This archive contains all of the 296 exploits added to Packet Storm in March, 2017.
0d4f244176ef15c4c04eb37fbfa9593777646cb3dae74849350357a5a0b25f1a
mapr suffers from an information disclosure vulnerability.
72154e7425f8731073fc55262d90eaa471479bcf62a2e3abdbd88d8525430209
Membership Formula suffers from a remote SQL injection vulnerability.
a4d61cb95e1032544432b14cbb5a12f0454ad2ea0ec276364e915d633059693c
Amazon S3 suffers from an open redirection vulnerability.
cc5afbb9a4b12138b7c5db47bdc0b8bb94e014dae51869e09b079aaf22a799b5
Pixie version 1.0.4 suffers from a cross site scripting vulnerability.
1bfb97f0b476e0247458cce92c0e867e76225fb7c98585669be0eec4d91c07f8
MacOS/iOS suffer from an issue where mach_msg does not copy memory in a certain case.
311975d6c6410fc74e8c9b4e249484bd7519ec1515eba64cd53af81d9d333a20
Microsoft Visual Basic for Applications versions 6.5 through 7.1 suffer from a malicious hidden module issue.
1b1fb21479c9efc8470b2ac366523aa69e0f3f5599cec5c5c3acb8af5ef31702
Safari performs an out-of-bounds read when calling the bound function.
c34419dbfdc88927512ecd0928e9ba0ad20ee01eb077380d69ea9fd9a6bd1bc8
Safari suffers from a type confusion vulnerability in DateTimeFormat.format.
bcbbe721812e3c9844aa096ccd242bccd99e577311663d34b1850a138057a5ea
Sync Breeze Enterprise version 9.5.16 SEH GET buffer overflow exploit.
bf368bde889dcf902b06ff92a9af6600b8ec55a5ba19e600159382f811b399a3
Sync Breeze Enterprise version 9.5.16 suffers from an import command buffer overflow vulnerability.
92904136e8d75735d3fca251e7d6585a845b1133240bfbaf44518eb4a65108b7
The built-in JavaScript in the Safari browser allows Function.caller to be used in strict mode.
1884c9b6bc5c81281bf6c6ce0bb8b15f58a86018597a7480f0520481b1474f57
EyesOfNetwork (EON) version 5.1 suffers from a remote SQL injection vulnerability.
7e72eff3acc65ef6601181f816f3f0f11a29fd7567dfa6832b7e151b5c40de5b
Opensource Classified Ads Script suffers from a remote SQL injection vulnerability.
d97168fbcaab9f971a39626b11c9c30f60cd3e99d850c3155d6cf9805e1b00d9
VX Search Enterprise version 9.5.12 suffers from a verify email buffer overflow vulnerability.
571a76eafaa747a6756ed856dc9f0f97b2580d4f3db9b17dec9a3b7e1148619d
Microsoft Outlook suffers from an HTML email denial of service vulnerability.
df536fb9431470d67b63334422b4fe73505842670e63f7d352a00c5db691b38d
Intermec PM43 industrial printer suffers from a privilege escalation vulnerability.
ae1b85cfe883429a619d40b84e5f3040ebac2c5c89f555a8ace4bd988c1afbb4
Mikrotik RouterBoard version 6.38.5 suffers from a denial of service vulnerability.
55f194af2f99abcf311124e01a81b763625ad85c53e0fb1c6c687ddb10024da9
pfsense version 2.3.2 suffers from a remote code execution vulnerability.
cdc9477114db9f75ccf0e32482329e27abeb984f900df0dba8af56cb83f111bb
NetComm NB16WV-02 suffers from a persistent cross site scripting vulnerability.
7528366296e53825ce8b1f5f682ff65037bbfe4609499705987eadc098835cda
This Metasploit module exploits two security issues in Github Enterprise, version 2.8.0 - 2.8.6. The first is that the session management uses a hard-coded secret value, which can be abused to sign a serialized malicious Ruby object. The second problem is due to the use of unsafe deserialization, which allows the malicious Ruby object to be loaded, and results in arbitrary remote code execution. This exploit was tested against version 2.8.0.
33f3404a6f4b774f58398937b9ab21c5dca1aec64058a30c79123e17a7208e17
Samba suffers from a symlink race that permits opening files outside of the share directory.
cbefcff5a7cc202c2a305ae0688d0de66a0ef4a9774c1d54a3d82ebf5097e489
inoERP version 0.6.1 suffers from cross site request forgery, cross site scripting, session fixation, and remote SQL injection vulnerabilities.
0dbae274c6ec3d066433df5925e8e6e06e3eb8799408ce2eb8814242b997affc
Microsoft IIS version 6.0 suffers from a WebDAV ScStoragePathFromUrl buffer overflow vulnerability.
6863dfccb5afdbb2b68e4e352d69d7475a42a362ead4a48025220cdbd740e6d3
Disk Sorter Server version 9.5.12 suffers from a buffer overflow vulnerability.
70c8f1cd0b11a6132069d46e2ac4bf4a996a12018c80ea2c6aeb432b76439055