The exploit bypasses non-executable stack via shared_region_map_file_np(). It works perfectly in Tiger but has been restricted in Leopard.
SD.NET RIM before version 4.7.3c is vulnerable to a SQL-Injection vulnerability. An attacker can inject arbitrary SQL statements in the 'idtyp' parameter of a POST request to achieve remote code execution.
This exploit allows an attacker to perform error-based, time-based, boolean-based blind, and UNION based SQL injections on the 'Router_ID' and 'Router_IP' parameters. The attacker can manipulate the SQL queries to execute arbitrary SQL statements.
Network Inventory Advisor installs niaservice as a service with an unquoted service path
The GET request for content ID is vulnerable to Union, Bolean and Time-Based Blind SQL injection.
This vulnerability allows an attacker to view arbitrary files on the server by exploiting the 'view.php' script. By manipulating the 'list' parameter, an attacker can traverse the directory structure and access sensitive files such as the '/etc/passwd' file.
fseventsd running as root and unsandboxed on both iOS and macOS, and accessible from within the Application sandbox. The vulnerability occurs in the fsevent_add_client function where a buffer is allocated without initializing it, leading to a Denial of Service.
Unquoted service paths in DsiWMIService have an unquoted service path. A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
This exploit takes advantage of a buffer overflow vulnerability in the Ayukov NFTP client version 1.71. By sending a specially crafted 'SYST' command, an attacker can overflow the buffer and gain control of the system. The exploit has been tested on Windows XP Pro SP0, SP1, SP2, and SP3.
A successful attempt would require the local user to be able to insert their code in the system root path undetected by the OS or other security applications where it could potentially be executed during application startup or reboot. If successful, the local user's code would execute with the elevated privileges of the application.
Services By CQR