Proof of concept exploit for F.E.A.R. versions 1.08 and below which suffer from a format string vulnerability.
d1b6b93c95f0b3a4b38fd9945a72cae4ac0408e38ab8a8f36aa0f171385e8408
F.E.A.R. versions 1.08 and below suffer from a format string vulnerability.
5a3ae6829417ebafb433a8109610f450449ce54874fd8f5bb2eba64616e0dae1
Proof of concept exploit for America's Army and America's Army Special Forces versions 2.8.2 and below which suffer from an unexploitable buffer overflow.
334781e68742707eb85ce9b87aeede86584fb879c9100deab7b9252eac48297f
America's Army and America's Army Special Forces versions 2.8.2 and below suffer from an unexploitable buffer overflow.
93f589c8649020d44c1851760c501198c88aa465a8b5433b3a8af7f8504842eb
Proof of concept exploit for the Doom 3 engine which suffers from a format string vulnerability. Doom 3 versions 1.3.1 and below, Quake 4 versions 1.4.2 and below, and Prey versions 1.3 and below are affected.
8965710a6776cfacfd5cf5bbf2f47538f425a3446539135edc7ed500990bc20d
The Doom 3 engine suffers from a format string vulnerability. Doom 3 versions 1.3.1 and below, Quake 4 versions 1.4.2 and below, and Prey versions 1.3 and below are affected.
5add87e52c9165b5db8bfc3d778ab494d2521074aba0899eeaacac41efb9613f
FSD versions 2.052 d9 and below and 3.000 d9 and below suffer from multiple buffer overflow vulnerabilities.
0e03c4f50e37b4872d1e424c1a7d31bb3ca550194c21022ab7da4196ba4b71f4
This paper aims to present a methodical framework for high-level reverse engineering. The methodology is a culmination of existing tools and techniques within the IT security research community, which presents ways to identify process operation at a higher-level of abstraction than traditional binary reversing.
abcb990c2920f9711a6e32d5fa3b2b47b71fd2a9d56afa4bf284c61f866209d2
smbftpd version 0.96 SMBDirList-function remote format string exploit that binds a TCP shell to port 4444.
7cd227498cd3b6732f3ce379d3646174ad78a79fe9814dbde04896faa85140d1
php wcms XT version 0.0.7 suffers from multiple remote file inclusion vulnerabilities.
ccd06dee9d2258b7fbad0c1e961d62e0092e8bdccb7c461888eb5e82f076f2a0
Segue CMS versions 1.8.4 and below suffer from a remote file inclusion vulnerability in index.php.
829cf979930babc05d10b3f50258a03ae8561ba8f54885d8561cf1cfa1621df4
PHP-Fusion module Expanded Calendar 2.x remote SQL injection exploit.
786a41f0f5e5ab6c2ba13842380a45c90b058300a2358b55583a20d9338486af
actSite version 1.991 Beta suffers from a remote file inclusion vulnerability in base.php.
96949a2af38725f62636cc792cde9190c463a5c730b22667f40208d4e43ba2b8
actSite version 1.56 suffers from a local file inclusion vulnerability in news.php.
c51fcebfec9b333edfc4c2d1aa8ded952c826193226cd3f476e683aedd161fca
CyberLink PowerDVD CLAVSetting module arbitrary remote rewrite denial of service exploit.
dc99ac5c0ba7789ad4c2e98c65ba7f59a828327c71d0b166f22e8d6ecd713169
EDraw Office Viewer component version 5.3 FtpDownloadFile() remote buffer overflow exploit.
8466056bbfa6ce59554769f1c6a8152f5551d8d11814e62bc11260f378f2a1a0
Gentoo Linux Security Advisory GLSA 200709-18 - Masahiro Yamada found that from the 2.17.1 version, Bugzilla does not properly sanitize the content of the buildid parameter when filing bugs. The next two vulnerabilities only affect Bugzilla 2.23.3 or later, hence the stable Gentoo Portage tree does not contain these two vulnerabilities: Loic Minier reported that the Email::Send::Sendmail() function does not properly sanitize from email information before sending it to the -f parameter of /usr/sbin/sendmail, and Frederic Buclin discovered that the XML-RPC interface does not correctly check permissions in the time-tracking fields. Versions less than 3.0.1 are affected.
189c5de88657acf5a69a2efd59783f92ed201f4766dc696eb088ef0664987fc2
Secunia Security Advisory - Some vulnerabilities have been reported in GroupLink eHelpDesk, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.
6e86b72468f77274477092d83037513233c89184c0577dc26f781afc0acc3baf
Secunia Security Advisory - Gentoo has issued an update for bugzilla. This fixes some vulnerabilities and a security issue, which can be exploited by malicious users to inject shell commands, and by malicious people to conduct cross-site scripting attacks and to disclose potentially sensitive information.
bfbe1f4401a0f1fd04a44bfa9b1b29df32a2e7aec3b0657e5e6ed3ff018e344d
Secunia Security Advisory - SUSE has issued updates for multiple packages. This fixes some security issues and vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, by malicious users to cause a DoS (Denial of Service), bypass certain security restrictions, gain escalated privileges, and compromise a vulnerable system, and by malicious people to cause a DoS or compromise a vulnerable system.
a4bad3cb92a51daba3406651d28c2c2f19bcb7227bef163f69588f331347277b
Secunia Security Advisory - Fedora has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information.
4c0f1df9397556005387ff4e9efe213becce3be9f6dba5212fa85ffd7c3b81c3
Secunia Security Advisory - Fedora has issued an update for t1lib. This fixes a vulnerability, which can be exploited by malicious users to potentially compromise a vulnerable system.
26c414f7a2333a2b8a10244f6dc98e164eaf4b04c70e1a796e817480f84df529
Secunia Security Advisory - Guy Mizrahi has discovered a vulnerability in FeedReader, which can be exploited by malicious people to conduct script insertion attacks.
e76544169e28953b6b7b972ae09bd94b24ef8885a2378bc09af9138a00ee2520
Secunia Security Advisory - A vulnerability has been reported in XOOPS, which potentially can be exploited by malicious people to compromise a vulnerable system.
e21a8be413b26e37fa474fead70974e69870867670af63a25d8d7eab459a7cb1
Secunia Security Advisory - A weakness has been reported in Pidgin, which can be exploited by malicious people to cause a DoS (Denial of Service).
f18ed857795c649d4aec2b1e454e1eb59ba5698a08f3aa075ae058c590e424da