Aerohive Hive Manager (Stand-alone and Cloud) versions greater than and equal to 6.1R3 and HiveOS version 6.1R3 suffer from bypass, code execution, cross site scripting, file disclosure, local file inclusion, arbitrary file upload, missing passphrase, and password disclosure vulnerabilities.
cda32b36ba6f19559448f8007c162ba158f4b31d35722a7b7f4a3f40b5f0e800This Metasploit module exploits a stack-based buffer overflow in StoryBoard Quick 6.
be9f8f5b5e74ec032e061db1790ee6ae7ad5663dd6c25860b0832e0efd98f2d3This Metasploit module exploits a stack-based buffer overflow in Final Draft 8. Multiple fields are vulnerable to the overflow, however Word in IgnoredWords is the only field to accept mixed-case characters.
1b1e0b81bd8090ce9c13897364857d059b72e2077047d444b433511ccd5550d8This Metasploit module exploits a stack buffer overflow in process AvidPhoneticIndexer.exe (port 4659), which comes as part of the Avid Media Composer 5.5 Editing Suite. This daemon sometimes starts on a different port; if you start it standalone it will run on port 4660.
1300424762c6a67dc6fa5b84891cd5d5326609e31ed49f16b15f85a4eadefc6fThis Metasploit module exploits a stack-based buffer overflow in Final Draft 8. Multiple fields are vulnerable to the overflow, however Word in IgnoredWords is the only field to accept mixed-case characters. This version of the exploit was deemed "old" by Metasploit.
1b1e0b81bd8090ce9c13897364857d059b72e2077047d444b433511ccd5550d8This Metasploit module exploits a stack-based buffer overflow in StoryBoard Quick 6. This version of the exploit was deemed "old" by Metasploit.
be9f8f5b5e74ec032e061db1790ee6ae7ad5663dd6c25860b0832e0efd98f2d3This Metasploit module exploits a stack buffer overflow in process AvidPhoneticIndexer.exe (port 4659), which comes as part of the Avid Media Composer 5.5 Editing Suite. This daemon sometimes starts on a different port; if you start it standalone it will run on port 4660. This version of the exploit was deemed "old" by Metasploit.
1300424762c6a67dc6fa5b84891cd5d5326609e31ed49f16b15f85a4eadefc6fThis Metasploit module exploits a stack buffer overflow in process AvidPhoneticIndexer.exe (port 4659), which comes as part of the Avid Media Composer 5.5 Editing Suite. This daemon sometimes starts on a different port; if you start it standalone it will run on port 4660.
e325ea7c310110db0d0e34758f28771015fc9185c9f35054df350536e370ced2The AvidPhoneticIndexer.exe network daemon that ships with Avid Media Composer version 5.5 suffers from a remote stack buffer overflow. This was demonstrated at Ruxcon 2011 in the Hacking Hollywood talk. Included in this archive are the advisory and a Metasploit module.
a6100e77da08ab7504d889909384925c152f4a923056b91aef442070ec7d5eebStoryBoard Quick version 6 suffers from a file format stack buffer overflow. This was demonstrated at Ruxcon 2011 in the Hacking Hollywood talk. Included in this archive are the advisory, a proof of concept and a Metasploit module.
a58071791bae0e9b02ab74ae8bc27fb0a782edd806f7f95a6330d6c8d53fb41cMuster Render Farm Management System version 6.1.6 suffer from an arbitrary file download issue due to a directory traversal vulnerability. This was demonstrated at Ruxcon 2011 in the Hacking Hollywood talk. The advisory in this archive includes exploitation details.
4c7c5caf872d4ace08b11d687019c73a366d5da96d3cb3fa5d8590c61b7d691aFinal Draft version 8 suffers from a file format stack buffer overflow. This was demonstrated at Ruxcon 2011 in the Hacking Hollywood talk. Included in this archive are the advisory, a proof of concept and a Metasploit module.
ac3e47d5874fd1d4daad7534970506cf6afc9f213d1d90f20086b45e813dcbbdThese are the slides from the Hacking Hollywood presentation given at Ruxcon 2011. It documents vulnerabilities that the researcher discovered in various pieces of software in use by large Hollywood studios. Be sure to check out the related files for this presentation as there are multiple proof of concept exploits and advisories.
011cfd9dd1552c8137cc5620c4e38a3b1986aa931e278523ef781e70dd75adf5BroadWorks suffers from an arbitrary call detail record eavesdropping vulnerability. Versions R16 and below are affected.
f587e153f0630c9df6b06ef804794f88c6cb8f35b7c444fc320f6d63f1e519c3Whitepaper called Exploiting Cross Context Scripting in Firefox.
b6f1ce5b65cb8ba9f3cae9cfdedc361229083113c50974b28b05fbf9697ba86eYoono Firefox extension versions prior to 6.1.1 suffer from a code injection vulnerability.
bfd84bf3aba12e7c69cc818f02ce6095d73f9701b829ecb83f65ad5699232b91Feed Sidebar Firefox extension versions prior to 3.2 suffer from a code injection vulnerability.
9051078957e8b0620115d0506d0a10139829ad1a4cd09e064fb9e6d0856a4b50ScribeFire Firefox Extension versions prior to 3.4.2 suffer from a code injection vulnerability.
b3bf839f159fdf42897a46b649dfe4a6a6a4d45628ff8ae2c0db85f957eb1e8bWizzRSS versions prior to 3.1.0.0 and WizzRSS Lite versions prior to 3.0.0.9b suffer from a code injection vulnerability.
ec171eaddaaab7708cf6e05a1cf76f2dfe84fb8052fc10a26dcbe9f834b2d4a5
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed