This is a whitepaper that discusses a reflective cross site scripting issue in *.adspecs.yahoo.com due to sessvars.js not filtering before performing an eval.
ec7a8bcfbe030e87367b8b94832c2b64cdd0550ea279469bf63bb2f775015438Novell File Reporter agent XML parsing remote code execution exploit.
d97019b8d30cf82a531d15b67988c264ae384da68ddc63da71ca44d3e9fc1cd0This Metasploit module exploits a stack buffer overflow in Avaya WinPMD. The vulnerability exists in the UniteHostRouter service, due to the insecure usage of memcpy when parsing specially crafted "To:" headers. The module has been tested successfully on Avaya WinPMD 3.8.2 over Windows XP SP3 and Windows 2003 SP2.
d9b4cfd701509dee98dd35f95bbf2fa0811c43ac505cb1b7aba6619d0bbbbae5This Metasploit module exploits a vulnerability found in Adobe Flash Player's Flash10u.ocx component. When processing a MP4 file (specifically the Sequence Parameter Set), Flash will see if pic_order_cnt_type is equal to 1, which sets the num_ref_frames_in_pic_order_cnt_cycle field, and then blindly copies data in offset_for_ref_frame on the stack, which allows arbitrary remote code execution under the context of the user. Numerous reports also indicate that this vulnerability has been exploited in the wild. Please note that the exploit requires a SWF media player in order to trigger the bug, which currently isn't included in the framework. However, software such as Longtail SWF Player is free for non-commercial use, and is easily obtainable.
df9a4f147e437db061fcac07db067da65775ac9fff0ec5fecbe3b18c47f3cebaAdobe Flash Player MP4 SequenceParameterSetNALUnit remote code execution exploit that works against versions 10.3.181.34 and below on XP SP3.
3acb530b7f85bf741ad44237de6b7293c688e170361a89a5dd01b37019556114Avaya WinPDM UniteHostRouter versions 3.8.2 and below remote pre-auth buffer overflow exploit that binds a shell to port 4444.
e60668fa5b27c23dd1c833eb25b44a403111b5eef0cdf05eb8fb7b3e13fe0967This Metasploit module exploits a vulnerability found in Excel of Microsoft Office 2007. By supplying a malformed .xlb file, an attacker can control the content (source) of a memcpy routine, and the number of bytes to copy, therefore causing a stack-based buffer overflow. This results in arbitrary code execution under the context of the user.
405750635f1d715a040aac5de170b3b1b4dc8f91ecb9723c46a8fa8a207f6fa9A remote code execution vulnerability exists in the way that Microsoft Excel 2007 SP2 handles specially crafted Excel files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. This is the same vulnerability that is referenced in MS11-021. Proof of concept exploit code included.
9a5d1f96fbe02680c7966f213409b939e32dceb7cdd048b0e6ab2e26c9aed2cfWebKit as used in Apple Safari versions prior to 5.0.6 memory corruption exploit with DEP bypass.
16a041c37b31ede793a60e292d6bfca2a8af34db4883b9ac92c3e4c061829c85GDI+ CreateDashedPath suffers from an integer overflow vulnerability in gdiplus.dll.
e20fc836323223dccecb7e77feedfe083e650997e1791ba72b7c3bf909266badAdobe Flash Player versions prior to 10.1.53.64 Action script type confusion exploit.
6a3bd8107ea80cac8dbedad82b6d7d57fa7090ea8489291d5ca2ed8531f0f4e4Adobe Shockwave Player suffers from a rcsL chunk memory corruption vulnerability. This affects version 11.5.8.612 and possibly prior versions as well.
19c623243755d4e723f8bafe5e6b21f7bc24f231ced44057c528a648edd4ae9eMonth Of Abysssec Undisclosed Bugs - The Microsoft unicode scripts processor suffers from a remote code execution vulnerability.
6eba272c4ddfe295b0ebe851d90034b775b8db127a39cc09038726b42ce21ce2Month Of Abysssec Undisclosed Bugs - The Microsoft unicode scripts processor suffers from a remote code execution vulnerability.
a260a103493a82aa8d88ddc48ee57997d544d765bc8fd435d880fa00febbd6e1Month Of Abysssec Undisclosed Bugs - ASPMass Shopping Cart suffers from a file upload cross site request forgery vulnerability.
c9d87f8bdde161e2a4f3aa91ce867155cc368c6394a0d5d1640778fdae77f8aeMonth Of Abysssec Undisclosed Bugs - ASPMass Shopping Cart suffers from a file upload cross site request forgery vulnerability.
0fa4a1fc6bc6e257ca606903b050fc285d1914f4683e5197e8247c2ea91c4a70Month Of Abysssec Undisclosed Bugs - Microsoft Excel suffers from a SxView record parsing heap memory corruption vulnerability.
8559cd08f0e1060638d1e482eeca133768c0d9e3701ebe7a1a85f49dee8fc8c9Month Of Abysssec Undisclosed Bugs - AtomatiCMS suffers from an arbitrary file upload vulnerability.
d28562311c44508cd04e6a2d947d769787e7775c8b7ae31cc30fa84dc5f502f3Month Of Abysssec Undisclosed Bugs - AtomatiCMS suffers from an arbitrary file upload vulnerability.
03ab291bf641d30568d780acd938d6bdb67d57bacf257281de4b95ecc8542208Month Of Abysssec Undisclosed Bugs - JE CMS version 1.0.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
8ff1c794c6ca8b9cc3919b71a881993f309698b518ba50acb5801225179daaadMonth Of Abysssec Undisclosed Bugs - JE CMS version 1.0.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
24a8b84dfdb9146940e4293b16fbe2a2f0ce1c2394f0d532cd9e82bb69f7e65fMonth Of Abysssec Undisclosed Bugs - Microsoft Internet Explorer suffers from a MSHTML Findtext processing issue.
cd2db4facf91ac2f9da02446010e8d0b786f4bd6d1515f92f509060d41aec1ceMonth Of Abysssec Undisclosed Bugs - Microsoft Internet Explorer suffers from a MSHTML Findtext processing issue.
82c4002637ecaabe051b8f65865135bd49c78c27e7c11535ae9e6abef23f1062Month Of Abysssec Undisclosed Bugs - ndCMS (Nickel and Dime CMS) version 0.4rc1 suffers from a remote SQL injection vulnerability.
a72c0a1982360127ee903348d0b8938bd690f456683ad6bf873f3abd445cf537Month Of Abysssec Undisclosed Bugs - ndCMS (Nickel and Dime CMS) version 0.4rc1 suffers from a remote SQL injection vulnerability.
ad4dc050d45bec49382e0d73802dea60d359e8e781d82173a61672bf282f3f4b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed