Three proof-of-concept exploit files have been released for Microsoft PowerPoint. It is unknown if these exploits target newly discovered vulnerabilities or previously disclosed issues. These vulnerabilities may allow remote attackers to cause crashes or execute arbitrary machine code in the context of the affected application.
This exploit targets the named INFOLEAK and TSIG bug in BIND 8.2.x versions. It is a Linux-only shellcode and is provided for demonstration purposes only. The exploit is considered broken with several errors, but it can be fixed with some understanding of how it works.
This vulnerability allows attackers to corrupt process memory and execute arbitrary code in the context of targeted users.
The AdPlug library is affected by multiple remote buffer-overflow vulnerabilities. These issues are due to the library's failure to properly bounds-check user-supplied input before copying it into insufficiently sized memory buffers. These issues allow remote attackers to execute arbitrary machine code in the context of the user running applications that use the affected library to open attacker-supplied malicious files.
At the following URL as a student, http://server/blog/external_blog_edit.php, it is possible to remotely add an rss blog. The <link> parameter in an rss feed is vulnerable to javascript injection. This blog post is viewable by everyone on moodle and you can link to it directly. Upon clicking the "Link to original blog entry" link, you get javascript execution. In moodle the "sesskey" parameter holds the session key used to prevent csrf, this isn't unique for every form once logged in so many forms can be submitted using this item. It is available on every page which makes xss quite dangerous in this case. Using a link value of <link>javascript:prompt(document.domain);</link>, this will display a demonstrative prompt as expected. For a live example you can remotely include my blog rss feed. http://makthepla.net/Rss/ My moodle blog post has a <link> value of the foll
Plume CMS is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows the attacker to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.
MKPortal is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid in further attacks.
This issue allows remote attackers to crash the application, denying further service to legitimate users.
Softbiz Dating Script is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
Proof of concept overwrites the win.ini file