Certain Javascript APIs in Adobe Acrobat Pro can only be executed in a privileged context. By adding specially crafted Javascript code to a PDF file it's possible to bypass security restrictions and invoke privileged Javascript APIs, allowing for arbitrary code execution.
This module exploits a remote buffer overflow in the OmniInet.exe service included in the HP OpenView Storage Data Protector application by sending a malformed MSG_PROTOCOL packet.
This update improves exploit reliability.
This update improves exploit reliability.
Magento eCommerce Web Sites suffers from a Authentication Bypass Vulnerability, a Blind SQL Injection Vulnerability and a Remote File Inclusion Vulnerability.
These 3 vulnerabilities, allows an attacker to gain arbitrary code execution on the affected system.
These 3 vulnerabilities, allows an attacker to gain arbitrary code execution on the affected system.
FortiClient is prone to a privilege-escalation vulnerability that affects mdare64_48.sys, mdare32_48.sys, mdare32_52.sys, mdare64_52.sys and Fortishield.sys drivers.
All these drivers expose an API to manage processes and the windows registry, for instance, the IOCTL 0x2220c8 of the mdareXX_XX.sys driver returns a full privileged handle to a given process PID. In particular, this same function is replicated inside Fortishield.sys.
Attackers can leverage this issue to execute arbitrary code with elevated privileges in the context of any selected process.
This module uses the previous vulnerability to inject an agent inside lsass.exe process.
All these drivers expose an API to manage processes and the windows registry, for instance, the IOCTL 0x2220c8 of the mdareXX_XX.sys driver returns a full privileged handle to a given process PID. In particular, this same function is replicated inside Fortishield.sys.
Attackers can leverage this issue to execute arbitrary code with elevated privileges in the context of any selected process.
This module uses the previous vulnerability to inject an agent inside lsass.exe process.
Zimbra is vulnerable to a Local File Inclusion vulnerability that allows attacker to get LDAP credentials which we may use for upload a JSP file allowing us to install an agent.
This update workarounds a problem when proxying and using HTTPSConnection.
This update workarounds a problem when proxying and using HTTPSConnection.
This module allows an agent running in the context of AcroRd32.exe with Low Integrity Level/AppContainer Integrity Level to escalate privileges in order to install a new agent that will run with Medium Integrity Level.
This update fixes an issue related to highlight preconditions when running against x86-64 targets.
This update fixes an issue related to highlight preconditions when running against x86-64 targets.
The specific flaw exists within the JOB_S_GetJobByUserFriendlyString function. By sending a crafted packet on TCP port 11460
Solarwinds FSM is vulnerable to an authentication bypass in userlogin.jsp that allows attacker to upload an agent via a weekness in the username atribute in settings-new.jsp allowing us to install an agent.
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted PowerPoint document.
The Usermin Control Panel is vulnerable to command injection due to the function get_signature in usermin/mailbox/mailbox-lib.pl, which calls open() without any prior validation.
This vulnerability allows authenticated users to execute arbitrary code on the affected Usermin versions.
This vulnerability allows authenticated users to execute arbitrary code on the affected Usermin versions.