Exploits/Client Side

Microsoft Internet Explorer CMarkup Object Use-After-Free Exploit (MS14-021) Update 3

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. This update adds support for Internet Explorer 11.

Sync Breeze Enterprise Import Command Buffer Overflow Exploit

A Buffer Overflow exists in Sync Breeze Enterprise 10.4.18 when parsing .XML files by Command Import. The vulnerability is caused due to a boundary error when handling a crafted .XML files.

Microsoft Office Equation Editor Memory Corruption Exploit (CVE-2018-0802)

The vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory.

Cisco WebEx ARF File Binary Planting Exploit

The specific flaw exists within the processing of ARF files. While opening an ARF file, WebEx Network Recording Player loads a DLL from an unqualified path. An attacker can leverage this vulnerability to execute code under the context of the current process.

WECON LeviStudio HMI Editor Buffer Overflow Exploit Update

Multiple stack-based buffer overflow vulnerabilities have been identified in which the application does not verify string size before copying to memory, the attacker may then be able to crash the application or run arbitrary code. This update adds support for the new software version and a new CVE.

ASX to MP3 converter ASX Buffer Overflow Exploit

A Buffer Overflow exist in ASX to MP3 when parsing .ASX files. The vulnerability is caused due to a boundary error when handling a crafted .ASX files.

Microsoft Office Memory Corruption Exploit (CVE-2017-11882)

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory.

Microsoft Office Memory Corruption Exploit (CVE-2017-11826)

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory.

WECON LeviStudio HMI Editor Buffer Overflow Exploit

Multiple stack-based buffer overflow vulnerabilities have been identified in which the application does not verify string size before copying to memory, the attacker may then be able to crash the application or run arbitrary code.

Microsoft NET Framework SOAP WSDL Parser Code Injection CVE-2017-8759

A vulnerability exists in Microsoft .NET. A specially crafted RTF document or application can trigger an input validation flaw and execute arbitrary code on the target user's system.