exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 100 RSS Feed

Files

DVD X Player 5.5 Pro Local Buffer Overflow
Posted Jun 4, 2019
Authored by Kevin Randall

DVD X Player version 5.5 Pro suffers from a local buffer overflow vulnerability.

tags | exploit, overflow, local
SHA-256 | 025358a4ff28df7e6401821b90e6962f2406b70bbc38f1a90b7b40ea467f4502

Related Files

Secunia Security Advisory 49130
Posted May 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - gainover has discovered a vulnerability in JW Player, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 4f7c0a28e0e8a70a6eb582c6f1cfa65478ce1f72bd4999a46188485fb40cc357
Secunia Security Advisory 48923
Posted May 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Parvez Anwar has discovered a vulnerability in 3D XML Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 7936044c8f02e77cf0b42c885997b7e2ee7fae4d7049fc62f15ee500a141f638
Secunia Security Advisory 48925
Posted May 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Parvez Anwar has discovered two vulnerabilities in 3D Life Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | be523e33b97e722465129c09a98947dc0a80863e0ca80ac77131c0d6b3dea867
Apple Quicktime .pct Parsing Memory Corruption
Posted May 15, 2012
Authored by Rodrigo Rubira Branco

Apple Quicktime does not properly parse .pct media files, which causes a corruption in module DllMain by opening a malformed file with an invalid value located in PoC repro01.pct at offset 0x20E. Quicktime Player version 7.7.1 (1680.42) on Windows XP SP 3 - PT_BR is confirmed affected. Other versions may also be affected.

tags | advisory
systems | windows, apple
advisories | CVE-2012-0671
SHA-256 | 177743c04df027711accb6be0442f662c763f68ae3e958ab54e44b32c5cdd929
Apple Security Advisory 2012-05-14-2
Posted May 15, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-05-14-2 - This update disables Adobe Flash Player if it is older than 10.1.102.64 by moving its files to a new directory. This update presents the option to install an updated version of Flash Player from the Adobe website.

tags | advisory
systems | apple
SHA-256 | a18bf4afd49f0790a7800f00c7179cc923a3890a42c7c396c63645d35c123d0d
Debian Security Advisory 2471-1
Posted May 14, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2471-1 - Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder. Multiple input validations in the decoders/ demuxers for Westwood Studios VQA, Apple MJPEG-B, Theora, Matroska, Vorbis, Sony ATRAC3, DV, NSV, files could lead to the execution of arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | linux, debian, apple
advisories | CVE-2011-3892, CVE-2011-3893, CVE-2011-3895, CVE-2011-3929, CVE-2011-3936, CVE-2011-3940, CVE-2011-3947, CVE-2012-0853, CVE-2012-0947
SHA-256 | a752e73c0cc9d4582a8cb0c918c857c8195a4a7f08461bb000946a973352da1f
Adobe Shockwave Player .dir Memory Corruption
Posted May 10, 2012
Authored by Rodrigo Rubira Branco | Site dissect.pe

Adobe Shockwave Player suffers from multiple memory corruption vulnerabilities when parsing .dir media files. This file has three advisories pertaining to these issues. Versions affected include Shockwave Player version 11.6.3r633, Module IMLLib.framework on MacOS X 10.7.2 (11C74).

tags | advisory, vulnerability
advisories | CVE-2012-2029, CVE-2012-2030, CVE-2012-2031
SHA-256 | 68a2f9480c2bfe6e206c7c6cb220e52d87c7a6f1a454f30d7a1596ce26707535
Secunia Security Advisory 49086
Posted May 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 693d4558d923a6960a0452444ac98a6e95203f15318f3619b07b7696bc1ff4bc
Secunia Security Advisory 49038
Posted May 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, suse
SHA-256 | 07b9b440af582abbcc7e52c06c6f6632c913a8117497fee26bff413a623bb383
Secunia Security Advisory 49096
Posted May 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 8416b6dd845c6b83a4da1822b91efeb94834aecf98e3f9d0b3082a81495a1002
Secunia Security Advisory 49032
Posted May 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in VMware Workstation, VMware Player, and VMware Fusion, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges.

tags | advisory, local, vulnerability
SHA-256 | a4a73ff58251fce29631338f38ad4e05e74b89f534beebcb2fd6e693de868af8
VMware Security Advisory 2012-0009
Posted May 3, 2012
Authored by VMware | Site vmware.com

VMware Security Advisory 2012-0009 - VMware Workstation, Player, ESXi and ESX patches address critical security issues.

tags | advisory
advisories | CVE-2012-1516, CVE-2012-1517, CVE-2012-2448, CVE-2012-2449, CVE-2012-2450
SHA-256 | eb075b48375e4e244ac290d95f092560fec992c243117c80698f4db787b4f60a
VLC MMS Stream Handling Buffer Overflow
Posted May 3, 2012
Authored by sinn3r, juan vazquez, Florent Hochwelker | Site metasploit.com

This Metasploit module exploits a buffer overflow in VLC media player VLC media player prior to 2.0.0. The vulnerability is due to a dangerous use of sprintf which can result in a stack buffer overflow when handling a malicious MMS URI. This Metasploit module uses the browser as attack vector. A specially crafted MMS URI is used to trigger the overflow and get flow control through SEH overwrite. Control is transferred to code located in the heap through a standard heap spray. The module only targets IE6 and IE7 because no DEP/ASLR bypass has been provided.

tags | exploit, overflow
advisories | CVE-2012-1775, OSVDB-80188
SHA-256 | 7856c6264ba9fc35e320d076f363c777f1720c644ed1819cf46c0dd75d155ea8
Remote Anything Player 5.60.15 Denial Of Service
Posted Apr 30, 2012
Authored by Saint Patrick

Remote Anything Player version 5.60.15 suffers from a denial of service vulnerability.

tags | exploit, remote, denial of service
SHA-256 | bed7c036a7c82edb36944ea8ec914bc2ee2e4524de039500e9c4d2ab54455325
KMPlayer 3.2.0.19 DLL Hijack
Posted Apr 26, 2012
Authored by nImaarek

KMPlayer version 3.2.0.19 suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | e710953170f62944c95092c7d7f49e5821951feac65493d0dc8d7059e53707a9
Adobe Flash Player ActionScript Launch Command Execution
Posted Apr 20, 2012
Authored by 0a29406d9794e4f9b30b3c5d6702c708 | Site metasploit.com

This Metasploit module exploits a vulnerability in Adobe Flash Player for Linux, version 10.0.12.36 and 9.0.151.0 and prior. An input validation vulnerability allows command execution when the browser loads a SWF file which contains shell metacharacters in the arguments to the ActionScript launch method. The victim must have Adobe AIR installed for the exploit to work. This Metasploit module was tested against version 10.0.12.36 (10r12_36).

tags | exploit, shell
systems | linux
advisories | CVE-2008-5499, OSVDB-50796
SHA-256 | 93d7262043fea9cda6bcae5df8301841074b655ead8497ddc9cbc8fb6a8f410c
Adobe Flash Player NetStream Remote Code Execution
Posted Apr 19, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. The vulnerability is caused by an invalid object being used when parsing a malformed video via "NetStream.appendBytes", which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP enabled.

tags | advisory, remote, arbitrary
advisories | CVE-2012-0773
SHA-256 | 9b4488d35212ce158b36f3b2eb967b148fddbf040de1f99a30ab5a53f3202ef4
Gentoo Linux Security Advisory 201204-07
Posted Apr 18, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201204-7 - Multiple vulnerabilities in Adobe Flash Player, the worst of which might allow remote attackers to execute arbitrary code. Versions less than 11.2.202.228 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-2445, CVE-2011-2450, CVE-2011-2451, CVE-2011-2452, CVE-2011-2453, CVE-2011-2454, CVE-2011-2455, CVE-2011-2456, CVE-2011-2457, CVE-2011-2458, CVE-2011-2459, CVE-2011-2460, CVE-2012-0752, CVE-2012-0753, CVE-2012-0754, CVE-2012-0755, CVE-2012-0756, CVE-2012-0767, CVE-2012-0768, CVE-2012-0769, CVE-2012-0773
SHA-256 | bcf33f097735edaa2dba3ae55379f08e72c0e989bf92ca775ea579c3a0dded65
Secunia Security Advisory 48868
Posted Apr 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in RealPlayer Enterprise, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | b4d217f42c3ed17c2cfbf5298888c8be24765eb39dd544f335cf2d649f544b69
Technical Cyber Security Alert 2012-101B
Posted Apr 11, 2012
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2012-101B - Adobe has released Security Bulletin APSB12-08, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat. As part of this update, Adobe Reader and Acrobat 9.x will use the system-wide Flash Player browser plug-in instead of the Authplay component. In addition, Reader and Acrobat now disable the rendering of 3D content by default.

tags | advisory, vulnerability
SHA-256 | 7b6efa396060be88ab58d1b9ba817b6174c0d8cac6c5b6a361ff1c72175a2467
Zero Day Initiative Advisory 12-058
Posted Apr 10, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-058 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of AppleQuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw occurs when the application allocates space for decoding a video sample encoded with the .png format. When calculating space for this surface, the application will explicitly trust the bit-depth within the MediaVideo header. During the decoding process, the application will write outside the surface's boundaries. This can be leveraged to allow for one to earn code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-3460
SHA-256 | 919e54396b72d0c9306baf9712477f90b15662d107f47fd151cc3e00084425af
Zero Day Initiative Advisory 12-057
Posted Apr 10, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-057 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Flash Player handles the update of a NetStream object via the appendBytes method which can lead to a use-after-free condition when the function returns. This can result in remote code execution under the context of the current process.

tags | advisory, remote, arbitrary, code execution
SHA-256 | f10032eed460124a4fc1a534f5ee945f69ee0a881a07088857826cb6ecded560
Adobe Flash Player Information Leak
Posted Apr 10, 2012
Authored by Fermin J. Serna

Adobe Flash Player versions prior to 10.3.183.16 and 11.x before 11.1.102.63 suffer from an information disclosure vulnerability. This archive has research related to this issue, proof of concept source code, and a swf that demonstrates the issue.

tags | exploit, proof of concept, info disclosure
systems | linux
advisories | CVE-2012-0769
SHA-256 | a3e0acb403967ecb2ab50b95e92c7801505af37a7f830f9ad5119219170efa9f
Secunia Security Advisory 47023
Posted Apr 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Three vulnerabilities have been reported in Cisco WebEx Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | cisco
SHA-256 | 909f84dc8b10f0fce7fd54ca9bce838b12a680e1d7dea97fb66a31821cfab0e6
Cisco Security Advisory 20120404-webex
Posted Apr 5, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco WebEx Recording Format (WRF) player contains three buffer overflow vulnerabilities. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system with the privileges of a targeted user. The Cisco WebEx Players are applications that are used to play back WebEx meeting recordings that have been recorded on a WebEx meeting site or on the computer of an online meeting attendee. The players can be automatically installed when the user accesses a recording file that is hosted on a WebEx meeting site. The players can also be manually installed for offline playback after downloading the application from www.webex.com. If the WRF player was automatically installed, it will be automatically upgraded to the latest, non-vulnerable version when users access a recording file that is hosted on a WebEx meeting site. If the WRF player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com. Cisco has updated affected versions of the WebEx meeting sites and WRF player to address these vulnerabilities.

tags | advisory, remote, overflow, arbitrary, vulnerability
systems | cisco
SHA-256 | 5a6fd0961849fbf9e0e2f35c8d9ff27609e9c090b4f86b93378ccddd00e0762d
Page 3 of 4
Back1234Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    16 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close