The vulnerability exists within NFRAgent.exe listening on TCP port 3037. When parsing tags inside the VOL element, the process performs insufficient bounds checking on user-supplied data prior to copying it on the stack.
The vulnerability exists within NFRAgent.exe listening on TCP port 3037. When parsing tags inside the PATH element, the process performs insufficient bounds checking on user-supplied data prior to copying it on the stack.
A stack buffer overflow exists in HP Intelligent Management Center's uam.exe service which listens on port UDP/1811. The vulnerability is due to lack of validation of a string passed to sprintf.
This module exploits a buffer overflow in PHP. The specific flaw is in the apache_request_handlers() function. The apache_request_handlers() function fails to validate the length of certain headers in the HTTP request and blindly copy all the string received in the vulnerable header to the stack causing a buffer overflow.
A Memory Corruption in Microsoft Word is caused due to an error within the TabStrip ActiveX control (MSCOMCTL.OCX) object, embedded in a RTF crafted file.
This update adds support for Impact 12.5.
This update adds support for Impact 12.5.
A buffer overflow exists in coda.exe process which listens on a random TCP port by default. The process trusts a value within a GET request as a size then proceeds to copy that many bytes of user-supplied data into a fixed-length buffer on the stack.
This module exploits a vulnerability in the PlayerPT.ocx module included in the Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera application. The exploit is triggered when the SetSource() method processes a crafted argument resulting in a buffer overflow.
This update adds support for Internet Explorer 8 and 9 and Windows 7, detected automatically.
This update adds support for Internet Explorer 8 and 9 and Windows 7, detected automatically.
A use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012.
This module runs a web server waiting for vulnerable clients to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This is an early release module. This is not the final version of this module.
This module runs a web server waiting for vulnerable clients to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
This is an early release module. This is not the final version of this module.
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object.
Microsoft Internet Explorer 8 is prone to a heap overflow vulnerability caused by an incorrect handling of the span attribute for col elements from a fixed table, when they are modified dynamically by javascript code.