This exploits the buffer overflow in Snort version 2.4.0 to 2.4.2. This particular module is capable of exploiting the bug on x86 Win32, Win2000, WinXP and Win2003. Exploitation in this vulnerability is depend on many factors. Difference in GCC version, compiled option and operating system made diffent technique in exploitation.
This exploit allows an attacker to gain access to the Subdreamer 2.2.1 web application and execute arbitrary commands on the server. The exploit is based on RST/GHC advisory #35 and works on Subdreamer installations without forum integration, with phpBB2 integration, with ipb2 integration, and with vbulletin2 integration.
This exploit is a buffer overflow exploit for Mirabilis ICQ 2003a. It allows an attacker to download and execute a file from the web. The exploit requires social engineering skills to use it, as the user must be convinced to type the vulnerable string into the first and last name fields in ICQ and press the find button.
A denial of service vulnerability exists within Internet Explorer 6.0 on XP SP2 with the J2SE Runtime Environment installed allows for an attacker to cause the browser to stop responding. The flaw is within mshtmled.dll (6.00.2900.2753 (xpsp_sp2_gdr.050902-1326) and prior versions) which Internet Explorer 6.0 uses for HTML editing.
This exploit allows an attacker to gain access to the TClanPortal Version 3 application by exploiting a SQL Injection vulnerability. The attacker can use the exploit to gain access to the application's username and password. The exploit is triggered by sending a specially crafted URL to the application.
The bug is in spp_bo.c, BoGetDirection() function. The exchange of data between the BO client and server is done using encrypted UDP packets. On x86, because of the stack layout, we end up overwriting the loop counter (i and len). To solve this problem, we can set back the approriate value for i and len. We can also able to set a NULL byte to stop the loop. In case of _non-optimized_ compiled snort binary, the stack would looks like this: [ buf1 ]..[ i ]..[ len ]..[ebp][eip][*p][*pkt_data]. The exploit could be reliable in this case, by using a pop/ret return addess. Lets send to snort a UDP packet as the following: [ BO HEADERS ][ .. ][ i ][ len ][ .. ][ POP/RET ]
A vulnerability in Firefox 1.0.7 and below and Mozilla Browser 1.7.12 and below allows remote attackers to inject arbitrary web script or HTML via a crafted link. This is due to the browser not properly sanitizing user-supplied input before using it in dynamically generated HTML pages. An attacker can exploit this vulnerability by enticing a user to click on a malicious link.
Lynx-NNTP-Server is vulnerable to a buffer overflow vulnerability when a malicious user sends a specially crafted 'HEAD' command with an overly long string. This can lead to arbitrary code execution.
A remote denial of service vulnerability exists in Opera 8.02 and below. The vulnerability is caused due to an error in the handling of HTML tags and can be exploited to cause a crash of the browser by sending a specially crafted HTML page to the user. This can be exploited by an attacker to crash the browser of a user and deny service.
A buffer overflow vulnerability exists in Mozilla Firefox and Mozilla Thunderbird versions 1.0.7 and 1.0.6 respectively. The vulnerability is caused due to a boundary error within the 'nsSVGPathDataParser.cpp' component when processing SVG Path data. This can be exploited to cause a stack-based buffer overflow by supplying a specially crafted SVG file containing an overly long 'd' attribute of a 'path' element. Successful exploitation allows execution of arbitrary code.
Services By CQR