This module takes advantage of a Same-Origin Policy (SOP) bypass vulnerability in the Samsung Internet Browser, a popular mobile browser shipping with Samsung Android devices. By default, it initiates a redirect to a child tab, and rewrites the innerHTML to gather credentials via a fake pop-up.
There is an out-of-bounds read vulnerability in the jscript.dll library, which is used in Internet Explorer (IE), WPAD, and other places. The vulnerability can be triggered by a specially crafted regular expression. An attacker could exploit this vulnerability to read sensitive information or cause a denial of service.
This Proof of Concept (POC) code demonstrates an integer overflow vulnerability in the GDI32.dll library, which can cause a denial of service (DOS) condition. When an application reads a malformed Windows Meta File (WMF) like this POC, it crashes. By applying this code, an attacker can execute arbitrary code.
There is a use-after-free vulnerability in the jscript.dll library that can be exploited in IE11. The vulnerability occurs when calling the toString method of an argument in the JSONStringifyObject function. The return value of the toString method is not added to the garbage collector's root object list and can be freed during subsequent callbacks.
An attacker can edit all message in xGB by accessing http://www.site.com/path/xGB.php?act=admin&do=edit
This exploit allows an attacker to crash Yahoo! Messenger 8.1.0.413 by injecting a compiled DLL when the target accepts an invitation to view the attacker's webcam.
This module exploits a stack buffer overflow in Advantech WebAccess 8.2. By sending a specially crafted DCERPC request, an attacker could overflow the buffer and execute arbitrary code.
This exploit allows an attacker to remotely overflow the heap in MSN Messenger version 7.x (possibly 8.0). The exploit involves compiling a DLL, injecting it into the MSN Messenger process, and then sending a webcam invitation to a contact who is online. If the invitation is accepted, the target's MSN Messenger will crash. On a Chinese version of Windows 2000 SP4, it may also result in a reverse shell. The source code of the DLL needs to be adjusted for other versions of Windows 2000 by modifying the jmpa address.
This module exploits a stack buffer overflow in Dup Scout Enterprise 10.0.18. The buffer overflow exists via the web interface during login. This gives NT AUTHORITYSYSTEM access.
We have discovered a memory leak and a buffer overflow in the dynamic loader (ld.so) of the GNU C Library (glibc). The memory leak (CVE-2017-1000408) first appeared in glibc 2.1.1 (released on May 24, 1999) and can be reached and amplified through the LD_HWCAP_MASK environment variable.
Services By CQR