Microsoft Windows 2000 AS SP4 Message Queue exploit that takes advantage of the vulnerability noted in MS07-065.
c98477bc57103e54dfdc98421ad052473c5dfb8a29b81a40cde4e96a8bd1735aQuickTime is prone to a heap overflow vulnerability when parsing malformed Panorama Sample Atoms, which are used in QuickTime Virtual Reality Movies.
6388b6b6934a3fac4ccb15945bfd995fcbc86b13c79aec4131607d5111213539A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the parsing of the CTAB atom. While reading the CTAB RGB values, an invalid color table size can cause QuickTime to write past the end of the heap chunk. This memory corruption can lead to the execution of arbitrary code. QuickTime version 7.2 is affected.
f41eb0c98c59bc787e7c6f5beb244f618216d6a53083be1858854cbcb546744aiDefense Security Advisory 11.05.07 - Remote exploitation of a heap overflow vulnerability in Apple Inc.'s QuickTime media player could allow attackers to execute arbitrary code in the context of the targeted user. iDefense Labs confirmed this vulnerability exists in QuickTime VR extension 7.2.0.240 as included in QuickTime Player 7.2. Previous versions are suspected to be vulnerable.
cc6ea2e8a8e2dbe86dd2fe554b99613956ff2f4d2973039ec6630f452c891c7cWinPcap NPF.SYS privilege escalation vulnerability proof of concept exploit. Affects WinPcap versions 3.1 and 4.1.
99f929d9159b19f4569b30b6c58030d578886ebf65c0304419174a55a04648c0iDefense Security Advisory 07.09.07 - Local exploitation of an input validation vulnerability within the NPF.SYS device driver of WinPcap allows attackers to execute arbitrary code in kernel context. The vulnerability specifically exists due to insufficient input validation when handling the Interrupt Request Packet (Irp) parameters passed to IOCTL 9031 (BIOCGSTATS). By passing carefully chosen parameters to this IOCTL, an attacker can overwrite arbitrary kernel memory. iDefense has confirmed the existence of this vulnerability in version 4.0 of WinPcap as included in Wireshark 0.99.5. The version of NPF.SYS tested was 4.0.0.755. Older versions are suspected to be vulnerable.
46e2bfe73ac2f8cddb383c6eb203c2af59b776d93221bddaf74a00d1d638a46cMicrosoft DNS Server remote code execution exploit and analysis. This exploit works against TCP port 445. Tested against Windows 2000 server SP4 and Windows 2003 SP2. Binds a shell to TCP port 4444.
da933bee902a9d0ad317df3b6dae1ddd4b4844a53889479f6ff633eed2376da5Microsoft Windows NTDLL.DLL is prone to an incorrect path conversion vulnerability. This flaw could be successful exploited by malicious users in order to bypass protection mechanisms implemented by certain antivirus and antispyware products.
32b4fc18480ffd4736b0b9a081bcb44188f975ffcfc4700bcb0597e3cae461a5
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed