Icarus 2.0 is vulnerable to a buffer overflow vulnerability when a specially crafted .PGn file is opened. This can be exploited to execute arbitrary code by corrupting the SEH chain and overwriting the return address with a pointer to malicious code. This vulnerability affects Icarus 2.0 on Windows SP2.
This exploit is a proof-of-concept for a privilege escalation vulnerability in the Enlightenment window manager. It allows a local user to gain root privileges. The vulnerability is due to a lack of proper input validation in the Enlightenment window manager. The exploit works by creating a specially crafted X11 window, which can be used to overwrite a function pointer in the Enlightenment window manager. This allows the attacker to execute arbitrary code with root privileges.
This PoC exploits an integer overflow vulnerability in INMATRIX Zoom Player Pro versions 5.0.2 and 6.0.0 on Windows XP SP3. The vulnerability is triggered when a specially crafted MIDI file is opened, which causes a buffer overflow. The MIDI structure must be accurate for the exploit to work.
The Local File Inclusion vulnerability allows a guest to include a local file. The File Disclosure vulnerability allows a guest to view the content of a local file. The Multiple Blind SQL Injection and SQL Injection vulnerabilities allow a guest to inject SQL statements into the affected queries. The Reflected XSS vulnerability allows a guest to inject HTML and JavaScript code into the affected page.
KSP 2009R2 Sound Player was released 28//8//2009 and is vulnerable to a local buffer overflow exploit. The exploit is triggered when a specially crafted m3u file is opened, which causes a buffer overflow and overwrites the SEH handler. The shellcode is then executed, allowing for arbitrary code execution.
Advanced comment system 1.0 is vulnerable to a Remote File Inclusion vulnerability. An attacker can exploit this vulnerability by sending a malicious URL to the vulnerable script. This malicious URL can be used to execute arbitrary code on the vulnerable server. The vulnerable script is 'index.php' and 'admin.php' located in the 'advanced_comment_system' directory. The malicious URL should contain the path to the malicious file which will be executed on the vulnerable server.
A remote denial of service vulnerability exists in Kolibri+ Webserver 2. Sending a specially crafted HTTP request with an overly long string of 'A' characters causes the application to crash.
A vulnerability in Media Player Classic 6.4.9 allows an attacker to execute arbitrary code by sending a specially crafted .mid file. This is due to an integer overflow in the handling of the .mid file. The vulnerability is triggered when the .mid file is opened, leading to a stack-based buffer overflow.
A buffer overflow vulnerability exists in jetAudio v 7.1.9.4030 plus vx(asx/wax/wvx)Universal, which could allow an attacker to execute arbitrary code on the target system. The vulnerability is due to a lack of proper validation of user-supplied data, which could result in a buffer overflow. An attacker could exploit this vulnerability by convincing a user to open a specially crafted ASX file.
Millenium MP3 Studio is vulnerable to a buffer overflow vulnerability when a specially crafted .pls file is opened. This can be exploited to execute arbitrary code by corrupting the stack and overwriting the SEH handler. The vulnerability is caused due to a boundary error when handling the 'http://' string. This can be exploited to cause a stack-based buffer overflow via a specially crafted .pls file.
Services By CQR