This module allows an agent running in the context of AcroRd32.exe with Low Integrity Level/AppContainer Integrity Level to escalate privileges in order to install a new agent that will run with Medium Integrity Level.
A missing boundary check in the TLS Heartbeat extension in OpenSSL can be abused by remote attackers to read up to 64 kb of memory from the server.
This memory disclosure vulnerability can be used by remote unauthenticated attackers to obtain sensitive information from the affected server, including private keys and session cookies.
This update adds features to the module, like the ability to read 64 kb of data from vulnerable services, reporting the results in the Module Output window, and saving the memory dumps to disk. It also improves the compatibility with OpenSSL services and adds support for FTPS.
This memory disclosure vulnerability can be used by remote unauthenticated attackers to obtain sensitive information from the affected server, including private keys and session cookies.
This update adds features to the module, like the ability to read 64 kb of data from vulnerable services, reporting the results in the Module Output window, and saving the memory dumps to disk. It also improves the compatibility with OpenSSL services and adds support for FTPS.
This module exploits a double-free vulnerability in "afd.sys" by calling to "AfdTransmiteFile" function with crafted parameters.
This module adds support to Microsoft Windows 2003, Windows Vista, Windows 2008 and Windows 8.1
This module adds support to Microsoft Windows 2003, Windows Vista, Windows 2008 and Windows 8.1
By providing an overly long string to the AccessCode2 parameter, an attacker may be able to overflow the static stack buffer. The attacker may then execute code on the target device remotely.
A vulnerability within the webvact ActiveX control when handling NodeName parameter with overly long strings can be exploited to cause stack-based buffer overflows in Advantech WebAccess Browser-based HMI/SCADA Software.
A stack buffer overflow occurs when copying a user supplied input to a fixed size stack buffer without boundary check leading to overwrite the SEH and the return address.
The copying procedure stops when a null word is found and no size check is proceeded.
The copying procedure stops when a null word is found and no size check is proceeded.
Insufficient sanitization in Openfile's /admin/system.html 'Hostname' field, leads to remote code execution.
The vulnerability is caused due to a boundary error when handling the PEstrarg1 property and can be exploited to cause a heap overflow by assigning an overly long string to this property.
The Oracle VirtualBox Guest Additions Driver (VBoxGuest.sys) present in Oracle VirtualBox is vulnerable to an arbitrary pointer overwrite. This module allows a local unprivileged user to execute arbitrary code with SYSTEM privileges by sending a specially crafted IOCTL (0x22A040) to the vulnerable driver within the Windows Guest OS.
The IESetProtectedModeRegKeyOnly() function in the ieframe.dll library of Microsoft Internet Explorer calls the RegCreateKeyEx registry function when running with Medium Integrity Level over a registry key that is writable by a sandboxed IE instance.
This can be abused to overwrite IE's Elevation Policy by creating symbolic links in the Windows Registry in order to escape from the Internet Explorer Protected Mode sandbox.
This module allows an agent running in the context of iexplore.exe with Low Integrity Level/AppContainer Integrity Level to escalate privileges in order to install a new agent that will run with Medium Integrity Level.
This can be abused to overwrite IE's Elevation Policy by creating symbolic links in the Windows Registry in order to escape from the Internet Explorer Protected Mode sandbox.
This module allows an agent running in the context of iexplore.exe with Low Integrity Level/AppContainer Integrity Level to escalate privileges in order to install a new agent that will run with Medium Integrity Level.