exploit the possibilities

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 1 of 1

Files

Novell iPrint Client Browser PluginGetDriverFile Uninitialized Pointer Remote Code Execution: Posted Aug 24, 2010; Authored by Aaron Portnoy | Site tippingpoint.com; This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Novell iPrint client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the ienipp.ocx ActiveX control with CLSID 36723f97-7aa0-11d4-8919-FF2D71D0D32C. The function exposes a GetDriverFile method. When this method is invoked for the first time a pointer in the .data section is mapped to an external function within another module. When invoked the second time, the process fails to load the library and assumes the pointer is still valid. When the uninitialized pointer is called the process jumps to an address space easily controlled by an attacker. This can be leveraged to execute remote code under the context of the user running the browser.; tags | advisory, remote, arbitrary, activex; SHA-256 | e0cfa3e2cd1ddcbcc01059726eacacbe82ac5d6853c2f30996a1f6f81e23e936; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 172 files
Ubuntu 47 files
Debian 22 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
tmrswrr 4 files
E1.Coders 4 files

Recent News

Russia's Sandworm APT Linked To Attack On Texas Water Plant: Posted Apr 18, 2024; tags | headline, malware, usa, russia, cyberwar, scada; Favorite | View

EU Tells Meta It Can't Paywall Privacy: Posted Apr 18, 2024; tags | headline, government, privacy, facebook, social; Favorite | View

Scammers Offer Cash To Phone Carrier Staff To Swap SIM Cards: Posted Apr 17, 2024; tags | headline, phone, cybercrime, fraud, password; Favorite | View

Ivanti Patches 27 Vulns In Avalanche MDM Product: Posted Apr 17, 2024; tags | headline, flaw, patch; Favorite | View

Attackers Are Pummeling Networks Around The World With Millions Of Login Attempts: Posted Apr 17, 2024; tags | headline, hacker, password; Favorite | View

Recent OT And Espionage Attacks Linked To Russia's Sandworm, Now Named APT44: Posted Apr 17, 2024; tags | headline, hacker, government, malware, cyberwar, spyware; Favorite | View

OpenAI's ChatGPT Can Exploit Real Vulnerabilities By Reading Advisories: Posted Apr 17, 2024; tags | headline, flaw, science; Favorite | View

Google Location Tracking Deal Could Be Derailed By Politics: Posted Apr 16, 2024; tags | headline, government, privacy, google, spyware; Favorite | View

Cryptojacker Arrested For Defrauding Cloud Providers Of $3.5 Million: Posted Apr 16, 2024; tags | headline, hacker, cybercrime, fraud, cryptography; Favorite | View

Delinea Scrambles To Patch Critical Flaw After Ignoring Researcher: Posted Apr 16, 2024; tags | headline, hacker, flaw, patch; Favorite | View

View More News →

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec