This Metasploit module exploits a buffer overflow vulnerability found in ERS Viewer 2013. The vulnerability exists in the module ermapper_u.dll, where the function rf_report_error handles user provided data in a insecure way. It results in arbitrary code execution under the context of the user viewing a specially crafted .ers file. This Metasploit module has been tested successfully with ERS Viewer 2013 (versions 13.0.0.1151) on Windows XP SP3 and Windows 7 SP1.
34af08f8dddf30575d54f3ae715a7d1578f9f140985dc2fe0ec36bc406b9b344
This Metasploit module exploits a heap overflow found in InduSoft Web Studio <= 61.6.00.00 SP6. The overflow exists in the ISSymbol.ocx, and can be triggered with a long string argument for the InternationalSeparator() method of the ISSymbol control. This Metasploit modules uses the msvcr71.dll form the Java JRE6 to bypass ASLR.
f99bd99b5b541326375a269f30ae36cdabc7a1c18a150d0b60fb51908c7a78c6
This Metasploit module exploits a stack based buffer overflow found in the SNMP NetDBServer service of Sunway Forcecontrol <= 6.1 sp3. The overflow is triggered when sending an overly long string to the listening service on port 2001.
e52f022e2ed545bd142274261056cd28d052302e65c42387b95414958583c89b
This Metasploit module exploits a stack based buffer overflow found in Free MP3 CD Ripper 1.1. The overflow is triggered when an unsuspecting user opens a malicious WAV file.
52cabca82a0dfc73bbb6605dd7821e894d0813df5915d79ab56fae38896d2e89
This Metasploit module exploits a stack based buffer overflow found in Mini-Stream RM-MP3 Converter version 3.1.2.1. The overflow is triggered when an unsuspecting victim opens the malicious PLS file.
5ba000d57dfee2b89374d1cbe0fecbd7000e2d1a915017055f38009808d25ac1
This Metasploit module exploits a stack based buffer overflow found in Cytel Studio <= 9.0. The overflow is triggered during the copying of strings to a stack buffer of 256 bytes.
54cba2669ee78e390a6c7b20623fad6a9b5c9f2f49e59b8a55adc94afd84b482
This Metasploit module exploits a buffer overflow vulnerability found in Freeamp 2.0.7. The overflow occurs when an overly long string is parsed in the FAT file. This Metasploit module creates a txt file that has to be used in the creation of a FAT file. The FAT file then has to be imported as a theme. To create the FAT file you need to first decompress the basic theme template, MakeTheme -d freeamp.fat. Next create the new FAT file MakeTheme crash.fat theme.xml title.txt *.bmp.
6dfcaf1f8aff9ad6e428e3ae8e6f8b05df47336a37bbdba3dccbb68f5018292e
This Metasploit module exploits a buffer overflow vulnerability found in ABBS Electronic Flash Cards 2.1. The overflow occurs when an overly long string is passed in the fcd file. To execute this fcd file the victim has to start to start a new "random" test.
c4c8fb668311f736f3f219c385663db82dcd5d5a1b34b3619a99750fd3157744
This Metasploit module exploits a buffer overflow vulnerability found in ABBS Audio Media Player 3.0. The overflow occurs when an overly long string is passed in the lst file.
d9fb150c2b6446ec8d7abefc95849ea999085081199ed402a25c9a6ce1c1d893
This Metasploit module exploits a stack-based buffer overflow in Coolplayer 2.19.2. An attacker must send the file to the victim and the victim must open the file.
4fa34d7392fad5b678e8641e583fd02a70a5451d1be5f8cb433baf14918a66ed
This Metasploit module exploits a buffer overflow found in the USER command of the Freefloat FTP server.
83050b2ae9a498d4b2dee290bea7b8b5e1691b9b2f6a37bf1fb092b5f7e82557
This Metasploit module exploits a vulnerability found in MicroP 0.1.1.1600. A stack-based buffer overflow occurs when the content of a .mppl file gets copied onto the stack, which overwrites the lpFileName parameter of a CreateFileA() function, and results arbitrary code execution under the context of the user.
b38680eb006525e9820e7caba2e72ab45959e143c9dd1b0ffa556dd94db56f7b
This Metasploit module exploits a stack-based buffer overflow in Word Builder 1.0. An attacker must send the file to the victim and the victim must open the file.
4f09a8ce134a573e331adcdbf613031d7114055b816c39ca90f77e2dcf04af54
This Metasploit module exploits a stack-based buffer overflow in WordTrainer v3.0. An attacker must send the file to the victim and the victim must open the file.
4b130c06b595a1aebefacbea1f6ece05881fbb447f2e8142076d4f04b9a70ea4
This Metasploit module exploits a buffer overflow in Fat Player 0.6b. When the application is used to import a specially crafted wav file, a buffer overflow occurs allowing arbitrary code execution.
7b207e157e03544e160929ab34671bcd3b540a6779b07f615673383d33fa2fef
SnackAmp version 3.1.38 suffers from a malicious SMP file buffer overflow vulnerability.
b0647eee84c404bf6b8cfae6efeed412ec21de6cece8f7246ebbed25b423ffd0
SnackAmp version 3.1.2 malicious .smp file buffer overflow SEH exploit.
54208ececb82cce17b31786b18bae9ed8790a67e37a93bf876e49f5952ff193d
SnackAmp version 3.1.2 malicious .wav file buffer overflow proof of concept exploit.
9de35ac225450d1980e8e7e2f5e041b4c216fc546b52e70e96aff451af463482