Serenity Audio Player playlist buffer overflow exploit that creates a malicious .m3u file. Versions 3.2.3 and below are affected.
f918524c4e76aabc077953fa6b99eb05d62683cf932d7b3baf8718d6318cbc8fphpBazar versions 2.1.1fix and below suffer from a remote SQL injection vulnerability.
35422732f65845cb7bf2789b9b8160ffac6c15103e8b735b2efaa45d2818649dThe Joomla Lyftenbloggie component version 1.0.4 suffers from a remote SQL injection vulnerability.
0d1c13f3288bfebcc21958d841b45d743f364fa08f868e81d5c54971b2e308e3Cacti versions 0.8.7e and below suffer from cross site scripting and privilege escalation vulnerabilities.
46b2f0621a038c9d1cf8f5e9339d33346bff4eee0f4af05ef47b5f6b44a3746aThis Metasploit module exploits a format string overflow in the BolinTech Dream FTP Server version 1.02. Based on the exploit by SkyLined.
63c84ac9c90cdd1cd404d2b1f022ad37deeeee6983215b7f45cdb61d9ec25e5dThis Metasploit module exploits a username sprintf stack overflow in GAMSoft TelSrv 1.5. Other versions may also be affected. The service terminates after exploitation, so you only get one chance!
bfbc833e65270019d840fbfcd6e70dac6677788a965836dafaaafb7b81a9b917This Metasploit module exploits a vulnerability in the 3Com 3CDaemon FTP service. This package is being distributed from the 3Com web site and is recommended in numerous support documents. This Metasploit module uses the USER command to trigger the overflow.
815045260e465802c35cbda9285c0622bfe5f32298f8df68633b64d3f5a3b2a0This Metasploit module exploits a buffer overflow in ACDSee 9.0. When viewing a malicious XPM file with the ACDSee product, a remote attacker could overflow a buffer and execute arbitrary code.
706f221bbef230a67ec4e852b1c3aaf50be9f1de72a3b66900a221e061c04a9eThis Metasploit module exploits a stack overflow in activePDF WebGrabber 3.8. When sending an overly long string to the GetStatus() method of APWebGrb.ocx (3.8.2.0) an attacker may be able to execute arbitrary code. This control is not marked safe for scripting, so choose your attack vector accordingly.
9163f61dc97f511b2e58317df4a025bc80a9b3778c59ee7308c803bdd503b511This Metasploit module exploits a buffer overflow in Adobe Reader and Adobe Acrobat Professional 8.1.1. By creating a specially crafted pdf that a contains malformed Collab.collectEmailInfo() call, an attacker may be able to execute arbitrary code.
518aaf1102414303ab4491f0657827b243a86c8bd0569ed8dd01e3e5a762cfb3This Metasploit module exploits a buffer overflow in Adobe Reader and Adobe Acrobat Professional < 8.1.4. By creating a specially crafted pdf that a contains malformed Collab.getIcon() call, an attacker may be able to execute arbitrary code.
d4a91c898b2b649b678e2e14b004ed1827360112073820eebd1bb1198e2c3e7aThis Metasploit module exploits a heap-based pointer corruption flaw in Adobe Reader 9.0.0 and earlier. This Metasploit module relies upon javascript for the heap spray.
c70e7201fb6677429aa372f8e4d78ab8b21364ee9a98a1ffc919b117d64949beThis Metasploit module embeds a Metasploit payload into an existing PDF file. The resulting PDF can be sent to a target as part of a social engineering attack.
09a56101a149879ad1e7dd5419aa9168cb66336439178af46431113ea67abec4This Metasploit module exploits a authentication bypass vulnerability which allows remote attackers to upload and execute arbitrary code.
6a9990e0a446456d233f36ace46eca260847af5ae39b82be3254f1d524a2d1afThis Metasploit module exploits a buffer overflow in Adobe Reader and Adobe Acrobat Professional < 8.1.3. By creating a specially crafted pdf that a contains malformed util.printf() entry, an attacker may be able to execute arbitrary code.
97136b48e204e50ed975b0d248d3e807fc8bfc21f553834a21665ee774475b17This Metasploit module exploits a flaw in the handling of AOL Instant Messenger's 'goaway' URI handler. An attacker can execute arbitrary code by supplying a overly sized buffer as the 'message' parameter. This issue is known to affect AOL Instant Messenger 5.5.
3f9f669a44333e450e5fc4a71660d89955d2e85848f584c1c6d9d52d001ed850This Metasploit module exploits a buffer overflow in AOL's AIM Triton 1.0.4. By sending an overly long CSeq value, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the affected application.
1400d3cfff7200162909897a766209788942d0f1caac020f8e267b40af56e5cdThis Metasploit module exploits a stack overflow in EMC AlphaStor 3.1. By sending a specially crafted message, an attacker may be able to execute arbitrary code.
8d5b6a48b3d7f5a8de8e276bf81f237545164da6f22f4d76a285254c369b1853This Metasploit module exploits a buffer overflow in Altap Salamander <= v2.5. By creating a malicious file and convincing a user to view the file with the Portable Executable Viewer plugin within a vulnerable version of Salamander, the PDB file string is copied onto the stack and the SEH can be overwritten.
ebf80be5e1b04701f27a0c9bc26e038dbcf822655731d47db5156edbcff7ef55Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM level privileges.
07321bfe13486c72db95bf9c5992da051b5fe4111a96286914e261a01257e730This Metasploit module exploits a stack overflow in the Amaya v11 Browser. By sending an overly long string to the "bdo" tag, an attacker may be able to execute arbitrary code.
412b394380677fab8c8871f5e96e3347d60f33fa5e46d1fa954bd1b5be97d7b8This Metasploit module exploits a buffer overflow vulnerability in the LoadAniIcon() function of USER32.dll. The flaw is triggered through Outlook Express by using the CURSOR style sheet directive to load a malicious .ANI file. This vulnerability was discovered by Alexander Sotirov of Determina and was rediscovered, in the wild, by McAfee.
ff5578fdfc8c36ccaad517474220f3b7300ff9d3ecf2bb352b81b0e1dffd7516This Metasploit module exploits a stack-based buffer overflow in AOL IWinAmpActiveX class (AmpX.dll) version 2.4.0.6 installed via AOL Radio website. By setting an overly long value to 'ConvertFile()', an attacker can overrun a buffer and execute arbitrary code.
b255bff048b696b83be33b74127329a23af7e1d356d9b41e180802e9add63785This Metasploit module allows remote attackers to download and execute arbitrary files on a users system via the DownloadAgent function of the ICQPhone.SipxPhoneManager ActiveX control.
8c48ffbf1406cda705db3856a1f59070d8db0942626e09b6ac356cac87f546f0This Metasploit module exploits the chunked transfer integer wrap vulnerability in Apache version 1.2.x to 1.3.24. This particular module has been tested with all versions of the official Win32 build between 1.3.9 and 1.3.24. Additionally, it should work against most co-branded and bundled versions of Apache (Oracle 8i, 9i, IBM HTTPD, etc). You will need to use the Check() functionality to determine the exact target version prior to launching the exploit. The version of Apache bundled with Oracle 8.1.7 will not automatically restart, so if you use the wrong target value, the server will crash.
02caca0c3ef84c379c6053e31707b4b6389939755466b8435f5f2edee463d9f2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed