Section:  .. / 1008-exploits  /

Page 1 of 17
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 >> Files 1 - 25 of 422
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: mswordparse-overflow.txt
Description:
Microsoft Word record parsing buffer overflow exploit. This takes advantage of the vulnerability discussed in MS-09-027 and spawns calc.exe.
Author:Abhishek Sahni
File Size:2900176
Last Modified:Aug 20 21:08:58 2010
MD5 Checksum:cb496ad718150966414bb142378eb39b

 ///  File Name: VA010-003.tgz
Description:
This is a detailed write up along with proof of concept code for the Adobe Acrobat font parsing integer overflow vulnerability.
Author:Ramz Afzar
Homepage:https://www.rafzar.com/
File Size:1967867
Last Modified:Aug 13 19:00:02 2010
MD5 Checksum:4909f0cbcbf11cd7fe575cea411c27ff

 ///  File Name: Dr_IDE-AoA-JIT.rar
Description:
AoA Audio Extractor version 2.0.0 Active-X SEH JIT-spray exploit with ASLR-DEP bypass.
Author:Dr_IDE
File Size:1929864
Last Modified:Aug 12 10:07:17 2010
MD5 Checksum:5eafd875b90fea2edc20379b9491e2db

 ///  File Name: fmp-dos.tgz
Description:
Flash Movie Player version 1.5 file magic crash denial of service exploit.
Author:Matthew Bergin
File Size:381176
Last Modified:Aug 25 23:16:28 2010
MD5 Checksum:72fd9819ec144870e98fc6565f3dcddd

 ///  File Name: cybsec-2010-0801.pdf
Description:
MyIT CRM version 0.2.8.1 suffers from cross site scripting vulnerabilities.
Author:Juan Manuel Garcia
Homepage:http://www.cybsec.com/
File Size:250981
Last Modified:Aug 3 10:28:10 2010
MD5 Checksum:b0606c6aafbe87f684c56cddcad0a5a3

 ///  File Name: ios-jailbreak.tgz
Description:
Apple iOS PDF jailbreaking exploit that gives root access.
Author:jailbreakme
File Size:195031
Last Modified:Aug 3 12:57:01 2010
MD5 Checksum:7041b1583a789a15b723f9380caa76b3

 ///  File Name: bitlocker-dllhijack.tgz
Description:
Microsoft Vista BitLocker Drive Encryption API hijacking exploit.
Author:Beenu Arora
File Size:155127
Last Modified:Aug 26 01:39:31 2010
MD5 Checksum:7679032b85ba1d0307ce5832f0d8480f

 ///  File Name: srv3sys-dereference.tgz
Description:
Microsoft SRV2.SYS SMB negotiate ProcessID function table dereference exploit.
Author:Piotr Bania
Homepage:http://piotrbania.com/
File Size:141245
Last Modified:Aug 17 18:27:50 2010
MD5 Checksum:8cba58cb68e1ea95df1c766612e2cf66

 ///  File Name: ffdshow-dos.txt
Description:
The ffdshow video codec suffers from a denial of service vulnerability.
Author:Nishant Das Patnaik
File Size:131441
Last Modified:Aug 12 01:59:12 2010
MD5 Checksum:b065731673ed8e00a66ee499aa4f3a9b

 ///  File Name: msexcelfeatheader-overflow.txt
Description:
Microsoft Excel Featheader buffer overflow exploit that leverages the vulnerability noted in MS09-067.
Author:Abhishek Lyall
File Size:122325
Related OSVDB(s):59860
Related CVE(s):CVE-2009-3129
Last Modified:Aug 23 20:20:46 2010
MD5 Checksum:08149311e2e04f0e316e06381f7c2108

 ///  File Name: watermark-attack-encfs.tar.gz
Description:
This tool demonstrates the watermarking vulnerability in EncFS. Watermarking is an attack which does not give any secrets to the attacker but allows him to prove that the user of the encrypted file system has a certain file stored on his drive. The file has previously been specially prepared by the attacker.
Author:Micha Riser
File Size:99988
Last Modified:Aug 26 21:38:02 2010
MD5 Checksum:2ab0e1e99bf8f58cc42fb5bc3e9df68e

 ///  File Name: php533-overflow.tgz
Description:
PHP version 5.3.3 suffers from an off-by-one overflow in ibase_gen_id(). Proof of concept code included.
Author:cb
File Size:40332
Last Modified:Aug 18 19:53:10 2010
MD5 Checksum:8a8d814f4ab5c675c18b6ca2e1cf6634

 ///  File Name: adobe_device_central_cs5.c
Description:
Adobe Device Central CS5 DLL hijacking exploit that leverages qtcf.dll.
Author:Glafkos Charalambous
File Size:37772
Last Modified:Aug 26 01:07:50 2010
MD5 Checksum:65c8444e57651570516d753817021baf

 ///  File Name: mop-exec.txt
Description:
Microsoft Office memory corruption code execution exploit that demonstrates a malformed property vulnerability.
Author:Abhishek Lyall
Homepage:http://www.aslitsecurity.com/
File Size:35475
Related CVE(s):CVE-2006-2389
Last Modified:Aug 30 18:35:49 2010
MD5 Checksum:0b8748008d4dae5d86c97975f64bc3c6

 ///  File Name: quicktime_pictureviwer_dllhijact_ex..>
Description:
Quicktime PictureViewer version 7.6.5 DLL hijacking exploit.
Author:Kalyan
Homepage:http://reach2kalyan.blogspot.com/
File Size:34933
Last Modified:Aug 26 22:12:32 2010
MD5 Checksum:23619cd075c7987a54d692aaf8642ea5

 ///  File Name: akamai-downloadexec.txt
Description:
Akamai's Download Manager allows attackers to download arbitrary files onto a user's desktop. Using a so-called "blended threat" attack it is possible to execute arbitrary code. This attack affects the ActiveX control as well as the Java applet. This was fixed in version 2.2.5.4.
Author:Yorick Koster
Homepage:http://www.akitasecurity.nl/
File Size:18183
Last Modified:Aug 3 02:52:55 2010
MD5 Checksum:daf96a6e17cdc562993049fa10b01068

 ///  File Name: zendesk-xssxsrf.txt
Description:
Zendesk suffers from cross site request forgery and cross site scripting vulnerabilities.
Author:Luis Santana
File Size:16830
Last Modified:Aug 12 02:47:19 2010
MD5 Checksum:210f38a5ac801fed5c5d3610ac4e0321

 ///  File Name: i-CAN-haz-MODHARDEN.c
Description:
Linux Kernel versions prior to 2.6.36-rc1 CAN BCM privilege escalation exploit.
Author:Jon Oberheide
File Size:16564
Related CVE(s):CVE-2010-2959
Last Modified:Aug 28 01:52:08 2010
MD5 Checksum:184242eae9777261f38c5fc68c4e74dc

 ///  File Name: appleqtmp-exec.txt
Description:
Apple QuickTime suffers from a "_Marshaled_pUnk" backdoor parameter client-side arbitrary code execution vulnerability.
Author:Ruben Santamarta
Homepage:http://www.reversemode.com/
File Size:14998
Last Modified:Aug 30 18:57:48 2010
MD5 Checksum:e93ace586ff41f998cf0bacbb39e6d88

 ///  File Name: Chimichurri-CVE-2010-2554.zip
Description:
Microsoft Windows tracing register key ACL privilege escalation demonstration code.
Author:Cesar Cerrudo
File Size:14302
Related CVE(s):CVE-2010-2554
Last Modified:Aug 12 02:57:20 2010
MD5 Checksum:69bfbae5eedd0e4a8cbb13490de57eb9

 ///  File Name: ms10_046_shortcut_icon_dllloader.rb..>
Description:
This Metasploit module exploits a vulnerability in the handling of Windows Shortcut files (.LNK) that contain an icon resource pointing to a malicious DLL. This Metasploit module creates a WebDAV service that can be used to run an arbitrary payload when accessed as a UNC path.
Author:B_H,H D Moore,jduck
Homepage:http://www.metasploit.com
File Size:13692
Related OSVDB(s):66387
Related CVE(s):CVE-2010-2568
Last Modified:Aug 5 18:02:09 2010
MD5 Checksum:0aab39dff1c6a835e1da11877f2cbcd9

 ///  File Name: CORE-2010-0623.txt
Description:
Core Security Technologies Advisory - A crash due to an invalid read in the Windows kernel can be reliably leveraged into privileged code execution resulting in a privilege escalation local vulnerability. This happens because special values of 'hParent' where not sufficiently taken into account when patching 'xxxCreateWindowsEx' on MS010-032.
Author:Core Security Technologies
Homepage:http://www.coresecurity.com/corelabs/
File Size:13374
Related CVE(s):CVE-2010-1897
Last Modified:Aug 12 02:54:11 2010
MD5 Checksum:7e2f7b849dd697f0bc1d4112fbef5077

 ///  File Name: mcafee-exec.txt
Description:
McAfee LinuxShield versions 1.5.1 and below remote root code execution exploit.
Author:Nikolas Sotiriu
File Size:11580
Last Modified:Aug 28 01:39:19 2010
MD5 Checksum:270c53f7a4d54723b6c2f4abd48fed72

 ///  File Name: CORE-2010-0608.txt
Description:
Core Security Technologies Advisory - There is a buffer overflow vulnerability in the webappmon.exe CGI application included with HP OpenView NNM. This bug can be exploited by sending a cookie header with a maliciously crafted 'OvJavaLocale' value. Code execution is likely achievable in a reliable way.
Author:Core Security Technologies
Homepage:http://www.coresecurity.com/corelabs/
File Size:11386
Related CVE(s):CVE-2010-2709
Last Modified:Aug 5 17:16:12 2010
MD5 Checksum:8199fa030f5ef4f1ed776d0a7aa4b9b9

 ///  File Name: tcms-lfisqlxssdisclose.txt
Description:
TCMS version 100728 suffers from file content disclosure, cross site scripting, local file inclusion and remote SQL injection vulnerabilities.
Author:High-Tech Bridge SA
Homepage:http://www.htbridge.ch/
File Size:11166
Last Modified:Aug 26 21:49:57 2010
MD5 Checksum:5b5389fd190fbb4c656f5236a9475846