This Metasploit module exploits a vulnerability found in Microsoft Internet Explorer. A use-after-free condition occurs when a CButton object is freed, but a reference is kept and used again during a page reload, an invalid memory that's controllable is used, and allows arbitrary code execution under the context of the user. Please note: This vulnerability has been exploited in the wild targeting mainly China/Taiwan/and US-based computers.
533129f761cf4d8924232d6abdcf16e58a9823d5ff768d51fa0cc0628e64d91bThis Metasploit module exploits a vulnerability found in Microsoft Internet Explorer. A use-after-free condition occurs when a CButton object is freed, but a reference is kept and used again during a page reload, an invalid memory that's controllable is used, and allows arbitrary code execution under the context of the user. Please note: This vulnerability has been exploited in the wild targeting mainly China/Taiwan/and US-based computers.
e321b503a83791aeb063c8940adcdb875c9201669df143b59807fe08c4b13986This Metasploit module exploits a vulnerability found in Microsoft Internet Explorer (MSIE). When rendering an HTML page, the CMshtmlEd object gets deleted in an unexpected manner, but the same memory is reused again later in the CMshtmlEd::Exec() function, leading to a use-after-free condition. Please note that this vulnerability has been exploited in the wild since Sep 14 2012, and there is currently no official patch for it.
66f9396f0db135d2fa969a6675b705145fd8d9a8e475df6ffb4eb653d1a76be3This Metasploit module exploits an arbitrary PHP code execution vulnerability introduced as a backdoor into Horde 3.3.12 and Horde Groupware 1.2.10.
5817e62d4533bab2dbd047fa5bee1b0835f288d738632129acd4ba22eaf51ee4php version 4.4.1 .htaccess apache DOS exploit.
89b45db948a6dc9783df06193d900b40d886c9e201fd99c49f8648806d4d12c6bacula versions 1.36.3 and below are susceptible to a symlink attack.
0b733f367c71d2ab2a33bc47b8a5378b78ffdd5f6f2e4be7909b5df63d1beddbsilc-server versions 1.0 and below and silc-toolkit versions 0.9.12-r3 and below suffer from a symlink vulnerability.
a6a05964534a2dfa04c3e9f02a2c330927237610ff486f3e7ed9e48c25e353eeshtool suffers from an insecure temporary file creation vulnerability. Versions 2.0.1 and below are affected.
f462542f401d5467cc710b4a9eefe73e22f0176de033abfdf0c5cba8a7747f76net-snmp fixproc contains a security flaw that allows a malicious local attacker the ability to execute arbitrary commands with root privileges.
e45fb19f19ec442e148803aa640b440b3b0b5470ff6e7fbd34aec296f42a3019MySQL contains a security flaw that can allow a local attacker the ability to commit SQL injection attacks.
a6162c7a6873c2af86c56725d216d20b2735c99db4b74692c0a079b627ea6131ekg versions 2005-06-05 and below suffer from a temporary file creation vulnerability that can lead to arbitrary code execution.
f3e3068a5e4291be5395ccfdd515de3b42a8eb9539016b6057bb6f8c1704c6cakpopper versions 1.0 and below suffer from an insecure temporary file creation vulnerability. Exploit included.
5e595cc68818ef185cddc15d72da4f21886c1d6c97c53cf9a675490f90ec37d9xmysqladmin versions 1.0 and below suffer from a symlink vulnerability.
2fa75758826d6d03130e584c9f1f59190b2772d66994dcc3615620ff5cfca684everybuddy versions 0.4.3 and below suffer from an insecure file creation vulnerability that allows for symlink attacks.
46adc67a1df5282b44714898566130942229e761b77d09b090172e0d9eb8a519LutelWall versions 0.97 and below suffer from an insecure file creation vulnerability that allows for symlink attacks.
419e4a6a72caaab54526ba5f7a714b611c277c831e9ef0d7195ebfcf33fc155bGIPTables Firewall versions 1.1 and below suffer from an insecure file creation vulnerability that allows for symlink attacks.
916ac1b2eb458387fa4004ef64b4ae9968c40a51fdd18dd87f5c944c4e66394aGentoo webapp-config prior to v1.10-r14 insecure temp file creation advisory and local root exploit. Requires that the root user installs, upgrades, or deletes a Gentoo provided web application with the webapp-config tool. More information available here.
2b65efbc316467f3bf71596936ac3d3b83b43b919e292377283fe01bacb7a19b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed