exploit the possibilities
Showing 1 - 25 of 49 RSS Feed

Files from Dyon Balding

First Active2007-06-29
Last Active2010-12-21
Microsoft Office Two FlashPix Tile Data Buffer Overflows
Posted Dec 21, 2010
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered two vulnerabilities in Microsoft Office, which can be exploited by malicious people to compromise a user's system. A boundary error in the FlashPix graphics filter when parsing certain tile data can be exploited to cause a data section buffer overflow via a specially crafted image. A boundary error in the FlashPix graphics filter when parsing certain tile data can be exploited to cause a stack-based buffer overflow via a specially crafted image. Successful exploitation of the vulnerabilities allows execution of arbitrary code.

tags | advisory, overflow, arbitrary, vulnerability
advisories | CVE-2010-3952
MD5 | ee86cd396f198d1f517474ad25c95921
Microsoft Office FlashPix Property Set Parsing Buffer Overflow
Posted Dec 21, 2010
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Office, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the FlashPix graphics filter when parsing certain property sets. This can be exploited to cause a stack-based buffer overflow via a specially crafted FlashPix image. Successful exploitation allows execution of arbitrary code.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-3951
MD5 | 9c20a72aad8a7456a73f29255ab18e82
Microsoft Office Drawing Shape Container Parsing
Posted Nov 10, 2010
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Office, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by insufficient validation when parsing an Office Art Drawing record, which contains "msofbtSp" records that specify certain flags. This can be exploited to corrupt memory via a specially crafted Office file. Successful exploitation allows execution of arbitrary code.

tags | advisory, arbitrary
advisories | CVE-2010-3334
MD5 | 8fb39fb2fb07a3f74270465fa0f971af
Microsoft Outlook Content Parsing Integer Underflow
Posted Sep 15, 2010
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Outlook, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an integer underflow error when parsing certain content and can be exploited to cause a heap-based buffer overflow via e.g. a specially crafted e-mail message. Successful exploitation may allow execution of arbitrary code, but requires that Outlook is connected to an Exchange server with Online Mode (not default setting for Outlook 2003 and 2007).

tags | advisory, overflow, arbitrary
advisories | CVE-2010-2728
MD5 | 0013ac583948a78a3d7e2ebd39b2b292
Windows Movie Maker String Parsing Buffer Overflow
Posted Aug 12, 2010
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Windows Movie Maker, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by boundary errors when parsing strings in imported project files (.MSWMM) and can be exploited to cause a buffer overflow. Successful exploitation allows execution of arbitrary code. Windows Movie Maker version 2.1.4027.0 is affected.

tags | advisory, overflow, arbitrary
systems | windows
advisories | CVE-2010-2564
MD5 | 6dfd0fb68046b364442d364a54920d5f
Autonomy KeyView wosr.dll Data Block Parsing Buffer Overflow
Posted Jul 28, 2010
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error the WordPerfect 5.x reader (wosr.dll) when parsing data blocks and can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-0135
MD5 | 54f75386e8a64e96a4a8814d3df82ed6
Autonomy KeyView rtfsr.dll RTF Parsing Signedness Error
Posted Jul 28, 2010
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a signedness error when parsing the argument to the "\\ls" keyword within a list override table entry in RTF files. This can be exploited to cause a buffer overflow via a specially crafted RTF file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-0134
MD5 | 051da84386777387a8d490662fbcab7b
libmikmod Module Parsing Vulnerabilities
Posted Feb 5, 2010
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered some vulnerabilities in libmikmod, which can be exploited by malicious people to potentially compromise a user's system. Successful exploitation may allow arbitrary code execution in the context of the process using the libmikmod library when opening a specially crafted module file. Version 3.1.12 is affected.

tags | advisory, arbitrary, vulnerability, code execution
advisories | CVE-2009-3995, CVE-2009-3996
MD5 | 2085f9e48cc5ec51d78d41e9fc9fc21b
Microsoft Windows Flash Player Movie Unloading
Posted Jan 14, 2010
Authored by Carsten Eiram, Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Flash Player distributed with certain versions of Windows XP, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a use-after-free error in the bundled version of Flash Player when unloading Flash objects while these are still being accessed using script code. This can be exploited to corrupt memory via a specially crafted web page. Successful exploitation allows execution of arbitrary code.

