This exploit allows an attacker to create a file with a long string of characters, causing SpotAuditor to crash when attempting to decrypt the characters. The exploit is performed by running a Python script that creates a file with a long string of characters, which is then copied and pasted into the 'Base64 Encrypted Password' field in SpotAuditor. This causes the software to crash.
This exploit allows an attacker to crash the PIX for Windows tools by running a specially crafted script that creates a file with the extension '.PIXrun'. When the file is opened in the software, it causes a crash.
The exploit allows an attacker to cause a denial of service (DoS) condition on InduSoft Web Studio 8.1 SP1. By pasting a large buffer of characters into the "No Redibujar"/"Deshabilitados" field, the application crashes, rendering it unavailable. This can be achieved by running the provided Python code or manually copying the content of the provided text file into the application.
The iNetTools application for iOS version 8.20 is vulnerable to a denial of service (DoS) attack. By providing a specially crafted input in the 'Domain Name' field of the 'Whois' feature, an attacker can cause the application to crash.
This exploit abuses a vulnerability in the AppX Deployment Service (AppXSvc) in Microsoft Windows. By exploiting this vulnerability, an attacker can overwrite or create files as SYSTEM, leading to privilege escalation. The exploit can be carried out in two ways: arbitrary file creation and file overwrite.
The exploit allows an attacker to cause a denial of service (DoS) on the InTouch Machine Edition 8.1 SP1 software. By sending a specially crafted input, the attacker can trigger a buffer overflow, causing the software to crash and become unresponsive.
Remote Sql Injection vulnerability in Ip Reg v0.3 allows an attacker to execute arbitrary SQL commands via the 'vlan_id', 'assetclassgroup_id', or 'subnet_id' parameter.
This exploit creates a malicious .m3u file that contains 25,000 'A' characters. Opening this file in SMPlayer causes a buffer overflow, resulting in a Denial of Service attack.
There is a use-after-free issue in JScript (triggerable via Internet Explorer) where the members of the 'arguments' object aren't tracked by the garbage collector during the 'toJSON' callback. Thus, during the 'toJSON' callback, it is possible to assign a variable to the 'arguments' object, have it garbage-collected (as long as it is not referenced anywhere else) and still access it later. Note that, like in some previously reported JScript issues, this is a use-after-free on a JScript variable (VAR structure), so in order to trigger a crash, the entire block of variables must be freed.
Services By CQR
