Email address | private |
---|---|
Website | hyp3rlinx.altervista.org |
First Active | 2015-04-28 |
Last Active | 2019-01-29 |
CloudMe Sync version 1.11.2 buffer overflow exploit with DEP bypass for WoW64.
6c6eec765b43cb302857a4db976b3285
Microsoft Windows has a flaw where a contact file can be leveraged with a malicious mailto: link to achieve code execution.
8da8aed6efa36cf9b75b407094e89ecd
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw is due to the processing of ".contact" files <c:Url> node param which takes an expected website value, however if an attacker references an executable file it will run that instead without warning instead of performing expected web navigation. This is dangerous and would be unexpected to an end user.
400f7619bf34f3975072761dde4b36b7
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of VCard files. Crafted data in a VCard file can cause Windows to display a dangerous hyperlink. The user interface fails to provide any indication of the hazard. An attacker can leverage this vulnerability to execute code in the context of the current user.
b357f9ac49a1d5e1b09b2def64c183cf
NEC Univerge Sv9100 WebPro version 6.00.00 suffers from predictable session identifiers and cleartext password vulnerabilities.
9a52c2a9711824e6df44c4ff715eb9fd
D-Link Central WiFiManager CWM-100 version 1.03 r0098 devices will load a trojan horse "quserex.dll" and will create a new thread running with SYSTEM integrity.
7d5b487d0bc7a54d4746370b3f054425
Using a web browser or script server-side request forgery (SSRF) can be initiated against internal/external systems to conduct port scans by leveraging D-LINK's MailConnect component. The MailConnect feature on D-Link Central WiFiManager CWM-100 version 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI. This can undermine accountability of where scan or connections actually came from and or bypass the FW etc. This can be automated via script or using Web Browser.
d9afd3cea418548b6c3b72153c1261fe
The FTP Server component of the D-LINK Central WifiManager can be used as a man-in-the-middle machine allowing PORT Command bounce scan attacks. This vulnerability allows remote attackers to abuse your network and discreetly conduct network port scanning. Victims will then think these scans are originating from the D-LINK network running the afflicted FTP Server and not you. Version 1.03 r0098 is affected.
83571811be19f02f54e3bf44fda47807
A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system without being analyzed for threats. The vulnerability is due to improper process resource handling. Cisco Immunet versions prior to 6.2.0 and Cisco AMP For Endpoints version 6.2.0 are affected.
7a4ff17f412569211f6751de8fc14501
ServersCheck Monitoring Software versions up through 14.3.3 suffer from a remote SQL injection vulnerability.
5f20210cc21e2f7f7eeba3f2bed4a0d4
ServersCheck Monitoring Software versions up through 14.3.3 suffer from a cross site scripting vulnerability.
2073e0a7bf80bbfb06368b74de78f83f
ServersCheck Monitoring Software versions up through suffer from arbitrary file write and denial of service vulnerabilities.
7302d602d37c84719c9794dafd55fb00
NoMachine versions 5.3.26 and below suffer from a remote code execution vulnerability when opening a malicious .nxs file.
98f0f6fe4dc505a95f06d738805d3c7a
Microsoft SQL Server Management Studio versions 17.9 and 18.0 Preview 4 suffer from an xmla filetype XML external entity injection vulnerability.
f8fb22312550cc368dc913351a5406a8
Microsoft SQL Server Management Studio versions 17.9 and 18.0 Preview 4 suffer from a xel filetype XML external entity injection vulnerability.
0fb594060e86354cefaa3a12ba2181d5
Microsoft SQL Server Management Studio versions 17.9 and 18.0 Preview 4 suffer from a REGSRVR filehandling XML external entity injection vulnerability.
bc7e26312d98457aeac3779548aee6d7
Microsoft Baseline Security Analyzer version 2.3 suffers from an XML external entity injection vulnerability.
7224f7e70a591fdfca03428610d0453c
This whitepaper analyzes a privilege escalation vulnerability in the Microsoft .NET framework as noted in MS15-118.
4a014224fc35bfb528ae5d4ebe710d2d
FsPro Labs Event Log Explorer version 4.6.1.2115 suffers from an XML external entity injection vulnerability.
fad943a0c32935b55f0eee3696caaca4
Argus Surveillance DVR version 4.0.0.0 suffers from a SYSTEM privilege escalation vulnerability.
568a5ca14ccf6b72d34900efe6809bce
Argus Surveillance DVR version 4.0.0.0 suffers from file disclosure and traversal vulnerabilities.
236a5ef23b5453a2a50a23ab72a165af
The Microsoft DirectX SDK "Xact3.exe" cross-platform tool allows for arbitrary code execution via a trojan horse file "xbdm.dll" in the current working directory, upon opening a ".xap" project file from the same location.
d7f1056ce3aa140ad0e115c7bf50b3c0
Microsoft's dnslint.exe tool does not verify domain names when parsing DNS text-files using the "/ql" switch making it prone to forced drive-by downloads, providing an end user is tricked into using a server text-file containing a script/binary reference instead of a normally expected domain name.
eb14060a0091ba68f6b96c6e9ef2fb25
Microsoft Windows Enterprise Mode Site List Manager versions 1 and 2 suffer from an XML external entity injection vulnerability.
adb95485a2175dc841aa24d2a530ed72
Library description files are XML files that define libraries. Libraries aggregate items from local and remote storage locations into a single view in Windows Explorer. Library description files follow the Library Description schema and are saved as *.library-ms files. The .library-ms filetype triggers forced authentication when a user/client accesses a remote share that houses an attacker supplied ".library-ms" file, disclosing credential hashes and other identifiable computer informations.
3efbbbe3394fffedf1bbcf55f304effb