The vulnerability allows remote attackers to execute arbitrary code on the affected system.
This module exploits a remote code execution vulnerability in the pickle handling of the rendering code in the Graphite Web project between version 0.9.5 and 0.9.10(both included).
The exploit takes advantage of a buffer overflow vulnerability in freeFTPd 1.0.10. It allows an attacker to execute arbitrary code by sending a specially crafted payload to the server. The exploit uses an egghunter technique to find and execute the shellcode. The shellcode spawns a cmd.exe shell. The exploit has been tested on Windows XP SP3.
GCM16 (v.1.18.0.22011) and older versions of this KVM switch contain a flaw that allows a remote authenticated user to execute unauthorized commands as root. This flaw exists because webapp variables are not sanitized. In this case, parameters $count and $size from ping.php allow to create a special crafted URL to inject text to an exec() so it can be arbitrarily used to execute any command on the KVM embedded linux.
This code contains a buffer overflow vulnerability. The shellcode is stored in the 'shellcode' variable and is executed when the vulnerable function is called. The vulnerability can be exploited by sending a specially crafted input to the vulnerable function, causing it to overwrite memory beyond the buffer boundaries. This can lead to arbitrary code execution.
SimpleBBS is prone to an arbitrary command-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this vulnerability to execute arbitrary PHP commands in the context of the webserver process. This may help attackers compromise the underlying system; other attacks are also possible.
The IntegerInterleavedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of 'dataOffsets[0]' boundary checks. This vulnerability allows for remote code execution.
This module exploits a buffer overflow vulnerability found in Chasys Draw IES (version 4.10.01). The vulnerability exists in the module flt_BMP.dll, while parsing BMP files, where the ReadFile function is used to store user provided data on the stack in an insecure way. It results in arbitrary code execution under the context of the user viewing a specially crafted BMP file. This module has been tested successfully with Chasys Draw IES 4.10.01 on Windows XP SP3 and Windows 7 SP1.
This module exploits a vulnerability in MiniWeb HTTP server (build 300). The software contains a file upload vulnerability that allows an unauthenticated remote attacker to write arbitrary files to the file system. Code execution can be achieved by first uploading the payload to the remote machine as an exe file, and then upload another mof file, which enables WMI (Management Instrumentation service) to execute the uploaded payload. Please note that this module currently only works for Windows before Vista.
This exploit is used to send TCP reset packets to terminate an established TCP connection. It is compiled with Delphi 5/6/7.
Services By CQR