1197 matches found
GHSA-CFJH-P3G4-3Q2F VBScript Content Injection in marked
Versions 0.3.2 and earlier of marked are affected by a cross-site scripting vulnerability even when sanitize:true is set. Proof of Concept IE10 Compatibility Mode Only xss link will get a link xss link Recommendation Update to version 0.3.3 or later...
CVE-2017-13779
GSTNofflinetool in India Goods and Services Tax Network GSTN Offline Utility tool before 1.2 executes winstart-server.vbs from the "C:\GST Offline Tool" directory, which has insecure permissions. This allows local users to gain privileges by replacing winstart-server.vbs with arbitrary VBScript...
Command injection
GSTNofflinetool in India Goods and Services Tax Network GSTN Offline Utility tool before 1.2 executes winstart-server.vbs from the "C:\GST Offline Tool" directory, which has insecure permissions. This allows local users to gain privileges by replacing winstart-server.vbs with arbitrary VBScript...
CVE-2017-13779
GSTNofflinetool in India Goods and Services Tax Network GSTN Offline Utility tool before 1.2 executes winstart-server.vbs from the "C:\GST Offline Tool" directory, which has insecure permissions. This allows local users to gain privileges by replacing winstart-server.vbs with arbitrary VBScript...
Koadic - COM Command & Control Framework (JScript RAT)
Koadic, or COM Command & Control, is a Windows post-exploitation rootkit similar to other penetration testing tools such as Meterpreter and Powershell Empire. The major difference is that Koadic does most of its operations using Windows Script Host a.k.a. JScript/VBScript, with compatibility in t...
Microsoft Internet Explorer Remote Code Execution Vulnerability(CVE-2017-8618)
There is a type confusion issue related to how some arithmetic operations are performed in VBScript. To illustrate, see the following simplified code of VbsVarMod static unsigned char resultlookuptable1818 = ... void VbsVarModVAR v1, VAR v2 VAR arithv1 = v1-PvarGetArithVal; VAR arithv2 =...
Koadic: An Advanced Windows JScript/VBScript RAT!
PenTestIT RSS Feed All of us know that post-exploitation we need some mechanism to maintain access on the target. One of the most common methods is by installing a trojan. I have tried to maintain a list of similar tools on the malware sources page on this blog. Now, there is a new entrant which...
CVE-2017-11421
gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection when generating thumbnails for MSI files, aka the "Bad Taste" issue. There is a local attack if the victim uses the GNOME Files file manager, and navigates to a directory containing a .msi file with VBScript code in its filename...
Microsoft Internet Explorer 11.1066.14393.0 - VBScript Arithmetic Functions Type Confusion Exploit
Exploit for windows platform in category dos / poc PvarGetArithVal; VAR arithv2 = v2-PvarGetArithVal; int resulttype = resultlookuptablev1-vartypev2-vartype; ifresulttype == 10 RaiseError...; ifresulttype == 2 ... else ifresulttype == 3 ... else ifresulttype == 4 ... v1-vartype = resulttype; wher...
gnome-exe-thumbnailer injection vulnerability
gnome-exe-thumbnailer is a desktop thumbnailer package for Linux systems. A security vulnerability exists in versions of gnome-exe-thumbnailer prior to 0.9.5. An attacker can exploit the vulnerability to inject and execute arbitrary VBScript...
CVE-2017-11421
gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection when generating thumbnails for MSI files, aka the "Bad Taste" issue. There is a local attack if the victim uses the GNOME Files file manager, and navigates to a directory containing a .msi file with VBScript code in its filename...
Design/Logic Flaw
gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection when generating thumbnails for MSI files, aka the "Bad Taste" issue. There is a local attack if the victim uses the GNOME Files file manager, and navigates to a directory containing a .msi file with VBScript code in its filename...
CVE-2017-11421
gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection when generating thumbnails for MSI files, aka the "Bad Taste" issue. There is a local attack if the victim uses the GNOME Files file manager, and navigates to a directory containing a .msi file with VBScript code in its filename...
CVE-2017-11421
gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection when generating thumbnails for MSI files, aka the "Bad Taste" issue. There is a local attack if the victim uses the GNOME Files file manager, and navigates to a directory containing a .msi file with VBScript code in its filename...
CVE-2017-11421
gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection when generating thumbnails for MSI files, aka the "Bad Taste" issue. There is a local attack if the victim uses the GNOME Files file manager, and navigates to a directory containing a .msi file with VBScript code in its filename...
CVE-2017-11421
Removed by vendor...
CVE-2017-11421
The CVE-2017-11421 entry affects gnome-exe-thumbnailer prior to 0.9.5, used by GNOME Files to generate thumbnails. It permits VBScript Injection via MSI file names, enabling local code execution when a user navigates to a directory containing a malicious MSI and GNOME Files invokes the thumbnaile...
Microsoft Internet Explorer 11.1066.14393.0 - VBScript Arithmetic Functions Type Confusion
PvarGetArithVal; VAR arithv2 = v2-PvarGetArithVal; int resulttype = resultlookuptablev1-vartypev2-vartype; ifresulttype == 10 RaiseError...; ifresulttype == 2 ... else ifresulttype == 3 ... else ifresulttype == 4 ... v1-vartype = resulttype; where the logic for VAR::PvarGetArithVal is roughly VAR...
Microsoft Internet Explorer 11.1066.14393.0 - VBScript Arithmetic Functions Type Confusion
Microsoft Internet Explorer 11.1066.14393.0 - VBScript Arithmetic Functions Type Confusion PvarGetArithVal; VAR arithv2 = v2-PvarGetArithVal; int resulttype = resultlookuptablev1-vartypev2-vartype; ifresulttype == 10 RaiseError...; ifresulttype == 2 ... else ifresulttype == 3 ... else ifresulttyp...
Microsoft Windows Server 2012 Multiple Vulnerabilities (KB4025331)
This host is missing a critical security update according to Microsoft KB4025331 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...