This module exploits a vulnerability in Symantec Endpoint Client when the 0x002224A4 function is invoked with a specially crafted parameter. The IOCTL 0x00222084 handler in the Sysplant.sys device driver in Symantec Endpoint allows local users to overwrite header in kernel pool and execute arbitrary code to obtain system privileges.

This module exploits a buffer overflow vulnerability in Adobe Flash Player when parsing malformed FLV objects. Attackers exploiting the vulnerability can corrupt memory and gain remote code execution.

This module exploits a Use-After-Free vulnerability in Adobe Flash Player. The specific flaw exists when the suscriber is not notified if a ByteArray assigned to the ApplicationDomain is freed from an ActionScript worker. By forcing a reallocation by copying more contents than the original capacity to the shared buffer by using the ByteArray::writeBytes method call, the ApplicationDomain pointer is not updated leading to a use-after-free vulnerability. This allows to overwrite different objects like vectors and finally accomplish remote code execution.

Oracle Database Server Core RDBMS component is prone to a remote vulnerability that allows attackers to exploit a stack-based buffer overflow in the EXECUTE procedure of DBMS_AW. Using an overly long parameter in the CDA command with the previous procedure, a stack-based buffer overflow will occur, overwriting the saved return address. This module requires database user credentials with 'Create Session' privilege.

The AVG Administration Server is vulnerable to arbitrary configuration settings. Due to insufficient input validation, an attacker can use the StoreServerConfig command (command id 0x27) to set the value of the ClientLibraryName parameter to a UNC path. The provided value can be a path to a network share containing a malicious .dll file. This .dll file will be executed in the context of the AVG Administration Server service which runs as SYSTEM.

This module exploits a memory corruption vulnerability in Adobe Flash Player. The specific flaw exists when a Shader is applied as a drawing fill allowing an attacker to take control of a vulnerable machine and execute arbitrary code. This vulnerability was found exploited in the wild on June 2015.

This module exploits a buffer overflow vulnerability in Adobe Flash Player when parsing malformed FLV objects. Attackers exploiting the vulnerability can corrupt memory and gain remote code execution. This vulnerability has been found exploited in the wild in June 2015 in the Operation Clandestine Wolf campaign.

Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE Intelligent Platforms Proficy HMI/SCADA, allows remote attackers to execute arbitrary code via a crafted HTTP request.

Git is prone to a vulnerability that may allow attackers to overwrite arbitrary local files This module exploits the condition and installs an Agent when a vulnerable GIT client performs a CLONE to the fake repository created.

This module exploits a buffer overflow vulnerability in the LDAP service (nLDAP.exe) of the LDAP application. The exploit triggers a stack-based buffer overflow by sending a pre-authentication specially crafted packet to port 389/TCP of the vulnerable system and installs an agent if successful.