An integer overflow in OLE allows remote code execution. This update contains a module exploiting the vulnerability by hosting a web site and epxloiting connecting Internet Explorer browsers.
This module exploits a vulnerability in the Microsoft Windows Server service by sending a specially crafted RPC request. This update adds support for Windows XP sp0 and sp1.
This module exploits a null pointer dereference in win32k.sys by abusing of xxxSendMessageTimeout function. The TrackPopupMenu API function is used to trigger the vulnerability.
This update adds support for Windows 8, Windows 8.1 and Windows 2012 platforms.
This update adds support for Windows 8, Windows 8.1 and Windows 2012 platforms.
This module exploits a null pointer dereference in win32k.sys by abusing of xxxSendMessageTimeout function. The TrackPopupMenu API function is used to trigger the vulnerability.
This update adds support for x86-64 platforms.
This update adds support for x86-64 platforms.
This module exploits a vulnerability in Apache Struts. The specific vulnerability is in the ParametersInterceptor, which allows a direct manipulation of the ClassLoader and as a result an attacker can execute arbitrary Java code in the target machine.
This update adds support for Apache Struts 2.3.16, Windows (x86 and x64) and Linux (x64) platforms.
This update adds support for Apache Struts 2.3.16, Windows (x86 and x64) and Linux (x64) platforms.
This module exploits a null pointer dereference in win32k.sys by abusing of xxxSendMessageTimeout function. The TrackPopupMenu API function is used to trigger the vulnerability.
This update is to add the exploit in order to attack Drupal core CMS 7.x versions prior to 7.32 using default configuration (CVE-2014-3704).
Kolibri Webserver is vulnerable to a stack buffer overflow as a result of failure to properly validate user-supplied input when handling HTTP POST requests.
A stack buffer overflow occurs when copying a user supplied input to a fixed size stack buffer without boundary check leading to overwrite the SEH and the return address.
The copying procedure stops when a null word is found and no size check is proceeded.
The copying procedure stops when a null word is found and no size check is proceeded.
The OLE packager component (packager.dll) of Microsoft Windows will automatically download remote files referenced in embedded OLE objects within Office documents.
In the case of .INF installer files, packager.dll will automatically run them without prompting the user. This can be abused to gain arbitrary code execution by creating an Office document with an embedded OLE object containing a reference to a remote INF file with specially crafted commands.
This vulnerability can be exploited by convincing an unsuspecting user to open a specially crafted PowerPoint document.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
In the case of .INF installer files, packager.dll will automatically run them without prompting the user. This can be abused to gain arbitrary code execution by creating an Office document with an embedded OLE object containing a reference to a remote INF file with specially crafted commands.
This vulnerability can be exploited by convincing an unsuspecting user to open a specially crafted PowerPoint document.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.