Lucene search
K

5408 matches found

securityvulns
securityvulns
added 2008/01/02 12:0 a.m.358 views

[Full-disclosure] IBM Domino Web Access Upload Module inotes6w.dll SEH Overwrite Exploit

This one is the same offset as dwa7w and the same class id as inotes6. Basically inotes6 and inotes6w share the same class id, except that inotes6w is unicode. dwa7w is unicode and has a different class id. Code is inline, I would attach it except for the fact that I set off way to many av scanne...

9.3CVSS0.4AI score0.44184EPSS
Exploits25
Prion
Prion
added 2007/12/31 7:46 p.m.23 views

Code injection

ClamAV 0.92 allows local users to overwrite arbitrary files via a symlink attack on 1 temporary files used by the cligentempfd function in libclamav/others.c or on 2 .ascii files used by sigtool, when utf16-decode is enabled...

2.1CVSS6.3AI score0.00406EPSS
Exploits0References15Affected Software1
Packet Storm
Packet Storm
added 2007/12/31 12:0 a.m.35 views

inotes6-overwrite.txt

My first attempt at an SEH overwrite exploit. Anyhow, I first posted about this issue regarding version 7 of this control, Will Dormann of the CERT/CC discovered versions 6 and 6.5 are vulnerable too, see http://www.kb.cert.org/vuls/id/963889. Dwa7w.dll and inotes6w.dll are unicode, thats my next...

9.3CVSS6.3AI score0.44184EPSS
Exploits25
Packet Storm
Packet Storm
added 2007/12/31 12:0 a.m.33 views

dwa7w-overwrite.txt

This one is unicode based, so is inotes6w. Exploitation for inotes6w is probably the same just with a different offset. Code is inline and attached. --------------------- IBM Domino Web Access Upload Module dwa7w.dll SEH Overwrite Exploit function Check var buf = unescape"%u4141"; while buf.lengt...

9.3CVSS6.3AI score0.44184EPSS
Exploits25
ATTACKERKB
ATTACKERKB
added 2007/12/27 11:46 p.m.2 views

CVE-2007-6533

Buffer overflow in Zoom Player 6.00 beta 2 and earlier allows user-assisted remote attackers to execute arbitrary code via an HTTP link to a PLS file in a crafted ZPL file, which causes an overflow in Unicode handling when generating an error message...

7.5CVSS6.2AI score0.12293EPSS
Exploits1References9
Prion
Prion
added 2007/12/27 11:46 p.m.7 views

Buffer overflow

Buffer overflow in Zoom Player 6.00 beta 2 and earlier allows user-assisted remote attackers to execute arbitrary code via an HTTP link to a PLS file in a crafted ZPL file, which causes an overflow in Unicode handling when generating an error message...

7.5CVSS8.5AI score0.12293EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2007/12/27 11:0 p.m.14 views

CVE-2007-6533

Buffer overflow in Zoom Player 6.00 beta 2 and earlier allows user-assisted remote attackers to execute arbitrary code via an HTTP link to a PLS file in a crafted ZPL file, which causes an overflow in Unicode handling when generating an error message...

7.9AI score0.12293EPSS
Exploits1References8
securityvulns
securityvulns
added 2007/12/26 12:0 a.m.23 views

Unicode buffer-overflow in Zoom Player 6.00b2

Luigi Auriemma Application: Zoom Player http://www.inmatrix.com Versions: = v6.00 beta 2 and naturally all the stable v5 versions Platforms: Windows Bug: unicode buffer-overflow Exploitation: local Date: 24 Dec 2007 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introductio...

1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2007/12/18 11:52 p.m.4 views

: pcre before 7.3 incorrect unicode in char class optimization

Heap-based buffer overflow in Perl-Compatible Regular Expression PCRE library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized...

6.8CVSS6.4AI score0.04097EPSS
Exploits0References4
NVD
NVD
added 2007/12/17 6:46 p.m.13 views

CVE-2007-6403

Stack-based buffer overflow in Nullsoft Winamp 5.32 allows user-assisted remote attackers to execute arbitrary code via crafted unicode in a .mp4 file, with crafted tags, contained in a certain .rar archive, a related issue to CVE-2007-2498. NOTE: for exploitation, the victim must select a certai...

6.8CVSS8AI score0.03444EPSS
Exploits0References3
Prion
Prion
added 2007/12/17 6:46 p.m.18 views

Stack overflow

Stack-based buffer overflow in Nullsoft Winamp 5.32 allows user-assisted remote attackers to execute arbitrary code via crafted unicode in a .mp4 file, with crafted tags, contained in a certain .rar archive, a related issue to CVE-2007-2498. NOTE: for exploitation, the victim must select a certai...

6.8CVSS8.4AI score0.10241EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2007/12/17 6:0 p.m.41 views

CVE-2007-6403

CVE-2007-6403 involves a stack-based buffer overflow in Nullsoft Winamp 5.32 related to its handling of crafted Unicode in MP4 files, with the issue exploitable when the target opens a crafted MP4 contained in a .rar archive. The vulnerability enables user-assisted remote code execution on the af...

6.8CVSS8AI score0.03444EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2007/12/17 6:0 p.m.21 views

CVE-2007-6403

Stack-based buffer overflow in Nullsoft Winamp 5.32 allows user-assisted remote attackers to execute arbitrary code via crafted unicode in a .mp4 file, with crafted tags, contained in a certain .rar archive, a related issue to CVE-2007-2498. NOTE: for exploitation, the victim must select a certai...

8AI score0.03444EPSS
Exploits0References3
seebug.org
seebug.org
added 2007/12/09 12:0 a.m.20 views

Nullsoft Winamp 5.32 MP4 tags Stack Overflow Exploit

No description provided by source. !/bin/perl Nullsoft Winamp MP4 tags Stack Overflow 0-day discovered and exploited by SYS 49152 Tested on win XP SP2 ENG Tuned for Nullsoft Winamp 5.32 d.i. Shell on port 49152 usage: well, not much fun for you kids here ...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2007/12/09 12:0 a.m.61 views

Nullsoft Winamp MP4 tags Stack Overflow

!/bin/perl Nullsoft Winamp MP4 tags Stack Overflow 0-day discovered and exploited by SYS 49152 Tested on win XP SP2 ENG Tuned for Nullsoft Winamp 5.32 d.i. Shell on port 49152 usage: well, not much fun for you kids here .. to get the shell you have to use ALT+3 and press UPDATE. Instead this one ...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2007/12/08 12:0 a.m.38 views

nullsoft-overflow.txt

!/bin/perl Nullsoft Winamp MP4 tags Stack Overflow 0-day discovered and exploited by SYS 49152 Tested on win XP SP2 ENG Tuned for Nullsoft Winamp 5.32 d.i. Shell on port 49152 usage: well, not much fun for you kids here .. to get the shell you have to use ALT+3 and press UPDATE. Instead this one ...

Exploits0
exploitpack
exploitpack
added 2007/12/08 12:0 a.m.12 views

NullSoft Winamp 5.32 - .MP4 Tags Stack Overflow

NullSoft Winamp 5.32 - .MP4 Tags Stack Overflow !/bin/perl Nullsoft Winamp MP4 tags Stack Overflow 0-day discovered and exploited by SYS 49152 Tested on win XP SP2 ENG Tuned for Nullsoft Winamp 5.32 d.i. Shell on port 49152 usage: well, not much fun for you kids here .. to get the shell you have ...

0.5AI score
Exploits0
0day.today
0day.today
added 2007/12/08 12:0 a.m.28 views

Nullsoft Winamp 5.32 MP4 tags Stack Overflow Exploit

Exploit for unknown platform in category local exploits ==================================================== Nullsoft Winamp 5.32 MP4 tags Stack Overflow Exploit ==================================================== !/bin/perl Nullsoft Winamp MP4 tags Stack Overflow 0-day discovered and exploited ...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2007/12/05 12:0 a.m.21 views

Microsoft Excel Unicode Local Overflow Exploit PoC

No description provided by source. excelsexywarez.pl excel unicode overflow poc by kcope in 2006 thanks to revoguard and alex use Spreadsheet::WriteExcel; my $workbook = Spreadsheet::WriteExcel-new"FUCK.xls"; $worksheet = $workbook-addworksheet; $format = $workbook-addformat;...

7.1AI score
Exploits0
myhack58
myhack58
added 2007/11/20 12:0 a.m.18 views

How to hack PCAnyWhere password-vulnerability warning-the black bar safety net

Since NT machines generally use PCAnyWhere for remote administration,Win2K machines generally use a terminal for remote management,so if we can get the PCAnyWhere remote connection account and password,then you can remote connection to the host. The key is to get to the PCAnyWhere password file...

7.4AI score
Exploits0
Rows per page
Query Builder