exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

Files

MPlayer TwinVQ Processing Stack Buffer Overflow
Posted Dec 15, 2008
Authored by Tobias Klein | Site trapkit.de

MPlayer contains a stack buffer overflow vulnerability while parsing malformed TwinVQ media files. The vulnerability may be exploited by a (remote) attacker to execute arbitrary code in the context of MPlayer. Versions 1.0rc2 below r28150 and SVN trunk below r28149 are affected.

tags | advisory, remote, overflow, arbitrary
SHA-256 | 3d02003114810b5a72337c7ed271ed1847f5dd7313989408e20fa407cb420c3c

Related Files

Google Chrome 4.1.249.1042 Array Indexing Bug
Posted Apr 3, 2010
Authored by Tobias Klein

Google Chrome is vulnerable to an out-of-bounds array indexing bug, caused by the improper handling of FTP PWD command server responses. By persuading a victim to visit a specially-crafted web site containing an iframe pointing to a malicious FTP server, a remote attacker could exploit this bug and cause the browser to crash. Versions 4.1.249.1042 (Build 42199) and below are affected. Proof of concept included.

tags | exploit, remote, web, proof of concept
SHA-256 | 46a3ad56ce252ccdbd6329ea06843f21e89e1fb198ea8f464ae783e4feff2e7f
Avast! 4.8 / 5.0 Kernel Memory Corruption
Posted Feb 25, 2010
Authored by Tobias Klein | Site trapkit.de

Avast! versions 4.8 and 5.0 suffer from a aavmker4.sys kernel memory corruption vulnerability.

tags | advisory, kernel
SHA-256 | 423e14acc68af28b36348077feb4ef7ada79727abeb0a3fa6fe5fcf347f9aa5c
Oracle Denial Of Service
Posted Feb 2, 2010
Authored by Tobias Klein | Site trapkit.de

The kernel of Oracle Solaris contains a vulnerability in the code that handles UCODE_GET_VERSION IOCTL requests. The vulnerability allows a local unprivileged user the ability to panic a Solaris x86 Intel-based system (32-bit/64-bit mode) due to a NULL pointer dereference. The ability to panic a system is a type of Denial of Service (DoS). The issue can be triggered by sending a specially crafted IOCTL request to the kernel.

tags | advisory, denial of service, x86, kernel, local
systems | solaris
advisories | CVE-2010-0453
SHA-256 | a524a1ba9d5742e9a071414fff6dae55d1497bb58dc841e1c7577a689c3d653c
Apple iPhone OS AudioCodecs Heap Buffer Overflow
Posted Sep 15, 2009
Authored by Tobias Klein | Site trapkit.de

The iPhone OS AudioCodecs library contains a heap buffer overflow vulnerability while parsing maliciously crafted AAC or MP3 files. The vulnerability may be exploited by an attacker to execute arbitrary code in the context of an application using the vulnerable library. One attack vector are iPhone ringtones with malformed sample size table entries. It was successfully tested that iTunes uploads such malformed ringtones to the phone.

tags | advisory, overflow, arbitrary
systems | apple, iphone
advisories | CVE-2009-2206
SHA-256 | f5526418de98c9657cbd763047a324da3b927f706fa76dd4b3293e0a4a6b43d0
libsndfile/Winamp VOC Heap Buffer Overflow
Posted May 19, 2009
Authored by Tobias Klein | Site trapkit.de

lidsndfile versions 1.0.19 and below and Winamp versions 5.552 and below suffer from a VOC processing heap buffer overflow vulnerability.

tags | advisory, overflow
SHA-256 | 426f002e38e1c490a9f976a610dedb222d0edadadfe570535bcf5629995c0307
xine-lib Quicktime STTS Atom Integer Overflow
Posted Apr 6, 2009
Authored by Tobias Klein | Site trapkit.de

Xine-lib contains an integer overflow vulnerability while parsing malformed STTS atoms of Quicktime movie files. The vulnerability may be exploited by a (remote) attacker to execute arbitrary code in the context of an application using the xine library. Versions 1.1.16.2 and below are affected.

tags | advisory, remote, overflow, arbitrary
SHA-256 | e630315f5a4f17bed6c30a6e60f105c698b76e14980eecb44cd918005fc63440
FFmpeg Type Conversion Vulnerability
Posted Jan 28, 2009
Authored by Tobias Klein | Site trapkit.de

FFmpeg contains a type conversion vulnerability while parsing malformed 4X movie files. The vulnerability may be exploited by a (remote) attacker to execute arbitrary code in the context of FFmpeg or an application using the FFmpeg library.

tags | advisory, remote, arbitrary
SHA-256 | fdcf90835a6517d5d2a479f58cb2df9924557def551619884e79cb3f547d6180
GStreamer Heap Overflow And Out Of Bounds
Posted Jan 23, 2009
Authored by Tobias Klein | Site trapkit.de

GStreamer gst-plugins-good versions below 0.10.12 suffer from heap overflow and array index out of bounds vulnerabilities.

tags | advisory, overflow, vulnerability
SHA-256 | ae5d5f7a93915193f6bbfe67a4de2d6d96a10f53637af659ba372970130ceede
Amarok Integer Overflow / Unchecked Allocation Vulnerabilities
Posted Jan 12, 2009
Authored by Tobias Klein | Site trapkit.de

Amarok contains several integer overflows and unchecked allocation vulnerabilities while parsing malformed audible digital audio files. The vulnerabilities may be exploited by a (remote) attacker to execute arbitrary code in the context of Amarok.

tags | advisory, remote, overflow, arbitrary, vulnerability
SHA-256 | b94ef4ce7d1b2e477a85e81fe7d6abeaf756a2d58b5544818985f2c20cb90bb6
Sun Solaris aio_suspend() Kernel Integer Overflow
Posted Jan 12, 2009
Authored by Tobias Klein | Site trapkit.de

Sun Solaris suffers from an aio_suspend() kernel integer overflow vulnerability.

tags | advisory, overflow, kernel
systems | solaris
SHA-256 | cf4e53dd00147f6634c2f3e122968aec17988d62f758b49a1e1ca73472516ca8
Sun Solaris NULL Pointer
Posted Dec 22, 2008
Authored by Tobias Klein | Site trapkit.de

Sun Solaris suffers from a SIOCGTUNPARAM IOCTL kernel null pointer vulnerability.

tags | advisory, kernel
systems | solaris
SHA-256 | a891f595f6f13435a2f5b8eb4f88c409b8f3d63c0a46587d1d8311e4fb22ed15
TKADV2008-013.txt
Posted Dec 1, 2008
Authored by Tobias Klein | Site trapkit.de

VLC media players versions below 0.9.7 suffer from a RealMedia processing integer overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2008-5276
SHA-256 | 277cdb483e2c61d2d88a42e96e43abfe8296e8b9635bed39a04fda60afbd6b13
TKADV2008-012.txt
Posted Nov 7, 2008
Authored by Tobias Klein | Site trapkit.de

The VLC media player contains a stack overflow vulnerability while parsing malformed cue files. The vulnerability may be exploited by a (remote) attacker to execute arbitrary code in the context of VLC media player. Versions below 0.9.6 are affected.

tags | advisory, remote, overflow, arbitrary
SHA-256 | bacacae2218bff994d1f4690cf40e8cb5c6f0b1cbb4bd868b2cb024828b76d85
TKADV2008-011.txt
Posted Nov 7, 2008
Authored by Tobias Klein | Site trapkit.de

The VLC media player contains a stack overflow vulnerability while parsing malformed RealText (rt) subtitle files. The vulnerability can be trivially exploited by a (remote) attacker to execute arbitrary code in the context of VLC media player. Versions below 0.9.6 are affected.

tags | advisory, remote, overflow, arbitrary
SHA-256 | 61e27c6eddbf9e4287833b974a6c98a8cbff9ad64f0e65b56725d5eebcbb162b
TKADV2008-010.txt
Posted Oct 21, 2008
Authored by Tobias Klein | Site trapkit.de

The VLC media player contains a stack overflow vulnerability while parsing malformed TiVo ty media files. The vulnerability can be trivially exploited by a (remote) attacker to execute arbitrary code in the context of VLC media player. Versions 0.9.4 and below are affected.

tags | advisory, remote, overflow, arbitrary
SHA-256 | 3d082ad5cd82a028089e95d1402f60f67f5c3ffebc9cd1673006a937b81a57a7
TKADV2008-008.txt
Posted Sep 19, 2008
Authored by Tobias Klein | Site trapkit.de

G DATA AntiVirus/InternetSecurity/TotalCare 2008 all suffer from a memory corruption vulnerability related to the GDTdiIcpt.sys kernel driver that can allow for a denial of service condition or execution of arbitrary code.

