This module exploits a directory traversal vulnerability in HP Intelligent Management Center. Due to a lack of authentication and a directory traversal vulnerability in the IctDownloadServlet component, an attacker can retrieve arbitrary files.

Buffer overflow when a special malformed string is assigned to the ComboList or ColComboList property. The code looks for a '#'in the string then copies into a global buffer in the data section with a static size of 0x64.

This update resolves an issue while trying to run the "Keylogger" module.

This module exploits a vulnerability in the Novell ZENworks Mobile Management application by injecting code in the PHP session file and leveraging a Local File Inclusion in mdm.php to execute the injected PHP code.

A vulnerability when handling the TabCaption buffer, C1sizer.ocx does not properly check the size before running lstrcatA and therefore will cause a buffer overflow.

A specific flaw exists within the handling of CFF-based OpenType fonts. The issue lies in two operators that allow for reading and writing elements beyond the allocated buffers. An attacker can leverage this vulnerability to execute code under the context of the current process.

The Message Server component of SAP Netweaver is prone to a memory corruption vulnerability when the _MsJ2EE_AddStatistics function handles a specially crafted request with iflag value 0x0c MS_J2EE_SEND_TO_CLUSTERID, or 0x0d MS_J2EE_SEND_BROADCAST.

This vulnerability can be exploited by remote unauthenticated attackers to execute arbitrary code on the vulnerable server.

This module exploits a vulnerability in Windows kernel calling to "DisplayConfigGetDeviceInfo" function with crafted parameters.

The vulnerability is caused due to an error in the AlphaStor Library Control Program when processing commands and can be exploited to cause a buffer overflow.

Light HTTPD is prone to a buffer overflow when handling specially crafted GET request packets.