Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016. Original exploit by Zhiniang Peng and Chen Wu.
dd14beacc3e87b7064dc160534d469a79690ec06c3cb5fdddd8acbce04733db8This whitepaper details some of the vulnerabilities observed over the past year while performing regular security assessments of iPhone and iPad applications. MDSec documents some of the vulnerabilities identified as well as the methods to exploit them, and recommendations that developers can adopt to protect their iOS applications. It covers not only the security features of the platform, but provides in depth information on how to perform both black box and white box iOS penetration tests, along with suggested methodologies and compliance.
334c947d960799417387ce8f1c27188fc7f859bd204b9dc50890663d07a20fbaDominic Chell of NGS Secure has discovered a high risk vulnerability in LibAVCodec. Opening a malformed AMV file can result in an out of array write and potentially arbitrary code execution when using this library. Whilst the vulnerability may affect multiple applications that use this library, it was only tested on VLC media player. VLC media player versions 1.1.9 and below are affected.
185b2a8f4df8fd3182b6a8b7c17b80825f8ca66454647c947edaad4f084253e6A heap overflow is caused by a signedness vulnerability within copyImageBlockSetTiff(). The crash occurs within any application using the framework, including Preview, QuickLook, Safari and Mail.
147af24c2d70bdedd1b38ad38463143eddc00aaf8190e135935aa9b337388a4aDominic Chell of NGS Secure has discovered a High risk vulnerability in Mac OS X ImageIO. Viewing a maliciously crafted TIFF image may lead to an unexpected application termination or arbitrary code execution.
215fdcdc27bc0af91ed31034d3dcfaac9d2c8dc0daf9e1f8e21a6270bff6a628Dominic Chell of NGS Secure has discovered a high risk vulnerability in LibAVCodec. Opening a malformed AMV file can result in an out of array write and potentially arbitrary code execution when using this library. Whilst the vulnerability may affect multiple applications that use this library, it was only tested on VLC media player. VLC media player versions 1.1.9 and below are affected.
17c0e508710bb4f00f1f179e385b3d378527bd4b35827d30da710e418db26947Dominic Chell of NGS Secure has discovered a High risk vulnerability in Mac OS X ImageIO. An integer overflow issue exists in ImageIO's handling of JPEG-encoded TIFF images. Viewing a maliciously crafted TIFF image may result in an unexpected application termination or arbitrary code execution. Versions affected include Mac OS X 10.6 through 10.6.6, Mac OS X Server 10.6 through 10.6.6.
8a7f56c6bf5db4c24979da8deb5a498165e211b83b1662e863496e40d68182acDominic Chell of NGS Secure has discovered a high risk memory corruption vulnerability affecting the ImageIO rendering framework. Viewing a maliciously crafted PSD image may lead to an unexpected application termination or arbitrary code execution. This issue can be remotely (client-side) exploited through any application using the framework including Mail, Safari and QuickLook.
8d1461e6e5256170797a0a396eaeab1b7e0fc4993c990a6ffe56e62e1457d8aeSun Java Web Server version 7.0 update 7 remote stack overflow exploit that is capable of bypassing DEP. In order to do this it uses ROP to invoke SetProcessDEPPolicy(). This is the second version of this exploit.
5ad70f7b7f2e69ccea95b224be4c72b4098e1aff0d6b032f6327e5d85239389eSun Java Web Server version 7.0 update 7 remote stack overflow exploit.
1d5f8ef617835a71a58262660e2ce215591ca0aad2cd8ed70a7c99368e4b3aecMozilla Firefox version 2.0.0.16 Windows XP SP3 UTF-8 URL buffer overflow exploit that has adduser shellcode.
e2739bd0c630b7c4e926b923f3c3c58cec9f87c0f93e6e8bbe38ae0ce616e363MP3 Studio version 1.0 local buffer overflow exploit that creates a malicious .m3u file that produces a bind shell on port 4444.
c013bed4f41f1ab91decd5f7c7aff548c6e35c9a4a6a42c0676a578da99821beIPSwitch IMAP Server version 9.20 and below remote buffer overflow exploit.
c6aa0faefb20ce7196a8c749c9dc1b089bd8b0fac46149e8070c03dbb5c15caeLotus Domino IMAP4 server version 6.5.4 / Windows 2000 Advanced Server x86 remote buffer overflow exploit.
b914a5a129df141a9e81efa513ca01b96c180ff72cea7dafc716b3203367e1a3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed