header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Adobe Photoshop Elements 8.0 Active File Monitor Service Bad Security Descriptor Local Elevation Of Privileges

The "Adobe Active File Monitor V8" service is installed with an improper security descriptor. A malicious user of the Users group (which on xp means a "limited account") can stop the service, then invoke the "sc config" command to replace the binary path with a value of choice, then restart the service to run the command with SYSTEM privileges.

GlobalScape Secure FTP Server Buffer Overflow

This exploit code is for a buffer overflow vulnerability in GlobalScape Secure FTP Server. The code is written in Python and is designed to overwrite the EIP (Extended Instruction Pointer) register. It sends a malicious buffer to the server and then connects to port 4444 on the victim machine. This code can be used to gain unauthorized access to the victim machine.

FilePocket v1.2 Local Proxy Password Disclosure Exploit

This exploit allows local users to disclose proxy passwords in FilePocket v1.2 and possibly prior versions. The exploit leverages a vulnerability in the software that allows access to the proxy password through the Windows registry.

tcpdump ISIS infinite loop DOS

The tcpdump program, specifically versions 3.8.x to 3.9.1, is vulnerable to a remote denial of service attack. This vulnerability is caused by a single (GRE) packet that triggers an infinite loop in the isis_print() function, which is used in many places by tcpdump. The bug lies in the TLV_ISNEIGH_VARLEN portion of the code, where providing a zero length causes the infinite loop.

tcpdump/ethereal (RSVP) rsvp_print() infinite loop DOS

The vulnerability exists in tcpdump v3.9.1 and earlier versions, as well as ethereal v0.10.10. It is caused by a single (RSVP) packet that triggers an infinite loop in the rsvp_print() function. Clicking on the packet or receiving ICMP replies can also trigger the vulnerability. The bug is present in the RSVP_OBJ_ERO and RSVP_OBJ_RRO classes.

Recent Exploits: