The Python 2.7 array.fromstring() method suffers from a use after free caused by unsafe realloc use. The issue is triggered when an array is concatenated to itself via fromstring() call.
The Python 2.7 hotspot module suffer from a heap buffer overflow due to a memcpy in the pack_string function.
This exploit allows an attacker to create a file called buffer.txt, open it in the Gold Player application, and gain control of a bind tcp port at 4444. The exploit involves executing a Python script, copying the contents of buffer.txt, and pasting them into the Gold Player application. The exploit has been tested on Windows 8.1 Pro and Windows 7 Ultimate.
If TCPing is called with a specially crafted CL argument, it causes an exception and overwrites the Pointers to next SEH record and SEH handler with a buffer and malicious shellcode. TCPing is not compiled with SafeSEH, so an arbitrary code execution can be achieved on the victim's system.
This exploit allows an attacker to execute arbitrary code by exploiting a buffer overflow vulnerability in Sam Spade 1.14. The vulnerability occurs when processing input from the 'Scan from IP addresses' input field. By providing a specially crafted input, an attacker can overwrite the return address and gain control of the program's execution flow.
This exploit allows an attacker to include remote files in PHPtree plugin HP_DEV cms2.php script by manipulating the s_dir parameter in the URL. This can lead to arbitrary code execution on the server.
There is a generic stack-based buffer overflow in all versions of Xine-lib, including Xine-lib-rc5, that allows for local and remote malicious code execution. By overflowing the vcd:// input source identifier buffer, it is possible to modify the instruction pointer with a value that a malicious attacker can control.
The application's module used for handling incoming connections contains a flaw. When handling authentication requests, the vulnerable process copies user provided input to a fixed length buffer without performing a length check. A remote unauthenticated attacker can exploit this vulnerability to cause a buffer overflow and execute arbitrary code in the context of the exploited application (installed as a service by default, i.e. with "NT AUTHORITYSYSTEM" privileges).
An attacker can exploit these vulnerabilities in et-chat 3.07 and potentially other versions to gain elevated privileges within the application and upload arbitrary shells. This could lead to arbitrary code execution within the context of the vulnerable application.
The Archangel Weblog version 0.90.02 is vulnerable to Local File Inclusion and Login Page Bypass By Cookie attacks. An attacker can exploit this vulnerability by sending a specially crafted request to the index.php file, allowing them to include local files or bypass the login page using a manipulated cookie. This can lead to unauthorized access to sensitive information or administrative privileges.