Microsoft Windows suffers from an insecure CSharedStream object privilege escalation vulnerability.
687f585eaab9feeb5d38e13cc05c1c00Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
c6f8d12a3efe21cc7885f7cb0c4bd938Adobe Acrobat Reader DC for Windows suffers from a heap-based buffer overflow vulnerability that can be leveraged via malformed JP2 streams.
6d502d5ca8f705d8234dd901fb623916The Microsoft Windows kernel suffers from an out-of-bounds read vulnerability in nt!MiRelocateImage while parsing a malformed PE file.
b11e264135a1ee9c14ee6d0a6b9be23aThe Microsoft Windows kernel suffers from an out-of-bounds read vulnerability in CI!HashKComputeFirstPageHash while parsing a malformed PE file.
2b4d1890b1779ec523e266b0696a2645The Microsoft Windows kernel suffers from an out-of-bounds read in nt!MiParseImageLoadConfig while parsing a malformed PE file.
ed96bcdeedbf757ded338f82d7252f0dThe Microsoft Windows kernel suffers from an out-of-bounds read vulnerability in CI!CipFixImageType while parsing a malformed PE file.
234236a84a29251053125f4a4e7b7d46The Microsoft Windows kernel suffers from a null pointer dereference vulnerability in nt!MiOffsetToProtos while parsing a malformed PE file.
00131f510a52f3d940c140421ce76ea4Microsoft Windows Kernel suffers from a TTF font processing win32k!ulClearTypeFilter pool corruption vulnerability in win32k.sys.
119f19b3c20bb86e4d4a2c8e4636479cThis Metasploit module exploits a stack buffer overflow in ASX to MP3 converter 3.1.3.7. By constructing a specially crafted ASX file and attempting to convert it to an MP3 file in the application, a buffer is overwritten, which allows for running shellcode. Tested on: Microsoft Windows 7 Enterprise, 6.1.7601 Service Pack 1 Build 7601, x64-based PC Microsoft Windows 10 Pro, 10.0.18362 N/A Build 18362, x64-based PC.
56c0508be45bebf5e6af39311de96c27Apple Security Advisory 2019-10-07-4 - iCloud for Windows 7.14 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.
674430b600662e944210bc20e841afd7Apple Security Advisory 2019-10-07-3 - iCloud for Windows 10.7 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.
60950df4e7126c0b4c002000d0054239Apple Security Advisory 2019-10-07-2 - iTunes for Windows 12.10.1 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.
9afe24ba991364697b29be8710f3f4afWireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
d01fdc4e78ef8ea70f20616c91419bd9Webfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database logs using the iptables ULOG target.
7b7a6a01bc9d99ffe81928180bb7025cMicrosoft Windows suffers from an Internet Settings misconfiguration security feature bypass vulnerability. Versions affected include Windows 7 SP1, 8.0, 8.1 x86 and x64 with full patches up to July 2019.
ff0c1e4363db410575808afd701e6662Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.
67f9227b181693dc873b1f25ba5e54b8Red Hat Security Advisory 2019-2722-01 - The libwmf packages provide a library for reading and converting Windows Metafile Format vector graphics. The library is used by applications such as GIMP and ImageMagick. Multiple double-free vulnerabilities were addressed.
d770b947ff129d4347b75170c531e764NtFileSins.py is a Windows file enumeration intel gathering tool.
df854b2ff767838ad9ede940d9a2edeeThis Metasploit module exploits a flaw in the WSReset.exe Windows Store Reset Tool. The tool is run with the "autoElevate" property set to true, however it can be moved to a new Windows directory containing a space (C:\Windows \System32\) where, upon execution, it will load our payload dll (propsys.dll).
b188fc5d0237e2798ceb17453907bcbeMicrosoft Windows suffers from an NTFS privileged file access enumeration vulnerability. Attackers possessing user-only rights can gather intelligence or profile other user account activities by brute forcing a correct file name due to inconsistent error messaging.
8f8a5a6cf1cf40cfec6b841ca09e2618This Metasploit module exploits a flaw in the WSReset.exe file associated with the Windows Store. This binary has autoelevate privs, and it will run a binary file contained in a low-privilege registry location. By placing a link to the binary in the registry location, WSReset.exe will launch the binary as a privileged user.
d470c356d7562ece1d5652e2d264a075Whitepaper called Exploitation of Windows CVE-2019-0708 (BlueKeep): Three Ways to Write Data into the Kernel with RDP PDU.
6f462839db6bbcac1333d70c6161be2cThis python script mints a .ps file with an exploitable semicolon condition that allows for command execution from Microsoft Windows PowerShell.
9592257d1332e2c7094af04e4b98bda7Adobe Acrobat Reader DC for Windows suffers from a double-free vulnerability due to a malformed JP2 stream.
160feb95df0fc9a1e82853c12dfe4902
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed