Adobe Audition suffers from a buffer overflow vulnerability when dealing with .SES (session) format file. The application fails to sanitize the user input resulting in a memory corruption, overwriting several memory registers which can aid the attacker to gain the power of executing arbitrary code or denial of service.
This exploit bypasses DEP (Data Execution Prevention) in A-PDF Wav to MP3 Converter version 1.2.0. It allows an attacker to execute arbitrary code by exploiting a stack pivot vulnerability and manipulating the stack pointer.
The exploit allows for a bypass of DEP (Data Execution Prevention) in A-PDF All to MP3 Converter version 2.0.0. It leverages a stack pivot and stack pointer technique to execute arbitrary code.
Slimpdf Reader from investintech is prone to several overflows that can lead to code execution. The crash is triggered by simply adding 50,000 random characters in the header of a PDF file.
GEARAspiWDM.sys (the CD / DVD filter) driver don't check all inputs of an IOCTL. An exception can be thrown if we modify one byte. With my test I can't do best exploitation than a BSOD.
SPlayer is vulnerable to a remote buffer overflow when parsing a specially crafted HTTP header from a remote server. The bug is triggered due to the "Content-Type:" field being passed to the wcstol() function, prior to any bounds checking. This could allow an attacker to trick a remote user into opening a specially crafted playlist file, containing a URL pointing to a malicious web server.
This exploit takes advantage of a buffer overflow vulnerability in NetOp Remote Control software versions 8.0, 9.1, 9.2, and 9.5. It allows an attacker to execute arbitrary code on a target system. The vulnerability is caused by a lack of proper input validation in the software's handling of certain files. By sending a specially crafted file, an attacker can trigger a buffer overflow and overwrite critical memory, leading to code execution. The exploit includes a payload that establishes a reverse TCP shell connection to the attacker's machine. This allows the attacker to gain remote access to the target system.
The Quick CMS v3.0 is vulnerable to cross-site request forgery (XSRF) attack which allows an attacker to add an admin user without warning. The exploit code is provided in the text.
This is a buffer overflow exploit for FirstClass Desktop 7.1. It allows an attacker to execute arbitrary code by overflowing a buffer in the application. The exploit is discovered and coded by I2S-LaB.
The ElonFmt ActiveX Control Module suffers from a buffer overflow vulnerability. When a large buffer is sent to the pid item of the GetItem1 function in elonfmt.ocx module, we get a few memory registers overwritten including the SEH. An attacker can gain access to the system on the affected node and execute arbitrary code.
Services By CQR