EDraw Flowchart ActiveX Control version 2.3 suffers from a buffer overflow vulnerability when parsing .edd file format resulting in an application crash and overwritten few memory registers which can aid the attacker to execute arbitrary code.
This exploit targets the EDraw Flowchart ActiveX Control 2.3 (EDImage.ocx) and causes a remote Denial of Service (DoS) attack. By providing a large string as an argument to the 'OpenDocument' function, the control crashes, resulting in a DoS condition. This exploit specifically targets Internet Explorer.
This exploit shows the possibility to run arbitrary code on FreeBSD machines.
Cacti is prone to a remote command execution vulnerability because the software fails to adequately sanitize user-suplied input. Successful attacks can compromise the affected software and possibly the operating system running Cacti. The vulnerability can be triggered by any user performing specific actions.
The exploit occurs when sending an overly long PWD response. By sending a specially crafted response, an attacker can trigger a buffer overflow and potentially execute arbitrary code.
Stack buffer overflow vulnerability in ZipGenius v6.3.1.2552 allows remote attackers to execute arbitrary code via a long filename in a ZIP archive.
A stack-based buffer overflow occurs when you pass to "strFontName" parameter a string overly long than 24 bytes which leads into EIP overwrite allowing the execution of arbitrary code in the context of the logged on user. This happens because an inadequate space is stored into the buffer intended to receive the font name.
The Openregistrecil 1.02 version is vulnerable to multiple file inclusion. An attacker can exploit this vulnerability to include arbitrary files from the server, leading to remote code execution.
Acritum Femitter v1.03 is vulnerable to remote directory traversal attack.
This is a proof-of-concept exploit for a remote unicode stack overflow vulnerability in HP Operations Manager version 8.16. The vulnerability exists in the LoadFile() and SaveFile() functions of the srcvw4.dll module. The exploit allows an attacker to overwrite the address of the seh handler and potentially execute arbitrary code.
Services By CQR