This module exploits a remote code injection in Mozilla Firefox by using vulnerabilities CVE-2013-0758 and CVE-2013-0757.
This module exploits an integer overflow vulnerability in the Vector Markup Language (VML) on Internet Explorer. The vulnerability exists in the handling of the dashstyle.array length for VML shapes on the vgx.dll module.
This vulnerability was one of the 2013's Pwn2Own challenges.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
This vulnerability was one of the 2013's Pwn2Own challenges.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
Buffer overflow in Microsoft Office allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation.
Zoom Player is prone to a buffer-overflow via a specially crafted BMP image with an overly large "biClrUsed" value.
Xnview is prone to a stack based buffer overflow which can be exploited through a specially crafted image layer within an XCF file.
Sketchup fails to validate the input when parsing an embedded MAC Pict texture, leading to an arbitrary stack offset overwrite and finally to an arbitrary code execution.
The vulnerability is caused due to a boundary error when processing JPG image files and can be exploited to cause a stack-based buffer overflow via a specially crafted JPG image file.
IntraSrv is prone to a buffer overflow within GET requests with an overly long HOST parameter.
This module exploits a vulnerability in win32k.sys when the EPATHOBJ::pprFlattenRec() doesn't initialize the pointer to the next memory chunk.
This module exploits a vulnerability in Oracle Java taking advantages of the java.sql.DriverManager class. The specific flaw exists within the usage of java.sql.DriverManager. The issue lies in an implicit call to toString() that is made within a doPrivileged block. This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.
This vulnerability was one of the 2013's Pwn2Own challenges.
This vulnerability was one of the 2013's Pwn2Own challenges.