This is a stack overflow vulnerability in Nullsoft Winamp MP4 tags. It allows remote attackers to execute arbitrary code via a crafted MP4 file, leading to a shell on port 49152. The vulnerability is specific to Nullsoft Winamp version 5.32.
The Windows Font Cache Service exposes section objects insecurely to low privileged users resulting in EoP. The service opens a handle to the calling process and duplicates the section handle into the caller without providing SECTION_MAP_WRITE access. However, the section objects are created without a name or security descriptor, allowing the caller to call DuplicateHandle again to get back write access on the section handle and modify the contents.
The GSearch application version 1.0.1.0 is vulnerable to a denial of service attack. By providing a specially crafted payload to the application, an attacker can cause the application to crash. This can be achieved by copying the payload text from the generated PoC.txt file, pasting it into the search bar of the application, and then clicking on any link.
This vulnerability allows an attacker to inject malicious scripts into a website, which are then stored and executed when the targeted user accesses the affected page. In this case, the vulnerability is present in the 'out/out.UsrMgr.php' file in SeedDMS versions prior to 5.1.11. By modifying user details and inserting a script, an attacker can execute arbitrary code on the victim's browser.
This exploit is a stack overflow vulnerability in Windows media player 6.4 MP4 codec. It allows an attacker to execute arbitrary code on a vulnerable system. The exploit has been discovered and exploited by SYS 49152.
This modules exploits a vulnerability in Cisco Prime Infrastructure's runrshell binary. The runrshell binary is meant to execute a shell script as root, but can be abused to inject extra commands in the argument, allowing you to execute anything as root.
This exploit allows an attacker to execute arbitrary code and gain a bind shell on port 3110 by exploiting a vulnerability in TuneClone software. The exploit leverages a buffer overflow vulnerability to overwrite the Structured Exception Handler (SEH) and gain control of the program flow.
The exploit is a stack overflow vulnerability in Media Player Classic 6.4.9. It allows an attacker to execute arbitrary code by providing a specially crafted MP4 file. The vulnerability was discovered and exploited by SYS 49152. It has been tested on Windows XP SP2 ENG and provides a shell on port 49152.
This exploit allows an attacker to escalate their privileges in Serv-U version 15.1.6. By providing specific arguments to the program, an attacker can execute arbitrary commands with root privileges.
A flaw exists in sudo's -u option (aka sudoedit) in sudo version 1.6.8 that can give an attacker read permission to a file that would otherwise be unreadable.