VideoSpirit Pro is prone to a buffer overflow when parsing a (.visprj) project file that contains an overly long 'mp3' value. This is because the application fails to properly bounds check the data before it is passed to strcpy().
This exploit targets the Bsplayer version 2.57 and utilizes a buffer overflow vulnerability to execute arbitrary code. The exploit creates a malicious M3U file with a payload that triggers the buffer overflow.
This exploit code allows remote attackers to execute arbitrary code on vulnerable systems running Atrium Mercur IMAP 5.0 SP3 Messaging. The vulnerability is described in detail in the bug reference provided.
The Music Animation Machine MIDI Player MAMX is prone to a buffer overflow vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. This may facilitate the compromise of the affected computer.
This is a buffer overflow exploit for WFTPD. It allows an attacker to execute arbitrary code on a vulnerable system.
This is a proof of concept exploit for a remote stack based buffer overflow vulnerability in the HP Photo Creative v 2.x audio.Record.1 ActiveX Control. The vulnerability allows an attacker to execute arbitrary code on a targeted system by sending a specially crafted request to the vulnerable ActiveX control. This exploit has been tested against Windows Vista with Internet Explorer 7.
The 'op', 'bop', 'ext', 'eop' arguments are not properly sanitized before including files from local resources, allowing for arbitrary file inclusion. The 'ext' argument can be used to inject PHP code into the 'cache/ext/statman/log.gtdat' file and execute commands. Additionally, the 'list.gtdat' file in the 'cache/users' folder exposes the MD5 password hashes of all admin and users. This can be exploited by crafting a specific value for the 'upass' parameter.
The Ignition 1.3 version is vulnerable to remote code execution. Attackers can overwrite the settings.php file by sending a specially crafted POST request and injecting malicious code into one of the variables. This allows attackers to execute arbitrary commands on the target server.
This exploit allows an attacker to execute remote commands on the target server.
A stored XSS vulnerability using CSS styles affecting users surfing the malicious post using IE6, IE7, NS 8.1.
Services By CQR