ResEdit version 1.5.11-win32 suffers from a buffer overflow. Proof of concept denial of service exploits included.
6f23782d3add86957f122b199a5849ecMandriva Linux Security Advisory 2012-081 - Security issues were identified and fixed in mozilla firefox. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Using the Address Sanitizer tool, security researcher Aki Helin from OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect hashtable instead of being unlinked before being destroyed. Security research firm iDefense reported that researcher wushi of team509 discovered a memory corruption on Windows Vista and Windows 7 systems with hardware acceleration disabled or using incompatible video drivers. Various other issues have also been addressed.
1b834a8034e8e9eb2a5c612ce032d3ceThis Metasploit module exploits a vulnerability in OpenOffice 2.3.1 and 2.3.0 on Microsoft Windows XP SP3. By supplying a OLE file with a malformed DocumentSummaryInformation stream, an attacker can gain control of the execution flow, which results arbitrary code execution under the context of the user.
c768b9282de90ed20180d7ae12452941Secunia Security Advisory - Dmitry Oleksiuk has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious, local users to potentially gain escalated privileges.
9478a3eac768809521e02730c8e86c2dNovell Client version 4.91 SP3/4 privilege escalation exploit for Win2K3 and WinXP.
e59e74f4b1cab13f13403229646f8b01This proof of concept code demonstrates a Microsoft Windows XP keyboard layouts pool corruption vulnerability, post MS12-034. The vulnerability exists in the function win32k!ReadLayoutFile() that parses keyboard layout file data.
34eea03ff3e3df7878c5cf5571892884This paper demonstrates how to ARP poison a connection between Windows 7 and Windows 2008 R2 Server using Cain.
ef9266998c0a638d9a127633eb6b3263Quarks PwDump is a native Win32 tool to extract credentials from Windows operating systems. It currently extracts local accounts NT/LM hashes and history, domain accounts NT/LM hashes and history, cached domain password, and Bitlocker recovery information.
8f2cf3805445690010dece3116715100This Metasploit module exploits a stack based buffer overflow in the BEA Weblogic Apache plugin. The connector fails to properly handle specially crafted HTTP POST requests, resulting a buffer overflow due to the insecure usage of sprintf. Currently, this module works over Windows systems without DEP, and has been tested with Windows 2000 / XP. In addition, the Weblogic Apache plugin version is fingerprinted with a POST request containing a specially crafted Transfer-Encoding header.
906cfff187bbb0026697ce9e23a575f1This Metasploit module abuses the SVG support to execute Java Code in the Squiggle Browser included in the Batik framework 1.7 through a crafted svg file referencing a jar file. In order to gain arbitrary code execution, the browser must meet the following conditions: (1) It must support at least SVG version 1.1 or newer, (2) It must support Java code and (3) The "Enforce secure scripting" check must be disabled. The module has been tested against Windows and Linux platforms.
2c8371ebf9277f065c37c6f9a57a0aa1PHP version 5.4.3 code execution exploit for Win32.
bf7b4442cabfaf14771396d43b041e28Apple Quicktime does not properly parse .pct media files, which causes a corruption in module DllMain by opening a malformed file with an invalid value located in PoC repro01.pct at offset 0x20E. Quicktime Player version 7.7.1 (1680.42) on Windows XP SP 3 - PT_BR is confirmed affected. Other versions may also be affected.
c437473b3959e9b762550efe55331b27HP Security Bulletin HPSBMU02775 SSRT100853 2 - Potential security vulnerabilities have been identified with HP Performance Insight for Networks running on HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be exploited remotely resulting in SQL injection, cross site scripting (XSS), and privilege elevation. Revision 2 of this advisory.
5c5d5ce0325843a52f9e2deb0a494299Core Security Technologies Advisory - There is a bug in the ReadLayoutFile Windows Kernel function that can be leveraged into a local privilege escalation exploit, potentially usable in a client-side attack scenario or after a remote intrusion by other means.
57025884507a4b3ea214e0ecb0c31745HP Security Bulletin HPSBMU02775 SSRT100853 - Potential security vulnerabilities have been identified with HP Performance Insight for Networks running on HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be exploited remotely resulting in SQL injection, cross site scripting (XSS), and privilege elevation. Revision 1 of this advisory.
466ceec15674575098ecfa71091207a2Secunia Security Advisory - Multiple vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a user's system.
2a0c60076eace4a7d5660a553145f0d6Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.
1a98dde9dacf7a6a12e54709ce0d5823Secunia Security Advisory - Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to bypass certain security restrictions and gain escalated privileges.
562127c01cdf19bbfdcf9146a5a2456fThe vulnerability described in this document could hypothetically be exploited by unprivileged code running in a VMware virtual machine (guest) in order to execute code in the host VMX process, thereby breaking out of the virtual machine; however, such exploitation has not been proven. In the event that arbitrary code execution in the VMX process is possible, kernel privileges can be obtained on a Windows host by abusing the VMX process's special access to a VMware driver, meaning the maximum possible impact of this vulnerability is elevation from unprivileged guest code execution to host kernel code execution.
2ef8f66ab0e238a9620ce20fe03c5f8fSecunia Security Advisory - A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
98bed3cdb5841b25b107a2de7b33e66aHP Security Bulletin HPSBMU02770 SSRT100848 - Potential security vulnerabilities have been identified with HP Insight Management Agents for Windows Server. The vulnerabilities could be exploited remotely resulting in cross site request forgery (CSRF), cross site scripting (XSS), URL redirection, unauthorized modification, and Denial of Service (DoS). Revision 1 of this advisory.
45fd6681a71b053808dba6cbfc591495Microsoft Windows XP Win32k.sys local kernel denial of service exploit.
15bb2fb0c8febb7fb470ee9b29096508Whitepaper called Actuality of SMBRelay in Modern Windows Networks.
81653f8d5eb1f2a90fee0f43369d9388KMPlayer version 3.2.0.19 suffers from a DLL hijacking vulnerability.
5c5385ffec945a108be0c4170c155963Ettercap NG version 0.7.4 suffers from a DLL hijacking vulnerability.
af7ace9eb1f576bc05735ff7fb7c6a6e
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed