The FathFTP 1.8 ActiveX control is vulnerable to a buffer overflow when handling the EnumFiles method. An attacker can exploit this vulnerability to execute arbitrary code on a target system.
This exploit targets a buffer overflow vulnerability in FathFTP 1.8. By sending a specially crafted request to the vulnerable software, an attacker can overwrite the SEH record and execute arbitrary code. The exploit has been tested on Windows XP SP3 with Internet Explorer 6.
There is a buffer overflow vulnerability in the webappmon.exe CGI application included with HP OpenView NNM. This bug can be exploited by sending a cookie header with a maliciously crafted OvJavaLocale value. Code execution is likely achievable in a reliable way.
This exploit targets FathFTP version 1.8 and utilizes a buffer overflow vulnerability to execute arbitrary code. The exploit is written in VBScript and contains shellcode that launches the Windows calculator application. It has been tested on Windows XP SP3 with Internet Explorer 6.
The IOCTL call 0x829C0964(IOCTL_ASWFW_COMM_PIDINFO_RESULTS) of 'aswFW.sys' kernel driver Shiped with 'Avast! Internet Security 5.0' uses the user controlled First 4 bytes value To allocate a NonPagedPool without any value range checking then an integer overrun occurs. If 'aswFW.sys' received a first 4 bytes about to '0xFFFFFFFF' with an Irp then an invalid Sized Memory Pool allocated. After the invalid allocation, the kernel driver copys user controlled buffer into '[allocated pool+84h]' with too large copy length '0FFFFFFFFh' then the Memory Pool corrupted.
The exploit involves spraying the JIT memory pages with nops + egghunter combined with a call to VirtualProtect() to mark the newly found shellcode as executable and then jumping to it. By spraying so many pages, the exploit becomes reliable working 9/10 times.
This exploit is a buffer overflow vulnerability found in BarCodeWiz Barcode ActiveX Control 3.29. It is triggered when the LoadProperties method is called. The vulnerability allows an attacker to execute arbitrary code on the target system.
This exploit takes advantage of a buffer overflow vulnerability in HTML Email Creator 2.42 build 718. By sending a specially crafted HTML file, an attacker can trigger a buffer overflow and execute arbitrary code.
This is a remote Buffer Overflow exploit for the UPlusFTP Server v1.7.1.01. The exploit allows an attacker to execute arbitrary code on the target system.
POC code to execute commands on system vulnerable to AMS2 design flaw of Intel Alert Handler service (hndlrsvc.exe) within Symantec SAVCE 10.1.8 and earlier
Services By CQR