tags | advisory, denial of service, arbitrary, kernel
SHA-256 | 6d92c76ada4c68d5b45a89c21afae36573de23ed66acadc6850c9a05d6520ce8
TKADV2008-007.txt
Posted Sep 11, 2008
Authored by Tobias Klein | Site trapkit.de

The Linux Kernel versions 2.6.26.4 and below suffer from a information disclosure and NULL pointer dereference vulnerabilities in the SCTP-AUTH API.

tags | advisory, kernel, vulnerability, info disclosure
systems | linux
advisories | CVE-2008-3792
SHA-256 | 1513f3ac9e8e924633ed636d47f2117f4fb952ea02518f1b0c346466703bc3cd
TKADV2008-006.txt
Posted Aug 13, 2008
Authored by Tobias Klein | Site trapkit.de

The kernel driver KmxFw.sys shipped with various CA products contains a vulnerability in the code that handles IOCTL requests. Exploitation of this vulnerability can result in local denial of service attacks and local execution of arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
advisories | CVE-2008-2926
SHA-256 | 93703348034f1b4025f82f9365b813c7c87d326073fb65b2fddfd9ba7c13b52b
TKADV2008-003.txt
Posted Jun 16, 2008
Authored by Tobias Klein | Site trapkit.de

The kernel of Solaris contains a vulnerability in the code that handles SIOCSIPMSFILTER IOCTL requests. Exploitation of this vulnerability can result in denial of service or code execution.

tags | advisory, denial of service, kernel, code execution
systems | solaris
SHA-256 | ac9535e16712200d7f4ac8d1379c6267b56ebaf05711bd7abf525f34a2043f72
TKADV2008-002.txt
Posted Apr 1, 2008
Authored by Tobias Klein | Site trapkit.de

The kernel driver aavmker4.sys as shipped with avast! version 4.7 contains a vulnerability in the code that handles IOCTL requests. Exploitation of this vulnerability can result in denial of service or arbitrary code execution.

tags | advisory, denial of service, arbitrary, kernel, code execution
SHA-256 | d52a527b0d71922fcc4398ba23f1b4b1ef9a7c3ad9909acb482c607ce166b6e2
TKADV2008-001.txt
Posted Mar 12, 2008
Authored by Tobias Klein | Site trapkit.de

The kernel driver cpoint.sys shipped with Panda Internet Security and Antivirus Firewall 2008 contains a vulnerability in the code that handles IOCTL requests. The vulnerability can lead to denial of service and arbitrary code execution attacks.

tags | advisory, denial of service, arbitrary, kernel, code execution
SHA-256 | 75435952bb68cede74a0a2bf7a4b665506e62ce5714287c142a475f07a7fea08
TKADV2007-001.txt
Posted Nov 16, 2007
Authored by Tobias Klein | Site trapkit.de

The xnu kernel of Mac OS X contains a vulnerability in the code that handles TIOCSETD ioctl requests. Exploitation of this vulnerability can lead to denial of service and code execution.

tags | advisory, denial of service, kernel, code execution
systems | apple, osx
advisories | CVE-2007-4686
SHA-256 | 2833de13f87382fc1d46e30eeeb20f7f1d0014c4948730f08163022e37c4a526
TKADV2005-12-001.txt
Posted Dec 29, 2005
Authored by Tobias Klein | Site trapkit.de

MyBB Versions PR2 Rev.686 and prior contain multiple SQL Injection vulnerabilities.

tags | advisory, vulnerability, sql injection
SHA-256 | f14b861afdba28a4b669c3dac2d290c463a747fab9d50c2f75c7bf75d79098c4
TKADV2005-11-004.txt
Posted Nov 20, 2005
Authored by Tobias Klein

Versions 1.5.3 and below of phpMyFAQ contain multiple persistent cross site scripting vulnerabilities. Exploitation details provided.

tags | exploit, vulnerability, xss
SHA-256 | 1604f67bacec514f508f5c7fc8b04b4dd59120438f0d160be0c7d0947450916d
tkadv2005-11-001.txt
Posted Nov 8, 2005
Authored by Tobias Klein | Site trapkit.de

PHPlist Version 2.10.1 and prior contain multiple Cross Site Scripting and SQL Injection vulnerabilities. Furthermore it is possible to access and read arbitrary system files through a vulnerability in PHPlist. Detailed exploitation provided.

tags | advisory, arbitrary, vulnerability, xss, sql injection
SHA-256 | 429d5e2ed3062111670608399cbfe4c23936e0a7acc764e78fbed068284c5240
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close