tags | advisory, web, arbitrary
systems | windows, xp
MD5 | e7dde67fdb9970f2ed46bcb93df512c9
Adobe Illustrator Encapsulated Postscript Parsing
Posted Jan 9, 2010
Authored by Dyon Balding | Site secunia.com

Adobe Illustrator version 14.0.0 suffers from an encapsulated postscript parsing vulnerability.

tags | advisory
advisories | CVE-2009-3952
MD5 | 293d49197d5efa12149d3e989f5714fe
Winamp Impulse Tracker Instrument Parsing Buffer Overflows
Posted Dec 17, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered three vulnerabilities in Winamp, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused by boundary errors in the Module Decoder Plug-in (IN_MOD.DLL) when parsing instrument definitions and can be exploited to cause heap-based buffer overflows via a specially crafted Impulse Tracker file. Successful exploitation may allow execution of arbitrary code.

tags | advisory, overflow, arbitrary, vulnerability
advisories | CVE-2009-3995
MD5 | eaee75e45e93b489e7961c805a8b0e22
Winamp Impulse Tracker Sample Parsing Buffer Overflow
Posted Dec 17, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Winamp, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the Module Decoder Plug-in (IN_MOD.DLL) when parsing samples and can be exploited to cause a heap-based buffer overflow via a specially crafted Impulse Tracker file. Successful exploitation may allow execution of arbitrary code.

tags | advisory, overflow, arbitrary
advisories | CVE-2009-3995
MD5 | db1137c7bbd9dff3c61dcbbb34b2543c
Winamp Ultratracker File Parsing Buffer Overflow
Posted Dec 17, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Winamp, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an error in the Module Decoder Plug-in (IN_MOD.DLL) when parsing Ultratracker files and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code.

tags | advisory, overflow, arbitrary
advisories | CVE-2009-3996
MD5 | cde9dc4c14da9f4b214d77249de1c4ce
Winamp Oktalyzer Parsing Integer Overflow Vulnerability
Posted Dec 17, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Winamp, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an integer overflow error in the Module Decoder Plug-in (IN_MOD.DLL) when parsing Oktalyzer files and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code.

tags | advisory, overflow, arbitrary
advisories | CVE-2009-3997
MD5 | fdfe41e2147442ecd390ed531110f7c3
IBM Tivoli Storage Manager CAD Service Buffer Overflow
Posted Nov 5, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in IBM Tivoli Storage Manager Client, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by an input validation error in the CAD service. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted packet via TCP. Successful exploitation allows execution of arbitrary code. IBM Tivoli Storage Manager Express Client version 5.3.6.2 is affected.

tags | advisory, overflow, arbitrary, tcp
advisories | CVE-2008-4826
MD5 | 3b99fb05d8904c338f83de0e19bd4835
OpenOffice.org Word Document Table Parsing Buffer Overflow
Posted Sep 2, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in OpenOffice.org, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by a boundary error when parsing certain records and can be exploited to cause a heap-based buffer overflow via a specially crafted document. Successful exploitation may allow execution of arbitrary code. OpenOffice 3.1 is affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2009-0201
MD5 | 4a8c224bc89c793d762a86173d1b4a60
OpenOffice.org Word Document Table Parsing Integer Underflow
Posted Sep 2, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in OpenOffice.org, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an integer underflow error when parsing certain records in the document table. This can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. OpenOffice 3.1 is affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2009-0200
MD5 | 4e3cb6699b801d36e8b792dd83af7404
Garmin Communicator Plug-In Domain Locking Security Bypass
Posted May 7, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Garmin Communicator Plug-In, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to a synchronisation error in the GARMINAXCONTROL.GarminAxControl_t.1 ActiveX control (npGarmin.dll). This can be exploited to bypass the domain locking and dialog box presented to the user asking for confirmation that the untrusted site may access private data. Successful exploitation allows full access (such as deleting data, retrieving personal information, or installing firmware updates) to any Garmin GPS products connected to the user's system. Garmin Communicator Plug-In (npGarmin.dll) version 2.6.4.0 is affected.

tags | advisory, activex
advisories | CVE-2009-0194
MD5 | 56ac2c10272e1c983c5a634b1028f805
IBM Tivoli Storage Manager Remote Agent Service Buffer Overflows
Posted May 5, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered two vulnerabilities in IBM Tivoli Storage Manager Agent Client (dsmagent.exe), which can be exploited by malicious people to compromise a vulnerable system. Successful exploitation allows execution of arbitrary code. IBM Tivoli Storage Manager Express Client version 5.3.6.2 is affected.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2008-4828
MD5 | b1cee8c47bfaaf9fb8ab939dde10a44f
HP OpenView Network Node Manager "ovalarmsrv" Integer Overflow
Posted Apr 28, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in HP OpenView Network Node Manager, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an integer overflow in ovalarmsrv.exe and can be exploited to cause a heap-based buffer overflow via specially crafted commands sent to port 2954/TCP. Successful exploitation may allow execution of arbitrary code. HP Network Node Manager version 7.53 is affected.

tags | advisory, overflow, arbitrary, tcp
advisories | CVE-2008-2438
MD5 | 865e582c65447131408510e5a6648887
Oracle BEA WebLogic Server Plug-ins Certificate Buffer Overflow
Posted Apr 15, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in the Oracle BEA WebLogic Server plug-ins for web servers, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error when parsing certificates and can be exploited to cause a stack-based buffer overflow by supplying a specially crafted certificate. Successful exploitation may allow execution of arbitrary code. Oracle BEA WebLogic Server Plug-ins version 1.0.1166189 is affected.

tags | advisory, web, overflow, arbitrary
advisories | CVE-2009-0190
MD5 | 45af3efbb9aac556cf7a69224074a3ae
Oracle BEA WebLogic Server Plug-ins Integer Overflow
Posted Apr 15, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in the Oracle BEA WebLogic Server plug-ins for web servers, which can be exploited by malicious people to compromise a vulnerable system. The Oracle BEA WebLogic Server can be configured to receive requests via an Apache, Sun, or IIS web server. In this case, a plug-in is installed in the Internet-facing web server that passes the request to a WebLogic server. An integer overflow when parsing HTTP requests can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Oracle BEA WebLogic Server Plug-ins version 1.0.1166189 is affected.

tags | advisory, web, overflow, arbitrary
advisories | CVE-2009-0189
MD5 | bb87a15a00ddc95f0f5227a7895d8cb9
Secunia Research - UltraISO Image Name Parsing
Posted Apr 1, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered two vulnerabilities in UltraISO, which can be exploited by malicious people to potentially compromise a user's system. A format string error when handling DAA file names can be exploited by tricking a user into opening a file with a specially crafted name containing format specifiers. A format string error when handling ISZ file names can be exploited by tricking a user into opening a file with a specially crafted name containing format specifiers. Successful exploitation may allow execution of arbitrary code. UltraISO version 9.3.1.2633 is affected.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2008-3871
MD5 | 2a48f9804676063030fcac33897e7f68
Secunia Research - UltraISO Image Parsing
Posted Apr 1, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered three vulnerabilities in UltraISO, which can be exploited by malicious people to compromise a user's system. A boundary error when parsing CIF files can be exploited to overflow a global buffer by tricking a user into opening a specially crafted CIF file. A boundary error when parsing C2D files can be exploited to overflow a global buffer by tricking a user into opening a specially crafted C2D file. Insufficient validation when parsing GI files can be exploited to overflow a global buffer by tricking a user into opening a specially crafted GI file. Successful exploitation allows execution of arbitrary code. UltraISO version 9.3.1.2633 is affected.

tags | advisory, overflow, arbitrary, vulnerability
advisories | CVE-2008-4825
MD5 | efea90108b7142460ca16384872826ed
CA ARCserve Backup RPC "handle_t" Argument Vulnerability
Posted Dec 12, 2008
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in BrightStor ARCserve Backup, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to insufficient validation of "handle_t" arguments passed to RPC endpoints. Passing object pointers to procedures that expect different types can result in arbitrary code execution. CA ARCserve Backup 11.5 SP4 build 4491 is affected.

tags | advisory, arbitrary, code execution
advisories | CVE-2008-5415
MD5 | fb6c56e482e60d60a6f4ec767027c3f3
Page 1 of 2
Back12Next

File Archive:

March 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    19 Files
  • 2
    Mar 2nd
    15 Files
  • 3
    Mar 3rd
    30 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close