exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2020-01-17 to 2020-01-18

Trend Micro Security (Consumer) Arbitrary Code Execution
Posted Jan 17, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Trend Micro Security can potentially allow an attacker to use a malicious program to escalate privileges to SYSTEM integrity and obtain persistence on a vulnerable system.

tags | exploit
advisories | CVE-2019-20357
SHA-256 | e85735c3e297446cefa2f372abec28e211d0a44ffa2d1cc7c2afff07bd24cd6b
Trend Micro Security 2019 Security Bypass Protected Service Tampering
Posted Jan 17, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Trend Micro Maximum Security is vulnerable to arbitrary code execution as it allows for creation of registry key to target a process running as SYSTEM. This can allow a malware to gain elevated privileges to take over and shutdown services that require SYSTEM privileges like Trend Micros "Asmp" service "coreServiceShell.exe" which does not allow Administrators to tamper with them. This could allow an attacker or malware to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. Note administrator privileges are required to exploit this vulnerability.

tags | exploit, arbitrary, registry, code execution
advisories | CVE-2019-19697
SHA-256 | 2bef0a7498592f26d2748979ed451cc8771185733de0a4a4c86834cf8e60b081
Common Desktop Environment 2.3.1 Buffer Overflow
Posted Jan 17, 2020
Authored by Marco Ivaldi

A buffer overflow in the CheckMonitor() function in the Common Desktop Environment 2.3.1 and earlier and 1.6 and earlier, as distributed with Oracle Solaris 10 1/13 (Update 11) and earlier, allows local users to gain root privileges via a long palette name passed to dtsession in a malicious .Xdefaults file. Note that Oracle Solaris CDE is based on the original CDE 1.x train, which is different from the CDE 2.x codebase that was later open sourced. Most notably, the vulnerable buffer in the Oracle Solaris CDE is stack-based, while in the open source version it is heap-based.

tags | exploit, overflow, local, root
systems | solaris
advisories | CVE-2020-2696
SHA-256 | d25b46d48230e23cf621654e72fc9113aa59c9c5cd75e5f0f889790d85edd1e5
Solaris xlock Information Disclosure
Posted Jan 17, 2020
Authored by Marco Ivaldi

A low impact information disclosure vulnerability in the setuid root xlock binary distributed with Solaris may allow local users to read partial contents of sensitive files. Due to the fact that target files must be in a very specific format, exploitation of this flaw to escalate privileges in a realistic scenario is unlikely.

tags | exploit, local, root, info disclosure
systems | solaris
advisories | CVE-2020-2656
SHA-256 | a03fb7575a6762318b5f522c1cd86e250b04e78f95dc0676d4b6ae90596cb912
Ubuntu Security Notice USN-4241-1
Posted Jan 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4241-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting attacks, or execute arbitrary code. It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2019-11745, CVE-2019-17011, CVE-2019-17012, CVE-2019-17016, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026
SHA-256 | a603d0f1422c63c0f865910e3f32286250ba5122b98aab03efc19e2e49087c05
Ubuntu Security Notice USN-4240-1
Posted Jan 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4240-1 - It was discovered that Kamailio incorrectly handled a specially crafted file. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-8828
SHA-256 | 7e0dc81479bfcc0c57300ca4406f4dac4dcc0a6fe0026c1ff5563c2693a3debc
WordPress Time Capsule 1.21.16 Authentication Bypass
Posted Jan 17, 2020
Authored by B. Canavate

WordPress Time Capsule plugin version 1.21.16 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | 86da555b42350aa16060d960061fde9cd81c6538aa8fdaaa89443612d1d88d61
GTalk Password Finder 2.2.1 Denial Of Service
Posted Jan 17, 2020
Authored by Ismail Tasdelen

GTalk Password Finder version 2.2.1 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 184769acddcba4b7da8b9827b611c276819e38e9e258de8913756bdc44c76ab9
WordPress InfiniteWP Client Authentication Bypass
Posted Jan 17, 2020
Authored by Raphael Karger

WordPress InfiniteWP Client plugin versions prior to 1.9.4.5 suffer from an authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | db0e9fdcc7fd8dd5eb2e720a3bbac3e66d6ef45436d0bd2833d7386ba00db410
Torrent FLV Converter 1.51 Build 117 Stack Overflow
Posted Jan 17, 2020
Authored by Antonio

Torrent FLV Converter version 1.51 Build 117 suffers from a stack overflow vulnerability.

tags | exploit, overflow
SHA-256 | 4c9f73fd027f78ea445632f6526334adbb2e12d4db21f42bb9ede94a818fc8bb
APKF Product Key Finder 2.5.8.0 Denial Of Service
Posted Jan 17, 2020
Authored by Ismail Tasdelen

APKF Product Key Finder version 2.5.8.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | f3f319133c9bdfeb656a8d117ac52f61f46e3c7e66e30d0f3c6abc1b5ed63786
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close