There is an out-of-bounds read in H264 parsing and a fuzzed file is included in this archive. To load, load LoadMP4.swf with the URL parameter file=compute_poc.flv from a remote server.
ebb2b5d7f663e475ad09af61f41ced8caef58fbe37e4cc1bbb1bb3395e2f41a2The attached file can cause an out-of-bounds read of an image. While the bits of the image are null, the width, height and other values can make it a valid pointer.
67899d0a839f78a9413c2d4c6f499ce8a1bfb82ab4a0b04f26b17264175b257fThe included fuzzing test case causes a crash due to a heap overflow in BitmapData.drawWithQuality.
71eac9af938822ce100e076b77f44a4fc957277d6ed3fc9956efc03536dabb10Dimofinf CMS version 3.0.0 suffers from a cross site scripting vulnerability.
fc6aabdced0f311a87ad9b9c16b893261d7bec5cd7961194bc05629135c8c74dglibc reserves 2048 bytes in the stack through alloca() for the DNS answer at _nss_dns_gethostbyname4_r() for hosting responses to a DNS query. Later on, at send_dg() and send_vc(), if the response is larger than 2048 bytes, a new buffer is allocated from the heap and all the information (buffer pointer, new buffer size and response size) is updated. Under certain conditions a mismatch between the stack buffer and the new heap allocation will happen. The final effect is that the stack buffer will be used to store the DNS response, even though the response is larger than the stack buffer and a heap buffer was allocated. This behavior leads to the stack buffer overflow. Included in this archive is a copy of the Google Security blog post and proof of concept code that demonstrates the vulnerability.
ad59124177a3d305a9e05a03fed4435fe9079fdcafd54b23cbd52bc979ba7a5fRemote unauthenticated attackers are able to read arbitrary data from other HTTP sessions because Ignition uses a vulnerable Jetty server. When the Jetty web server receives a HTTP request, the below code is used to parse through the HTTP headers and their associated values. Inductive Automation versions 7.8.1 (b2016012216) and 7.8.0 (b2015101414) are affected.
8d7c9861342f78e40e1dcce0f22e9aba5b9782813cddc88a6b9899181e6ae25eRedaxo CMS version 5.0.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
58872f982df928318a4cb6b46edbd08e6a1402810a83f6f9f3adffa56501e2dcTOTVS RM PORTAL suffers from multiple cross site scripting vulnerabilities. The vendor has not responded to reports.
d1e1efd5672a465ab411b93f67845833725772fa6b91c133b1dcd9b880e852d2phpMyBackupPro version 2.5 suffers from remote command execution and cross site request forgery vulnerabilities.
15b9107732b5558a738085c34214eff5335f320ba47d355c47d18884606d6f5dphpMyBackupPro version 2.5 suffers from a remote shell upload vulnerability.
50e0dd607fcedc615a8d0c0bb3ddd9ce81b3c8539d4cc0cf6c76e00f347911cephpMyBackupPro version 2.5 suffers from multiple cross site scripting vulnerabilities.
b0f8b42735d7a0883a11e14cc8433ac6387e9932da299ce455a9ec13f775bae2Microsoft afd.sys version 6.1.7600.16385 suffers from a dangling pointer privilege escalation vulnerability. This exploit demonstrates the vulnerability discussed in MS14-040.
43aecafba8f866db9836e1cf4df9c1bc15350cd135f9e99abda52e36dca71d06smbgrind.exe suffers from a buffer overflow vulnerability.
a6cc32b60c5b420033593bbd7a0064d9e918dd7334c279a954bb80f532def656Manage Engine OPutils version 8.0 suffers from an authorization bypass vulnerability due to a missing function level access control.
b9e7e86ebc2d1e55dc5329a95efdaca283be5268b1a3a03b374a5d737c611082Ntpd versions ntp-4.2.6p5 and below ctl_putdata() buffer overflow exploit.
20c1ff267a8bcac5da58926e1274d79d39784fce12793f29a8cdf27998079989Manage Engine OPutils version 8.0 suffers from a privilege escalation vulnerability.
b977e013fda04f44e8af632bcc03cc1219b52ae3d3bd69ffba3b620b6a52c170Manage Engine OPutils version 8.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
733c28616c1891158bef1795b1d8b042f1e58ddc0cd0991868a9f08d50bd3559Windows kerberos security feature bypass exploit that leverages the vulnerability discussed in MS16-014.
cb587de0354495ec9c43859457e5b08438fd6f10d2200b2ac110e32a4472868adesk.com suffered from a cross site scripting vulnerability.
83da654ba2270bdcaa874faf02dd440d2b174258e4150dc3044474030cfef161Google Sites suffered from a persistent cross site scripting vulnerability.
a332b8cf268a1bd3d0465bc273b2614e26594ebf01b9bf3543a5c22e14b22646WordPress ALO EasyMail Newsletter plugin version 2.6.01 suffers from a cross site request forgery vulnerability.
d15b9b2cb283f5a668f6d8874e3826bf24cc65844b2d86d0e86e20c068dab600Xymon 4.3.x versions suffers from buffer overflow, information disclosure, code execution, cross site scripting, and various other vulnerabilities.
e26ecbaeb5a8840288e97c4167e8412a009bb41ab790f296521530e68cf80840JMX2 Email Tester suffers from a remote shell upload vulnerability.
c5beb689ef152522477a94f69f6708265474b265a0117096b5ed91472485eb5fNetwork Scanner version 4.0.0.0 SEH crash proof of concept exploit.
4a85052f96081bf9094ec2c460c6af059871b951132359ba2febd25ad1b7999bTiny Tiny RSS suffers from a remote blind SQL injection vulnerability.
234ab4e2f028e31495353f74411342081e06baeaa0ecb8070c1e52a9482835b8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed