A vulnerability in Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code via a crafted Excel file containing a malformed HFPicture record, as exploited in the wild in June 2010.
With This vulnerability you can feed the malicious link to Admin of site (when he is already logged in) to move a file with Administrator Privilege. In this path you can find a method that move files to any path: http://Example.com/Services/FileService.ashx. With this command we can move user.config file to user.config.aaa: http://Example.com/Services/FileService.ashx?cmd=movefile&srcPath=./../../../user.config&destPath=./../../../user.config.aaa and then we can download it from URL: http://Example.com/user.config.aaa. This vulnerability can be exploited by an attacker to inject malicious script code in the application. The attacker can inject malicious script code in the application by using the 'Name' parameter in the 'Add New User' page.
Chalk Creek Media Player 1.0.7 is vulnerable to a Denial of Service attack when a specially crafted .wma or .mp3 file is opened. The attack can be triggered by launching the application and selecting the specially crafted file. The attack causes the application to crash.
This module exploits a stack buffer overflow in Race river's Integard Home/Pro internet content filter HTTP Server. Versions prior to 2.0.0.9037 and 2.2.0.9037 are vulnerable. The administration web page on port 18881 is vulnerable to a remote buffer overflow attack. By sending an long character string in the password field, both the structured exception handler and the saved extended instruction pointer are over written, allowing an attacker to gain control of the application and the underlying operating system remotely. The administration website service runs with SYSTEM privileges, and automatically restarts when it crashes.
A SEH exploit exists in MP3 Workstation Version 9.2.1.1.2 due to a lack of proper validation of user-supplied input. An attacker can exploit this vulnerability by sending a specially crafted .pls file to the application, which will cause a buffer overflow and allow the attacker to execute arbitrary code. The vulnerability was discovered by Sanjeev Gupta and tested on Windows XP SP2.
A memory corruption vulnerability exists in Ipswitch Imail Server List Mailer Reply-To Address due to improper validation of user-supplied input. An attacker can exploit this vulnerability by sending a specially crafted email to the vulnerable server. This can allow the attacker to execute arbitrary code in the context of the application.
eNdonesia 8.4 is vulnerable to a SQL injection vulnerability in the print module. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable server. This request contains a malicious SQL query that can be used to extract sensitive information from the database.
An unauthenticated remote code execution vulnerability was identified in the code handling the conversion and checking of an iCalendar email address parameter. An overly large email address string can lead to the overflow of a stack allocated buffer due to insufficient bounds checking when a CStrcpy (string copy) is performed. A remote, unauthenticated attacker could execute code in the context of the Lotus Domino server process (nrouter.exe) by sending a specially crafted malicious email to the Lotus Domino SMTP server.
E-Xoopport is vulnerable to a Remote Blind SQL Injection vulnerability in the Sections Module. An attacker can exploit this vulnerability to gain access to the database and execute arbitrary SQL commands. This vulnerability affects versions 3.1 and earlier.
This version of FreeDiscussionForums have Multiple Valnerabilities : Access to Admin's Section and Persistent XSS. With this path you can easily access to Admin's section: http://Example.com/ManageSubject.aspx. Valnerable Code : DLL : App_Web_wngcbiby.dll, Class : Class adminlogin. In this application also there is a Persistent XSS exist in title field. Valnerable Code : DLL : App_Web_wngcbiby.dll, Class : Class AddPost
Services By CQR