The exploit creates a malicious PDF file that triggers a memory corruption vulnerability in Able2Doc and Able2Doc Professional version 6.0. By opening the specially crafted PDF file, an attacker can corrupt the memory of the application, leading to potential code execution or system instability.
The exploit involves creating a malicious PDF file with a payload that causes a memory corruption in Able2Extract and Able2Extract Server v 6.0. By opening the crafted PDF file, an attacker can trigger the memory corruption and potentially execute arbitrary code.
This exploit allows an attacker to trigger a heap overflow vulnerability in the touchview.exe component of Kingview version 6.53. By sending a specially crafted packet to the network configuration interface, an attacker can cause a buffer overflow and potentially execute arbitrary code on the targeted system. This vulnerability was already patched by the vendor silently.
The LPRng software is an enhanced, extended, and portable version of the Berkeley LPR software (the standard UNIX printer spooler) that ships with Debian GNU/Linux. When root controls the print queue, the authentication that is used is based on whether the client source port connecting to lpd is privileged or not. Apparently, lpd does not check the source port properly, and it is possible for any local user to control the print queue with a modified client. The consequences of this vulnerability being exploited is a compromise of print queue control.
This is a Perl script that exploits a SQL injection vulnerability in DataLife Engine. It allows an attacker to retrieve the password hash for a specific user by brute-forcing the characters of the hash.
This is a buffer overflow exploit in the Lsof utility. When the utility is run with root privileges, it is vulnerable to a buffer overflow that can allow regular users to gain root privileges.
The encrypted passwords for Remote.NLM can be decrypted easily using pencil and paper. The password structure and encryption algorithm are explained in detail.
The rmail utility included in SGI Irix operating system is vulnerable to arbitrary command execution. This vulnerability occurs due to a lack of input validation on the contents of an environment variable. An attacker can exploit this vulnerability to execute arbitrary commands with the gid mail privilege level. The rmail utility is commonly used with uucp.
The pset utility, as shipped by SGI with Irix 5.x and 6.x through 6.3, contains a buffer overflow, which can allow any user on the system to execute arbitrary code on the machine as root. Pset is used to configure and administer processor groups in multiprocessor systems. By supplying a well crafted, long buffer as an argument, the return address on the stack is overwritten, allowing an attacker to execute code other than that which was intended.
By using the '-h' flag in the lquerypv command, an attacker can read any file on the file system in hex format.
Services By CQR