This Metasploit module exploits a buffer overflow vulnerability found in ERS Viewer 2013. The vulnerability exists in the module ermapper_u.dll, where the function rf_report_error handles user provided data in a insecure way. It results in arbitrary code execution under the context of the user viewing a specially crafted .ers file. This Metasploit module has been tested successfully with ERS Viewer 2013 (versions 13.0.0.1151) on Windows XP SP3 and Windows 7 SP1.
34af08f8dddf30575d54f3ae715a7d1578f9f140985dc2fe0ec36bc406b9b344This Metasploit module exploits a heap overflow found in InduSoft Web Studio <= 61.6.00.00 SP6. The overflow exists in the ISSymbol.ocx, and can be triggered with a long string argument for the InternationalSeparator() method of the ISSymbol control. This Metasploit modules uses the msvcr71.dll form the Java JRE6 to bypass ASLR.
f99bd99b5b541326375a269f30ae36cdabc7a1c18a150d0b60fb51908c7a78c6This Metasploit module exploits a stack based buffer overflow found in the SNMP NetDBServer service of Sunway Forcecontrol <= 6.1 sp3. The overflow is triggered when sending an overly long string to the listening service on port 2001.
e52f022e2ed545bd142274261056cd28d052302e65c42387b95414958583c89bThis Metasploit module exploits a stack based buffer overflow found in Free MP3 CD Ripper 1.1. The overflow is triggered when an unsuspecting user opens a malicious WAV file.
52cabca82a0dfc73bbb6605dd7821e894d0813df5915d79ab56fae38896d2e89This Metasploit module exploits a stack based buffer overflow found in Mini-Stream RM-MP3 Converter version 3.1.2.1. The overflow is triggered when an unsuspecting victim opens the malicious PLS file.
5ba000d57dfee2b89374d1cbe0fecbd7000e2d1a915017055f38009808d25ac1This Metasploit module exploits a stack based buffer overflow found in Cytel Studio <= 9.0. The overflow is triggered during the copying of strings to a stack buffer of 256 bytes.
54cba2669ee78e390a6c7b20623fad6a9b5c9f2f49e59b8a55adc94afd84b482This Metasploit module exploits a buffer overflow vulnerability found in Freeamp 2.0.7. The overflow occurs when an overly long string is parsed in the FAT file. This Metasploit module creates a txt file that has to be used in the creation of a FAT file. The FAT file then has to be imported as a theme. To create the FAT file you need to first decompress the basic theme template, MakeTheme -d freeamp.fat. Next create the new FAT file MakeTheme crash.fat theme.xml title.txt *.bmp.
6dfcaf1f8aff9ad6e428e3ae8e6f8b05df47336a37bbdba3dccbb68f5018292eThis Metasploit module exploits a buffer overflow vulnerability found in ABBS Electronic Flash Cards 2.1. The overflow occurs when an overly long string is passed in the fcd file. To execute this fcd file the victim has to start to start a new "random" test.
c4c8fb668311f736f3f219c385663db82dcd5d5a1b34b3619a99750fd3157744This Metasploit module exploits a buffer overflow vulnerability found in ABBS Audio Media Player 3.0. The overflow occurs when an overly long string is passed in the lst file.
d9fb150c2b6446ec8d7abefc95849ea999085081199ed402a25c9a6ce1c1d893This Metasploit module exploits a stack-based buffer overflow in Coolplayer 2.19.2. An attacker must send the file to the victim and the victim must open the file.
4fa34d7392fad5b678e8641e583fd02a70a5451d1be5f8cb433baf14918a66edThis Metasploit module exploits a buffer overflow found in the USER command of the Freefloat FTP server.
83050b2ae9a498d4b2dee290bea7b8b5e1691b9b2f6a37bf1fb092b5f7e82557This Metasploit module exploits a vulnerability found in MicroP 0.1.1.1600. A stack-based buffer overflow occurs when the content of a .mppl file gets copied onto the stack, which overwrites the lpFileName parameter of a CreateFileA() function, and results arbitrary code execution under the context of the user.
b38680eb006525e9820e7caba2e72ab45959e143c9dd1b0ffa556dd94db56f7bThis Metasploit module exploits a stack-based buffer overflow in Word Builder 1.0. An attacker must send the file to the victim and the victim must open the file.
4f09a8ce134a573e331adcdbf613031d7114055b816c39ca90f77e2dcf04af54This Metasploit module exploits a stack-based buffer overflow in WordTrainer v3.0. An attacker must send the file to the victim and the victim must open the file.
4b130c06b595a1aebefacbea1f6ece05881fbb447f2e8142076d4f04b9a70ea4This Metasploit module exploits a buffer overflow in Fat Player 0.6b. When the application is used to import a specially crafted wav file, a buffer overflow occurs allowing arbitrary code execution.
7b207e157e03544e160929ab34671bcd3b540a6779b07f615673383d33fa2fefSnackAmp version 3.1.38 suffers from a malicious SMP file buffer overflow vulnerability.
b0647eee84c404bf6b8cfae6efeed412ec21de6cece8f7246ebbed25b423ffd0SnackAmp version 3.1.2 malicious .smp file buffer overflow SEH exploit.
54208ececb82cce17b31786b18bae9ed8790a67e37a93bf876e49f5952ff193dSnackAmp version 3.1.2 malicious .wav file buffer overflow proof of concept exploit.
9de35ac225450d1980e8e7e2f5e041b4c216fc546b52e70e96aff451af463482
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed