This Metasploit module exploits an SEH buffer overflow in Disk Pulse Enterprise version 9.9.16. If a malicious user sends a crafted HTTP GET request it is possible to execute a payload that would run under the Windows NT AUTHORITY\SYSTEM account.
4357afe77b3f0d509c9cfa2b76ef1a5aThe Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtQueryCompositionSurfaceBinding.
73d3685f1e900f98c6cd4f3a23681176The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiHLSurfGetInformation.
ea7057c9591140087eed136016fbcd5aThe Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiDoBanding.
fe4029deb9c5251a89ca66ad88be9adcThe Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiEngCreatePalette.
83ee676927d72312fbb286ed64a835d8The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiGetFontResourceInfoInternalW.
61dc2229ecbf3b49ce1abc604e7d026dThe Microsoft Windows kernel win32k.sys TTF font processing suffers from an out-of-bounds read vulnerability with a malformed glyf table.
6641efba2930501968ff7f836aa362bcThe Microsoft Windows kernel win32k.sys TTF font procession functionality suffers from out-of-bounds read/write vulnerabilities.
aa8a1953e3c70722e1dd32b005aa020cThe Microsoft Windows kernel pool suffers from a memory disclosure vulnerability in nt!NtSetIoCompletion and nt!NtRemoveIoCompletion.
fd5025fc6a75cc5dbc1f54b354b0c2e7The Microsoft Windows kernel suffers from a memory disclosure in win32k!NtGdiGetPhysicalMonitorDescription.
890bef0c1635255b9915dcca14ad5865The Microsoft Windows kernel pool suffers from a memory disclosure vulnerability in win32k!NtGdiGetGlyphOutline.
5b64942e584a037e7e24695cad37a8d2Red Hat Security Advisory 2017-2675-01 - Red Hat Mobile Application Platform 4.5 consists of three main components: Core - development and management of apps occurs in the RHMAP Core, which can be installed either in an on-premise installation of OpenShift Container Platform 3.x. MBaaS - Application data, runtimes, and integrations are deployed to the RHMAP MBaaS installed on OpenShift Container Platform 3.x. Build Farm - deployed separately from the Core and the MBaaS, the Build Farm is shared between all instances of RHMAP. Third-party Linux, Windows, and Apple server hosting providers are used to support building client app binaries for all platforms.
99a6e0d3fc9dfeb7ace4c6a777026fdbACG (Arbitrary Code Guard) in Microsoft Edge is bypassable. The bypass has been tested on Microsoft Edge 40.15063.0.0 running on Windows 10 Enterprise 64-bit with Creators Update (Version 1703, OS build 15063.413).
e55e370f65b1a357d3ec51c50261ae1cProof of concept exploit for a Microsoft Windows .NET Framework remote code execution vulnerability. It spawns mspaint.
d6acb1333fa78b74fd573adf48276c84Kaspersky Privacy Cleaner suffers from insecure transit, DLL hijacking, and various other security vulnerabilities.
7085a92a7ce167e6f1ed9861cad134bbMIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.
2b240e67e4c16ed407544893b7749ff7SourceTree suffers from multiple remote code execution vulnerabilities that can be triggered via hostile repositories being checked in. SourceTree for macOS versions prior to 2.6.1 and SourceTree for Windows versions prior to 2.1.10 are affected.
52976d1b81c96e47418d943393c31c13Play TV version 1.25.1 build r123776 suffers from a DLL hijacking vulnerability.
2359bb916db42d80fda555a4fff7f0c0Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
22b925108e0b65d6560f0af161157266Microsoft Windows suffers from an issue where it is possible to inject code into a PPL protected process by hijacking COM objects leading to accessing PPL processes such as Lsa and AntiMalware from an administrator.
f56afa12662c26fd335723f194b4b1dfThis Metasploit module will bypass Windows UAC by creating COM handler registry entries in the HKCU hive. When certain high integrity processes are loaded, these registry entries are referenced resulting in the process loading user-controlled DLLs. These DLLs contain the payloads that result in elevated sessions. Registry key modifications are cleaned up after payload invocation. This Metasploit module requires the architecture of the payload to match the OS, but the current low-privilege Meterpreter session architecture can be different. If specifying EXE::Custom your DLL should call ExitProcess() after starting your payload in a separate process. This Metasploit module invokes the target binary via cmd.exe on the target. Therefore if cmd.exe access is restricted, this module will not run correctly.
73fea9d04345bcd15b0dc980da1ce0e1Microsoft Edge suffers from an out-of-bounds read in CInputDateTimeScrollerElement::_SelectValueInternal. The vulnerability has been confirmed on Windows 10 Enterprise 64-bit (OS version 1607, OS build 14393.1198) and Microsoft Edge 38.14393.1066.0, Microsoft EdgeHTML 14.14393.
ae106588351f60c9e1078c6cf7ad219eThere is a use-after-free vulnerability in Microsoft Edge that can lead to memory disclosure. The vulnerability has been confirmed on Windows 10 Enterprise 64-bit (OS version 1607, OS build 14393.1198), Microsoft Edge 38.14393.1066.0, Microsoft EdgeHTML 14.14393.
94db0de217892edc8b973671be6ef85bDemystifying Windows Kernel Exploitation by Abusing GDI Objects. This has the Windows 7 SP1 x86 exploit demonstrated at Defcon 25.
52d4377ede9d242df50d7a38f59a4d4dFormat Factory version 4.1.0 suffers from a dll hijacking vulnerability.
2f6a638827053943fd37ecf80b624a93
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed