This module exploits a vulnerability in Java 7, which allows an attacker to run arbitrary Java code outside the sandbox. This flaw is also being exploited in the wild, and there is no patch from Oracle at this point. The exploit has been tested to work against: IE, Chrome and Firefox across different platforms.
xt:Commerce suffers from a stored XSS vulnerability when parsing user input to the 'products_name_de' parameter via POST method thru '/xtAdmin/adminHandler.php' script. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session.
A remote user can execute arbitrary commands on a host using Carello Shopping Cart software. By sending a specially crafted HTTP request, the inetinfo.exe process can consume all available system resources, causing it to refuse any new connections. If the HTTP request includes arbitrary code, it will be executed with the privileges of the web server.
A problem in the firmware of the 3Com OfficeConnect 812 DSL router allows a remote user to reboot the router by connecting to the HTTP daemon and requesting a long string. This can result in a denial of service, affecting the legitimate users of networks serviced by the router.
Winamp versions prior to 2.7x are vulnerable to a buffer overflow when processing Audiosoft parameter files (*.AIP). An attacker can insert a large sequence of characters into an *.AIP file, causing a stack overflow. This allows the attacker to overwrite critical parts of the stack frame and potentially execute arbitrary code on a vulnerable system.
This vulnerability allows an attacker to execute arbitrary code on the target system using the navigator object in JavaScript. The exploit was tested on Firefox 1.5.0.4 on Windows 2000 SP4, Windows XP SP4, and Gentoo Linux. The bug was reported by TippingPoint and fixed in the latest release (1.5.0.5) of Mozilla Firefox. The exploit attempts to launch 'calc.exe' on Windows systems and 'touch /tmp/METASPLOIT' on Linux systems.
This exploit targets the Security Analyzer software developed by eiQnetworks. It allows an attacker to execute arbitrary code on the target system. The exploit takes advantage of a buffer overflow vulnerability in the software.
A user can create a symbolic link in /tmp with the name ppd.trace and overwrite any file on the system, potentially denying service to legitimate users and gaining elevated privileges.
The Kodak Color Management System configuration tool 'kcms_configure' is vulnerable to a buffer overflow that could yield root privileges to an attacker. The bug exists in the KCMS_PROFILES environment variable parser in a shared library 'kcsSUNWIOsolf.so' used by kcms_configure. If an overly long KCMS_PROFILES variable is set and kcms_configure is subsequently run, kcms_configure will overflow. Because the kcms_configure binary is setuid root, the overflow allows an attacker to execute arbitrary code as root.
Several vulnerabilities are present in the op5 Monitoring software, including SQL Injection, Cross Site Request Forgery, and Stored XSS. These vulnerabilities can be triggered with different levels of authentication and can result in various consequences, ranging from interesting to annoying. One particularly interesting vulnerability allows the admin or default monitor user to run shell commands from the web interface, potentially leading to a shell if certain conditions are met. The vulnerabilities require post-authentication access to the web application, meaning that even a low-privilege user can initiate the attack. By leveraging the XSS and CSRF vulnerabilities, an attacker could trick higher privileged users into setting up a Bind-Shell.
Services By CQR
