exploit the possibilities
Showing 1 - 25 of 223 RSS Feed

Operating System: Windows 7

ASX To MP3 Converter 3.1.3.7 Stack Overflow
Posted Oct 10, 2019
Authored by Maxim Guslyaev | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in ASX to MP3 converter 3.1.3.7. By constructing a specially crafted ASX file and attempting to convert it to an MP3 file in the application, a buffer is overwritten, which allows for running shellcode. Tested on: Microsoft Windows 7 Enterprise, 6.1.7601 Service Pack 1 Build 7601, x64-based PC Microsoft Windows 10 Pro, 10.0.18362 N/A Build 18362, x64-based PC.

tags | exploit, overflow, shellcode
systems | windows, 7
advisories | CVE-2017-15221
MD5 | 56c0508be45bebf5e6af39311de96c27
Apple Security Advisory 2019-10-07-4
Posted Oct 8, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-10-07-4 - iCloud for Windows 7.14 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.

tags | advisory, overflow, vulnerability, code execution, xss
systems | windows, apple, 7
advisories | CVE-2019-8625, CVE-2019-8707, CVE-2019-8719, CVE-2019-8726, CVE-2019-8733, CVE-2019-8735, CVE-2019-8745, CVE-2019-8763
MD5 | 674430b600662e944210bc20e841afd7
Microsoft Windows Internet Settings Security Feature Bypass
Posted Sep 17, 2019
Authored by Eduardo Braun Prado

Microsoft Windows suffers from an Internet Settings misconfiguration security feature bypass vulnerability. Versions affected include Windows 7 SP1, 8.0, 8.1 x86 and x64 with full patches up to July 2019.

tags | exploit, x86, bypass
systems | windows, 7
MD5 | ff0c1e4363db410575808afd701e6662
Microsoft Windows 7 Build 7601 (x86) Local Privilege Escalation
Posted Jul 26, 2019
Authored by ShivamTrivedi

Microsoft Windows 7 Build 7601 (x86) local privilege escalation exploit.

tags | exploit, x86, local
systems | windows, 7
advisories | CVE-2019-1132
MD5 | 871e209923431e6eedbcefcd950b86de
Apple Security Advisory 2019-7-23-1
Posted Jul 24, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-7-23-1 - iCloud for Windows 7.13 is now available and addresses code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | windows, apple, 7
advisories | CVE-2019-13118, CVE-2019-8644, CVE-2019-8649, CVE-2019-8658, CVE-2019-8666, CVE-2019-8669, CVE-2019-8671, CVE-2019-8672, CVE-2019-8673, CVE-2019-8676, CVE-2019-8677, CVE-2019-8678, CVE-2019-8679, CVE-2019-8680, CVE-2019-8681, CVE-2019-8683, CVE-2019-8684, CVE-2019-8685, CVE-2019-8686, CVE-2019-8687, CVE-2019-8688, CVE-2019-8689, CVE-2019-8690
MD5 | 96064e089020b42473b27575a18b6a66
Microsoft Windows NtUserSetWindowFNID Win32k User Callback
Posted Jul 16, 2019
Authored by ze0r, Jacob Robles, Kaspersky Lab | Site metasploit.com

An elevation of privilege vulnerability exists in Microsoft Windows when the Win32k component fails to properly handle objects in memory. This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This Metasploit module is tested against Windows 10 v1703 x86.

tags | exploit, x86
systems | windows, 7
advisories | CVE-2018-8453
MD5 | 410d26c4ad5d959638a9e5d77947143e
HC10 HC.Server Service 10.14 Remote Invalid Pointer Write
Posted Jun 17, 2019
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS if attackers can reach the service on port 8794. In addition this can potentially be leveraged for post exploit persistence with SYSTEM privileges, if physical access or malware is involved. If a physical attacker or malware can set its own program for the service failure recovery options, it can be used to maintain persistence. Afterwards, it can be triggered by sending a malicious request to DoS the service, which in turn can start the attackers recovery program. The attackers program can then try restarting the affected service to try an stay unnoticed by calling "sc start HCServerService". Services failure flag recovery options for "enabling actions for stops or errors" and can be set in the services "Recovery" properties tab or on the command line. Authentication is not required to reach the vulnerable service, this was tested successfully on Windows 7/10.

tags | exploit
systems | windows, 7
advisories | CVE-2019-12323
MD5 | d00190d41a9f1c0ea2c4f92ee9779c0d
Apple Security Advisory 2019-5-28-2
Posted May 29, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-5-28-2 - iCloud for Windows 7.12 is now available and addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | windows, apple, 7
advisories | CVE-2019-6237, CVE-2019-8571, CVE-2019-8577, CVE-2019-8583, CVE-2019-8584, CVE-2019-8586, CVE-2019-8587, CVE-2019-8594, CVE-2019-8595, CVE-2019-8596, CVE-2019-8597, CVE-2019-8598, CVE-2019-8600, CVE-2019-8601, CVE-2019-8602, CVE-2019-8607, CVE-2019-8608, CVE-2019-8609, CVE-2019-8610, CVE-2019-8611, CVE-2019-8615, CVE-2019-8619, CVE-2019-8622, CVE-2019-8623, CVE-2019-8628
MD5 | 74d63f98e99677f37543232c3d2f1639
Windows 7 / 8 LSASS Process Dump Shellcode
Posted May 12, 2019
Authored by Osanda Malith

Windows 7 and 8 LSASS process dumping shellcode for x86_64.

tags | shellcode
systems | windows, 7
MD5 | 6ea474b6dc51324c55fff0a04700b797
Chrome 72.0.3626.119 FileReader Use-After-Free
Posted May 8, 2019
Authored by Clement LECIGNE, timwr, Istvan Kurucsai | Site metasploit.com

This exploit takes advantage of a use after free vulnerability in Google Chrome 72.0.3626.119 running on Windows 7 x86. The FileReader.readAsArrayBuffer function can return multiple references to the same ArrayBuffer object, which can be freed and overwritten with sprayed objects. The dangling ArrayBuffer reference can be used to access the sprayed objects, allowing arbitrary memory access from Javascript. This is used to write and execute shellcode in a WebAssembly object. The shellcode is executed within the Chrome sandbox, so you must explicitly disable the sandbox for the payload to be successful.

tags | exploit, arbitrary, x86, javascript, shellcode
systems | windows, 7
advisories | CVE-2019-5786
MD5 | 1845174659a656cb293c5dd2f17fe75c
Apple Security Advisory 2019-3-25-6
Posted Mar 26, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-3-25-6 - iCloud for Windows 7.11 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.

tags | advisory, overflow, vulnerability, code execution, xss
systems | windows, apple, 7
advisories | CVE-2019-6201, CVE-2019-6232, CVE-2019-6236, CVE-2019-7285, CVE-2019-7292, CVE-2019-8503, CVE-2019-8506, CVE-2019-8515, CVE-2019-8518, CVE-2019-8523, CVE-2019-8524, CVE-2019-8535, CVE-2019-8536, CVE-2019-8542, CVE-2019-8544, CVE-2019-8551, CVE-2019-8556, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563
MD5 | 98634585031983c9f7d62cc137cb5956
Apple Security Advisory 2019-1-22-6
Posted Jan 23, 2019
Authored by Apple | Site apple.com

Apple Security Advisory 2019-1-22-6 - iCloud for Windows 7.10 is now available and addresses code execution and cross site scripting vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | windows, apple, 7
advisories | CVE-2018-20346, CVE-2018-20505, CVE-2018-20506, CVE-2019-6212, CVE-2019-6215, CVE-2019-6216, CVE-2019-6217, CVE-2019-6226, CVE-2019-6227, CVE-2019-6229, CVE-2019-6233, CVE-2019-6234
MD5 | b0d0f9d052deb479899f3c8c28becb98
Microsoft Windows VCF Arbitrary Code Execution
Posted Jan 22, 2019
Authored by Eduardo Braun Prado, hyp3rlinx

Microsoft Windows VCF or Contact file URL manipulation arbitrary code execution proof of concept exploit. Tested on Windows 7 SP1, 8.1, 10 v.1809 with full patches up to January 2019. Both x86 and x64 architectures were tested.

tags | exploit, arbitrary, x86, code execution, proof of concept
systems | windows, 7
MD5 | 094fed868f7fb979125879d67bb9e5a4
CyberLink LabelPrint 2.5 Stack Buffer Overflow
Posted Dec 11, 2018
Authored by modpr0be, f3ci | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in CyberLink LabelPrint 2.5 and below. The vulnerability is triggered when opening a .lpp project file containing overly long string characters via open file menu. This results in overwriting a structured exception handler record and take over the application. This Metasploit module has been tested on Windows 7 (64 bit), Windows 8.1 (64 bit), and Windows 10 (64 bit).

tags | exploit, overflow
systems | windows, 7
advisories | CVE-2017-14627
MD5 | acb856f3a5d193a4fad88b2e1c8c5548
Apple Security Advisory 2018-12-05-6
Posted Dec 6, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-12-05-6 - iCloud for Windows 7.9 is now available and addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | windows, apple, 7
advisories | CVE-2018-4437, CVE-2018-4438, CVE-2018-4439, CVE-2018-4440, CVE-2018-4441, CVE-2018-4442, CVE-2018-4443, CVE-2018-4464
MD5 | a97a5246cafb55557410d99f44605616
Microsoft VBScript rtFilter Out-Of-Bounds Read
Posted Nov 30, 2018
Authored by Ivan Fratric, Google Security Research

There is an out-of-bounds vulnerability in Microsoft VBScript in rtFilter. The vulnerability has been confirmed in Internet Explorer on Windows 7 with the latest patches applied.

tags | exploit
systems | windows, 7
advisories | CVE-2018-8552
MD5 | bb550cb6c47a76bff9745e2c8f95a914
Microsoft VBScript OLEAUT32!VariantClear / scrrun!VBADictionary::put_Item Use-After-Free
Posted Nov 30, 2018
Authored by Ivan Fratric, Google Security Research

There is a use-after-free vulnerability in Microsoft VBScript. The vulnerability has been confirmed in Internet Explorer on Windows 7 with the latest patches applied. There are possibly two vulnerabilities triggerable by the same proof of concept included.

tags | exploit, vulnerability, proof of concept
systems | windows, 7
advisories | CVE-2018-8544
MD5 | d336251c8030f4420eac4b15ed1e6a78
Apple Security Advisory 2018-10-30-12
Posted Oct 31, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-10-30-12 - iCloud for Windows 7.7 addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | windows, apple, 7
advisories | CVE-2018-4126, CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4311, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018-4323, CVE-2018-4328, CVE-2018-4345, CVE-2018-4347, CVE-2018-4358, CVE-2018-4359, CVE-2018-4360, CVE-2018-4361, CVE-2018-4412, CVE-2018-4414
MD5 | 05f0fe42cb1db54ee90c71b3eee85dfa
Apple Security Advisory 2018-10-30-7
Posted Oct 31, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-10-30-7 - iCloud for Windows 7.8 is now available and addresses code execution, cross site scripting, denial of service, and resource exhaustion vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss
systems | windows, apple, 7
advisories | CVE-2018-4372, CVE-2018-4373, CVE-2018-4374, CVE-2018-4375, CVE-2018-4376, CVE-2018-4377, CVE-2018-4378, CVE-2018-4382, CVE-2018-4386, CVE-2018-4392, CVE-2018-4398, CVE-2018-4409, CVE-2018-4416
MD5 | dbaa9f5688d41d9635ca398dd90b194b
Microsoft Windows SetImeInfoEx Win32k NULL Pointer Dereference
Posted Oct 19, 2018
Authored by unamer, Dhiraj Mishra, bigric3, Anton Cherepanov | Site metasploit.com

This Metasploit module exploits an elevation of privilege vulnerability that exists in Windows 7 and 2008 R2 when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploits this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This Metasploit module is tested against windows 7 x86, windows 7 x64 and windows server 2008 R2 standard x64.

tags | exploit, arbitrary, x86, kernel
systems | windows, 7
advisories | CVE-2018-8120
MD5 | 967e04838b302049cc237c549437ccec
Apple Security Advisory 2018-10-08-2
Posted Oct 9, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-10-08-2 - iCloud for Windows 7.7 is now available and addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | windows, apple, 7
advisories | CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4306, CVE-2018-4309, CVE-2018-4311, CVE-2018-4312, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018-4323, CVE-2018-4328, CVE-2018-4345, CVE-2018-4358, CVE-2018-4359, CVE-2018-4360, CVE-2018-4361
MD5 | 6ea4e06a91c7ab3be1a284ea0c10eab3
Delta Electronics Delta Industrial Automation COMMGR 1.08 Stack Buffer Overflow
Posted Oct 8, 2018
Authored by t4rkd3vilz, hubertwslin | Site metasploit.com

This Metasploit module exploits a stack based buffer overflow in Delta Electronics Delta Industrial Automation COMMGR 1.08. The vulnerability exists in COMMGR.exe when handling specially crafted packets. This Metasploit module has been tested successfully on Delta Electronics Delta Industrial Automation COMMGR 1.08 over Windows XP SP3, Windows 7 SP1, and Windows 8.1.

tags | exploit, overflow
systems | windows, xp, 7
advisories | CVE-2018-10594
MD5 | 6d71ad614ad723a5e3774b3af8fa38d7
Easy RM To MP3 Converter 2.6 Stack Buffer Overflow
Posted Aug 16, 2018
Authored by Mohammadali Mohammadi

Easy RM to MP3 Converter version 2.6 stack buffer overflow exploit for Windows 7.

tags | exploit, overflow
systems | windows, 7
MD5 | 3e5fc628c09315d1b9ac22be64dc475a
Apple Security Advisory 2018-7-9-6
Posted Jul 9, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-7-9-6 - iCloud for Windows 7.6 is now available and addresses code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | windows, apple, 7
advisories | CVE-2018-4261, CVE-2018-4262, CVE-2018-4263, CVE-2018-4264, CVE-2018-4265, CVE-2018-4266, CVE-2018-4267, CVE-2018-4270, CVE-2018-4271, CVE-2018-4272, CVE-2018-4273, CVE-2018-4278, CVE-2018-4284, CVE-2018-4293
MD5 | 4c7a8cb8cdb7a8d92fd35e21b2ad8e8e
Apple Security Advisory 2018-06-01-3
Posted Jun 4, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-06-01-3 - iCloud for Windows 7.5 is now available and addresses buffer overflow and code execution vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | windows, apple, 7
advisories | CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4199, CVE-2018-4200, CVE-2018-4201, CVE-2018-4204, CVE-2018-4214, CVE-2018-4218, CVE-2018-4222, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4232, CVE-2018-4233, CVE-2018-4246
MD5 | 999dbe8d5703eeccacecf6a7cec02222
Page 1 of 9
Back12345Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    25 Files
  • 17
    Oct 17th
    17 Files
  • 18
    Oct 18th
    7 Files
  • 19
    Oct 19th
    1 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close