exploit the possibilities
Showing 1 - 25 of 100 RSS Feed

Files

IcoFX 2.5.0.0 Buffer Overflow
Posted Dec 11, 2013
Authored by Core Security Technologies, Marcos Accossatto | Site coresecurity.com

Core Security Technologies Advisory - IcoFX is prone to a (client side) security vulnerability when processing .ICO files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine, by enticing the user of IcoFX to open a specially crafted icon file. Version 2.5.0.0 for Windows is affected.

tags | exploit, remote, arbitrary
systems | windows
advisories | CVE-2013-4988
MD5 | d5ce21e3bbea945bbaddbcd18ce8c104

Related Files

Lattice Diamond Programmer Buffer Overflow
Posted Jun 22, 2012
Authored by Core Security Technologies, Ricardo Narvaja, Daniel Kazimirow | Site coresecurity.com

Core Security Technologies Advisory - Lattice Diamond Programmer is vulnerable to client-side attacks, which can be exploited by remote attackers to run arbitrary code by sending specially crafted '.xcf' files.

tags | exploit, remote, arbitrary
advisories | CVE-2012-2614
MD5 | a39d8e7293fe16989f7c5c83b4655775
Windows Kernel ReadLayoutFile Heap Overflow
Posted May 10, 2012
Authored by Core Security Technologies, Fernando Russ | Site coresecurity.com

Core Security Technologies Advisory - There is a bug in the ReadLayoutFile Windows Kernel function that can be leveraged into a local privilege escalation exploit, potentially usable in a client-side attack scenario or after a remote intrusion by other means.

tags | advisory, remote, kernel, local
systems | windows
advisories | CVE-2012-0181
MD5 | 83c65d0bc5653bb984812df522bd38ae
Secunia Security Advisory 48980
Posted May 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Core Security Technologies has reported multiple vulnerabilities in SAP NetWeaver, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | 8ae0536192fff962c1812c560aeb55f5
SAP Netweaver 7.0 EHP1/EHP2 Buffer Overflows
Posted May 8, 2012
Authored by Core Security Technologies, Martin Gallo | Site coresecurity.com

Core Security Technologies Advisory - SAP Netweaver is a technology platform for building and integrating SAP business applications. Multiple vulnerabilities have been found in SAP Netweaver that could allow an unauthenticated, remote attacker to execute arbitrary code and lead to denial of service conditions. The vulnerabilities are triggered sending specially crafted SAP Diag packets to remote TCP port 32NN (being NN the SAP system number) of a host running the "Dispatcher" service, part of SAP Netweaver Application Server ABAP. By sending different messages, the different vulnerabilities can be triggered.

tags | exploit, remote, denial of service, arbitrary, tcp, vulnerability
advisories | CVE-2011-1516, CVE-2011-1517, CVE-2012-2511, CVE-2012-2512, CVE-2012-2513, CVE-2012-2514
MD5 | df4617546b9fe705981c0eafdf162672
Secunia Security Advisory 45891
Posted Nov 19, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Core Security Technologies has reported a vulnerability in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | windows
MD5 | 048e225bfc1f89470673702678cffea8
Apple OS X Sandbox Predefined Profiles Bypass
Posted Nov 11, 2011
Authored by Core Security Technologies, Anibal Sacco, Matias Eissler | Site coresecurity.com

Core Security Technologies Advisory - Apple OS X suffered from a sandbox predefined profiles bypass vulnerability. Several of the default pre-defined sandbox profiles do not properly limit all the available mechanisms and therefore allow exercising part of the restricted functionality. Namely, sending Apple events is possible within the no-network sandbox (kSBXProfileNoNetwork). A compromised application hypothetically restricted by the use of the no-network profile may have access to network resources through the use of Apple events to invoke the execution of other applications not directly restricted by the sandbox.

tags | exploit, bypass
systems | apple, osx
advisories | CVE-2011-1516
MD5 | 7f924d516a3c7831471b90fc7629fbac
Adobe Shockwave Player TextXtra.x32 Memory Corruption
Posted Nov 9, 2011
Authored by Core Security Technologies, Pablo Santamaria | Site coresecurity.com

Core Security Technologies Advisory - A memory corruption vulnerability in Adobe Shockwave Player can be leveraged to execute arbitrary code on vulnerable systems by enticing users to visit a malicious web site with a specially crafted .dir file. This vulnerability could be used by a remote attacker to execute arbitrary code with the privileges of the user that opened the malicious file.

tags | advisory, remote, web, arbitrary
advisories | CVE-2011-2447
MD5 | d3b84c019ed4dff8a2cd96a854297dc7
Core Security Technologies Advisory 2011.0810
Posted Oct 24, 2011
Authored by Core Security Technologies, Matthew Bergin, Matias Blanco | Site coresecurity.com

Core Security Technologies Advisory - When the install script for e107 CMS has not been removed, an attacker can "reinstall" the application using arbitrary parameters. If the attacker puts a valid MySql server followed a semicolon and PHP code, this will be executed when the config file gets requested. This parameters are stored in the config file "e107_config.php". Version 0.7.24 is affected.

tags | exploit, arbitrary, php
advisories | CVE-2011-1513
MD5 | 475e59b9a2f74d30c17656851b32c8da
Secunia Security Advisory 46438
Posted Oct 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Core Security Technologies has reported a vulnerability in Microsoft Office Publisher 2007, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 718a3efd2e7e2e5a94e4cedcb1d2f739
Core Security Technologies Advisory 2011.0106
Posted Oct 13, 2011
Authored by Core Security Technologies, Daniel Kazimirow | Site coresecurity.com

Core Security Technologies Advisory - Microsoft Publisher is a desktop publishing application from Microsoft that uses a proprietary file format (.pub). A vulnerability has been found in Publisher 2007, that can be leveraged by an attacker to execute arbitrary code by enticing users to insert a specially-crafted .pub file into a document.

tags | advisory, arbitrary
advisories | CVE-2011-1508
MD5 | a5ecd4fc872d67b9589729947f9c3e56
Core Security Technologies Advisory 2011.0526
Posted Sep 13, 2011
Authored by Core Security Technologies, Nicolas A. Economou | Site coresecurity.com

Core Security Technologies Advisory - A security vulnerability was discovered in the Windows Internet Name Service (WINS). The vulnerability could allow elevation of privilege if a user receives a specially crafted WINS replication packet on an affected system running the WINS service. An attacker must have valid logon credentials and be able to log on locally in order to exploit this vulnerability.

tags | exploit
systems | windows
advisories | CVE-2011-1984
MD5 | f4c207b4130dd7921424dff69fcd2964
Core Security Technologies Advisory 2011.0606
Posted Jun 30, 2011
Authored by Core Security Technologies, Nahuel Riva | Site coresecurity.com

Core Security Technologies Advisory - HP Data Protector is an automated backup and recovery software for single-server to enterprise environments. A vulnerability in HP Data Protector could allow a remote attacker to execute arbitrary code. The vulnerability is triggered by sending a request to port 5555 of a host running the "data protector inet" service, part of HP Data Protector.

tags | exploit, remote, arbitrary
advisories | CVE-2011-1866
MD5 | 2b607c134d5d1bd9d316d28d48a0077d
Core Security Technologies Advisory 2011.0514
Posted Jun 30, 2011
Authored by Core Security Technologies, Oren Isacson | Site coresecurity.com

Core Security Technologies Advisory - HP Data Protector is an automated backup and recovery software for single-server to enterprise environments. Multiple vulnerabilities have been found in HP Data Protector that could allow a remote attacker to execute arbitrary code and lead to denial of service conditions. The vulnerabilities are triggered by sending a request to port 5555 of a host running the "data protector inet" service, part of HP Data Protector. The request has several parameters, including an opcode. By sending requests with specially crafted parameters, the different bugs can be triggered.

tags | exploit, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2011-1865, CVE-2011-1514, CVE-2011-1515
MD5 | abd37569821fe8444da64f3385882387
Secunia Security Advisory 44909
Posted Jun 17, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Core Security Technologies has reported a vulnerability in IBM WebSphere Application Server, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | df7b37535ef31bf060c57f63bb9bbd19
Core Security Technologies Advisory 2010.1021
Posted Jun 16, 2011
Authored by Core Security Technologies, Francisco Falcon | Site coresecurity.com

Core Security Technologies Advisory - The administrative console of IBM WebSphere Application Server is vulnerable to Cross-Site Request Forgery (CSRF) attacks, which can be exploited by remote attackers to force a logged-in administrator to perform unwanted actions on the IBM WebSphere administrative console, by enticing him to visit a malicious web page. Versions 7.0.0.11 and 7.0.0.13 are confirmed vulnerable.

tags | exploit, remote, web, csrf
advisories | CVE-2010-3271
MD5 | c6e94c1666d5f9b7df4619d5fdd8bf28
Core Security Technologies Advisory 2011.0203
Posted Jun 14, 2011
Authored by Core Security Technologies, Nicolas A. Economou | Site coresecurity.com

Core Security Technologies Advisory - A security vulnerability was found in the driver 'vmswitch.sys', associated to the Windows Hypervisor subsystem, allowing an authenticated local DoS. The vulnerability could allow denial of service if a specially crafted packet is sent to the VMBus by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. The impact is all guests on that host became non-responsive. An attacker must have valid logon credentials and be able to send specially crafted content from a guest virtual machine to exploit this vulnerability.

tags | exploit, denial of service, local
systems | windows
advisories | CVE-2011-1872
MD5 | 72de1a7107453a55281e3c929cf45696
Core Security Technologies Advisory 2010.0908
Posted May 24, 2011
Authored by Core Security Technologies, Oren Isacson, Nadia Rodriguez, Pablo Santamaria | Site coresecurity.com

Core Security Technologies Advisory - A memory corruption vulnerability in the Lotus Notes client application can be leveraged to execute arbitrary code on vulnerable systems by enticing users to open specially crafted spreadsheet files with the '.XLS' extension. The vulnerability arises from improper parsing of a BIFF record. This vulnerability could be used by a remote attacker to execute arbitrary code with the privileges of the user that opened the malicious file.

tags | advisory, remote, arbitrary
advisories | CVE-2011-1512
MD5 | 8a81f10a9ab052d85cc526d129edae4d
Core Security Technologies Advisory 2011.0204
Posted May 12, 2011
Authored by Core Security Technologies, Diego Juarez, Eduardo Koch, Laura Balian | Site coresecurity.com

Core Security Technologies Advisory - Adobe Audition is vulnerable to numerous buffer overflows while parsing several fields inside the TRKM chunk on session (.ses) files. Then, a memory corruption can be leveraged to execute arbitrary code on vulnerable systems by enticing users to open specially crafted session files.

tags | exploit, overflow, arbitrary
advisories | CVE-2011-0615
MD5 | 7b91488b5d62aa1fd73cf0106c145262
Secunia Security Advisory 44499
Posted May 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Core Security Technologies has reported a vulnerability in Sun GlassFish Enterprise Server, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | d49a2560f983f490f7b2912980ec1d09
Core Security Technologies Advisory 2010.1118
Posted May 12, 2011
Authored by Core Security Technologies, Francisco Falcon | Site coresecurity.com

Core Security Technologies Advisory - The Administration Console of Oracle GlassFish Server, which is listening by default on port 4848/TCP, is prone to an authentication bypass vulnerability. This vulnerability can be exploited by remote attackers to access sensitive data on the server without being authenticated, by making 'TRACE' requests against the Administration Console. Oracle GlassFish Server version 3.0.1 and Sun GlassFish Enterprise Server version 2.1.1 are affected.

tags | exploit, remote, tcp, bypass
advisories | CVE-2011-1511
MD5 | aed0efb7e4049f02a715c1bc2c2c7a4a
Core Security Technologies Advisory 2011.0208
Posted Mar 23, 2011
Authored by Core Security Technologies, Ricardo Narvaja | Site coresecurity.com

Core Security Technologies Advisory - Two vulnerabilities have been found in VLC media player, when handling .AMV and .NSV file formats. These vulnerabilities can be exploited by a remote attacker to obtain arbitrary code execution with the privileges of the user running VLC. Versions 1.1.4 through 1.1.7 are affected.

tags | advisory, remote, arbitrary, vulnerability, code execution
advisories | CVE-2010-3275, CVE-2010-3276
MD5 | 59e1d4f7b54ba146b97d0ed5d460b4bb
Secunia Security Advisory 43241
Posted Feb 11, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Core Security Technologies has reported multiple vulnerabilities in ManageEngine ADSelfService Plus, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.

tags | advisory, vulnerability, xss
MD5 | a1c09ccc1fa33c867ca84b449ec711ab
Core Security Technologies Advisory 2011.0103
Posted Feb 10, 2011
Authored by Core Security Technologies, Ernesto Alvarez | Site coresecurity.com

Core Security Technologies Advisory - ManageEngine ADSelfService Plus version 4.4 suffers from authentication bypass, protection mechanism failure, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2010-3272, CVE-2010-3273, CVE-2010-3274
MD5 | ed1b7ed715db4bf307f5da51a62dee33
Core Security Technologies Advisory 2010.1001
Posted Feb 1, 2011
Authored by Core Security Technologies, Federico Muttis, Sebastian Tello, Manuel Muradas | Site coresecurity.com

Core Security Technologies Advisory - There are stack overflows on WebEx that can be exploited by sending maliciously crafted .atp and .wrf files to a vulnerable WebEx user. When opened, these files trigger a reliably exploitable stack based buffer overflow. Code execution is trivially achieved on the .wrf case because WebEx Player allocates a function pointer on the stack that is periodically used in what seems to be a callback mechanism, and also because DEP and ASLR are not enabled. In the .atp case an exception handler can be overwritten on the stack, and most registers can be trivially overwritten.

tags | advisory, overflow, code execution
advisories | CVE-2010-3269, CVE-2010-3270
MD5 | 5ecdc62436900a05f9343c0777e5d2ed
Core Security Technologies Advisory 2010.0728
Posted Dec 13, 2010
Authored by Core Security Technologies, Nahuel Riva | Site coresecurity.com

Core Security Technologies Advisory - The Intel Alert Handler service ('hndlrsvc.exe') fails to correctly process the 'CommandLine' field in the AMS request. A source address in a 'MOV' instruction is calculated from values present in the request, causing a remote denial-of-service.

tags | advisory, remote
advisories | CVE-2010-3268
MD5 | bf82fea98ab5e3ef02ff3524b6570c22
Page 1 of 4
Back1234Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    37 Files
  • 26
    Feb 26th
    15 Files
  • 27
    Feb 27th
    15 Files
  • 28
    Feb 28th
    4 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close