Microsoft Edge suffers from an out-of-bounds read in CInputDateTimeScrollerElement::_SelectValueInternal. The vulnerability has been confirmed on Windows 10 Enterprise 64-bit (OS version 1607, OS build 14393.1198) and Microsoft Edge 38.14393.1066.0, Microsoft EdgeHTML 14.14393.
ae106588351f60c9e1078c6cf7ad219eThere is a use-after-free vulnerability in Microsoft Edge that can lead to memory disclosure. The vulnerability has been confirmed on Windows 10 Enterprise 64-bit (OS version 1607, OS build 14393.1198), Microsoft Edge 38.14393.1066.0, Microsoft EdgeHTML 14.14393.
94db0de217892edc8b973671be6ef85bDemystifying Windows Kernel Exploitation by Abusing GDI Objects. This has the Windows 7 SP1 x86 exploit demonstrated at Defcon 25.
52d4377ede9d242df50d7a38f59a4d4dFormat Factory version 4.1.0 suffers from a dll hijacking vulnerability.
2f6a638827053943fd37ecf80b624a93VirtualBox suffers from a privilege escalation vulnerability due to a windows process DLL UNC path signature bypass vulnerability.
b7b24727a13df6c61f230dfaf8caa4b7VirtualBox suffers from a privilege escalation vulnerability due to a windows process DLL signature bypass vulnerability.
e1476610f1872866ca63ea58ddd4a886Microsoft Windows 10 Pro SMBLoris denial of service exploit that takes down a fully patched system with 8 gigs of ram in less than 10 seconds.
58282a71fd20dab619fc61945f200983This Metasploit module exploits a vulnerability in the handling of Windows Shortcut files (.LNK) that contain a dynamic icon, loaded from a malicious DLL. This vulnerability is a variant of MS15-020 (CVE-2015-0096). The created LNK file is similar except in an additional SpecialFolderDataBlock is included. The folder ID set in this SpecialFolderDataBlock is set to the Control Panel. This is enough to bypass the CPL whitelist. This bypass can be used to trick Windows into loading an arbitrary DLL file.
63ff862692b9e1b52aec2b632659c94eSpider Player version 2.5.3 suffers from a dll hijacking vulnerability.
af72530d6843a4b774d276db0bacc5c4FTP Commander version 8.02 suffers from a dll hijacking vulnerability.
7c3e0cb6cc1e25e5777d095f3a52b663Razer Synapse versions 2.20.15.1104 and below suffer from multiple dll search order hijacking vulnerabilities.
091119bbcde2837ddbc5f36184c2e788Bittorrent versions 7.10.0.43581 and below suffer from an installer dll search order hijacking vulnerability.
0b8e85295c184e98cb13d0b7cfdbc839MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
0e22b573c08233276dd4687d9fddb649This Metasploit module connects to a specified Metasploit RPC server and uses the 'console.write' procedure to execute operating system commands. Valid credentials are required to access the RPC interface. This Metasploit module has been tested successfully on Metasploit 4.15 on Kali 1.0.6; Metasploit 4.14 on Kali 2017.1; and Metasploit 4.14 on Windows 7 SP1.
b76c5685a0298b752e8aaaf4f214e190Apple Security Advisory 2017-07-19-7 - iCloud for Windows 6.2.2 is now available and addresses information disclosure, code execution, and various other vulnerabilities.
4f380c77e8e99020d7e7e86a74e6ebaeMicrosoft Windows 7 SP1 x86 GDI palette objects local privilege escalation exploit that leverages the vulnerability as described in MS17-017.
ab4d0df9332bcf2c1c566cf56cc2b9abWireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
bb81d0ecf3a8ed46bedfaeae6fd318a8Microsoft Internet Explorer suffers from a memory corruption vulnerability in CMarkup::DestroySplayTree. The bug was confirmed on IE version 11.0.9600.18617 (Update version 11.0.40) running on Windows 7 64-bit.
cdc2215843df74b066e451921f6fea5cThe Microsoft Windows kernel suffers from a nsiproxy/netio pool memory disclosure vulnerability in the handling of IOCTL 0x120007 (NsiGetParameter).
5fb0a00432c51065a4d436704124521cMicrosoft Windows has a bad fix for the COM session moniker that can allow for elevation of privilege.
3415ad73c8d69869f7f6b54856151c87Microsoft Windows versions 7, 8.1, 2008 R2, 2012 R2, and 2016 R2 EternalBlue SMB remote code execution exploit that leverages the issue noted in MS17-0101.
a8dcb06deac0f2e6a77e10a458a2c807Microsoft .NET Framework version 4.7 suffers from dll hijacking vulnerabilities.
5b1e4d178e8382d65a9f6aa04db6bba5Microsoft Machine Debug Manager (mdm) suffers from dll hijacking vulnerabilities.
3c06775c91214d9d0ce304e8f6548704Microsoft Office Patch Installer suffers from dll hijacking vulnerabilities.
2b690a8c242cf48c547db68a1f8c4cd8This Metasploit module exploits a use-after-free vulnerability in the handling of SSL NDMP connections in Veritas/Symantec Backup Exec's Remote Agent for Windows. When SSL is re-established on a NDMP connection that previously has had SSL established, the BIO struct for the connection's previous SSL session is reused, even though it has previously been freed. This Metasploit module supports 3 specific versions of the Backup Exec agent in the 14, 15 and 16 series on 64-bit and 32-bit versions of Windows and has been tested from Vista to Windows 10.
655876964f7bb9a52e889ac3edace35f
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed