Nortel Contact Recording Centralized Archive version 6.5.1 EyrAPIConfiguration web service getSubKeys() remote SQL injection exploit.
27b12eef97e781f64f7591895d2eaea4644f23580af43939185669da95e9c35cEmbarcadero ER/Studio XE2 Server Portal Tom Sawyer's default GET extension active-x control suffers from a remote code execution vulnerability.
a3dc3fcf45b92326f26568939ecf5eef117cc6fff591f24725b29fca5935e142This Metasploit module exploits an information disclosure vulnerability in the CA Arcserve D2D r15 web server. The information disclosure can be triggered by sending a specially crafted RPC request to the homepage servlet. This causes CA Arcserve to disclosure the username and password in cleartext used for authentication. This username and password pair are Windows credentials with Administrator access.
7c8e30e3bf5a9fd18f843efebdc225b819266ca4ca82d428c51238a4afa9d1c6CA ARCserve D2D r15 GWT RPC request authentication bypass, credential disclosure, and command execution exploit.
ba437467db2d0ae23ae1583f986c67fb9286a047550ea40e3d8174f579d96061Dell IT Assistant detectIESettingsForITA.ocx Active-X control readRegVal() remote registry dump exploit.
972fe47b27217c4fe43b9ab5056484e368ca06d298659a3290fa514440134e4eWebSVN version 2.3.2 suffers from a remote command injection vulnerability due to an improper escaping of metacharacters in exec().
3d71e294f43a329b86bfe387487039af66e0febf9f453059a607db635ff99824This Metasploit module exploits a vulnerability in Real Networks Arcade Game's ActiveX control. The "exec" function found in InstallerDlg.dll (v2.6.0.445) allows remote attackers to run arbitrary commands on the victim machine.
8e0b21948326bf7dcfead8b16e89ae5430d77ad38d73a587297aaf84585e210bRealNetworks RealGames StubbyUtil.ShellCtl.1 active-x control InstallerDlg.dll version 2.6.0.445 suffers from remote command and code execution vulnerabilities.
bef5ff39600c8ed4480d55ae5f8b546151b62229b78838293a97d7a48c18a089HP Photo Creative version 2.x audio.Record.1 active-x control remote stack based buffer overflow proof of concept exploit.
b40f5d91faa7207d4ba5b1f0d38e4f40264160d22c13257e58a51dba29630ecbChilkat Software FTP2 ActiveX component (ChilkatFtp2.DLL version 2.6.1.1) remote code execution proof of concept exploit.
1be60aacf90140597a4d6917a51a0c31334daed2001fe839a5375afa0481c9f3Microsoft Windows Fax Services Cover Page Editor (.cov) memory corruption exploit.
38392677c85a82b9969b7d0008e18d2146a9d58995622384260f9a6004234ec8This Metasploit module exploits a stack-based buffer overflow in AOL IWinAmpActiveX class (AmpX.dll) version 2.4.0.6 installed via AOL Radio website. By setting an overly long value to 'ConvertFile()', an attacker can overrun a buffer and execute arbitrary code.
b255bff048b696b83be33b74127329a23af7e1d356d9b41e180802e9add63785AOL IWinAmpActiveX Class ConvertFile() remote overflow exploit for Internet Explorer versions 6 and 7 that leverages AmpX.dll version 2.4.0.6. Old unreleased exploit from the rgod archive.
a87724d13c90191ac2aa44040cfd28b63ab9f526cdd557bc96e6c9a805782485D-Link MPEG4 SHM Audio Control remote overflow exploit that makes use of VAPGDecoder.dll version 1.7.0.5.
3155a104305a8783639733d34e284568fe9b92635193881c099dff3599f43c26Microsoft DirectSpeechSynthesis module remote buffer overflow exploit that makes use of XVoice.dll version 4.0.4.3303.
7718f8446822b64a7c81ea9b0388ff3cdb8304d505ab0e6503dff8ede1143bdbImageShack Toolbar version 4.5.7 FileUploader class insecure method proof of concept exploit.
00d868858565241dd37da4195ce062c98b6b7264a20be4df86f24e004f8495c6Digital Data Communications RtspVaPgCtrl Class remote buffer overflow exploit that makes use of RtspVapgDecoder.dll version 1.1.0.29.
af015133b5fb852204dcbe8a9e537fb0c262cb3e6f6a5107a22e3410079835b1RTS Sentry Digital Surveillance buffer overflow exploit that makes use of CamPanel.dll version 2.1.0.2.
a107188cb89bc1cffd2b55b52f95827b328468e2f2ac2e5e5b9117e0368872c5NUVICO DVR NVDV4 / PdvrAtl module with PdvrAtl.DLL version 1.0.1.25 remote heap overflow exploit for Internet Explorer 7 on Windows XP SP2.
9ee68690af569f2155d52e1d0bea6ce85186e02b540a9a4924aeebc6c338d350Docebo versions 3.5.02 and below SQL injection exploit that makes use of lib.regset.php.
d5128df2988a271ca9ff69c11ac5b41342bc66c604855efb747764d4465690cciMesh versions 7.1.0.x and below IMWebControl Class remote heap exploit that takes advantage of IMWeb.dll 7.0.0.x.
bda7d1cdc934e1f0e4484e108927329c7550e60068d4168673d120bed0940cf7SurgeMail version 38k4 webmail Host header denial of service exploit.
49a73d329f08f1ae216aa0a1afcac1586fb07eb9337bcfd4563e094053c43addRaidenHTTPD version 2.0.19 ulang command execution proof of concept exploit.
673b614fe243897edcb2b2bdcbd71a1f52312222617148de6b1adb3a887a63acGOM Player version 2.1.6.3499 remote overflow exploit that makes use of GomWeb3.dll version 1.0.0.12. Spawns calc.exe.
906d927f7281a8d6b9f463de5a38983fe8e053fcbf3c0fe5cc7a02137c97ef19CyberLink PowerDVD CLAVSetting module arbitrary remote rewrite denial of service exploit.
dc99ac5c0ba7789ad4c2e98c65ba7f59a828327c71d0b166f22e8d6ecd713169
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed