exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Adobe Animate 15.2.1.95 Buffer Overflow
Posted Dec 15, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Adobe Animate versions 15.2.1.95 and below suffer from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2016-7866
SHA-256 | deefce1ffd423d6fa926e51b041c856564c9488d18f7afd4320d96725b9f2438

Related Files

Adobe XML External Entity Injection
Posted Sep 1, 2024
Authored by Jay Turla | Site metasploit.com

Multiple Adobe Products -- XML External Entity Injection. Affected Software: BlazeDS 3.2 and earlier versions, LiveCycle 9.0, 8.2.1, and 8.0.1, LiveCycle Data Services 3.0, 2.6.1, and 2.5.1, Flex Data Services 2.0.1, ColdFusion 9.0, 8.0.1, 8.0, and 7.0.2.

tags | exploit
advisories | CVE-2009-3960
SHA-256 | 4524d9e4bc45f6daebac3d75aa85dc0f58771f37df264ba4104bf40beda45102
Adobe ColdFusion Unauthenticated Arbitrary File Read
Posted Aug 31, 2024
Authored by Andrew | Site metasploit.com

This Metasploit module exploits a remote unauthenticated deserialization of untrusted data vulnerability in Adobe ColdFusion 2021 Update 5 and earlier as well as ColdFusion 2018 Update 15 and earlier, in order to read an arbitrary file from the server. To run this module you must provide a valid ColdFusion Component (CFC) endpoint via the CFC_ENDPOINT option, and a valid remote method name from that endpoint via the CFC_METHOD option. By default an endpoint in the ColdFusion Administrator (CFIDE) is provided. If the CFIDE is not accessible you will need to choose a different CFC endpoint, method and parameters.

tags | exploit, remote, arbitrary
advisories | CVE-2023-26360
SHA-256 | de661edb8896e72bade0f7599cfd12c9bedfd968ff8993ef271deae86817594a
Adobe ColdFusion Unauthenticated Remote Code Execution
Posted May 1, 2023
Authored by sf | Site metasploit.com

This Metasploit module exploits a remote unauthenticated deserialization of untrusted data vulnerability in Adobe ColdFusion 2021 Update 5 and earlier as well as ColdFusion 2018 Update 15 and earlier, in order to gain remote code execution.

tags | exploit, remote, code execution
advisories | CVE-2023-26360
SHA-256 | a97dc5c7910c67fbfa47a0a5ff5111b60ef4fc38c7f19bc191fb098243b227f6
Rifatron Intelligent Digital Security System (animate.cgi) Stream Disclosure
Posted Sep 9, 2019
Authored by LiquidWorm | Site zeroscience.mk

The Rifatron Intelligent Digital Security System DVR suffers from an unauthenticated and unauthorized live stream disclosure when animate.cgi script is called through Mobile Web Viewer module.

tags | exploit, web, cgi
SHA-256 | 0ac770f479e014f7c5b8c6027c620e27b00efd876208dd79b63187fd39efe9df
Adobe Flash Player DeleteRangeTimelineOperation Type Confusion
Posted Feb 9, 2019
Authored by bcook-r7, Genwei Jiang | Site metasploit.com

This Metasploit module exploits a type confusion on Adobe Flash Player, which was originally found being successfully exploited in the wild. This module has been tested successfully on: macOS Sierra 10.12.3, Safari and Adobe Flash Player 21.0.0.182, Firefox and Adobe Flash Player 21.0.0.182.

tags | exploit
advisories | CVE-2016-4117
SHA-256 | 88d24a355b55a271f66416d4bca67c66d8cfab2726a2313e4a83c7339b2a1e1c
WebKit WebCore::SVGAnimateElementBase::resetAnimatedType Use-After-Free
Posted Sep 25, 2018
Authored by Ivan Fratric, Google Security Research

WebKit suffers from a WebCore::SVGAnimateElementBase::resetAnimatedType use-after-free vulnerability.

tags | exploit
advisories | CVE-2018-4314
SHA-256 | 3223eccb3079568323f68d5664a9a5ec3e1c8f01f9d6c86877128b0c16b23809
Adobe Creative Cloud Desktop Application 4.0.0.185 Privilege Escalation
Posted Apr 13, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Adobe Creative Cloud Desktop Application versions 4.0.0.185 and below suffers from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2017-3006
SHA-256 | 827a569de876d47f237cd9fd7f23b0c4c5fbb93def466e06cacef6af2a76aeeb
Adobe XML Injection File Content Disclosure
Posted Apr 11, 2017
Authored by Thomas Sluyter

Multiple Adobe products suffer from an XML injection file content disclosure vulnerability.

tags | exploit, xxe
advisories | CVE-2009-3960
SHA-256 | bc7c48aaa4045bdb779952a1b33e82e0199dc082febb739ac980241f0f5feaee
Adobe Acrobat Reader DC 15.016.20045 Memory Corruption
Posted Jul 13, 2016
Authored by Sebastien Morin, Pier-Luc Maltais

Adobe Acrobat Reader DC version 15.016.20045 suffers from multiple memory corruption vulnerabilities while handling font (.ttf) files. Adobe is offering support for this issue here: https://forums.adobe.com/community/adobe_reader_forums.

tags | exploit, vulnerability
systems | linux
advisories | CVE-2016-4201, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208
SHA-256 | bdb4c4a106248c3069f4855591ddaf79f2160358e93e9ff16c4c15d0d021d23a
Adobe Flash opaqueBackground Use After Free
Posted Jul 13, 2015
Authored by sinn3r, juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits an use after free on Adobe Flash Player. The vulnerability, discovered by Hacking Team and made public on its July 2015 data leak, was described as an Use After Free while handling the opaqueBackground property 7 setter of the flash.display.DisplayObject class. This Metasploit module is an early release tested on: Windows 7 SP1 (32-bit), IE11 and Adobe Flash 18.0.0.203, Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 18.0.0.194, Windows 7 SP1 (32-bit), IE9 and Adobe Flash Flash 18.0.0.203, Windows 7 SP1 (32-bit), Firefox + Adobe Flash 18.0.0.194, windows 8.1, Firefox and Adobe Flash 18.0.0.203, Windows 8.1, Firefox and Adobe Flash 18.0.0.160, and Windows 8.1, Firefox and Adobe Flash 18.0.0.194

tags | exploit
systems | windows
advisories | CVE-2015-5122
SHA-256 | 8ce9c20b7334d2feb9c4fe25343ecb322adf1f1d89bf09897d3a0ae1ed81bb41
Adobe Flash Player ByteArray Use After Free
Posted Jul 8, 2015
Authored by sinn3r, juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits a use after free on Adobe Flash Player. The vulnerability, discovered by Hacking Team and made public on its July 2015 data leak, was described as a Use After Free while handling ByteArray objects. This Metasploit module has been tested successfully on: Windows 7 SP1 (32-bit), IE11 and Adobe Flash 18.0.0.194, Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 18.0.0.194, Windows 8.1 (32-bit), Firefox and Adobe Flash 18.0.0.194, Windows 8.1 (32-bit), IE11 and Flash 17.0.0.169, and Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Adobe Flash 11.2.202.468.

tags | exploit
systems | linux, windows
advisories | CVE-2015-5119
SHA-256 | 41ca06ad850b25d5a2ca76c0d342a370ac7d388de97dc2ba2d73946fcb6a325b
Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow
Posted Jul 3, 2015
Authored by juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits a buffer overflow on Adobe Flash Player when handling nellymoser encoded audio inside a FLV video, as exploited in the wild on June 2015. This Metasploit module has been tested successfully on: Windows 7 SP1 (32-bit), IE11 and Adobe Flash 18.0.0.160, Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 18.0.0.160, Windows 8.1, Firefox 38.0.5 and Adobe Flash 18.0.0.160, Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Adobe Flash 11.2.202.466, and Ubuntu 14.04.2 LTS, Firefox 35.01, and Adobe Flash 11.2.202.466. Note that this exploit is effective against both CVE-2015-3113 and the earlier CVE-2015-3043, since CVE-2015-3113 is effectively a regression to the same root cause as CVE-2015-3043.

tags | exploit, overflow, root
systems | linux, windows, ubuntu
advisories | CVE-2015-3043, CVE-2015-3113
SHA-256 | df6c07c8c61e9ddc1ee258859a800c72ade8287343881e5bac8140e590346c42
Adobe Flash Player Drawing Fill Shader Memory Corruption
Posted Jun 27, 2015
Authored by Chris Evans, juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits a memory corruption happening when applying a Shader as a drawing fill as exploited in the wild on June 2015. This Metasploit module has been tested successfully on: Windows 7 SP1 (32-bit), IE11 and Adobe Flash 17.0.0.188, Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 17.0.0.188, Windows 8.1, Firefox 38.0.5 and Adobe Flash 17.0.0.188, and Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Adobe Flash 11.2.202.460.

tags | exploit
systems | linux, windows
advisories | CVE-2015-3105
SHA-256 | a2184f47ed1174e50ad69f7fd1808a0bfb8843fb0450d0e5bd5891aa520131cd
Adobe Flash Player ShaderJob Buffer Overflow
Posted Jun 19, 2015
Authored by Chris Evans, juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits a buffer overflow vulnerability related to the ShaderJob workings on Adobe Flash Player. The vulnerability happens when trying to apply a Shader setting up the same Bitmap object as src and destination of the ShaderJob. Modifying the "width" attribute of the ShaderJob after starting the job it's possible to create a buffer overflow condition where the size of the destination buffer and the length of the copy are controlled.

tags | exploit, overflow
advisories | CVE-2015-3090
SHA-256 | 85ac61cf4df86a48ba3ebb5575fe809cd20d6d403d015526e3943526ed3262d0
Adobe Flash Player domainMemory ByteArray Use After Free
Posted May 7, 2015
Authored by juan vazquez, temp66, hdarwin, bilou | Site metasploit.com

This Metasploit module exploits a use-after-free vulnerability in Adobe Flash Player. The vulnerability occurs when the ByteArray assigned to the current ApplicationDomain is freed from an ActionScript worker, when forcing a reallocation by copying more contents than the original capacity, but Flash forgets to update the domainMemory pointer, leading to a use-after-free situation when the main worker references the domainMemory again. This Metasploit module has been tested successfully on Windows 7 SP1 (32-bit), IE 8 and IE11 with Flash 17.0.0.134.

tags | exploit
systems | windows
advisories | CVE-2015-0359
SHA-256 | 35afddd5d3435bc9a7d573d702fbd4a8ffa05be42f3a36a7f8f99095dcaea8ed
Adobe Flash Player NetConnection Type Confusion
Posted May 7, 2015
Authored by juan vazquez, temp66, Natalie Silvanovich | Site metasploit.com

This Metasploit module exploits a type confusion vulnerability in the NetConnection class on Adobe Flash Player. When using a correct memory layout this vulnerability allows to corrupt arbitrary memory. It can be used to overwrite dangerous objects, like vectors, and finally accomplish remote code execution. This Metasploit module has been tested successfully on Windows 7 SP1 (32-bit), IE 8 and IE11 with Flash 16.0.0.305.

tags | exploit, remote, arbitrary, code execution
systems | windows
advisories | CVE-2015-0336
SHA-256 | 177e5f47d74fe85d6aa8d57dccbc5f1b1e2484a8de35f89d42b20aef2b6ffe99
Adobe Flash Player UncompressViaZlibVariant Uninitialized Memory
Posted May 1, 2015
Authored by Nicolas Joly, juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits an uninitialized memory vulnerability in Adobe Flash Player. The vulnerability occurs in the ByteArray::UncompressViaZlibVariant method, which fails to initialize allocated memory. When using a correct memory layout this vulnerability leads to a ByteArray object corruption, which can be abused to access and corrupt memory. This Metasploit module has been tested successfully on Windows 7 SP1 (32-bit), IE 8 and IE11 with Flash 15.0.0.189.

tags | exploit
systems | windows
advisories | CVE-2014-8440
SHA-256 | 5e90527feb81af64901755b776a489cf3494498219d1281419ecb16f62818f6f
Adobe Flash Player copyPixelsToByteArray Integer Overflow
Posted Apr 19, 2015
Authored by Chris Evans, Nicolas Joly, juan vazquez, hdarwin | Site metasploit.com

This Metasploit module exploits an integer overflow in Adobe Flash Player. The vulnerability occurs in the copyPixelsToByteArray method from the BitmapData object. The position field of the destination ByteArray can be used to cause an integer overflow and write contents out of the ByteArray buffer. This Metasploit module has been tested successfully on Windows 7 SP1 (32-bit), IE 8 to IE 11 and Flash 14.0.0.176, 14.0.0.145 and 14.0.0.125.

tags | exploit, overflow
systems | windows
advisories | CVE-2014-0556
SHA-256 | 0261f65421dd66c2140dc4d01ec869ffa16a08028c90426650ee76ecbe40cc47
Mandriva Linux Security Advisory 2015-200
Posted Apr 13, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-200 - In MediaWiki before 1.23.9, one could circumvent the SVG MIME blacklist for embedded resources. This allowed an attacker to embed JavaScript in the SVG. In MediaWiki before 1.23.9, the SVG filter to prevent injecting JavaScript using animate elements was incorrect. In MediaWiki before 1.23.9, a stored XSS vulnerability exists due to the way attributes were expanded in MediaWiki's Html class, in combination with LanguageConverter substitutions. In MediaWiki before 1.23.9, MediaWiki's SVG filtering could be bypassed with entity encoding under the Zend interpreter. This could be used to inject JavaScript. In MediaWiki before 1.23.9, one could bypass the style filtering for SVG files to load external resources. This could violate the anonymity of users viewing the SVG. In MediaWiki before 1.23.9, MediaWiki versions using PBKDF2 for password hashing are vulnerable to DoS attacks using extremely long passwords. In MediaWiki before 1.23.9, MediaWiki is vulnerable to Quadratic Blowup DoS attacks, under both HHVM and Zend PHP. In MediaWiki before 1.23.9, the MediaWiki feature allowing a user to preview another user's custom JavaScript could be abused for privilege escalation. In MediaWiki before 1.23.9, function names were not sanitized in Lua error backtraces, which could lead to XSS. In MediaWiki before 1.23.9, the CheckUser extension did not prevent CSRF attacks on the form allowing checkusers to look up sensitive information about other users. Since the use of CheckUser is logged, the CSRF could be abused to defame a trusted user or flood the logs with noise. The mediawiki package has been updated to version 1.23.9, fixing these issues and other bugs.

tags | advisory, php, javascript
systems | linux, mandriva
advisories | CVE-2015-2931, CVE-2015-2932, CVE-2015-2933, CVE-2015-2934, CVE-2015-2935, CVE-2015-2936, CVE-2015-2937, CVE-2015-2938, CVE-2015-2939, CVE-2015-2940
SHA-256 | c05a9bf44b7022507d18ce0ec9c0141893f532647d6ceb31d6d5e71882e345bf
Adobe Flash Player casi32 Integer Overflow
Posted Apr 10, 2015
Authored by juan vazquez, bilou | Site metasploit.com

This Metasploit module exploits an integer overflow in Adobe Flash Player. The vulnerability occurs in the casi32 method, where an integer overflow occurs if a ByteArray of length 0 is setup as domainMemory for the current application domain. This Metasploit module has been tested successfully on Windows 7 SP1 (32-bit), IE 8 to IE 11 and Flash 15.0.0.167.

tags | exploit, overflow
systems | windows
advisories | CVE-2014-0569
SHA-256 | ae591f02688cd067f82a826d2565cca8148319265c1fabddf71ee88ff7b5d99b
Adobe Flash Player ByteArray With Workers Use After Free
Posted Mar 30, 2015
Authored by juan vazquez, temp66, hdarwin | Site metasploit.com

This Metasploit module exploits an use after free vulnerability in Adobe Flash Player. The vulnerability occurs when the ByteArray assigned to the current ApplicationDomain is freed from an ActionScript worker, who can fill the memory and notify the main thread to corrupt the new contents. This Metasploit module has been tested successfully on Windows 7 SP1 (32 bits), IE 8 to IE 11 and Flash 16.0.0.296.

tags | exploit
systems | windows
advisories | CVE-2015-0313
SHA-256 | bb349a822c1cc70d4d8f5f21a7eac4a134384b42aa63d3ce02ebae6b666c8b6a
Adobe Flash Player PCRE Regex Logic Error
Posted Mar 18, 2015
Authored by sinn3r, Mark Brand | Site metasploit.com

This Metasploit module exploits a vulnerability found in Adobe Flash Player. A compilation logic error in the PCRE engine, specifically in the handling of the \c escape sequence when followed by a multi-byte UTF8 character, allows arbitrary execution of PCRE bytecode.

tags | exploit, arbitrary
advisories | CVE-2015-0318
SHA-256 | 1641e648bb596d49cb885ae8a06d070b985c8aa9c12581f0fbac21adc6d108a6
Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free
Posted Mar 12, 2015
Authored by juan vazquez, temp66, hdarwin | Site metasploit.com

This Metasploit module exploits an use after free vulnerability in Adobe Flash Player. The vulnerability occurs in the ByteArray::UncompressViaZlibVariant method, when trying to uncompress() a malformed byte stream. This Metasploit module has been tested successfully on Windows 7 SP1 (32 bits), IE 8 to IE 11 and Flash 16.0.0.287, 16.0.0.257 and 16.0.0.235.

tags | exploit
systems | windows
advisories | CVE-2015-0311
SHA-256 | dd4ec805115cf98a76e437af4ed45f3e30645c3c9fefa40fee4a00da81424a9e
Adobe Reader for Android addJavascriptInterface Exploit
Posted Jun 16, 2014
Authored by Yorick Koster, joev | Site metasploit.com

Adobe Reader versions less than 11.2.0 exposes insecure native interfaces to untrusted javascript in a PDF. This Metasploit module embeds the browser exploit from android/webview_addjavascriptinterface into a PDF to get a command shell on vulnerable versions of Reader.

tags | exploit, shell, javascript
advisories | CVE-2014-0514
SHA-256 | 69ded45839e62a1eaba48f4c3a1ce02d6b51e29a52d0dd93b2dcdbc8d905f180
Adobe Flash Player Shader Buffer Overflow
Posted May 9, 2014
Authored by juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits a buffer overflow vulnerability in Adobe Flash Player. The vulnerability occurs in the flash.Display.Shader class, when setting specially crafted data as its bytecode, as exploited in the wild in April 2014. This Metasploit module has been tested successfully on IE 6 to IE 10 with Flash 11 and Flash 12 over Windows XP SP3, Windows 7 SP1 and Windows 8.

tags | exploit, overflow
systems | windows
advisories | CVE-2014-0515
SHA-256 | 6a8fa454ee9283f46ce5d01131f9d761fbf953a93ad1c6ec6a6883225ddafa72
Page 1 of 4
Back1234Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close