what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files from Yaniv Miron

Email addressprivate
First Active2008-05-09
Last Active2011-08-19
View User Profile
Microsoft Patch Analysis Presentation
Posted Aug 19, 2011
Authored by Yaniv Miron

Microsoft Patch Analysis presentation slides from Confidence 2010.

tags | paper
SHA-256 | 7ec969f7ce7dd6a082eb350a5cc69296faf9cf9787d943e97bba72f29e1d3c0a
Microsoft Windows CreateSizeDIBSECTION Stack Buffer Overflow
Posted Feb 10, 2011
Authored by Yaniv Miron, jduck, Moti, Xu Hao | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in the handling of thumbnails within .MIC files and various Office documents. When processing a thumbnail bitmap containing a negative 'biClrUsed' value, a stack-based buffer overflow occurs. This leads to arbitrary code execution. In order to trigger the vulnerable code, the folder containing the document must be viewed using the "Thumbnails" view.

tags | exploit, overflow, arbitrary, code execution
advisories | CVE-2010-3970, OSVDB-70263
SHA-256 | ff0746ba8e2fc6963fae334d5cae3d633461ec95d7ca6d6099761907cf4797c4
iDEFENSE Security Advisory 2011-02-08.1
Posted Feb 8, 2011
Authored by iDefense Labs, Yaniv Miron, Kobi Pariente | Site idefense.com

iDefense Security Advisory 02.08.11 - Remote exploitation of a buffer overflow vulnerability in multiple versions of Microsoft Corp.'s Windows could allow attackers to execute arbitrary code on the targeted host. An integer overflow vulnerability exists in the "shimgvw" library. During the processing of an image within a certain function, a bitmap containing a large "biWidth" value can be used to cause an integer calculation overflow. This condition can lead to the overflow of a heap buffer and may result in the execute arbitrary code on the targeted host.

tags | advisory, remote, overflow, arbitrary
systems | windows
advisories | CVE-2011-3970
SHA-256 | f6124a1b8cbfad6d5655d8dd9b8857fd339410ce72f7e673b15b3fbb4d62778c
Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow
Posted Jan 5, 2011
Authored by Yaniv Miron, jduck, Moti, Xu Hao | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in the handling of thumbnails within .MIC files and various Office documents. When processing a thumbnail bitmap containing a negative 'biClrUsed' value, a stack-based buffer overflow occurs. This leads to arbitrary code execution. In order to trigger the vulnerable code, the folder containing the document must be viewed using the "Thumbnails" view.

tags | exploit, overflow, arbitrary, code execution
advisories | CVE-2010-3970, OSVDB-70263
SHA-256 | 324a4cf6708fa3e2e4a6d04a2e921ca6490b4047ccd7b0dfca5643c50afc11c8
Aris AGX agXchange ESM Open Redirection
Posted Mar 22, 2010
Authored by Yaniv Miron

The Aris AGX agXchange ESM safety submissions module suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 2c9de39e17d4804bef609db851591fe352f2c6759ab33b6236daaa76c6ef0832
IBM Lotus 6.x HTTP Response Splitting
Posted Mar 20, 2010
Authored by Yaniv Miron

IBM Lotus version 6.x suffers from a HTTP response splitting vulnerability.

tags | exploit, web
SHA-256 | eb17a890d0e369f28679e022d3d6d0ec5c394507a4192671f18179c81f926f67
Friendly-Tech FriendlyTR69 2.8.9 SQL Injection
Posted Mar 10, 2010
Authored by Yaniv Miron

Friendly-Tech FriendlyTR69 CPE remote management version 2.8.9 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 58ccac000cdd3134afda51cec0b760989d3af73eaba4ecc1194b1016dcfa7bd1
IBM ENOVIA SmarTeam 5 Cross Site Scripting
Posted Mar 9, 2010
Authored by Yaniv Miron

IBM ENOVIA SmarTeam version 5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2a2209931b1ffd42b7662b43ba4d47eb79ceb56b8533c08525649d627220dac8
Sparta Systems TrackWise TeamAccess Cross Site Scripting
Posted Mar 3, 2010
Authored by Yaniv Miron

The Sparta Systems TrackWise TeamAccess module suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 52aeca03b84206b3c2b015722e3fbbb96730fc996397f673d8eb9f960cfe130d
Eshbel Priority MarketGate Cross Site Scripting
Posted Mar 3, 2010
Authored by Yaniv Miron

Eshbel Priority MarketGate module suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ba1eb4771be17163701c33bc9cd1834c5df42518f2f7cfe06aaa3c6efd2d9e92
Oracle Siebel 7.x CRM Cross Site Scripting
Posted Mar 1, 2010
Authored by Yaniv Miron

Oracle Siebel CRM version 7.x suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d9b8d785baaec4c817bb1fc5be6e354ef43d9a6c8da1f1bffdc2b704fbf65d0b
ARISg5 5.0 Cross Site Scripting
Posted Feb 27, 2010
Authored by Yaniv Miron

ARISg5 version 5.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c5198d5f0e7e3bc211bc96fbfda873a31bfed02e818bcd04d6b3f10e9eec1edf
apache-utf7xss.txt
Posted May 9, 2008
Authored by Yaniv Miron, Yossi Yakubov

Apache versions 2.2.x and 1.3.x suffer from a cross site scripting vulnerability leveraging UTF-7 encoding on 403 forbidden pages.

tags | exploit, xss
SHA-256 | 8fffd3a81ffabcbd3507f0163054297820bd7db26ac5b1589bffae4cacbe171d
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close