header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

Multiple Denial of Service Vulnerabilities in Gattaca Server 2003

The Gattaca Server 2003 is vulnerable to multiple denial of service vulnerabilities. These vulnerabilities allow a remote attacker to crash the application, resulting in a denial of service for legitimate users. The vulnerabilities can be exploited by sending specially crafted requests to the server.

IM-Switch Insecure Temporary File Handling Symbolic Link Vulnerability

The im-switch utility is prone to a local insecure temporary file handling symbolic link vulnerability. This vulnerability occurs due to a design error that allows the application to insecurely write to a temporary file with a predictable file name. An attacker can exploit this vulnerability by creating symbolic links to arbitrary files, which can result in the corruption of these files and potentially lead to privilege escalation or a system-wide denial of service.

Microsoft POSIX Subsystem Local Privilege Escalation Vulnerability

The Microsoft POSIX subsystem implementation is prone to a local buffer overflow vulnerability. A local attacker may exploit this vulnerability in order to run code with elevated privileges, fully compromising the vulnerable computer.

Remote PHP Script Injection in phpBB ‘viewtopic.php’ Script

The 'viewtopic.php' phpBB script is prone to a remote PHP script injection vulnerability because the application fails to properly sanitize user-supplied URI parameters before using them to construct dynamically generated web pages. Exploiting this issue may allow a remote attacker to execute arbitrary commands in the context of the webserver that is hosting the vulnerable software.

Ability Mail Server Multiple Vulnerabilities

Ability Mail Server is prone to multiple vulnerabilities that may allow a remote attacker to carry out cross-site scripting and denial of service attacks. The server is prone to a cross-site scripting vulnerability that may allow an attacker to execute arbitrary HTML and script code in the browser of a vulnerable user. It is also prone to a denial of service vulnerability that occurs when an attacker establishes about 150-200 connections to various services such as SMTP, POP3, View FeaturesIMAP4, WebMail etc.

Microsoft Internet Explorer Mouse Event Hijacking Vulnerability

A vulnerability exists in Microsoft Internet Explorer that may permit a malicious Web page to hijack mouse events. This could potentially be exploited to trick an unsuspecting user into performing unintended actions such as approving pop-up dialogs. The method caching variant of this attack is also reported to work. This issue could potentially be exploited to execute arbitrary code or be used in other attacks. A variant of this proof of concept has been supplied by http-equiv: Just substitute the following: 1. <img src="greyhat.html" id=anch onmousedown="parent.nsc.style.width=2000;parent.nsc.style.height=2000;parent.pop.show(1,1,1,1);parent.setTimeout('showalert()',3000);" style="width=168px;height=152px;background-image:url('youlickit.gif');cursor:hand" title="click me!"></a> 2. location="shell:favoritesgreyhat[1].htm"

Cross-domain/Cross-zone Scripting in Microsoft Internet Explorer

A vulnerability exists in Microsoft Internet Explorer that may allow cross-domain/cross-zone scripting. It is reported that the vulnerability presents itself due to a failure to properly validate trust relationships between method calls that are made in separate Internet Explorer windows. This may make it possible for script code to access properties of a foreign domain or Security Zone. Exploitation may permit execution of arbitrary code as the victim user.

Insecure Temporary File Creation in Sun Java Virtual Machine

The Sun Java Virtual Machine is prone to an insecure temporary file creation weakness. The issue is caused by the 'Font.createFont' method creating a temporary file with a predictable name. This vulnerability can be exploited in combination with other vulnerabilities in Internet Explorer to execute arbitrary code on a vulnerable computer.

Recent Exploits: