A vulnerability when processing PSP files can be exploited to cause a stack based buffer overflow via a specially crafted file.
DJ Studio Pro contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in the application when handling .pls files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .pls file. This overflow allows to overwrite an SEH pointer, generate and exception and execute arbitrary code.
Buffer Overflow when Quicktime fails to properly handle the data length for certain atoms such as 'rdrf' or 'dref' in the Alis record by loading a specially crafted .MOV file.
WM Downloader contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in WM Downloader when handling .M3U files. This can be exploited to cause a stack-based buffer overflow via a specially crafted .M3U file.
Artweaver is prone to a Memory Corruption when handling a specially crafted AWD files.
The vulnerability is caused due to a boundary error in the handling of HTTP "GET" requests. This can be exploited to cause a buffer overflow by sending a specially crafted overly long request. This request must avoid some special characters in order to cause the overflow.
This module exploits a vulnerability in win32k.sys when the EPATHOBJ::pprFlattenRec() doesn't initialize the pointer to the next memory chunk.
This is only a documentation update of the original module "Microsoft Windows Win32k pprFlattenRec Vulnerability Exploit".
This is only a documentation update of the original module "Microsoft Windows Win32k pprFlattenRec Vulnerability Exploit".
A buffer overflow within the "rf_report_error()" function (ermapper_u.dll) when parsing ERS files exist in ERDAS ER VIEWER.
The vulnerability is caused due to a boundary error within Mini HTTPD when processing HTTP GET Request. This can be exploited to cause a stack-based buffer overflow via an overly long, specially-crafted argument passed to the affected command. Arbitrary code can be directly executed by overwriting a return address.
This module exploits a vulnerability in the NICM.SYS driver shipped with Novell Client 2 when handling specially crafted IOCTL requests.