QNX phrelay/phindows/phditto suffer from bpe_decompress stack overflow and Photon Session buffer overflow vulnerabilities. Proof of concept test code included.
a8febe1f7594f7227637fd1ab3e211df28595f24d5860319add7faa94e431a79
Samsung devices with support for remote controllers suffer from endless restart and possible buffer overflow vulnerabilities. Proof of concept code included.
854a533372bb43e4a6e8df97f85425d1da3dc842c39a23331c498211f1cde33b
EMC IRM License Server versions 4.6.1.1995 and below suffer from multiple NULL pointer vulnerabilities.
e4753fec8c317c958afcd95f7d84694bc0603f054a3713e043a5391466e24f1f
This archive encompasses an advisory about the MS12-020 use-after-free vulnerability in Microsoft Remote Desktop, details about the leaked exploit in relation to this report, and a proof of concept exploit.
9a94d068fd0f6a8f044593bfb8ff8e4f4527cff18adacfeaddb785decdbbaa82
Presto! PageManager versions 9.01 and below suffer from heap overflow, arbitrary file downloading, and denial of service vulnerabilities.
83a76aea3ab82f086da4968e6872b1b1c4b95fbc01ee1f522767a9d9ae1dfbfb
Sockso versions 1.5 and below suffer from a directory traversal vulnerability.
77408140ee546552e2117da9511f6d9163aadd9b1c364cf5c48df280a7970071
EMC NetWorker (Legato) versions 7.6 SP3 (7.6.3.2 Build 860) and below suffer from an invalid read access vulnerability.
9ea24b40665e9f5dcba92fbbe403938d3b548eadadc65b9a1a986d44479c992e
Epson EventManager versions 2.50 and below suffer from a remote denial of service vulnerability.
e9ed7d61f4b3e9141efd05f83faf0bccc4dfb4b5e305505630db6036832c77cd
TVersity versions 1.9.7 and below suffer from an arbitrary file downloading vulnerability.
0f98c43eb0ac7b40b724aa6931aae34c0f0bc9dd08645febfe3d9acc825d95a2
NetDecision versions 4.6.1 and below suffer from a remote directory traversal vulnerability. Proof of concept code included.
d721af39d139f82f49468f70daaadb3702443fd72006aef70d14530f14a10a89
This Metasploit module exploits a vulnerability in the CmdProcessor.exe component of Trend Micro Control Manager up to version 5.5. The specific flaw exists within CmdProcessor.exe service running on TCP port 20101. The vulnerable function is the CGenericScheduler::AddTask function of cmdHandlerRedAlertController.dll. When processing a specially crafted IPC packet, controlled data is copied into a 256-byte stack buffer. This can be exploited to execute remote code under the context of the user.
a04483c90d2ea44a263aa576ce03bb6bfbcf03f1fa5d6ff7e8b522c7b58f3163
Unity 3D Web Player versions 3.2.0.61061 and below suffer from a heap corruption vulnerability. Proof of concept code included.
df8d4e828b3feb902755f42d049fc02ed05cad4cc5d64bfcb3d166a7c832d79f
Buzz build versions 1458 and below suffer from memory corruption and various overflows. Proof of concept included.
46a8c985e5efa7be49ecf1d9c42c6876e055dde7cb718a81a95548874f11fa61
R2 versions 1.65 and below suffer from stack overflow, PIN brute forcing, and directory traversal vulnerabilities.
ba8d5c2101fecdc6134ad9ee1e54309816085a9c6d2e7183056b526de4495867
Novell GroupWise Messenger versions 2.1.0 and below suffer from an arbitrary memory write vulnerability. Proof of concept code included.
2a860e7fc425db009ce68367eb366a207037f08cbda2c027cf4fa5a25d8f9723
Novell GroupWise Messenger versions 2.1.0 and below suffer from a memory corruption vulnerability. Proof of concept code included.
7bf5d40c43687f0dd580d97a27bf832ee281150557d29f08aaeefdac37a8bcc1
Novell GroupWise Messenger Client versions 2.1.0 and below suffer from a unicode stack overflow vulnerability. Proof of concept code included.
0e268a424cde5fd0ea8d5a4d615a84eb7ca0ba1673fe16ea7a7415099931f463
XnView versions 1.98.5 and below suffer from an integer overflow and multiple heap overflows. Proof of concept code included.
a53978ad4291c2f8cc05cd080d4450326c680151562d6fb3c02dc79785c948d4
R4 versions 1.25 and below suffer from stack overflows, a heap overflow, and a directory traversal vulnerability.
a919dc7d26e3287c253dbb8f2c37dabb814060049330f4baed7bb506726bcdee
This Metasploit module exploits a stack based buffer overflow found in the SNMP NetDBServer service of Sunway Forcecontrol <= 6.1 sp3. The overflow is triggered when sending an overly long string to the listening service on port 2001.
e52f022e2ed545bd142274261056cd28d052302e65c42387b95414958583c89b
CyberLink PowerDVD versions 11.0.0.2114 and below suffer from a CLMSServerForPDVD11 endless loop vulnerability that causes a denial of service condition.
7d0e68679079bfb978714b203af8140ec4ff488706cde80173384c88da9a7d9c
Serv-U FTP versions 11.1.0.3 and below suffer from management console access and socket/port consumption vulnerabilities. Proof of concept exploits included.
d66a7c0b6fa771872a9519c0ee4f0b4332f0dbc91fe26559475ec9ee99abff9a
3S CoDeSys versions 3.4 SP4 Patch 2 and below suffer from integer overflow, stack overflow, folder creation and multiple NULL pointer vulnerabilities.
9f18a5df23671b7b00bdf05e10758b4e56ae625a309b1451df702bc5cf7e4932
Siemens Automation License Manager versions 500.0.122.1 and below suffer from code execution, exceptions, NULL pointer and file overwriting vulnerabilities.
e61451e125e77cab78837988677423da6fc75b4df2db952c026dc6b6bc139ab3
Siemens SIMATIC WinCC Flexible suffers from stack overflow, directory traversal, denial of service and arbitrary memory read access vulnerabilities.
ac12fa0c1d674d87df9e9af74d9ed93fa0067b7b9acdb1061dde4681e09149b1