This script causes 100% CPU usage on Windows XP SP2, and the CPU will keep running at 100% until you close explorer.exe.
Microsoft Outlook Express contains an unchecked buffer in the code that generates warning messages when certain error conditions associated with digital signatures are encountered. Execution of arbitrary code in the security context of the current user is possible.
PowerFTP server does not properly handle long user names. When excessive data is supplied as an argument to the FTP 'USER' command, the server becomes unstable. Exploitation of this vulnerability typically results in a crash of the server, requiring a manual restart to resume FTP service.
This exploit allows an attacker to execute arbitrary code in VLC Player version 2.0.3 or earlier. By crafting a malicious PNG file, an attacker can trigger a buffer overflow vulnerability in the VLC Player, leading to the execution of arbitrary code.
Emumail, an open source web mail application, may reveal sensitive configuration information under certain conditions. When unexpected characters are inserted into certain fields in web mail forms, the form generates an error. The error page returned may contain the directory to the web root on the Emumail server.
This module exploits a buffer overflow in the version of libtiff shipped with firmware versions 1.00, 1.01, 1.02, and 1.1.1 of the Apple iPhone. iPhones which have not had the BSD tools installed will need to use a special payload.
Variables $mosConfig_absolute_path are not properly sanitized, allowing an attacker to inject a simple PHP script and gain system access. The vulnerability can be exploited when register_globals=on and allow_fopenurl=on.
Plib is prone to stack based Buffer overflow in the error function in ssg/ssgParser.cxx when it loads 3d model files as X (Direct x), ASC, ASE, ATG, and OFF. This exploit uses flightgear's utility 3dconvert. It creates a corrupted ASE file "test.ase", just run: FlightGearbinWin323dconvert.exe test.ase test.obj
The INCLUDEPICTURE Field Code in Microsoft Word allows for the insertion of arbitrary URLs into a document. This functionality can be abused by an attacker to obtain the contents of files on the victim user's system. By including the URL in the field code and referencing files on the victim's system, the attacker can potentially access sensitive information. This vulnerability can be particularly dangerous in situations where documents are constantly being shared and updated.
A buffer overflow has been discovered in Trillian version .73 and .74. When processing a PRIVMSG command with an overly large sender name, a buffer overflow will occur resulting in memory corruption and a denial of service. Although not yet confirmed, because memory can be overwritten, it may be possible for arbitrary attacker-supplied code to be executed with the privileges of the client.
Services By CQR