Zoom Player is prone to a buffer-overflow via a specially crafted BMP image with an overly large "biClrUsed" value.
Xnview is prone to a stack based buffer overflow which can be exploited through a specially crafted image layer within an XCF file.
Sketchup fails to validate the input when parsing an embedded MAC Pict texture, leading to an arbitrary stack offset overwrite and finally to an arbitrary code execution.
The vulnerability is caused due to a boundary error when processing JPG image files and can be exploited to cause a stack-based buffer overflow via a specially crafted JPG image file.
IntraSrv is prone to a buffer overflow within GET requests with an overly long HOST parameter.
This module exploits a vulnerability in win32k.sys when the EPATHOBJ::pprFlattenRec() doesn't initialize the pointer to the next memory chunk.
This module exploits a vulnerability in Oracle Java taking advantages of the java.sql.DriverManager class. The specific flaw exists within the usage of java.sql.DriverManager. The issue lies in an implicit call to toString() that is made within a doPrivileged block. This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.
This vulnerability was one of the 2013's Pwn2Own challenges.
This vulnerability was one of the 2013's Pwn2Own challenges.
This module exploits a vulnerability in MongoDB server. An arbitrary value passed as a parameter to the nativeHelper function in MongoDB server allows an attacker to control the execution flows to achieve remote code execution.
This module exploits a vulnerability in W3 Total Cache plugin for Wordpress. Certain macros such as mfunc allow to inject PHP code into comments. By injecting a crafted comment into a valid post an attacker can execute arbitrary PHP code on systems running vulnerable installations of W3 Total Cache.
This module exploits a directory traversal vulnerability in HP Intelligent Management Center. Due to a lack of authentication and a directory traversal vulnerability in the FaultDownloadServlet component, an attacker can retrieve arbitrary files.