IBM WebSphere Portal is prone to a stored Cross-Site Scripting (XSS) vulnerability in the Web Content Management component, which allows authenticated users to inject arbitrary JavaScript. A potential attacker authenticated to the Web Content Management can exploit this vulnerability by creating a malicious web content and persuading the victim to visit it. This issue can lead to different kind of user-targeted attacks such as cookie stealing and account violation.
Use CSRF to force currently logged in user to create a bookmark pointing to an endpoint controlled by the attacker. Use subsequent request to call the bookmark just created. The identifier of the bookmark can be bruteforced using a single decrementing integer and causes minimal time delay. Gather the credentials on the target server provided in step #1
The vulnerability allows an attacker to include local files by exploiting the php121db.php script. The attacker can specify a local file in the php121dir parameter, which is not properly sanitized, leading to arbitrary file inclusion. The vulnerability can be exploited by sending a crafted request to the vulnerable server.
This is a proof of concept (PoC) exploit for a local heap overflow vulnerability in MS Windows .HLP files. The exploit takes advantage of a flaw in the way .HLP files are processed, allowing an attacker to overflow the heap and potentially execute arbitrary code. The specific details of the vulnerability are not provided in this post.
Macro Toolworks is prone to a local buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. Local attackers can exploit this issue to run arbitrary code with elevated privileges. Failed exploit attempts can result in a denial-of-service condition.
Buffer overflow exploit in Mediacoder version 0.8.34.5716. The exploit takes control of the EIP and jumps backwards to avoid bad bytes.
This exploit is for IrfanView 3.99 .ANI file buffer overflow vulnerability. It allows an attacker to execute arbitrary code by crafting a malicious .ANI file. The exploit also includes a bind shell payload that opens a TCP port 4444.
The Battle.net Clan Script 1.5 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by manipulating the 'user' and 'pass' parameters in the login.php file.
My 7 line python fuzzer found several file format bugs in 3 hours. No deep analysis was done. These bugs include an Unspecified Overflow in word 2007 which can lead to a crash in wwlib.dll. Another bug causes CPU exhaustion DOS, where the CPU shoots up to 100%. There is also a bug that causes CPU exhaustion DOS and triggers the Windows system sound .ding!.
This is a proof-of-concept exploit for the SoX stack overflow vulnerability. The exploit creates a malicious WAV file named britney.wav, which triggers the vulnerability when played using the 'play' command. The exploit payload consists of shellcode that opens a shell on the target system. The vulnerability was discovered by Ulf Harnhammar and the exploit was created by Serkan Akpolat. The exploit has been tested on Slackware 9.1. The vulnerability allows an attacker to execute arbitrary code on the target system.
Services By CQR