exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Core Security Technologies Advisory 2008.0228
Posted Dec 10, 2008
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - A vulnerability has been found in the way that Microsoft Word handles specially crafted Word files. The vulnerability could allow remote code execution if a user opens a specially crafted Word file that includes a malformed record value. An attacker who successfully exploited this vulnerability could execute arbitrary code with the privileges of the user running the MS Word application.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2008-0228
SHA-256 | 6f84551f3249c3aa35a7feb4f055de3b8c4220bfed506d6013db37f88a75caec

Related Files

Lattice Diamond Programmer Buffer Overflow
Posted Jun 22, 2012
Authored by Core Security Technologies, Ricardo Narvaja, Daniel Kazimirow | Site coresecurity.com

Core Security Technologies Advisory - Lattice Diamond Programmer is vulnerable to client-side attacks, which can be exploited by remote attackers to run arbitrary code by sending specially crafted '.xcf' files.

tags | exploit, remote, arbitrary
advisories | CVE-2012-2614
SHA-256 | df8058279a3a470f0f6120f9c7043177979a194827cfc608434c36cb3b42c698
Windows Kernel ReadLayoutFile Heap Overflow
Posted May 10, 2012
Authored by Core Security Technologies, Fernando Russ | Site coresecurity.com

Core Security Technologies Advisory - There is a bug in the ReadLayoutFile Windows Kernel function that can be leveraged into a local privilege escalation exploit, potentially usable in a client-side attack scenario or after a remote intrusion by other means.

tags | advisory, remote, kernel, local
systems | windows
advisories | CVE-2012-0181
SHA-256 | ad5c6d91d11d4dcc9b8463439354e1e8142812d8ed2bc300fc637ac6cc763462
Secunia Security Advisory 48980
Posted May 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Core Security Technologies has reported multiple vulnerabilities in SAP NetWeaver, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | eff6f18dc3bd34c48491384e92912b99a2774c1815ef38d72844839aba14e852
SAP Netweaver 7.0 EHP1/EHP2 Buffer Overflows
Posted May 8, 2012
Authored by Core Security Technologies, Martin Gallo | Site coresecurity.com

Core Security Technologies Advisory - SAP Netweaver is a technology platform for building and integrating SAP business applications. Multiple vulnerabilities have been found in SAP Netweaver that could allow an unauthenticated, remote attacker to execute arbitrary code and lead to denial of service conditions. The vulnerabilities are triggered sending specially crafted SAP Diag packets to remote TCP port 32NN (being NN the SAP system number) of a host running the "Dispatcher" service, part of SAP Netweaver Application Server ABAP. By sending different messages, the different vulnerabilities can be triggered.

tags | exploit, remote, denial of service, arbitrary, tcp, vulnerability
advisories | CVE-2011-1516, CVE-2011-1517, CVE-2012-2511, CVE-2012-2512, CVE-2012-2513, CVE-2012-2514
SHA-256 | 84108ccf75a417b942e0291cf7c3798ea4c264ddce271305c260f4c3931d47e5
Secunia Security Advisory 45891
Posted Nov 19, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Core Security Technologies has reported a vulnerability in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | windows
SHA-256 | 3d524580c71764b5d3cc900bb22709290434a48db35fefdef8adf40529de9e7e
Apple OS X Sandbox Predefined Profiles Bypass
Posted Nov 11, 2011
Authored by Core Security Technologies, Anibal Sacco, Matias Eissler | Site coresecurity.com

Core Security Technologies Advisory - Apple OS X suffered from a sandbox predefined profiles bypass vulnerability. Several of the default pre-defined sandbox profiles do not properly limit all the available mechanisms and therefore allow exercising part of the restricted functionality. Namely, sending Apple events is possible within the no-network sandbox (kSBXProfileNoNetwork). A compromised application hypothetically restricted by the use of the no-network profile may have access to network resources through the use of Apple events to invoke the execution of other applications not directly restricted by the sandbox.

tags | exploit, bypass
systems | apple, osx
advisories | CVE-2011-1516
SHA-256 | a93c8053536e7abfedb811843ec4811b01921f6a36f6987012ab0bbdb0ab1c23
Adobe Shockwave Player TextXtra.x32 Memory Corruption
Posted Nov 9, 2011
Authored by Core Security Technologies, Pablo Santamaria | Site coresecurity.com

Core Security Technologies Advisory - A memory corruption vulnerability in Adobe Shockwave Player can be leveraged to execute arbitrary code on vulnerable systems by enticing users to visit a malicious web site with a specially crafted .dir file. This vulnerability could be used by a remote attacker to execute arbitrary code with the privileges of the user that opened the malicious file.

tags | advisory, remote, web, arbitrary
advisories | CVE-2011-2447
SHA-256 | 695649c7d963064d7f163ac945a29aca4d694e1c7ff52a09ee8e2a7a93377531
Core Security Technologies Advisory 2011.0810
Posted Oct 24, 2011
Authored by Core Security Technologies, Matthew Bergin, Matias Blanco | Site coresecurity.com

Core Security Technologies Advisory - When the install script for e107 CMS has not been removed, an attacker can "reinstall" the application using arbitrary parameters. If the attacker puts a valid MySql server followed a semicolon and PHP code, this will be executed when the config file gets requested. This parameters are stored in the config file "e107_config.php". Version 0.7.24 is affected.

tags | exploit, arbitrary, php
advisories | CVE-2011-1513
SHA-256 | f1aa6364a9b7aec87affa0e57cc0ec5d09d69d9a12a32fe5e884c8288d964039
Secunia Security Advisory 46438
Posted Oct 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Core Security Technologies has reported a vulnerability in Microsoft Office Publisher 2007, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 9f8cd5af4fb62d219d656368b4151ddb77e67059235d35c11cb787fbce38e991
Core Security Technologies Advisory 2011.0106
Posted Oct 13, 2011
Authored by Core Security Technologies, Daniel Kazimirow | Site coresecurity.com

Core Security Technologies Advisory - Microsoft Publisher is a desktop publishing application from Microsoft that uses a proprietary file format (.pub). A vulnerability has been found in Publisher 2007, that can be leveraged by an attacker to execute arbitrary code by enticing users to insert a specially-crafted .pub file into a document.

tags | advisory, arbitrary
advisories | CVE-2011-1508
SHA-256 | 7393db4575d55c43a0190c93fc1da01edde0c4413669ca97163f00e3e4952ff0
Core Security Technologies Advisory 2011.0526
Posted Sep 13, 2011
Authored by Core Security Technologies, Nicolas A. Economou | Site coresecurity.com

Core Security Technologies Advisory - A security vulnerability was discovered in the Windows Internet Name Service (WINS). The vulnerability could allow elevation of privilege if a user receives a specially crafted WINS replication packet on an affected system running the WINS service. An attacker must have valid logon credentials and be able to log on locally in order to exploit this vulnerability.

tags | exploit
systems | windows
advisories | CVE-2011-1984
SHA-256 | 63a99e0648400fc4a825807649566b16a5329ecd24004648e3f3de7fcc0edde8
Core Security Technologies Advisory 2011.0606
Posted Jun 30, 2011
Authored by Core Security Technologies, Nahuel Riva | Site coresecurity.com

Core Security Technologies Advisory - HP Data Protector is an automated backup and recovery software for single-server to enterprise environments. A vulnerability in HP Data Protector could allow a remote attacker to execute arbitrary code. The vulnerability is triggered by sending a request to port 5555 of a host running the "data protector inet" service, part of HP Data Protector.

tags | exploit, remote, arbitrary
advisories | CVE-2011-1866
SHA-256 | efa1df6ff293fc879184a56101095c205856a98933d395ba652967d9bb7600a0
Core Security Technologies Advisory 2011.0514
Posted Jun 30, 2011
Authored by Core Security Technologies, Oren Isacson | Site coresecurity.com

Core Security Technologies Advisory - HP Data Protector is an automated backup and recovery software for single-server to enterprise environments. Multiple vulnerabilities have been found in HP Data Protector that could allow a remote attacker to execute arbitrary code and lead to denial of service conditions. The vulnerabilities are triggered by sending a request to port 5555 of a host running the "data protector inet" service, part of HP Data Protector. The request has several parameters, including an opcode. By sending requests with specially crafted parameters, the different bugs can be triggered.

tags | exploit, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2011-1865, CVE-2011-1514, CVE-2011-1515
SHA-256 | f98a13749e7a39ecb264fe5f8d281306487eb2c3e90b78c64ce6d9396ad34261
Secunia Security Advisory 44909
Posted Jun 17, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Core Security Technologies has reported a vulnerability in IBM WebSphere Application Server, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 7c1531b169bcb2242a12e252567da29d369cacd155b2931061e145718727d15d
Core Security Technologies Advisory 2010.1021
Posted Jun 16, 2011
Authored by Core Security Technologies, Francisco Falcon | Site coresecurity.com

Core Security Technologies Advisory - The administrative console of IBM WebSphere Application Server is vulnerable to Cross-Site Request Forgery (CSRF) attacks, which can be exploited by remote attackers to force a logged-in administrator to perform unwanted actions on the IBM WebSphere administrative console, by enticing him to visit a malicious web page. Versions 7.0.0.11 and 7.0.0.13 are confirmed vulnerable.

tags | exploit, remote, web, csrf
advisories | CVE-2010-3271
SHA-256 | c5935cba98df6fe3be07143a413aa1c7d1b1b171f7643b662db9f9dff22ce27e
Core Security Technologies Advisory 2011.0203
Posted Jun 14, 2011
Authored by Core Security Technologies, Nicolas A. Economou | Site coresecurity.com

Core Security Technologies Advisory - A security vulnerability was found in the driver 'vmswitch.sys', associated to the Windows Hypervisor subsystem, allowing an authenticated local DoS. The vulnerability could allow denial of service if a specially crafted packet is sent to the VMBus by an authenticated user in one of the guest virtual machines hosted by the Hyper-V server. The impact is all guests on that host became non-responsive. An attacker must have valid logon credentials and be able to send specially crafted content from a guest virtual machine to exploit this vulnerability.

tags | exploit, denial of service, local
systems | windows
advisories | CVE-2011-1872
SHA-256 | 91762eded6d6cb85d92e2b2d56180960888179b29b556d5094c71c5746715573
Core Security Technologies Advisory 2010.0908
Posted May 24, 2011
Authored by Core Security Technologies, Oren Isacson, Nadia Rodriguez, Pablo Santamaria | Site coresecurity.com

Core Security Technologies Advisory - A memory corruption vulnerability in the Lotus Notes client application can be leveraged to execute arbitrary code on vulnerable systems by enticing users to open specially crafted spreadsheet files with the '.XLS' extension. The vulnerability arises from improper parsing of a BIFF record. This vulnerability could be used by a remote attacker to execute arbitrary code with the privileges of the user that opened the malicious file.

tags | advisory, remote, arbitrary
advisories | CVE-2011-1512
SHA-256 | e3fb382c6354356fed21097c9c079189d9d234cd9528617f0916077745bc2a7c
Core Security Technologies Advisory 2011.0204
Posted May 12, 2011
Authored by Core Security Technologies, Diego Juarez, Eduardo Koch, Laura Balian | Site coresecurity.com

Core Security Technologies Advisory - Adobe Audition is vulnerable to numerous buffer overflows while parsing several fields inside the TRKM chunk on session (.ses) files. Then, a memory corruption can be leveraged to execute arbitrary code on vulnerable systems by enticing users to open specially crafted session files.

tags | exploit, overflow, arbitrary
advisories | CVE-2011-0615
SHA-256 | bca39d351128dc119a842d9e07ba7f07d956f9a7c41897996b07986de69c7d31
Secunia Security Advisory 44499
Posted May 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Core Security Technologies has reported a vulnerability in Sun GlassFish Enterprise Server, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 55f7f1ff824d14ad25853c782f038fd9af35f93eb2917d110b1f5caf236c2f48
Core Security Technologies Advisory 2010.1118
Posted May 12, 2011
Authored by Core Security Technologies, Francisco Falcon | Site coresecurity.com

Core Security Technologies Advisory - The Administration Console of Oracle GlassFish Server, which is listening by default on port 4848/TCP, is prone to an authentication bypass vulnerability. This vulnerability can be exploited by remote attackers to access sensitive data on the server without being authenticated, by making 'TRACE' requests against the Administration Console. Oracle GlassFish Server version 3.0.1 and Sun GlassFish Enterprise Server version 2.1.1 are affected.

tags | exploit, remote, tcp, bypass
advisories | CVE-2011-1511
SHA-256 | 3069091a5a304083556b231d526f0d1b73792c5176a24a96007d6fd9dee86cb0
Core Security Technologies Advisory 2011.0208
Posted Mar 23, 2011
Authored by Core Security Technologies, Ricardo Narvaja | Site coresecurity.com

Core Security Technologies Advisory - Two vulnerabilities have been found in VLC media player, when handling .AMV and .NSV file formats. These vulnerabilities can be exploited by a remote attacker to obtain arbitrary code execution with the privileges of the user running VLC. Versions 1.1.4 through 1.1.7 are affected.

tags | advisory, remote, arbitrary, vulnerability, code execution
advisories | CVE-2010-3275, CVE-2010-3276
SHA-256 | 8be83321208dda4d6d31da8ff809448217d99f09c95ce0362ee9c5369cec08f6
Secunia Security Advisory 43241
Posted Feb 11, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Core Security Technologies has reported multiple vulnerabilities in ManageEngine ADSelfService Plus, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.

tags | advisory, vulnerability, xss
SHA-256 | e01fb2bacf86b57d46885ab97ae04578d903d518300dd47c3e3bdc7aad3bb4d4
Core Security Technologies Advisory 2011.0103
Posted Feb 10, 2011
Authored by Core Security Technologies, Ernesto Alvarez | Site coresecurity.com

Core Security Technologies Advisory - ManageEngine ADSelfService Plus version 4.4 suffers from authentication bypass, protection mechanism failure, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2010-3272, CVE-2010-3273, CVE-2010-3274
SHA-256 | a4ee9856738a01de33d18e20d426b4e2dfb7b45bc125c6315a92425571b2ae12
Core Security Technologies Advisory 2010.1001
Posted Feb 1, 2011
Authored by Core Security Technologies, Federico Muttis, Sebastian Tello, Manuel Muradas | Site coresecurity.com

Core Security Technologies Advisory - There are stack overflows on WebEx that can be exploited by sending maliciously crafted .atp and .wrf files to a vulnerable WebEx user. When opened, these files trigger a reliably exploitable stack based buffer overflow. Code execution is trivially achieved on the .wrf case because WebEx Player allocates a function pointer on the stack that is periodically used in what seems to be a callback mechanism, and also because DEP and ASLR are not enabled. In the .atp case an exception handler can be overwritten on the stack, and most registers can be trivially overwritten.

tags | advisory, overflow, code execution
advisories | CVE-2010-3269, CVE-2010-3270
SHA-256 | 352f1691497ff70b83f9039f8094fb6c41b1beb68e1b341fbc1f1722864dc8d2
Core Security Technologies Advisory 2010.0728
Posted Dec 13, 2010
Authored by Core Security Technologies, Nahuel Riva | Site coresecurity.com

Core Security Technologies Advisory - The Intel Alert Handler service ('hndlrsvc.exe') fails to correctly process the 'CommandLine' field in the AMS request. A source address in a 'MOV' instruction is calculated from values present in the request, causing a remote denial-of-service.

tags | advisory, remote
advisories | CVE-2010-3268
SHA-256 | 55e5c8b436e323fd3f97ab13849257975ad0f4264ec70be10dbcab9dc97bde9d
Page 1 of 4
Back1234Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close