This exploit affects SlySoft Inc. products CloneCD < 5.3.1.4, CloneDVD < 2.9.2.2, Virtual CloneDrive < 5.4.2.5, AnyDVD & AnyDVD HD < 6.5.2.8 and ElbyCD Windows NT/2000/XP I/O driver - ElbyCDIO.sys < 6.0.3.2. It allows an attacker to gain elevated privileges on the system.
A buffer overflow vulnerability exists in POP Peeper 3.4.0.0, which allows a remote attacker to execute arbitrary code on the vulnerable system. The vulnerability is due to a boundary error when handling a specially crafted LOGIN command. An attacker can exploit this vulnerability to execute arbitrary code on the vulnerable system with the privileges of the user running the application.
Hannon Hill's Cascade Server product is vulnerable to a command execution vulnerability. An attacker with access to an unprivileged account within Cascade Server could exploit this vulnerability to run arbitrary commands on the system with the privileges of the user who started Cascade Server.
Chasys Media Player is vulnerable to a local buffer overflow vulnerability when processing a specially crafted .lst playlist file. This allows an attacker to execute arbitrary code on the vulnerable system with the privileges of the user running the application.
This PoC exploits a Denial of Service vulnerability in SW-HTTPD Server v0.x. The vulnerability is triggered when multiple connections are made with GET /A[100] HTTP/1.1. After the server is not able to find all pages, it crashes.
The first vulnerability is an insecure cookie handling vulnerability which allows an attacker to set a cookie with the value 'you are identified' and gain access to the application. The second vulnerability is a SQL injection vulnerability which allows an attacker to inject arbitrary SQL code in the query.
The multipart processor of modsecurity does not sanitize the user supplied input sufficiently. Therefore, an attacker can send a crafted post request of type multipart/form-data which will lead in a remote denial of service. On line 1267, due to the pointer parts[i]->name is not properly sanitized the parameter of strlen function takes the value NULL, getting a segmentation fault and resulting in a crash of the apache process that handle the request.
A vulnerability exists in Pivot 1.40.6 which allows an attacker to delete files remotely. This is due to the fact that the $bbclone_debug variable is never changed and is always set to false. This allows an attacker to use the 'refkey' parameter in the 'count.php' script to delete files. If the register globals is ON, an attacker can use this bug to include some file.
Advanced Image Hosting (AIH) is vulnerable to Blind SQL Injection. An attacker can exploit this vulnerability to gain access to the database and extract sensitive information. The PoC/Live Demo provided in the text shows how an attacker can use the Blind SQL Injection vulnerability to extract the username and password of the admin. The attacker can use the same technique to extract other sensitive information from the database.
Icarus 2.0 is vulnerable to a local stack overflow vulnerability. The vulnerability is triggered when a malicious user sends a specially crafted file to the application. This causes a buffer overflow, which can be used to overwrite the return address and execute arbitrary code. The exploit code contains a payload that is used to overwrite the return address and execute arbitrary code.
Services By CQR