exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

Files from Sam Thomas

Email addresssam.thomas at aquaterra.org
First Active2006-06-29
Last Active2008-08-13
Zero Day Initiative Advisory 08-050
Posted Aug 13, 2008
Authored by Tipping Point, Sam Thomas | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of document objects. When an object is appended in a specific order, memory corruption occurs. Successful exploitation leads to remote compromise of the affected system under the credentials of the currently logged in user.

tags | advisory, remote, arbitrary
advisories | CVE-2008-2257
SHA-256 | ea35c3bea9256f849954229fe44ff2775d4c804fb8b8f1be7b41cb58bbb88f01
Zero Day Initiative Advisory 07-074
Posted Dec 12, 2007
Authored by Tipping Point, Sam Thomas | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The flaw exists due to improper use of the "cloneNode" and "nodeValue" javascript functions. When a specially crafted element is used during a repetitive call to one of these functions memory corruption can occur leading to remote code execution. Affected versions are 6 and 7.

tags | advisory, remote, arbitrary, javascript, code execution
advisories | CVE-2007-3903
SHA-256 | 5b0265d2921e9d43ddba03b852a3eda5f1e765e427af5b5c99645f945bfa8589
Zero Day Initiative Advisory 06-027
Posted Aug 18, 2006
Authored by Tipping Point, Sam Thomas | Site zerodayinitiative.com

A vulnerability in Microsoft Internet Explorer allows arbitrary code execution. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific vulnerability exists due to improper handling of CSS class values. Accessing a specially crafted CSS element via document.getElementByID causes a memory corruption eventually leading to code execution.

tags | advisory, arbitrary, code execution
advisories | CVE-2006-3450
SHA-256 | 57fb1dc0472d53d18e1e1b8b3ad21deb294e25b88cdbc8f2051142b0af1bbafb
Zero Day Initiative Advisory 06-026
Posted Aug 18, 2006
Authored by Tipping Point, Sam Thomas | Site zerodayinitiative.com

A vulnerability in Microsoft Internet Explorer allows arbitrary code execution. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists due to improper garbage collection when multiple "imports" are used on a "styleSheets" collection. Crafting a long chain of CSS imports in an HTML document results in a memory corruption eventually leading to code execution.

tags | advisory, arbitrary, code execution
advisories | CVE-2006-3451
SHA-256 | dac941decc7a45743d5845a19527090e075dfa85d406566b90b661b23341d886
yabbse-all.txt
Posted Jun 29, 2006
Authored by Sam Thomas

exploit for all versions of yabbse that retrieves any users password hash.

tags | exploit
SHA-256 | cfdfdf127220b379e824bae8db741a18c7b8280f69303c3c2a9034e52bf3565c
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close