invalid Memory Reference PoC
Exploit for unknown platform in category dos / poc =================================================================== Hex Workshop v6 ColorMap files .cmap Invalid Memory Reference PoC =================================================================== !/usr/bin/perl -w Hex Workshop v6 "ColorMap...
Nokia Multimedia Player 1.1 Heap Overflow
Nokia Multimedia Player version 1.1 .m3u Heap Overflow PoC exploit by 0in aka zer0in from Dark-Coders Group! 0in.emailatgmail.com / 0inatdark-coders.pl http://www.Dark-Coders.pl Special thx to doctor for together analyse this shi and sun8hclf for tell me.. "to unicode." Greetings to:...
Hex Workshop 6 .cmap Crash Exploit
!/usr/bin/perl -w Hex Workshop v6 "ColorMap files .cmap" Invalid Memory Reference crash POC Discovred by : DATASNIPER for more information vist my blog:http://datasniper.arab4services.net/ the Exploit it's very hard to implemented,if we can make the "reference" point to valid memory location...
Nokia MultiMedia Player 1.1 - '.m3u' Heap Buffer Overflow
source: https://www.securityfocus.com/bid/33586/info Nokia Multimedia Player is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Successfully exploiting this issue may allow remote attackers to execute arbitrary code ...
PHP 5.2.5 - mbstring.func_overload WebServer Denial of Service
PHP 5.2.5 - mbstring.funcoverload WebServer Denial of Service source: https://www.securityfocus.com/bid/33542/info PHP is prone to a denial-of-service vulnerability because it fails to limit global scope for certain settings relating to Unicode text operations. Attackers can exploit this issue to...
PHP 5.2.5 - 'mbstring.func_overload' WebServer Denial of Service
source: https://www.securityfocus.com/bid/33542/info PHP is prone to a denial-of-service vulnerability because it fails to limit global scope for certain settings relating to Unicode text operations. Attackers can exploit this issue to crash the affected webserver, denying service to legitimate...
VUplayer (.wax file) local buffer overflow crash exploit
/ VUplayer .wax file local buffer overflow crash exploit By Assad edin - Moroccan Hackerz Mgharba Until Death - [email protected] Mgharba Bhjawa Msalmine : xCracker - Assad edin - Simo-s0ft . Special Thanks: All Moroccan & Muslims Hackers & Str0ke Ro7 T9Awd CHof li I7wik. / includestdio.h...
VUPlayer .wax File Buffer Overflow
/ VUplayer .wax file local buffer overflow crash exploit By Assad edin - Moroccan Hackerz Mgharba Until Death - [email protected] Mgharba Bhjawa Msalmine : xCracker - Assad edin - Simo-s0ft . Special Thanks: All Moroccan & Muslims Hackers & Str0ke Ro7 T9Awd CHof li I7wik. / include include...
GOM Player 2.0.12 .ASX Stack Overflow Exploit
/------------------------------------------------ GOM Player 2.0.12 .ASX Stack Overflow Exploit ------------------------------------------------- Exploit Code by:DATASNIPER Greetz: Arabic and algeria hackerz,arab4services.net and AT4RE Teams. My blog:http://datasniper.arab4services.net...
GOM Player 2.0.12.3375 (.ASX File) Stack Overflow Exploit
Exploit for unknown platform in category local exploits ========================================================= GOM Player 2.0.12.3375 .ASX File Stack Overflow Exploit ========================================================= /------------------------------------------------ GOM Player 2.0.12...
Debian DSA-1696-1 : icedove - several vulnerabilities
Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0016 Justin Schuh, Tom Cross and Peter Williams discovered a buffer...
Heap overflow
Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilterhtmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is not properly handled during Unicode conversion,...
CVE-2008-5557
CVE-2008-5557 is a heap-based buffer overflow in PHP’s mbstring extension (mbfilter_htmlent.c) present in PHP 4.3.0–5.2.6. The issue arises during Unicode conversion and can allow a context-dependent attacker to execute arbitrary code via a crafted string containing an HTML entity, related to the...
CVE-2008-5557
Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilterhtmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is not properly handled during Unicode conversion,...
tomcat Unicode directory traversal vulnerability
Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than...
ooVoo URI处理器远程栈溢出漏洞
BUGTRAQ ID: 32251 ooVoo是免费的视频聊天工具。 ooVoo在处理命令行参数时存在栈溢出漏洞。如果用户受骗访问了恶意网页并向ooVoo: URI处理器传送了超长字符串的话,就可能触发这个溢出,导致执行任意指令。 ooVoo LLC ooVoo 1.7.1.57 ooVoo LLC ooVoo 1.7.1.35 ooVoo LLC --------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.oovoo.com ?php / ooVoo 1.7.1.35 URL Protocol remote...
DEBIAN-CVE-2008-5050
Off-by-one error in the getunicodename function libclamav/vbaextract.c in Clam Anti-Virus ClamAV before 0.94.1 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted VBA project file, which triggers a heap-based buffer overflow...
ClamAV get_unicode_name()单字节堆溢出漏洞
BUGTRAQ ID: 32207 Clam AntiVirus是Unix的GPL杀毒工具包,很多邮件网关产品都在使用。 ClamAV中负责解析VBA项目文件的代码中存在单字节堆溢出漏洞,如果用户发送了带有恶意附件的邮件的话,就可能导致以clamd进程的权限执行任意指令。 具体来讲,向libclamav/vbaextract.c中的getunicodename函数传送了特定的name缓冲区就可以触发这个溢出: 101 static char 102 getunicodenameconst char name, int size, int bigendian 103 104 int i,...