This update fixes several non related issues in the exploit component.
A vulnerability exists in Microsoft .NET.
A specially crafted RTF document or application can trigger an input validation flaw and execute arbitrary code on the target user's system.
A specially crafted RTF document or application can trigger an input validation flaw and execute arbitrary code on the target user's system.
This module exploits a directory traversal arbitrary file upload in Schneider Electric U.Motion Builder to install an agent.
This update fixes an issue handling the report of the vulnerability.
This module exploits a Java deserialization bug in Apache Struts REST XStreamHandler which allows users to get Code Execution.
The specific flaw exists within the processing of DVP files. The process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer.
The specific flaw exists within parsing of a V8 project file. The issue lies in the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer.
This module exploits a privilege escalation vulnerability in OrientDB by abusing SQL queries on OUser/ORole without the privileges which allows users to get Code Execution.
This module exploits a buffer overflow in the Gh0st Controller Server when handling a drive list.
The specific flaw exists within processing of EPC files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer.