BS.Player is prone to a universal SEH overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.
Google SketchUp is prone to a memory-corruption vulnerability when handling specially crafted 3DS files. An attacker can exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.
This exploit uses a buffer overflow vulnerability in Internet Explorer's ActiveX control to execute arbitrary code. The exploit code is written in VBScript and uses the 'target.Exec' command to execute a program of the attacker's choice. In this case, the program is 'calc.exe' which is located in the Windows system32 directory.
This is a proof-of-concept exploit for a local buffer overflow vulnerability in Sub Station Alpha v4.08 .rt file. The exploit is written in C and creates a malicious .rt file with a size of 109 bytes of header, 154 bytes of tail and a variable amount of NOPs in between. The malicious file is then written to the disk.
By entering the username as 'admin' and password as 'or' 1=1, an attacker can bypass the authentication of PonVFTP and gain access to the application.
Max's File Uploader is vulnerable to a remote file upload vulnerability. An attacker can upload a malicious file to the server, which can be used to gain access to the server. The attacker can use the Dork to find the vulnerable website and then use the exploit to upload a malicious file to the server. The malicious file can then be accessed via the path maxFileUpload/shell.php.
A SEH overwrite vulnerability exists in BS.Player v2.51. An attacker can exploit this vulnerability by creating a malicious .bsi file containing a specially crafted Skin option with a large number of 'A' characters followed by four 'B' characters and four 'C' characters. When the file is opened, the SEH handler will be overwritten with the 'C' characters, allowing the attacker to execute arbitrary code.
A buffer overflow vulnerability exists in OtsTurntables Free v1.00.047. An attacker can exploit this vulnerability by sending a specially crafted file with a large amount of data to the application, resulting in a SEH overwrite. This can allow an attacker to execute arbitrary code in the context of the application.
There is a widespread failure in the way that (.MOV) files are handled by the Quicktime Library. Nearly every (.MOV) enabled application that I tested fell victim to this exploit. This is a local memory corruption vulnerability in the way these programs process a malformed file. Memory Corruption is repeatable and code execution seems possible. Because this issue affects web browsers it seems that the attack vector will be both Local and Remote.
The bug allows listing the names of arbitrary file on the webserver- NOT THEIR CONTENTS. It also allows adding, deleting and updating authorization in acl.auth.php file.
Services By CQR