Exploit the possiblities
Showing 1 - 12 of 12 RSS Feed

Files Date: 2017-10-14

Microsoft Edge Chakra StackScriptFunction::BoxState::Box Uninitialized Pointers
Posted Oct 14, 2017
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra accesses uninitialized pointers in StackScriptFunction::BoxState::Box.

tags | exploit
advisories | CVE-2017-11809
MD5 | 18e6e8dec6b5f143ccd448fce096def8
Microsoft Edge Chakra JIT Failed RegexHelper::StringReplace Call
Posted Oct 14, 2017
Authored by Google Security Research, lokihardt

The "String.prototype.replace" method can be inlined in the JIT process. So in the method, all the calls which may break the JIT assumptions must be invoked with updating "ImplicitCallFlags". But "RegexHelper::StringReplace" calls the replace function without updating the flag. Therefore it fails to detect if a user function was called.

tags | exploit
advisories | CVE-2017-11802
MD5 | 59bdc94ef54bad4cc587d3c9269d17cb
Microsoft Edge Chakra JIT Incorrect GenerateBailOut Calling Patterns
Posted Oct 14, 2017
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT compiler creates incorrect GenerateBailOut calling patterns.

tags | exploit
advisories | CVE-2017-11799
MD5 | 11f1ed6218c70a607f5e232014a97289
Microsoft Windows WLDP/MSHTML CLSID UMCI Bypass
Posted Oct 14, 2017
Authored by James Forshaw, Google Security Research

The enlightened lockdown policy check for COM Class instantiation can be bypassed in MSHTML hosts leading to arbitrary code execution on a system with UMCI enabled (e.g. Device Guard).

tags | exploit, arbitrary, code execution
advisories | CVE-2017-11823
MD5 | 1b2d4d07eba9dc0ac29034a6908021a0
Shadowsocks-libev 3.1.0 Command Execution
Posted Oct 14, 2017
Authored by Niklas Abel

Shadowsocks-libev version 3.1.0 suffers from a remote command execution vulnerability.

tags | exploit, remote
MD5 | 216d00d0c25d00e82c302e01f38cfc12
Shadowsocks Log Manipulation / Command Execution
Posted Oct 14, 2017
Authored by Niklas Abel

Several issues have been identified, which allow attackers to manipulate log files, execute commands and to brute force Shadowsocks with enabled autoban.py brute force detection. Brute force detection from autoban.py does not work with suggested tail command. The key of captured Shadowsocks traffic can be brute forced. The latest commit 2ab8c6b on Sep 6, 2017 is affected.

tags | exploit
MD5 | 9de7b90a6a2455d0d6785cdd0b80b810
AlienVault USM 5.4.2 Cross Site Request Forgery
Posted Oct 14, 2017
Authored by Julien Ahrens | Site rcesecurity.com

AlienVault USM version 5.4.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2017-14956
MD5 | 6e771ba0baa2d865a2bac29ab5c0ceb6
Opentext Documentum Content Server File Hijack / Privilege Escalation
Posted Oct 14, 2017
Authored by Andrey B. Panfilov

Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) does not properly validate input of the PUT_FILE RPC command which allows any authenticated user to hijack arbitrary file from the Content Server filesystem. Because some files on the Content Server filesystem are security-sensitive this security flaw leads to privilege escalation.

tags | exploit, arbitrary
advisories | CVE-2017-15012
MD5 | 58c1b1e2a0aa3b4d86d6fb406b6bfe31
Opentext Documentum Content Server Privilege Escalation
Posted Oct 14, 2017
Authored by Andrey B. Panfilov

Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) contains a design gap that allows any authenticated user the ability to replace content of security-sensitive dmr_content objects (for example, dmr_content related to dm_method objects) and gain superuser privileges.

tags | exploit
advisories | CVE-2017-15013
MD5 | e969855a8deab50d08f621a22b9000c9
Opentext Documentum Content Server File Download
Posted Oct 14, 2017
Authored by Andrey B. Panfilov

Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) contains a design gap that allows authenticated user to download arbitrary content files regardless of the attacker's repository permissions.

tags | exploit, arbitrary
advisories | CVE-2017-15014
MD5 | 77919afb274537f00addfc4378c1136d
Opentext Documentum Content Server Privilege Escalation
Posted Oct 14, 2017
Authored by Andrey B. Panfilov

Opentext Documentum Content Server (formerly known as EMC Documentum Content Server) allows for privilege escalation via traversal attacks leveraged through uploaded tar files.

tags | exploit
advisories | CVE-2017-15276
MD5 | 27902a71e9682ee28a5fded33ce8cf58
Quick CMS 6.4 SQL Injection / Authentication Bypass
Posted Oct 14, 2017
Authored by M.R.S.L.Y

Quick CMS version 6.4 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | fcbaf3be8a8a4e01d28e4b92bd8b5631
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close