exploit the possibilities
Showing 1 - 13 of 13 RSS Feed

Files Date: 2020-01-10

Android ashmem Read-Only Bypasses
Posted Jan 10, 2020
Authored by Jann Horn, Google Security Research

Android suffers from ashmem read-only bypass vulnerabilities via remap_file_pages() and ASHMEM_UNPIN.

tags | exploit, vulnerability
advisories | CVE-2020-0009
MD5 | 1ce1f492c6697220a1377f632e2b8f79
WeChat CAudioJBM::InputAudioFrameToJBM Memory Corruption
Posted Jan 10, 2020
Authored by Google Security Research, natashenka

There is a memory corruption vulnerability in audio processing during a voice call in WeChat. When an RTP packet is processed, there is a call to UnpacketRTP. This function decrements the length of the packet by 12 without checking that the packet has at least 12 bytes in it. This leads to a negative packet length. Then, CAudioJBM::InputAudioFrameToJBM will check that the packet size is smaller than the size of a buffer before calling memcpy, but this check (n < 300) does not consider that the packet length could be negative due to the previous error. This leads to an out-of-bounds copy.

tags | exploit
MD5 | d5e852c27b43a4bc7e13605282d84e25
Debian Security Advisory 4601-1
Posted Jan 10, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4601-1 - It was discovered that a hook script of ldm, the display manager for the Linux Terminal Server Project incorrectly parsed responses from an SSH server which could result in local root privilege escalation.

tags | advisory, local, root
systems | linux, debian
MD5 | 693cc7f45920414191581d78799f2d01
ASTPP 4.0.1 Database Disclosure
Posted Jan 10, 2020
Authored by Fabien Aunay

ASTPP version 4.0.1 VoIP billing suffers from a database backup disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 8624082f784690fbd7d31d7ec3b9d239
Bitdefender Malformed Archive Bypass
Posted Jan 10, 2020
Authored by Thierry Zoller

The parsing engine for various Bitdefender products supports the RAR archive format. The parsing engine can be bypassed by specifically manipulating an RAR Archive (HOST_OS) so that it can be accessed by an end-user but not the anti-virus software. The AV engine is unable to scan the archive and issues the file a "clean" rating.

tags | advisory, virus
MD5 | 81a8ef5675cb81458a3c0622ae1d3bb8
PixelStor 5000 K:4.0.1580-20150629 Remote Code Execution
Posted Jan 10, 2020
Authored by .:UND3R:.

PixelStor 5000 version K:4.0.1580-20150629 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-6756
MD5 | a25a7c1c7a2a32aecbb09985ec496a36
Pandora 7.0NG Remote Code Execution
Posted Jan 10, 2020
Authored by Askar

Pandora version 7.0NG suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-20224
MD5 | 4add4410c9b8848969b49b4f3912a4c2
Ubuntu Security Notice USN-4234-1
Posted Jan 10, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4234-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass Content Security Policy restrictions, conduct cross-site scripting attacks, or execute arbitrary code.

tags | advisory, denial of service, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2019-17016, CVE-2019-17023
MD5 | 1a51e76c4ef522241e5832bf35b5dcac
TotalAV 2020 4.14.31 Privilege Escalation
Posted Jan 10, 2020
Authored by Kusol Watchara-Apanukorn

TotalAV 2020 version 4.14.31 suffers from a privilege escalation vulnerability.

tags | exploit
MD5 | fa745ef8d8c4c3ce7882248588396e62
Kaspersky Generic Archive Bypass
Posted Jan 10, 2020
Authored by Thierry Zoller

The parsing engine in various Kaspersky products supports the ZIP archive format. The parsing engine can be bypassed by specifically manipulating an ZIP Archive (Compression Size Flag) so that it can be accessed by an end-user but not the Anti-Virus software. The AV engine is unable to scan the container and gives the file a "clean" rating.

tags | advisory, virus
MD5 | 8c75c890b3117a95e00edfc1d15eba80
Backup Key Recovery 2.2.5 Denial Of Service
Posted Jan 10, 2020
Authored by Ismail Tasdelen

Backup Key Recovery version 2.2.5 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | dd7242a8376ece8d62759212b744fdb0
Microsoft Windows 10 Local Privilege Escalation
Posted Jan 10, 2020
Authored by Nassim Asrir

Microsoft Windows 10 UAC bypass local privilege escalation exploit.

tags | exploit, local, bypass
systems | windows
MD5 | 16db619cfe3e07e3c53b9e243f5882b4
Launcher Execution Mitigation Patch
Posted Jan 10, 2020
Authored by Enrico Weigelt

This patch mitigates allowing launcher the ability to execute arbitrary programs.

tags | arbitrary, patch
systems | unix
MD5 | d0e094be8a12f022f64cbd5e9ac858ac
Page 1 of 1
Back1Next

File Archive:

November 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    2 Files
  • 2
    Nov 2nd
    9 Files
  • 3
    Nov 3rd
    15 Files
  • 4
    Nov 4th
    90 Files
  • 5
    Nov 5th
    22 Files
  • 6
    Nov 6th
    16 Files
  • 7
    Nov 7th
    1 Files
  • 8
    Nov 8th
    1 Files
  • 9
    Nov 9th
    40 Files
  • 10
    Nov 10th
    27 Files
  • 11
    Nov 11th
    28 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    18 Files
  • 14
    Nov 14th
    2 Files
  • 15
    Nov 15th
    2 Files
  • 16
    Nov 16th
    29 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    15 Files
  • 19
    Nov 19th
    21 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    19 Files
  • 24
    Nov 24th
    32 Files
  • 25
    Nov 25th
    9 Files
  • 26
    Nov 26th
    11 Files
  • 27
    Nov 27th
    15 Files
  • 28
    Nov 28th
    9 Files
  • 29
    Nov 29th
    2 Files
  • 30
    Nov 30th
    17 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close