Microsoft Windows is prone to a vulnerability that may allow a file to automatically run because the software fails to handle 'LNK' files properly. Specifically, the issue occurs when loading the icon of a shortcut file. A specially crafted 'LNK' file can cause Windows to automatically execute code that is specified by the shortcut file. The attacker must entice a victim into viewing a specially crafted shortcut. The shortcut file and the associated binary may be delivered to a user through removable drives, over network shares or remote WebDAV shares. An attacker may exploit this issue to execute arbitrary code.
HP Intelligent Management Center is prone to a remote vulnerability that allows attackers to execute commands under the context of system.
Unsafe Javascript API implementation in Nitro and Nitro Pro PDF Reader when opening specially crafted PDF files makes possible code execution leading to an agent being installed This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
Buffer Overflow in Mitsubishi Electric E-Designer allows remote attackers to execute arbitrary code via crafted MPA file, leading to improper memory allocation.
Fuji Electric V Server is prone to a buffer-overflow vulnerability that occurs because it fails to perform adequate boundary checks on user-supplied data via a crafted .VPR document. This module runs a malicious web server on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to it.
This module also know as EternalBlue exploits the ms17-010 vulnerability by taking advantage of a remote pool overflow in the smb transaction handling code of the windows smb driver.
This module exploits a vulnerability in win32k.sys by loading a Printer Font Metric (PFM) file associated to an empty Printer Font Binary (PFB) file.
The specific flaw exists within processing of the AddStringUserProperty method within the UCCDRAW.UCCDrawCtrl.1 ActiveX control of UCanCode E-XD Visualization Enterprise Suite. The process does not properly validate a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process. This module runs a web server waiting for vulnerable clients (Internet Explorer 6, 7, 8) to connect to it.
This module exploits a vulnerability in Sparklabs Viscosity. By abusing a configuration channel between the application and the underlying service, an attacker can trigger the loading of a DLL from a path under his control, gaining SYSTEM privileges.
This module exploits a vulnerability in the IRemUnknown2 COM interface, an attacker can abuse the fact that the local unmarshaled proxy can be for a different interface to that requested by QueryInterface resulting in a type confusion, which can be leveraged to elevate privileges.