This module exploits a vulnerability in the ISSymbol.ocx control included in the InduSoft Web Studio ActiveX application. The exploit is triggered when the OpenScreen() method processes a long string argument resulting in a stack-based buffer overflow.
A remote code execution vulnerability exists in the way that Windows registers and uses the Windows Object Packager that may allow the execution of any executable file named packager.exe, if this executable is located in the same folder than a .PPSX file.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
An integer overflow occurs when Adobe Reader parses some crafted ICC chunks.
This module sends HTTP requests with specially crafted data making the
PHP interpreter to consume lot of resources. This attack prevents the
victim server from processing requests from legitimate clients and
probably will make the server non-operational.
This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
PHP interpreter to consume lot of resources. This attack prevents the
victim server from processing requests from legitimate clients and
probably will make the server non-operational.
This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
The flaw exists in the Remote Agent (CEServer.exe) that listens by default on TCP port 4322, the process can not perform any authentication and copy the packages designed to a fixed size buffer.
Incomplete blacklist vulnerability in the Windows Packager configuration allows remote attackers to execute arbitrary code via a crafted ClickOnce application in a Microsoft Office document.
warning: "This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation."
warning: "This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation."
This module exploits a Windows kernel heap overflow vulnerability when a crafted TTF file is processed by Windows kernel.
This module sends HTTP requests with specially crafted data making the ASP.NET subsystem consume lot of resources. This attack prevents the victim server from processing requests from legitimate clients and probably will make the server non-operational.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
A buffer overflow in libtelnet/encrypt.c in Inetutils and Heimdal implementations of telnetd allows remote attackers to execute arbitrary code with root permissions via a long encryption key.
This update adds support for Debian and newer FreeBSD platforms.
This update adds support for Debian and newer FreeBSD platforms.
Avid Media Composer is prone to a remote stack-based buffer-overflow vulnerability within the Phonetic Indexer (AvidPhoneticIndexer.exe) because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer.