bludit Pages Editor version 3.0.0 suffers from a remote shell upload vulnerability.
f4e465014a4c3c7e1a3c1608cbae4e4a7029597b53cb94f6499fd06af33dd566xtcModified version 1.05 (FCKeditor) arbitrary shell upload exploit.
7392a082a0edb8f2b4b42760293cb1430bf9c388f76faa5272f6541241f87c05WordPress Editor Monkey suffers from a remote shell upload vulnerability.
068197e2826fd4172946c8b1241b8911bfbc42114574b00252647d9bd42e3e36eXPert PDF Editor version 7 Professional null heap proof of concept exploit.
71168f53e088408cc1eb223d29435ea82c7017a1a30f9a3ad8d83fcd4913bce0Windows Credentials Editor (WCE) allows to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes and Kerberos tickets). This can be used, for example, to perform pass-the-hash on Windows, obtain NT/LM hashes from memory (from interactive logons, services, remote desktop connections, etc.) which can be used to perform further attacks, obtain Kerberos tickets and reuse them in other Windows or Unix systems.
099e55d14489dafd73cfdfa5499d3104b38a4256c3df9a93abae54beaa077d30HT Editor versions 2.0.18 and below file opening stack overflow exploit.
606c05d66ce0b264b537d3064e14cdd8c31c5369f64587f21351ba4018f04a4feXPert PDF Editor version 7.0.880.0 local crash exploit.
2266b94afd7cd2cbfc74cd301207a22d520fb153ee762e38eeb695b25e625fa9MAGIX Music Editor version 3.0 DLL hijacking exploit.
9d83f28972eacc87720ea098b4f45ad28ab5012805bbe7b460d6f3982b9112e0A reflected cross-site scripting vulnerability in ClanSphere 2010.3 / CKEditor can be exploited to execute arbitrary JavaScript.
f1aadb89b83e6a13894d0ae59de5b756a76ff3d3939a1b548181f77df57885c3An arbitrary upload vulnerability in ClanSphere 2010.3 / CKEditor can be exploited to upload a PHP shell.
dc96b54ae257c03f13ce0d4dca62c1f62dd85ee4575ba2f910a65fcf9080a385Secunia Security Advisory - A vulnerability has been discovered in Magic Music Editor, which can be exploited by malicious people to compromise a user's system.
1a056c4b4ecdd21873269baff52f8fa58ea6e3777c01520fdb16f1da9d1fa577Audio Editor Pro version 5.0 local buffer overflow proof of concept exploit that creates a malicious .ogg file.
661b6f80b89a5b345ac887e570db5d5f0a9ce5462c163383c42b9fbfce56c724Windows Credentials Editor (WCE) allows you to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes). This can be used, for example, to perform pass-the-hash on Windows and also obtain NT/LM hashes from memory (credentials not stored locally including domain credentials from interactive logons, services, remote desktop connections, etc.) which can be used in further attacks.
d5947a1b05bc5936dec425b3b826c1e9cea6c3295335bf93a05f071088349b99Movavi VideoSuite version 8.0 MovieEditor.exe local crash buffer overflow proof of concept exploit.
e185b19aa779684dd5463ac9fe95b0ac6768d2d89f498d49890fd694218eb6d0Magic Music Editor version 8.12.2.11 buffer overflow proof of concept exploit that creates a malicious .cda file.
fa03fc5e07a736b6ce4204c833690ca0102f53f572653ea7ea1a91bef14a7b67Magic Music Editor denial of service exploit that creates a malicious .cda file.
9462a00e75b4e64a1c729ad22229dbc8b510a9a62d9f05baf99b16032b1e7361Microsoft Fax Cover Page Editor version 5.2.3790.3959 suffers from a code execution vulnerability. Proof of concept exploit included.
a3f6948acaffdb44b32f3e6435cb282a054ca4e186fa85c9e03ca616a1f3c675Microsoft Windows Fax Services Cover Page Editor (.cov) memory corruption exploit.
38392677c85a82b9969b7d0008e18d2146a9d58995622384260f9a6004234ec8Secunia Research has discovered two vulnerabilities in Microsoft Office, which can be exploited by malicious people to compromise a user's system. An input validation error in the TIFF Import/Export Graphic Filter when copying certain data can be exploited to cause a heap-based buffer overflow via a specially crafted TIFF image. Another input validation error in the TIFF Import/Export Graphic Filter when copying certain data after having encountered a specific error can be exploited to cause a heap-based buffer overflow via a specially crafted TIFF image. Successful exploitation of the vulnerabilities may allow execution of arbitrary code when processing a TIFF image in an application using the graphics filter (e.g. opening the image in Microsoft Photo Editor or importing it into an Office document).
9dba3d0d50ecb04d6b0e88ad279009be8dcf8e519a8e80f0bd5acd274e688272Secunia Research has discovered a vulnerability in Microsoft Office, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by an error in the TIFF Import/Export Graphic Filter (TIFFIM32.FLT) when converting the endianess of certain data. This can be exploited to corrupt memory via e.g. a specially crafted TIFF image. Successful exploitation may allow execution of arbitrary code when processing a TIFF image in an application using the graphics filter (e.g. opening the image in Microsoft Photo Editor or importing it into an Office document).
28a0cbd4c91dc6908098a5bb540ee31c831d78a7df3e6e91cc796712c465d9faDigital Audio Editor version 7.6.0.237 local crash proof of concept exploit.
820e081085fd1ca4bcfd6c2a2807c9a1dfc73c0f4ac9523a262e5382d1c95d93Secunia Security Advisory - A vulnerability has been discovered in WaveMax Sound Editor, which can be exploited by malicious people to compromise a user's system.
cdccde9765d59e2c5890aa076f9f6fb6131ef103854e19b2d0a8f0e6a4b81b93WaveMax Sound Editor version 4.5.1 denial of service proof of concept exploit.
d3c16d4382942b0626def374eb93a86bc952ed658c264ad90aee0805d418fd9bjQuery Lightweight Rich Text Editor version 1.2 suffers from a shell upload vulnerability.
04271654082f91c9a90c0df1853e3b247d5142737c1463f935cb655980dbf67bPHPMotion suffers from a FCKeditor related shell upload vulnerability.
b91cb4287ff25950565e4177b3873042319271edb62941f3c2267b38c7d92374Power Audio Editor version 7.4.3.230 suffers from a denial of service vulnerability.
82f61fa0c6113ddebebf3ecb45fe23b5694d852df51b3a6e6fb8b7ddd499836c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed