32 matches found
EUVD-2015-5421
Malware in sbrugna...
Code injection
Silicon Integrated Systems XGI WindowsXP Display Manager aka XGI VGA Driver Manager and VGA Display Manager 6.14.10.1090 allows local users to gain privileges via a crafted 0x96002404 IOCTL call...
CVE-2015-5466
CVE-2015-5466 affects Silicon Integrated Systems’ XGI VGA Display Manager (XGI VGA Display Manager) version 6.14.10.1090 on Windows XP SP3. A vulnerability in the xrvkp module allows an attacker to perform an arbitrary write (write-what-where) via IOCTL 0x96002404, enabling privilege escalation b...
0.verizon.windowsxp.narkive.com Cross Site Scripting vulnerability
Security Researcher Gh05tPT Helped patch 6836 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting 0.verizon.windowsxp.narkive.com website and its users...
Description of the security update for the remote code execution vulnerability in Windows Embedded POSReady 2009: February 12, 2019
Description of the security update for the remote code execution vulnerability in Windows Embedded POSReady 2009: February 12, 2019 Summary A remote code execution vulnerability exists because of the manner in which the Microsoft Server Message Block 2.0 SMBv2 server handles certain requests. To...
CVE-2015-5465
Silicon Integrated Systems WindowsXP Display Manager aka VGA Driver Manager and VGA Display Manager 6.14.10.3930 allows local users to gain privileges via a crafted 1 0x96002400 or 2 0x96002404 IOCTL call...
Code injection
Silicon Integrated Systems WindowsXP Display Manager aka VGA Driver Manager and VGA Display Manager 6.14.10.3930 allows local users to gain privileges via a crafted 1 0x96002400 or 2 0x96002404 IOCTL call...
CVE-2015-5465
CVE-2015-5465 affects Silicon Integrated Systems Windows XP Display Manager (6.14.10.3930). The vulnerability is a privilege-escalation in the srvkp driver (srvkp.sys) triggered via crafted IOCTL calls 0x96002400 and 0x96002404, enabling memory corruption/write-what-where and potentially arbitrar...
CVE-2015-5465
Silicon Integrated Systems WindowsXP Display Manager aka VGA Driver Manager and VGA Display Manager 6.14.10.3930 allows local users to gain privileges via a crafted 1 0x96002400 or 2 0x96002404 IOCTL call...
WM Downloader 3.0.0.9 - Buffer Overflow (Meta)
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
NewAtlanta ServletExec/ISAPI 4.1 JSPServlet Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4796/info ServletExec/ISAPI is a plug-in Java Servlet/JSP engine for Microsoft IIS. It runs with IIS on Microsoft Windows NT/2000/XP systems. A denial of service condition occurs when the JSPServlet is sent an overly long...
OneHTTPD 0.8 Denial Of Service
Exploit Title: onehttpd 0.8 Crash PoC Date: Feb 7,2014 Exploit Author: Mahmod Mahajna Mahy Version: 0.8 Software Link: https://onehttpd.googlecode.com/files/onehttpd-0.8.exe Tested on: Windows XP SP3 Email: [email protected] from requests import get,ConnectionError as cerror from sys import arg...
CVE-2013-1258
Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges, and consequently read the contents of arbitrary kerne...
globalSCAPE CuteZIP Stack Buffer Overflow
Exploit for windows platform in category local exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...
zFTPServer Suite 6.0.0.52 'rmdir' Directory Traversal
Advisory: zFTPServer Suite 6.0.0.52 'rmdir' Directory Traversal Advisory ID: INFOSERVE-ADV2011-09 Author: Stefan Schurtz Contact: [email protected] Affected Software: Successfully tested on zFTPServer Suite 6.0.0.52 Vendor URL: http://www.zftpserver.com/ Vendor Status: fixed CVE-ID:...
zFTPServer Suite 6.0.0.52 Directory Traversal
Advisory: zFTPServer Suite 6.0.0.52 'rmdir' Directory Traversal Advisory ID: INFOSERVE-ADV2011-09 Author: Stefan Schurtz Contact: [email protected] Affected Software: Successfully tested on zFTPServer Suite 6.0.0.52 Vendor URL: http://www.zftpserver.com/ Vendor Status: fixed CVE-ID:...
Ultimate eShop - Error-Based SQL Injection
Exploit Title: Ultimate eShop Error Based SQL Injection Vulnerability Google Dork: inurl:index.cgi?aktion=shopview Date: 19/04/2011 Author: Romka Software Link: http://www.ultimate-eshop.de/ Tested on: Windows XP SP3 Exploit:...
Native Instruments Service Center 2.2.5 Local Privilege Escalation Vulnerability
Summary The NI Service Center is a service used for Product Activation. Description The Native Instruments's Service Center suffers from an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. The vulnerability exist...
Microsoft Internet Explorer 6/7 - Remote Denial of Service
Exploit Title: IE6 / 7 Remote Dos vulnerability Date: 27/07/2010 Author: Richard leahy Version: 6 / 7 Tested on: Windows Xp Sp3 category Remote Dos, might lead to code execution. The vulnerability is caused due to specifying a large value integer or string to the frame.frameBorder causing a dos a...
Microsoft Security Bulletin MS10-008 - Critical Cumulative Security Update of ActiveX Kill Bits (978262)
Microsoft Security Bulletin MS10-008 - Critical Cumulative Security Update of ActiveX Kill Bits 978262 Published: February 09, 2010 Version: 1.0 General Information Executive Summary This security update addresses a privately reported vulnerability for Microsoft software. This security update is...