This exploit is a proof of concept for a local crash vulnerability in foobar2000 1.3.9. The vulnerability is caused due to a boundary error when processing ASX files and can be exploited to cause a stack-based buffer overflow by tricking a user into opening a specially crafted ASX file. This may allow execution of arbitrary code.
A number of Windows kernel crashes were encountered in the win32k.sys driver while processing a specific corrupted TTF font file. The cleanest stack trace indicates where the pool corruption takes place and/or the root cause of the vulnerability.
This exploit is a proof of concept for a local crash vulnerability in foobar2000 version 1.3.9. The exploit creates three files, Local_Crash_PoC.pls, Local_Crash_PoC.m3u, and Local_Crash_PoC.m3u8, which contain a string of 256 'A' characters. When these files are opened in foobar2000, the application will crash.
An attacker who lures a DIR-816L authenticated user to browse a malicious website can exploit cross site request forgery (CSRF) to submit commands to DIR-816L wireless router and gain control of the product. The attacker could submit variety of commands including but not limited to changing the admin account password, changing the network policy, etc.
XSS vulnerability via metadata title. Launch: vlc.exe --http-host=127.0.0.1 --http-port=8080 --http-password=andrea. Open Browser and go to localhost:8080 (for more info see https://wiki.videolan.org/Documentation:Modules/http_intf/). Then left username blank and password andrea. Select poc.mp3 (attached) file. See Attached image.
A buffer overflow vulnerability exists in Sam Spade 1.14 when a user enters the contents of 'sam_spade_browse_url.txt' into the 'Browse Web' tool. This can lead to a denial of service or potentially code execution.
The vulnerability is caused due to a boundary error in the processing of a project file, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .LF5 file. Successful exploitation could allow execution of arbitrary code on the affected machine.
The vulnerability is caused due to a boundary error in the processing of a project file, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .TPC file. Successful exploitation could allow execution of arbitrary code on the affected machine.
The vulnerability is caused due to a boundary error in the processing of a project file, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .TPC file. Successful exploitation could allow execution of arbitrary code on the affected machine.
The vulnerability is caused due to a boundary error in the processing of a Genie FBD, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .GFB file. Successful exploitation could allow execution of arbitrary code on the affected machine.
Services By CQR