This exploit is a proof-of-concept code for a certificate spoofing vulnerability. It listens for incoming connections on port 443 and sends a malicious certificate to the client. The malicious certificate is stored in a file called 'compressed'. This vulnerability can be used to spoof a legitimate certificate and gain access to sensitive information.
The vulnerability is caused due to the fact that the Zend Framework XML parser does not disable external entity loading when running on PHP-FPM. This can be exploited to disclose the content of local files on the server or to perform a denial of service attack.
Microsoft Internet Explorer 11 is prone to a use-after-free vulnerability in the MSHTML!CTreeNode::GetCascadedLang function. If an attacker succeeds in bypassing the Memory Protector and Isolated Heap protection mechanisms this vulnerability allows the execution of arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
NetServe FTP Client 1.0 is vulnerable to a buffer overflow vulnerability when a user attempts to make an assignment that exceeds the limitations of the target of the assignment. This can be exploited by an attacker to cause a denial of service condition by sending a specially crafted file containing a large amount of data to the vulnerable application.
An application-side input validation vulnerability has been discovered in the official Printer Pro 5.4.3 iOS mobile application. The vulnerability allows a local attacker to inject own script code as payload to the application-side of the vulnerable service function or module. The vulnerability exists in the TextBox Name contacts in which injects the code is activated When the application is opened and the contact containing the script selects to print.
PDF Shaper is prone to a security vulnerability when processing PDF files. The vulnerability appear when we use Convert PDF to Image and use a specially crafted PDF file. This module has been tested successfully on Win Xp, Win 7, Win 8, Win 10.
NeuroServer is an EEG (Electroencephalography) TCP/IP Transceiver. Neuroserver mediates between the raw EEG devices and all the various EEG applications that the user may wish to run to analyse the incoming EEG data. Data is transmitted using TCP/IP, which means that the EEG data can just as easily pass over a network (or even the internet) as stay on the same machine. Standard EDF is used for header information and for file storage. The server is designed to run on Windows and Linux. nsd (NeuroServer Daemon) stops if any assertion is triggered inside isValidREDF() at ~/NeuroServer-0.7.4/src/openedf.c, which checks if the data record is exactly 1 second, has at least one channel, and if channel 0 has at least one sample. If any of these conditions are not met, the assertion is triggered and the daemon stops.
An XXE vulnerability in GeoServer allows to view file contents and list directories on the server.
Windows TCP/IP stack (tcpip.sys, tcpip6.sys) fails to properly handle objects in memory during IOCTL processing. By crafting an input buffer that will be passed to the TCP device through the DeviceIoControlFile() function, it is possible to trigger a vulnerability that would allow an attacker to elevate privileges. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode (i.e. with SYSTEM privileges).
The code in downloadpdffile.php doesn't do any sanity checks, allowing a remote attacker to download sensitive system files. An attacker can use a curl command to download the file from the server.
Services By CQR