exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

PayPal China Malicious Redirect
Posted Nov 19, 2013
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

Remote attackers could influence a redirect in PayPal's www.paypal-biz.com site.

tags | exploit, remote
SHA-256 | ad30199576977fc30c90bdbd761713466c98d568a6beb827da07a26044a103e7

Related Files

Zero Day Initiative Advisory 12-144
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-144 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Autostart ftAgent, which is deployed on machines managed by EMC Autostart by default. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing routines for op-codes used by EMC Autostart ftAgent's proprietary network protocol. This ftAgent.exe service listens on TCP port 8045, and performs arithmetic for memory size calculation using values read from the network without validation. This arithmetic is susceptible to integer overflow, causing the memory allocation to be undersized, ultimately allowing for heap-based memory corruption. An attacker can exploit this condition to gain remote code execution as user SYSTEM.

tags | advisory, remote, overflow, arbitrary, tcp, code execution, protocol
advisories | CVE-2012-0409
SHA-256 | 6b5f97b1c544b37daf25f97b0b52fcbb7493e4537b578d0236271819a3ac573e
Zero Day Initiative Advisory 12-143
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-143 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within DWGDP.DLL, which is responsible for parsing DXF files. When processing MTEXT strings in the ENTITIES section of the DXF file, certain characters are sought after to end the string copy function. If these characters are not found, the copy function will continue to copy data outside of the stack buffer, causing memory corruption. An attacker can utilize this vulnerability to execute code under the context of the program.

tags | advisory, remote, arbitrary
advisories | CVE-2012-1888
SHA-256 | 29879fb724204896caa7ed97dd1f02f239316276d4f0957c222aefe4cf9c59fb
Zero Day Initiative Advisory 12-142
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-142 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the BasicService.showDocument Java Webstart function. This function allows additional parameters to be passed to the browser. Depending on which browser the user has set as default browser this could lead to remote code execution under the context of the current user.

tags | advisory, java, remote, arbitrary, code execution
advisories | CVE-2012-1713
SHA-256 | 4b4d0a01355713d6b9b2023bec9de5d8a94b9df2193510d724d023512bc800da
Zero Day Initiative Advisory 12-141
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-141 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the .NET Framework. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within Microsoft .NET XAML Browser Application (XBAP) handling of Clipboard object data. It is possible to cause unsafe memory access within System.Windows.Forms.Clipboard, allowing an attacker to control the memory used by an object's native code. This unsafe access allows for control of a function pointer, which can be exploited to remotely execute code. In the case of Internet Explorer, execution of attacker code occurs outside of the Protected Mode sandbox.

tags | advisory, remote, arbitrary
systems | windows
advisories | CVE-2012-1855
SHA-256 | 8a9c280b793fd5689ee6d1eab372451da1a6ddfa522f51fffe5b3eeaf469a90f
Zero Day Initiative Advisory 12-140
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-140 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of McAfee SmartFilter Administration Server. Authentication is not required to exploit this vulnerability. The flaw exists within the Remote Method Invocation (RMI) component which is exposed by SFAdminSrv.exe process. This process exposes various RMI services to TCP ports 4444 (JBoss RMI HTTPInvoker), 1098 (rmiactivation), 1099 (rmiregistry). Requests to these services are not authenticated and can be used to instantiate arbitrary classes or to upload and execute arbitrary archives. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
SHA-256 | 6d44dbf9f816ae47b69459fc6a3ae55af8b47454af0c493a2b31bcdd640effcb
Zero Day Initiative Advisory 12-139
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-139 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Crystal Reports. Authentication is not required to exploit this vulnerability. The flaw exists within the ebus-3-3-2-7.dll component which is used by the crystalras.exe service. This process listens on a random TCP port. When unmarshalling GIOP ORB encapsulated data the process invokes a memcpy constrained by a user controlled value. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
SHA-256 | b5cd95c093a6d7c698cda8f5b0501a67a51fa6615c044079dd187f2f91b82aa0
Zero Day Initiative Advisory 12-138
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-138 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Business Objects Financial Consolidation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within CtAppReg.dll. In the Check function, there is a vulnerability in the handling of the username parameter. If an overly long string is used as the username, it can overwrite heap memory. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the process.

tags | advisory, remote, arbitrary
SHA-256 | 71f5cfb590cb170041ac772bc7eb8657757c72abff12510ade4581f83a51f776
Zero Day Initiative Advisory 12-137
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-137 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Mac OSX. Authentication is not required to exploit this vulnerability. The flaw exists within the libsecurity_cdsa_plugin which implements routines defined in libsecurity_cssm. The library defines an allocation routine as having an argument type uint32. The implemented methods in the cdsa_plugin accept parameter having type size_t, this value is truncated from 64 bits to 32 bits when being passed to the library routine. This can lead to an underallocated memory region and ultimately a write out of bounds. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the process.

tags | advisory, remote, arbitrary
systems | apple
advisories | CVE-2012-0651
SHA-256 | 46ab23dd80c0f29f56b1529836ab00f816dadca849f9f53aba67524769c8cb32
Zero Day Initiative Advisory 12-136
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-136 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within how the application handles a malformed atom type when playing a movie encoded with uncompressed audio. When decoding the audio sample the application will use a 16-bit length for allocating a buffer, and a different one for initializing it. This can cause memory corruption which can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-3220
SHA-256 | 279769476bb55b52fb4a1cfea0a3fa4d6c15f5a797a70b8f549cd186ec7efd2d
Internet Explorer Remote Code Execution With DEP And ASLR Bypass
Posted Aug 17, 2012
Authored by FaryadR

The Timed Interactive Multimedia Extensions (aka HTML+TIME) implementation in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized or is deleted, aka "Time Element Memory Corruption Vulnerability." This is an exploit for the vulnerability noted in MS11-050.

tags | exploit, remote, arbitrary
systems | windows
advisories | CVE-2011-1255
SHA-256 | ce6d03f8afb8da5e9fab7773161352eac8d3bfb7b25bc19d2aa5c97279ad7812
Ubuntu Security Notice USN-1482-3
Posted Aug 17, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1482-3 - USN-1482-1 fixed vulnerabilities in ClamAV. The updated package could fail to properly scan files in some situations. This update fixes the problem. It was discovered that ClamAV incorrectly handled certain malformed TAR archives. A remote attacker could create a specially-crafted TAR file containing malware that could escape being detected. It was discovered that ClamAV incorrectly handled certain malformed CHM files. A remote attacker could create a specially-crafted CHM file containing malware that could escape being detected. Various other issues were also addressed.

tags | advisory, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-1459, CVE-2012-1458
SHA-256 | f6eafdf05eddc06cc3f5e1210fb3edc481985bad585d980219e95024ddabd0ae
Ubuntu Security Notice USN-1541-1
Posted Aug 17, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1541-1 - Justin Ferguson discovered multiple heap overflows in libotr. A remote attacker could use this to craft a malformed OTR message that could cause a denial of service via application crash or possibly execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-3461
SHA-256 | 6639415b413329405dd78b3fdeb6c09d08b8b5349b04696101dac765fabf6df4
Gentoo Linux Security Advisory 201208-06
Posted Aug 15, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201208-6 - A vulnerability in libgdata could allow remote attackers to perform man-in-the-middle attacks. Versions less than 0.8.1-r2 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2012-1177
SHA-256 | 6c9550b2609f2f265e43e99e0791a7773adfb69954890e5f2e3a22021e0ab085
Gentoo Linux Security Advisory 201208-01
Posted Aug 15, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201208-1 - A buffer overflow in socat might allow remote attackers to execute arbitrary code. Versions less than 1.7.2.1 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2012-0219
SHA-256 | 5ba3149b5f1771cf176c32952ee57223f04b09538cb30fff6bad71d6dd9db4d3
Mandriva Linux Security Advisory 2012-130
Posted Aug 14, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-130 - slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2012-1164
SHA-256 | 15e682bf17192a767c067672be6251b9e0fad5a2b5601ea063b950e8a67a46ae
Red Hat Security Advisory 2012-1166-01
Posted Aug 14, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1166-01 - mod_cluster is an Apache HTTP Server based load balancer that forwards requests from httpd to application server nodes. It can use the AJP, HTTP, or HTTPS protocols for communication with application server nodes. The RHSA-2012:0035 update for JBoss Enterprise Web Server 1.0.2 introduced a regression, causing mod_cluster to register and expose the root context of a server by default, even when "ROOT" was in the "excludedContexts" list in the mod_cluster configuration. If an application was deployed on the root context, a remote attacker could use this flaw to bypass intended access restrictions and gain access to that application.

tags | advisory, remote, web, root, protocol
systems | linux, redhat
advisories | CVE-2012-1154
SHA-256 | f780b0c2beb4f13cd5fd92b554dd4ba5fbcdbbc13f13e931837e863861773d32
Red Hat Security Advisory 2012-1165-01
Posted Aug 14, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1165-01 - JBoss Enterprise BRMS Platform is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This roll up patch serves as a cumulative upgrade for JBoss Enterprise BRMS Platform 5.3.0. It includes various bug fixes. The following security issue is also fixed with this release: It was found that the JMX Console did not protect against Cross-Site Request Forgery attacks. If a remote attacker could trick a user, who was logged into the JMX Console, into visiting a specially-crafted URL, the attacker could perform operations on MBeans, which may lead to arbitrary code execution in the context of the JBoss server process.

tags | advisory, remote, arbitrary, code execution, csrf
systems | linux, redhat
advisories | CVE-2011-2908
SHA-256 | 60f263a40e9847b3704eea8775ecc38544cbf434846d76a7dc6b54f11d8bced7
Mandriva Linux Security Advisory 2012-129-1
Posted Aug 11, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-129 - The decompress function in ncompress allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via crafted data that leads to a buffer underflow. A missing DHCP option checking / sanitization flaw was reported for multiple DHCP clients. This flaw may allow DHCP server to trick DHCP clients to set e.g. system hostname to a specially crafted value containing shell special characters. Various scripts assume that hostname is trusted, which may lead to code execution when hostname is specially crafted. Additionally for Mandriva Enterprise Server 5 various problems in the ka-deploy and uClibc packages was discovered and fixed with this advisory. The updated packages have been patched to correct these issues. The wrong set of packages was sent out with the MDVSA-2012:129 advisory that lacked the fix for CVE-2006-1168. This advisory provides the correct packages.

tags | advisory, remote, denial of service, arbitrary, shell, code execution
systems | linux, mandriva
advisories | CVE-2006-1168, CVE-2011-2716
SHA-256 | c7875eb533c9d6beb3425c1a97fe6ed841b9a1c6086b68f13fd555c85ebb7760
Mandriva Linux Security Advisory 2012-129
Posted Aug 11, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-129 - The decompress function in ncompress allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via crafted data that leads to a buffer underflow. A missing DHCP option checking / sanitization flaw was reported for multiple DHCP clients. This flaw may allow DHCP server to trick DHCP clients to set e.g. system hostname to a specially crafted value containing shell special characters. Various scripts assume that hostname is trusted, which may lead to code execution when hostname is specially crafted. Additionally for Mandriva Enterprise Server 5 various problems in the ka-deploy and uClibc packages was discovered and fixed with this advisory. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, arbitrary, shell, code execution
systems | linux, mandriva
advisories | CVE-2006-1168, CVE-2011-2716
SHA-256 | 741a2545d765d1e9854cdcbf178dc20b6ca0f8fc1357ad76b6a268fa5cadabc4
Mandriva Linux Security Advisory 2012-128
Posted Aug 9, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-128 - A stack-based buffer overflow flaw was found in the way bash, the GNU Bourne Again shell, expanded certain /dev/fd file names when checking file names and evaluating /dev/fd file names in conditional command expressions. A remote attacker could provide a specially-crafted Bash script that, when executed, would cause the bash executable to crash. Additionally the official patches 011 to 037 for bash-4.2 has been applied which resolves other issues found, including the CVE-2012-3410 vulnerability.

tags | advisory, remote, overflow, shell, bash
systems | linux, mandriva
advisories | CVE-2012-3410
SHA-256 | ded651ae3fb8a40f05143e18cd58c2e666fadd104e5caa2a2f8e3f23bba5151f
NetDecision 4.2 TFTP Writable Directory Traversal Execution
Posted Aug 9, 2012
Authored by Rob Kraus, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in NetDecision 4.2 TFTP server. The software contains a directory traversal vulnerability that allows a remote attacker to write arbitrary file to the file system, which results in code execution under the context of user executing the TFTP Server.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2009-1730, OSVDB-54607
SHA-256 | 0d13cee7943b511e1894639ec337c177f0900b866756b484b6bf6fa8eab38bed
Red Hat Security Advisory 2012-1152-01
Posted Aug 9, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1152-01 - JBoss Enterprise SOA Platform is the next-generation ESB and business process automation infrastructure. JBoss Enterprise SOA Platform allows IT to leverage existing, modern, and future integration methodologies to dramatically improve business process execution speed and quality. It was found that the JMX Console did not protect against Cross-Site Request Forgery attacks. If a remote attacker could trick a user, who was logged into the JMX Console, into visiting a specially-crafted URL, the attacker could perform operations on MBeans, which may lead to arbitrary code execution in the context of the JBoss server process.

tags | advisory, remote, arbitrary, code execution, csrf
systems | linux, redhat
advisories | CVE-2011-2908
SHA-256 | 541ebbf92a7b69b98f4d8f15cc4138c7a7f8c74ac83e8b5ebf8bc57eb5032ebc
Ubuntu Security Notice USN-1524-1
Posted Aug 9, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1524-1 - A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2011-3046, CVE-2011-3050, CVE-2011-3067, CVE-2011-3068, CVE-2011-3069, CVE-2011-3071, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3078, CVE-2012-0672, CVE-2012-3615, CVE-2012-3655, CVE-2012-3656, CVE-2012-3680
SHA-256 | cbaae6919431428ce28f0525f8b4610c12e3488e31906a3c083d3654bfca78e3
FreeBSD Security Advisory - named Denial Of Service
Posted Aug 8, 2012
Authored by Einar Lonn | Site security.freebsd.org

FreeBSD Security Advisory - BIND 9 stores a cache of query names that are known to be failing due to misconfigured name servers or a broken chain of trust. Under high query loads, when DNSSEC validation is active, it is possible for a condition to arise in which data from this cache of failing queries could be used before it was fully initialized, triggering an assertion failure. A remote attacker that is able to generate high volume of DNSSEC validation enabled queries can trigger the assertion failure that causes it to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | freebsd
advisories | CVE-2012-3817
SHA-256 | 14ce0ceb3dfdd72660f83035bfda8974a44d0c866f0212093a308b810aac8df9
Mandriva Linux Security Advisory 2012-127
Posted Aug 8, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-127 - A heap-based buffer overflow flaw was found in the way tiff2pdf, a TIFF image to a PDF document conversion tool, of libtiff, a library of functions for manipulating TIFF image format files, performed write of TIFF image content into particular PDF document file, when not properly initialized T2P context struct pointer has been provided by tiff2pdf as one of parameters for the routine performing the write. A remote attacker could provide a specially-crafted TIFF image format file, that when processed by tiff2pdf would lead to tiff2pdf executable crash or, potentially, arbitrary code execution with the privileges of the user running the tiff2pdf binary. The updated packages have been patched to correct this issue.

tags | advisory, remote, overflow, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2012-3401
SHA-256 | 149b7cb1a9d75035cbf157d9a41f74cd86afc4f26ebe2a53fe79e88cc5726a0b
Page 1 of 4
Back1234Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    15 Files
  • 28
    Jun 28th
    14 Files
  • 29
    Jun 29th
    11 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close