Exploits/Client Side

Microsoft Internet Explorer Scripting Engine Memory Corruption Exploit

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system.

WECON LeviStudioU SMtext Buffer Overflow Exploit

The specific flaw exists within the handling of XML files. When parsing the ShortMessage SMtext element, the process does not properly validate the length of user-supplied data prior to copying it to a buffer.

Disk Pulse Enterprise Import Command Local Buffer Overflow Exploit

A Buffer Overflow exists when parsing .XML files by Command Import. The vulnerability is caused due to a boundary error when handling a crafted .XML files.

LibreOffice LibreLogo Python Global Event Scripting Vulnerability Exploit

By abusing document's event feature in LibreOffice and the LibreLogo script, an attacker can execute arbitrary python code from within a malicious document silently, without user warning. This module performs a bypass of CVE-2019-9848 by using global script events.

LibreOffice LibreLogo Python Scripting Vulnerability Exploit v19_1

By abusing document's event feature in LibreOffice and the LibreLogo script, an attacker can execute arbitrary python code from within a malicious document silently, without user warning.

Fuji Electric Alpha5 Smart Loader Exploit

Fuji Electric Alpha5 Smart Loader is prone to a buffer overflow when handling a specially crafted csp file.

Microsoft Internet Explorer VBScript UAF Exploit (2019)

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system.

LibreOffice LibreLogo Python Scripting Vulnerability Exploit

By abusing document's event feature in LibreOffice and the LibreLogo script, an attacker can execute arbitrary python code from within a malicious document silently, without user warning.

XMPlay M3U Files Buffer Overflow Exploit

XMPlay 3.8.3 allows remote attackers to execute arbitrary code via a crafted http:// URL in a .m3u file.

Free WMA MP3 Converter Local Buffer Overflow Exploit

A Local Buffer Overflow exists when parsing .wav files. The vulnerability is caused due to a boundary error when handling a crafted .wav files.