![]() This Metasploit module achieves DEP and ASLR bypass using the well known msvcr71.dll rop chain. The ActiveX control tested is tsgetx71ex553.dll, version 5.5.3.238. While the Tom Sawyer GET Extension Factory is installed with some versions of VMware Infrastructure Client, this module has been tested only with the versions installed with Embarcadero Technologies ER/Studio XE2 / Embarcadero Studio Portal 1.6. This Metasploit module exploits a remote code execution vulnerability in the tsgetx71ex553.dll ActiveX control installed with Tom Sawyer GET Extension Factory due to an incorrect initialization under Internet Explorer. tags | exploit, web, arbitrary, php advisories | CVE-2012-0297 SHA-256 | b0b67649c40ca029b22826b4a8885851ba50ca7ed212e036f2e5e4e0db93816f Download | Favorite | View Tom Sawyer Software GET Extension Factory Remote Code Execution Posted Authored by rgod, Elazar Broad, juan vazquez | Site This Metasploit module abuses the spywall/ipchange.php file to execute arbitrary OS commands without authentication. This Metasploit module exploits a command injection vulnerability found in Symantec Web Gateway's HTTP service due to the insecure usage of the exec() function. tags | exploit, web, arbitrary, php, code execution, file upload advisories | CVE-2012-0299, OSVDB-82025 SHA-256 | cf93b4b95c23f5407ba012edff8b93021d9cf2a529de505d5f968bbc6cf64f26 Download | Favorite | View Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection Posted Authored by Tenable Network Security, juan vazquez | Site Due to the incorrect use of file extensions in the upload_file() function, this allows us to abuse the spywall/blocked_file.php file in order to upload a malicious PHP file without any authentication, which results in arbitrary code execution. This Metasploit module exploits a file upload vulnerability found in Symantec Web Gateway's HTTP service. tags | exploit, remote, shell, vulnerability, sql injection SHA-256 | e9a76ab29955a0166d426cadbc1fb84359eeca77c4401ff86095bc6d467591ee Download | Favorite | View Symantec Web Gateway 5.0.2.8 Arbitrary PHP File Upload Vulnerability Posted Authored by Tenable Network Security, juan vazquez | Site The Joomla Joomsport component suffers from remote shell upload and remote SQL injection vulnerabilities. Various other issues were also addressed. Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code by resizing a window displaying absolutely positioned and relatively positioned elements in nested columns. Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by changing the size of a container of absolutely positioned elements in a column. ![]() Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure. Mandriva Linux Security Advisory 2012-088 - Security issues were identified and fixed in mozilla firefox and thunderbird. ![]() tags | exploit, vulnerability, bypass SHA-256 | 31f691d3442ef019996f5131a36d46a349b82fb445d8c3c399201566683d7edb Download | Favorite | View Mandriva Linux Security Advisory 2012-088 Posted Authored by Mandriva | Site 7.5 also suffers from a source code disclosure flaw. Microsoft IIS versions 6.0 and 7.5 suffer from various authentication bypass vulnerabilities. tags | paper, remote, file inclusion SHA-256 | 0ad627634c11abc77c0211c9fe0d4a8c8b65595f116f610eceb4b969e304e19d Download | Favorite | View Microsoft IIS 6.0 / 7.5 Authentication Bypass Posted Authored by Kingcope ![]() This whitepaper discusses the insecurity of poorly designed remote file inclusion payloads. Insecurity Of Poorly Design Remote File Inclusion Payloads Part 1 Posted Authored by bwall | Site ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |