PPStream is the most huge p2p media player in the world. There is a vulnerability in the COM Object {D22DE742-04CD-4B5C-A8A3-82AB3DAEC43D} PPSMediaList Control, which is exploitable. The vulnerability is caused by the lack of proper input validation when handling the Keyword parameter. An attacker can exploit this vulnerability by sending a maliciously crafted Keyword parameter to the vulnerable application. This can allow the attacker to execute arbitrary code on the target system.
SAP player 0.9 is vulnerable to a buffer overflow vulnerability when processing specially crafted .m3u files. This can be exploited to execute arbitrary code by tricking a user into opening a malicious .m3u file. The vulnerability is caused due to a boundary error when the application copies user-supplied data to a fixed-length buffer, which can be exploited to cause a stack-based buffer overflow.
Hamster Audio Player 0.3a is vulnerable to a local buffer overflow vulnerability when a specially crafted Associations.cfg file is placed in the same directory as the application. This can be exploited to execute arbitrary code by overwriting the SEH handler with a pointer to malicious code.
This exploit is a python script which can be used to exploit Adobe Reader versions 9.0.0 and 8.1.2 on Windows XP SP3 English/French and Windows 2003 SP2 English. It can be used to exploit standalone PDFs, embedded PDFs in Firefox 3.0.13 and Internet Explorer 7.
A remote SQL injection vulnerability exists in PHP Live! Chat v3.3. An attacker can exploit this vulnerability to gain access to the database and extract sensitive information such as usernames and passwords. The vulnerability is due to insufficient sanitization of user-supplied input in the 'deptid' parameter of the 'message_box.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable script. Successful exploitation of this vulnerability can result in unauthorized access to the database and extraction of sensitive information.
A vulnerability in Ve-EDIT v 0.1.4 allows remote attackers to include and execute arbitrary local files via a URL in the highlighter parameter to edit_htmlarea.php.
Discuz! Plugin JiangHu version 1.1 is vulnerable to a SQL injection vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable server. This can allow the attacker to gain access to sensitive information such as usernames and passwords stored in the database.
This exploit is used to gain root access on Linux systems with kernel version less than 2.6.19. It uses a bug in the udp_sendmsg function via (*output) callback function used in dst_entry/rtable. The bug was reported by Tavis Ormandy and Julien Tinnes of the Google Security Team.
This exploit is a bit more nuanced and thoughtful. It is a buffer overflow vulnerability in the udp_sendmsg() function on x86/x64 architectures. It was discovered by Julien/Tavis and p0c73n1.
dTunes 2.72 is vulnerable to a local format string vulnerability in the filename processing. An attacker can exploit this vulnerability by copying a specially crafted file over to the device on /var/mobile/Library/Downloads/ and attempting to play it with dTunes. This can also be done through dTunes interface - just tap 'Edit', double tap any mp3 file, rename to '%s.mp3', tap 'Save', confirm & play. This will lead to a crash with a GDB backtrace.