what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files from Yaniv Miron

Email addressprivate
First Active2008-05-09
Last Active2011-08-19
View User Profile
Microsoft Patch Analysis Presentation
Posted Aug 19, 2011
Authored by Yaniv Miron

Microsoft Patch Analysis presentation slides from Confidence 2010.

tags | paper
SHA-256 | 7ec969f7ce7dd6a082eb350a5cc69296faf9cf9787d943e97bba72f29e1d3c0a
Microsoft Windows CreateSizeDIBSECTION Stack Buffer Overflow
Posted Feb 10, 2011
Authored by Yaniv Miron, jduck, Moti, Xu Hao | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in the handling of thumbnails within .MIC files and various Office documents. When processing a thumbnail bitmap containing a negative 'biClrUsed' value, a stack-based buffer overflow occurs. This leads to arbitrary code execution. In order to trigger the vulnerable code, the folder containing the document must be viewed using the "Thumbnails" view.

tags | exploit, overflow, arbitrary, code execution
advisories | CVE-2010-3970, OSVDB-70263
SHA-256 | ff0746ba8e2fc6963fae334d5cae3d633461ec95d7ca6d6099761907cf4797c4
iDEFENSE Security Advisory 2011-02-08.1
Posted Feb 8, 2011
Authored by iDefense Labs, Yaniv Miron, Kobi Pariente | Site idefense.com

iDefense Security Advisory 02.08.11 - Remote exploitation of a buffer overflow vulnerability in multiple versions of Microsoft Corp.'s Windows could allow attackers to execute arbitrary code on the targeted host. An integer overflow vulnerability exists in the "shimgvw" library. During the processing of an image within a certain function, a bitmap containing a large "biWidth" value can be used to cause an integer calculation overflow. This condition can lead to the overflow of a heap buffer and may result in the execute arbitrary code on the targeted host.

tags | advisory, remote, overflow, arbitrary
systems | windows
advisories | CVE-2011-3970
SHA-256 | f6124a1b8cbfad6d5655d8dd9b8857fd339410ce72f7e673b15b3fbb4d62778c
Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow
Posted Jan 5, 2011
Authored by Yaniv Miron, jduck, Moti, Xu Hao | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in the handling of thumbnails within .MIC files and various Office documents. When processing a thumbnail bitmap containing a negative 'biClrUsed' value, a stack-based buffer overflow occurs. This leads to arbitrary code execution. In order to trigger the vulnerable code, the folder containing the document must be viewed using the "Thumbnails" view.

tags | exploit, overflow, arbitrary, code execution
advisories | CVE-2010-3970, OSVDB-70263
SHA-256 | 324a4cf6708fa3e2e4a6d04a2e921ca6490b4047ccd7b0dfca5643c50afc11c8
Aris AGX agXchange ESM Open Redirection
Posted Mar 22, 2010
Authored by Yaniv Miron

The Aris AGX agXchange ESM safety submissions module suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 2c9de39e17d4804bef609db851591fe352f2c6759ab33b6236daaa76c6ef0832
IBM Lotus 6.x HTTP Response Splitting
Posted Mar 20, 2010
Authored by Yaniv Miron

IBM Lotus version 6.x suffers from a HTTP response splitting vulnerability.

tags | exploit, web
SHA-256 | eb17a890d0e369f28679e022d3d6d0ec5c394507a4192671f18179c81f926f67
Friendly-Tech FriendlyTR69 2.8.9 SQL Injection
Posted Mar 10, 2010
Authored by Yaniv Miron

Friendly-Tech FriendlyTR69 CPE remote management version 2.8.9 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 58ccac000cdd3134afda51cec0b760989d3af73eaba4ecc1194b1016dcfa7bd1
IBM ENOVIA SmarTeam 5 Cross Site Scripting
Posted Mar 9, 2010
Authored by Yaniv Miron

IBM ENOVIA SmarTeam version 5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2a2209931b1ffd42b7662b43ba4d47eb79ceb56b8533c08525649d627220dac8
Sparta Systems TrackWise TeamAccess Cross Site Scripting
Posted Mar 3, 2010
Authored by Yaniv Miron

The Sparta Systems TrackWise TeamAccess module suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 52aeca03b84206b3c2b015722e3fbbb96730fc996397f673d8eb9f960cfe130d
Eshbel Priority MarketGate Cross Site Scripting
Posted Mar 3, 2010
Authored by Yaniv Miron

Eshbel Priority MarketGate module suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ba1eb4771be17163701c33bc9cd1834c5df42518f2f7cfe06aaa3c6efd2d9e92
Oracle Siebel 7.x CRM Cross Site Scripting
Posted Mar 1, 2010
Authored by Yaniv Miron

Oracle Siebel CRM version 7.x suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d9b8d785baaec4c817bb1fc5be6e354ef43d9a6c8da1f1bffdc2b704fbf65d0b
ARISg5 5.0 Cross Site Scripting
Posted Feb 27, 2010
Authored by Yaniv Miron

ARISg5 version 5.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c5198d5f0e7e3bc211bc96fbfda873a31bfed02e818bcd04d6b3f10e9eec1edf
apache-utf7xss.txt
Posted May 9, 2008
Authored by Yaniv Miron, Yossi Yakubov

Apache versions 2.2.x and 1.3.x suffer from a cross site scripting vulnerability leveraging UTF-7 encoding on 403 forbidden pages.

tags | exploit, xss
SHA-256 | 8fffd3a81ffabcbd3507f0163054297820bd7db26ac5b1589bffae4cacbe171d
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close