Dup Scout Enterprise is prone to a buffer-overflow vulnerability when handling a crafted packet, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM privileges.
This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module exploits an arbitrary file upload in Trend Micro Mobile Security for Enterprise to install an agent.
This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
Sync Breeze Enterprise is prone to a buffer-overflow vulnerability when handling a crafted GET request, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM privileges.
Username parameter in Registration page 'register.ghp' is prone to a stack-based buffer-overflow vulnerability.Application fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer.
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Jungo WinDriver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of crafted IOCTL by the windrvr12xx kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in an out-of-bounds write condition. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel. This module will elevate the privileges of the current agent instead of installing a new one.
A stack-based buffer overflow in WECON LeviStudio HMI Editor allows an attacker to execute arbitrary code via crafted .UMP file. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
VX Search Enterprise is prone to a buffer-overflow vulnerability when handling a crafted packet, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM privileges.
Adobe ColdFusion is prone to a remote vulnerability that allows attackers to take advantage of an insecure deployment of the JMX/RMI service used to manage and monitor the Java Virtual Machine.