This Metasploit module exploits a buffer overflow in WM Downloader v3.1.2.2. When the application is used to import a specially crafted m3u file, a buffer overflow occurs allowing arbitrary code execution.
87a0644ca5d9a7d534b11ef5d0d3292366fd92e4752fed31c5dd3bfb55b114bcSecunia Security Advisory - Some vulnerabilities have been reported in the Pathauto module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
43c296439af203e369a2f7a712774ef9ea921e081eeee50d246066fdb050c6caSecunia Security Advisory - A vulnerability has been reported in the Prepopulate module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.
651dcb57d049692e40ea95201b1e90ba1096c376d8f689be532fd35267807babSecunia Security Advisory - A vulnerability has been reported in the OpenID module for Drupal, which can be exploited by malicious people to bypass certain security restrictions.
7e2de844d1031d067ea2ac37d44dc11a1d00d0efa603582cbd3b200b15b72c6dSecunia Security Advisory - A vulnerability and a security issue have been reported in ServletExec, which can be exploited by malicious people to disclose potentially sensitive information and bypass certain security restrictions.
f5b6dae72e2ae8deb6268e0ea533a5742f7508b1a6f8735add6ef3d69c9925eeSecunia Security Advisory - A vulnerability has been reported in the Privatemsg module for Drupal, which can be exploited by malicious people to conduct cross-site scripting attacks.
43f486e274ad65b564c9f5840e17be9d35b9d1f9890cf880aa6d52165e3eb6f8Secunia Security Advisory - Some vulnerabilities have been reported in EJBCA, which potentially can be exploited by malicious people to conduct cross-site scripting attacks.
cc4738bfb316c9bd8f800ce685c28286cbf7639d217a93596eb2af260f78715eSecunia Security Advisory - Some vulnerabilities have been reported in Nagios XI, which can be exploited by malicious people to conduct cross-site request forgery and cross-site scripting attacks.
bb715a9bb527af1b397c813fd4619fe26182b781e56cf5b63aa0e1ebe32c2917Secunia Security Advisory - A vulnerability and some security issues have been reported in Opera, which can be exploited by malicious people to bypass certain security restrictions or compromise a user's system.
f544d073f344ef685af483370f2241df6b35783d5b6f5dea1104dcbc96699983Secunia Security Advisory - A security issue has been reported in 2Wire 2700HGV-2 Gateway, which can be exploited by malicious people to conduct brute force attacks.
d8dfe03ceb809127a6f1c322167c7b881bc9011b802865c67930c32b0b4dfbb7Secunia Security Advisory - Multiple vulnerabilities have been reported in the Ubercart module for Drupal, which can be exploited by malicious people to bypass certain security restrictions and to conduct cross-site request forgery attacks.
49f954dbee7653ea31343b34073cab4fc3a5ee793eb5c2d20096ca9deb8b22ffSecunia Security Advisory - A vulnerability has been reported in the FileField Sources module for Drupal, which can be exploited by malicious users to compromise a vulnerable system.
2c656c4f68ec07814fedd9327a7766041a597aa4c658cda2d27b3a2a002908c1Secunia Security Advisory - A weakness and some vulnerabilities have been reported in Drupal, which can be exploited by malicious users to conduct script insertion attacks, and by malicious users and malicious people to bypass certain security restrictions.
36c3ecd7ee7b5a49709726163719296dd87dae181bbae1444cc0c274efe02e07Secunia Security Advisory - Some vulnerabilities have been discovered in Pligg, which can be exploited by malicious users and malicious people to conduct SQL injection attacks.
574c59b3d8a52181121335bdbfc066f2f04434940955fc57e2e43a9d6bd6aa91iDefense Security Advisory 08.10.10 - Remote exploitation of a heap buffer overflow vulnerability in Microsoft Corp.'s Word could allow attackers to execute arbitrary code under the privileges of the targeted user. This vulnerability specifically exists in the handling of some drawing object control words in an RTF document. Under certain circumstances, Word will copy a property value into a heap buffer without checking the length, which causes a heap buffer overflow. iDefense has confirmed the existence of this vulnerability in Microsoft Word 2003, Microsoft Word 2007, and Microsoft Outlook 2007. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-056.
25855763a2da9fa2593ee54ea20cb23b8412b955183bf26b2866e5577463f29dThe Ambit U10C019 cablemodem in use by Road Runner/Time Warner suffers from a hardcoded default administrative login vulnerability.
658749d1a4f0e0ae8bc80cdf62824483055179cf6825fbe72155a45b114a08f3Core Security Technologies Advisory - A stack based buffer overflow vulnerability in Microsoft Excel 2002 (Office XP) can be leveraged to execute arbitrary code on vulnerable systems by enticing users to open specially crafted spreadsheet files with the '.XLS' extension. The vulnerability results from improper parsing of a PivotTable Cache Data record. This vulnerability could be used by a remote attacker to execute arbitrary code with the privileges of the user that opened the malicious file.
f8bad67514cb0de6d8919901fc373db0ca1c25d9dc3b5c3b98afbcfde550da3bRSP MP3 Player OCX Active-X buffer overflow exploit with heap spray.
ac02b5cab3592f82be9b8efea453bf9a6514b0d4ca50e55930369210003f1861Easy FTP server version 1.7.0.11 NLST , NLST -al, APPE, RETR , SIZE and XCWD commands remote buffer overflow exploit.
c3bd3efeb858314820cb926c216f6e1410a737ff72385ec4adbb22d16492d24cPlay! Framework versions 1.0.3.1 and below suffer from a directory traversal vulnerability.
1a8ff46daa591f66f60acc210c578915db5c7e0332a3c7b0c04800f324017cb6AoA Audio Extractor version 2.0.0 Active-X SEH JIT-spray exploit with ASLR-DEP bypass.
03167bb840750545828a6f6e29094295f0fa53cbd94790652f865c4bb266cce8Zero Day Initiative Advisory 10-149 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the connect method exposed via the ActionScript native object number 2200. If this function is called several times with differing strings, a memory corruption issue can be triggered. This can be exploited by remote attackers to execute arbitrary code under the context of the user running the web browser.
de10e577c7dcd812832bb3b1119b99682ecdb2088a8b6daa587589b78d8dda70Microsoft Windows tracing register key ACL privilege escalation demonstration code.
fda37dcda8d4a51a61a3269e617929ac5ffe8cfc2d68baee5d4ca6d5c52c2849Technical Cyber Security Alert 2010-222A - Microsoft has released updates to address vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, Microsoft .NET Framework, and Microsoft Silverlight.
f639a5ff1110de1af937fe814388139e598625507dc4bc7e7dd36a755182b7d8Core Security Technologies Advisory - A crash due to an invalid read in the Windows kernel can be reliably leveraged into privileged code execution resulting in a privilege escalation local vulnerability. This happens because special values of 'hParent' where not sufficiently taken into account when patching 'xxxCreateWindowsEx' on MS010-032.
c2f855789ff44f904666245577f6f46e27ddae37467caa6a4c0b3a3878489bd5
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed