A heap-based buffer overflow was found in the DECT dissector of Wireshark.

A remote attacker could use this flaw to cause the Wireshark executable to crash or potentially to execute arbitrary code with the privileges of the user running Wireshark.

This module runs a web server waiting for vulnerable clients (Internet Explorer with a vulnerable StubbyUtil.InstallerDlg.1 ActiveX Control) to connect to it. When the client connects, it will try to install an agent by sending a specially crafted HTML page which exploits the Real Networks Arcade Game's ActiveX control. ActiveX Control Remote Code Execution Vulnerability.



Ref: http://www.exploit-db.com/exploits/17149/

A heap-based buffer overflow was found in the DECT dissector of Wireshark. A remote attacker could use this flaw to cause the Wireshark executable to crash or potentially to execute arbitrary code with the privileges of the user running Wireshark.

This module exploits a buffer overflow vulnerability in Novell File Reporter. This vulnerability can be exploited remotely by sending a specially crafted packet to port TCP/3037.

VLC Media Player is prone to a buffer overflow vulnerability due to insufficient validation of user supplied data. An

attacker is able to execute arbitrary code in the context of the user

when opening malicious .S3M media files.

This module exploits a stack buffer overflow in Wireshark when opening a crafted .PCAP file, resulting in arbitrary code execution.

This module bypass DEP using ROP techniques.

This module exploits a remote stack-based buffer overflow in IGSSdataServer by sending a malformed packet to the 12401/TCP port.

The vulnerability is caused due to boundary errors in Wordtrainer 3.0 within the processing of .ORD files. This can be exploited to cause a stack-based buffer overflow when the victim opens a specially crafted file with an overly long supplied data.

GenBroker runs as a Windows service on port 38080 when Iconics Genesis 32 is installed. This service is affected by an integer overflow vulnerability during the handling of inbound packets, caused by the allocation of the memory needed for the creation of an array trusting the number of elements passed by the client.

Microsoft Powerpoint parses a record associated with animation. If a container holds a specific record type, the application will explicitly trust a length used in this record to calculate a pointer for copying floating point numbers to. This can be used to write outside of an allocated buffer and will lead to code execution under the context of the application.

WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.