Mrxsmb.sys, around BowserWriteErrorLog+0x175, while trying to copy 1go from ESI to EDI ...Code will look something like this:if ((Len + 1) * sizeof(WCHAR)) > TotalBufferSize) { Len = TotalSize/sizeof(WCHAR) - 1; }-1 causes Len to go 0xFFFFFFFFFeel free to reuse this code without restrictions...
This exploit allows an attacker to gain administrator rights on the Aztek Forum 4.00 platform. The exploit requires magic_quote to be turned off.
This exploit allows an attacker to perform a denial of service attack on XM Easy Personal FTP Server 5.8.0 by sending a malicious LIST command. The server will crash and become unresponsive, denying service to legitimate users.
xRadio is affected by a stack-based buffer overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Successful exploitation of the vulnerability allows an attacker to execute arbitrary code. Other versions are also affected but have a different trigger.
This is a remote proof-of-concept (PoC) exploit for the vulnerability CVE-2010-4435. It is tested against Solaris, AIX, and HP-UX. The exploit allows an attacker to send a CMSD_UNKN request to the server.
This exploit targets a buffer overflow vulnerability in AOL Desktop 9.6. By sending a specially crafted HTTP request, an attacker can overwrite the EIP register and execute arbitrary code. The exploit has been tested on Windows XP Professional SP3.
This is a local root exploit for Android 1.x/2.x. It copies files from sdcard to /sqlite_stmt_journals/exploid and runs them. It can also use /data/local/tmp if available. The exploit invokes hotplug by clicking Settings->Wireless->{Airplane,WiFi etc} or using USB keys. This exploit requires /etc/firmware directory and will only run on real devices, not inside the emulator.
The vulnerability exists due to failure in the "/templates/default/index.php" script, it's possible to generate an error that will reveal the full path of the script. A remote user can determine the full path to the web root directory and other potentially sensitive information.
This exploit allows an attacker to execute remote SQL injection in PMB Services version 3.4.3 or below. PMB Services is a free Integrated Library management System. The vulnerability can be exploited by an attacker to gain unauthorized access to the database and potentially retrieve or modify sensitive information.
Services By CQR