This exploit targets the deleteReport() function in the Nessus Vulnerability Scanner 3.0.6 ActiveX control. By passing a relative path to the deleteReport() function, an attacker can delete arbitrary files on the system. The exploit was discovered by Krystian Kloskowski (h07) and has been tested on Nessus 3.0.6 running on Internet Explorer 6 on Windows XP SP2 (Polish). This exploit is provided for demonstration purposes only.
Easy File Sharing Webserver v1.25 will consume 99% of CPU usage until it crashes when sent large requests.
The exploit creates a crafted .mls file which triggers a buffer overflow in Crystal Player 1.98. This vulnerability allows an attacker to overwrite the EIP and EBP registers, leading to a Denial of Service (DOS) and potential library destruction upon successful exploitation. The exploit adds a user 'root' with password 'root' to the operating system. It has been tested on x86 Vista Enterprise Edition.
The Android application is vulnerable to Remote Code Execution attacks. This is caused by specific lines of code within the main.java file.
This exploit takes advantage of a buffer overflow vulnerability in the Imail software to gain unauthorized access to the system. It allows an attacker to execute arbitrary code on the target machine.
The PHP imagepsloadfont function is vulnerable to a buffer overflow. By providing a long string as the argument, an attacker can cause an access violation and potentially execute arbitrary code.
When importing a large user account file on to EFS Web Server 7.2 will trigger the vulnerability.
FASM ( Flat Assembler ) 1.7.21 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker could exploit this vulnerability to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial-of-service condition.
This exploit takes advantage of a buffer overflow vulnerability in the Easy File Sharing Web Server 7.2. By sending a specially crafted GET HTTP request, an attacker can trigger a buffer overflow, leading to potential remote code execution.
This exploit allows an attacker to download and overwrite files on a vulnerable system using the "GetToFile" method of the CLINETSUITEX6.OCX ActiveX control. The provided code downloads a text file from a remote server and saves it to the local system. The exploit can be modified to overwrite any file on the system, such as cmd.exe.