The exploit allows an attacker to cause a denial of service (DoS) by sending a specially crafted packet to the dnsmasq DHCPv6 server. By exploiting this vulnerability, an attacker can crash the server, causing a loss of service for legitimate users.
There is a remotely exploitable stack based buffer overrun in the latest version of Mercury Mail Transport System. Specifically the SMTP Server does not properly handle long AUTH CRAM-MD5 strings resulting in a complete compromise of the underlying system.
This exploit triggers a buffer overflow vulnerability in SyncBreeze, specifically in the POST username field. By sending a large payload of A's, the program crashes. This could potentially be leveraged to execute arbitrary code or gain remote access to the system.
The PHP Multi Vendor Script v1.02 is vulnerable to a SQL Injection attack on the 'sid' parameter. An attacker can manipulate the 'sid' parameter to inject malicious SQL queries, potentially gaining unauthorized access to the database and executing arbitrary commands.
This vulnerability involves a memory comparison function that is remotely accessible via the remote procedure call in the Diskeeper administrative interface. By making use of shared user memory at 0x7FFE0000, an attacker can learn information such as Windows drive, path, and version. Additionally, an attacker can also get the name, path, version, and base address of all loaded modules in the process, defeating address space randomization (ASLR) in Windows Vista.
The vulnerability exists in the 'query' parameter of the search.php page in GetMyOwnArcade. The parameter is not properly filtered before being used in a database query, allowing an attacker to inject malicious SQL code. By using the UNION-SELECT technique, an attacker can extract sensitive information such as usernames and passwords from the database.
The EDraw Office Viewer Component 5.1 (officeviewer.ocx v. 5.1.199.1) is vulnerable to an insecure method called "HttpDownloadFile()". This vulnerability allows an attacker to download arbitrary files from a remote server to a user's machine by exploiting this insecure method.
This exploit allows an attacker to crash the Ground Control server or client. The attack can be performed by broadcasting a message to all clients or directly targeting a specific server. The attacker must specify the IP or hostname of the server. The vulnerability is caused by a buffer overflow when processing certain packets. By sending a specially crafted packet, an attacker can trigger the crash. This vulnerability affects Ground Control versions up to 1.0.0.7.
Easy Chat Server has a built-in web server that allows users to log in. The login page has a maximum character limit of 30 for the Name and Password fields. If an attacker inserts a long Name and Password by editing or creating their own login page, the chat server will crash.
This exploit is a buffer overflow vulnerability in the IMAP protocol. It allows an attacker to execute arbitrary code on a target system by sending a specially crafted message.