There is a memcpy in ASFParser::ParseHeaderExtensionObjects which doesn't check that the size of the copy is smaller than the size of the source buffer, resulting in an out-of-bounds heap read. The vulnerable code appears to be in handling the parsing of an extension object of type ASF_Metadata_Object with a Description Record with an overly large length. This issue probably allows leaking mediaserver memory from an app process on the device via the retrieved metadata.
There is no detailed description or exploit information provided in the given text.
The attached file will cause a null pointer access and segfault in the mpegts parser.
This is a proof-of-concept (P0C) exploit for a remote denial of service (DoS) buffer overflow vulnerability in Xserver 0.1 Alpha. The vulnerability allows an attacker to send a specially crafted buffer to the target, causing the server to crash or become unresponsive.
To trigger the exploit, paste the content of exploit.txt into "Add Input Directory" text box. Challenges to convert this DoS to code execution: 1. Program doesn't accept non ASCII characters (0x01 to 0xff are okay-ish). 2. Buffer at ESP splits string if it contains a ""
Username parameter in Registeration page 'register.ghp' is prone to a stack-based buffer-overflow vulnerability. Application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer.
Registeration page 'register.ghp' allows resetting ANY user's password. Remote un-authenticated attackers can send HTTP POST requests to Hijack ANY Easy Chat Server account.
This is a Python code exploit that performs code injection.
This exploit is a GIF file that causes a denial of service attack. When the user interacts with the GIF file (e.g., mouse over, single click, double click), the exploit is executed, leading to a denial of service.
Multiple security issues have been found including XSS, CSRF, Directory Traversal, and SQLi.
Services By CQR
