accept no compromises
Showing 1 - 25 of 100 RSS Feed

Files

Microsoft Internet Explorer 7 Denial Of Service
Posted Dec 6, 2012
Authored by MustLive

Microsoft Internet Explorer version 7.00.5730.13 suffers from a redirector denial of service vulnerability.

tags | advisory, denial of service
MD5 | 4312c04184a5aa0e409f0abb9e69a4df

Related Files

Zero Day Initiative Advisory 12-141
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-141 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the .NET Framework. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within Microsoft .NET XAML Browser Application (XBAP) handling of Clipboard object data. It is possible to cause unsafe memory access within System.Windows.Forms.Clipboard, allowing an attacker to control the memory used by an object's native code. This unsafe access allows for control of a function pointer, which can be exploited to remotely execute code. In the case of Internet Explorer, execution of attacker code occurs outside of the Protected Mode sandbox.

tags | advisory, remote, arbitrary
systems | windows
advisories | CVE-2012-1855
MD5 | 115854b44c0ecde1869f05b2c8d44fc5
Internet Explorer Remote Code Execution With DEP And ASLR Bypass
Posted Aug 17, 2012
Authored by FaryadR

The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized or is deleted, aka "Time Element Memory Corruption Vulnerability." This is an exploit for the vulnerability noted in MS11-050.

tags | exploit, remote, arbitrary
systems | windows
advisories | CVE-2011-1255
MD5 | c360b436f312000c4cb2ecb69ece4dd6
Secunia Security Advisory 50237
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Four vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 987c430c1ea0bf27a7d064a664276a63
Microsoft Internet Explorer Fixed Table Col Span Heap Overflow
Posted Aug 1, 2012
Authored by Alexandre Pelletier | Site metasploit.com

This Metasploit module exploits a heap overflow vulnerability in Internet Explorer caused by an incorrect handling of the span attribute for col elements from a fixed table, when they are modified dynamically by javascript code.

tags | exploit, overflow, javascript
advisories | CVE-2012-1876, OSVDB-82866
MD5 | 779949c97029d653dbfeebf52387ec06
CVE-2012-1889: Security Update Analysis
Posted Jul 23, 2012
Authored by Brian Mariani, High-Tech Bridge SA, Frederic Bourla | Site htbridge.com

Since the 30th of May 2012 hackers were abusing the Microsoft XML core services vulnerability. The 10th of July 2012 Microsoft finally published a security advisory which fixes this issue. The present document and video explains the details about this fix. As a lab test they used a Windows XP workstation with Service Pack 3. The Internet explorer version is 6.0.

tags | paper
systems | windows, xp
advisories | CVE-2012-1889
MD5 | a0d1c207cb55892da09387080f48352a
toStaticHTML HTML Sanitizing Bypass
Posted Jul 11, 2012
Authored by Adi Cohen | Site blog.watchfire.com

The *toStaticHTML* component, which is found in Internet Explorer versions greater than 8, SharePoint and Lync is used to sanitize HTML fragments from dynamic and potentially malicious content. An attacker is able to create a specially formed CSS that will overcome * toStaticHTML*'s security logic; therefore, after passing the specially crafted CSS string through the *toStaticHTML* function, it will contain an expression that triggers a JavaScript call.

tags | exploit, javascript, xss
advisories | CVE-2012-1858
MD5 | ad76cc4f504fecd5c463709842fcb510
Secunia Security Advisory 45690
Posted Jul 10, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 1c50066f5e498a55bbc886960e14c129
Secunia Security Advisory 49749
Posted Jul 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - NGS Secure has reported a vulnerability in the Graph Explorer component for Nagios XI, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 7e4e80ff45f6e27399d37d7b28142464
GIMP 2.8.0 Denial Of Service
Posted Jun 29, 2012
Authored by Joseph Sheridan | Site reactionpenetrationtesting.co.uk

There is a file handling denial of service in GIMP (the GNU Image Manipulation Program) for the 'fit' file format affecting all versions (Windows and Linux) up to 2.8.0. A file in the fit format with a malformed 'XTENSION' header will cause a crash in the GIMP program. The flaw is triggered by opening a crafted 'fit' file or allowing the file explorer dialog to preview the file. Proof of concept included.

tags | exploit, denial of service, proof of concept
systems | linux, windows
advisories | CVE-2012-3236
MD5 | 9010e4009599ecb23e4c8ad1ffbd2957
Technical Cyber Security Alert 2012-174A
Posted Jun 23, 2012
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2012-174A - Microsoft Security Advisory (2719615) warns of active attacks using a vulnerability in Microsoft XML Core Services. Microsoft Internet Explorer and Microsoft Office can be used as attack vectors.

tags | advisory
MD5 | e0fdec3f2a778e9ba75f1144d0d64c3e
Microsoft Internet Explorer Col Element Remote Heap Overflow
Posted Jun 20, 2012
Authored by Alexandre Pelletier, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a heap overflow error in the mshtml.dll module when processing "Col" elements, which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2012-1876
MD5 | d6f32f221551f0216f61f02dec616d81
Microsoft Internet Explorer GetAtomTable Remote Use-After-Free
Posted Jun 20, 2012
Authored by VUPEN, Jordan Gruskovnjak | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the mshtml.dll module when processing GetAtomTable objects, which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP.

tags | advisory, remote, arbitrary
advisories | CVE-2012-1875
MD5 | 5d685afe090b871b105dae365a1de47b
Microsoft Internet Explorer CollectionCache Remote Use-After-Free
Posted Jun 20, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the mshtml.dll module when processing CollectionCache objects, which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP.

tags | advisory, remote, arbitrary
MD5 | beff56c5b350a41521763a35c83c6ac2
MS12-037 Internet Explorer Same ID Property Deleted Object Handling Memory Corruption
Posted Jun 14, 2012
Authored by juan vazquez, Qihoo 360 Security Center, Dark Son, Google Inc, Yichong Lin | Site metasploit.com

This Metasploit module exploits a memory corruption flaw in Internet Explorer 8 when handling objects with the same ID property. At the moment this module targets IE8 over Windows XP SP3 through the heap massaging plus heap spray as exploited in the wild.

tags | exploit
systems | windows, xp
advisories | CVE-2012-1875, OSVDB-82865
MD5 | bfb23efabe40ee9a695408e08e52ae8e
Microsoft Internet Explorer 8 / 9 Toolbar Code Execution
Posted Jun 14, 2012
Authored by Code Audit Labs | Site vulnhunt.com

Code Audit Labs has discovered that Microsoft Internet Explorer versions 8 and 9 suffer from a use-after-free vulnerability in the developer toolbar.

tags | advisory
advisories | CVE-2012-1874
MD5 | aecdddb2a5a1025b08e025ff7798ffaf
Microsoft Internet Explorer 8 Code Execution
Posted Jun 14, 2012
Authored by Code Audit Labs | Site vulnhunt.com

Code Audit Labs has discovered a remote code execution vulnerability in Microsoft Internet Explorer 8 due to a use-after-free issue having to do with property ids.

tags | advisory, remote, code execution
advisories | CVE-2012-1875
MD5 | bd95491c06843df2fbded9d5fca6e4e3
Zero Day Initiative Advisory 12-093
Posted Jun 12, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-093 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles dynamically changed colspans on a column in a table with the table-layout:fixed style. If the colspan is increased after initial creation it will result in a heap overflow. This can lead to remote code execution under the context of the current program.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2012-1876
MD5 | efdcc8810ffb00c0629532f716357265
Secunia Security Advisory 49412
Posted Jun 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to disclose sensitive information, conduct cross-site scripting attacks, and compromise a user's system.

tags | advisory, vulnerability, xss
MD5 | a5b990c9afbe454c589443b27b9f0428
Tom Sawyer Software GET Extension Factory Remote Code Execution
Posted Jun 11, 2012
Authored by rgod, Elazar Broad, juan vazquez | Site metasploit.com

This Metasploit module exploits a remote code execution vulnerability in the tsgetx71ex553.dll ActiveX control installed with Tom Sawyer GET Extension Factory due to an incorrect initialization under Internet Explorer. While the Tom Sawyer GET Extension Factory is installed with some versions of VMware Infrastructure Client, this module has been tested only with the versions installed with Embarcadero Technologies ER/Studio XE2 / Embarcadero Studio Portal 1.6. The ActiveX control tested is tsgetx71ex553.dll, version 5.5.3.238. This Metasploit module achieves DEP and ASLR bypass using the well known msvcr71.dll rop chain. The dll is installed by default with the Embarcadero software, and loaded by the targeted ActiveX.

tags | exploit, remote, code execution, activex
advisories | CVE-2011-2217, OSVDB-73211
MD5 | 3e7aa29056921982fd5564fee15bd5aa
Microsoft Windows OLE Object File Handling Remote Code Execution
Posted Jun 7, 2012
Authored by Luigi Auriemma, juan vazquez | Site metasploit.com

This Metasploit module exploits a type confusion vulnerability in the OLE32 component of Windows XP SP3. The vulnerability exists in the CPropertyStorage::ReadMultiple function. A Visio document with a specially crafted Summary Information Stream embedded allows to get remote code execution through Internet Explorer, on systems with Visio Viewer installed.

tags | exploit, remote, code execution
systems | windows, xp
advisories | CVE-2011-3400, OSVDB-77663
MD5 | d3c565f4318547e83002b8fd42f13934
Secunia Security Advisory 49239
Posted May 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Walied Assar has discovered a vulnerability in PE Explorer, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 854479d33c329b3c2721c7d528efb2eb
PE Explorer 1.99 R6 Heap Overflow
Posted May 19, 2012
Authored by Walied Assar

PE Explorer version 1.99 R56 suffers from a heap overflow vulnerability.

tags | advisory, overflow
MD5 | de77c8df75d41f666d559049cd32e1b4
Microsoft Internet Explorer VML Remote Code Execution
Posted Apr 18, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the "vgx.dll" component when processing certain VML behaviors, which could be exploited by attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.

tags | advisory, web
advisories | CVE-2012-0172
MD5 | 430a418df374f4f687210e3faa479f35
RadioGraPhy Forensic Tool
Posted Apr 16, 2012
Site security-projects.com

Radiography is a forensic tool which grabs as much information as possible from a Windows system. It checks registry keys related to start up processes, registry keys with Internet Explorer settings, host file contents, taskScheduler tasks, loaded system drivers, uses WinUnhide to catch hidden processes, and does much more.

tags | tool, registry, forensics
systems | windows
MD5 | 3b250869fc03d623c0391fb2eb009c78
Technical Cyber Security Alert 2012-101A
Posted Apr 11, 2012
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2012-101A - There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft .NET Framework, Microsoft Office, Microsoft Server Software, Microsoft SQL Server, Microsoft Developer Tools, and Microsoft Forefront United Access Gateway. Microsoft has released updates to address these vulnerabilities.

tags | advisory, vulnerability
systems | windows
MD5 | 012a55eecbf0aa3febb5ac96e10846ea
Page 1 of 4
Back1234Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close