This exploit allows an attacker to create a buffer overflow in Total Commander 8.52. By executing a specially crafted python script, the attacker can create a file that triggers the buffer overflow when certain actions are performed in Total Commander. This can lead to remote code execution or denial of service.
This exploit targets the Wireshark version 1.12.7 and performs a division by zero denial of service attack. The exploit author is spyk, with contact email spyk[dot]developpeur[at]gmail[dot]com. The exploit has been tested on Windows 7.
Winamp MP4's plugin fails to handle exceptional conditions, which can lead to code execution. However exploitation is hard, firstly because of the return address. This code exploits a call [eax], and it might be complicated to find a correct return address. Moreover, the bug doesn't always appear. I think one attempt out of 2 will success. I'm still working on it...
A vulnerability within the ndvbs module allows an attacker to inject memory they control into an arbitrary location they define. This vulnerability can be used to overwrite function pointers in HalDispatchTable resulting in an elevation of privilege.
This exploit takes advantage of a buffer overflow vulnerability in IKEView R60 to execute arbitrary code. By creating a specially crafted file and opening it with IKEView.exe, an attacker can trigger the overflow and open a bind tcp port at port 4444. The exploit has been tested on Windows XP Service Pack 2.
This exploit targets the 3Proxy tiny free proxy server version 0.5.3g on Linux. The vulnerability is found in the logurl() function in proxy.c, where a buffer overflow can occur if the 'Host: [FILLER]' string exceeds the buffer boundary. By crafting a specific payload consisting of [NOPS][SHELLCODE][RETADDR], an attacker can execute arbitrary code on the target system.
The CreateObjectTask scheduled task initializes a user accessible system COM service which allows you to instantiate the SettingsSyncDiagnostics COM object. This object doesn’t take into account the caller when copying logs files leading to EoP.
The CreateObjectTask scheduled task initializes a user accessible system COM service which allows you to instantiate the TileUserBroker COM object. This object doesn’t take into account the caller when writing and deleting files leading to EoP.
The psipuss version 1.0 script allows an attacker to disclose sensitive user information by manipulating the 'Uid' parameter in a SQL query. This vulnerability can be exploited to retrieve arbitrary user data from the database.
This is a proof of concept exploit for Melange Chat Server 1.10. The exploit allows an attacker to control the EIP (Extended Instruction Pointer) and execute arbitrary code. The exploit code has been tested on Suse 8.0 and RH 7.3. The exploit uses a shellcode provided by Irian. The exploit requires the target host, ret address in hex, and port as input parameters.
Services By CQR