Microsoft Office Excel SxView Record Parsing Remote Code Execution Vulnerability

Posted in 0day, Vulnerable InforMation, vul news on June 9th, 2010 by admin – Be the first to comment

CVE ID
CVE-2010-0821
Affected Vendors
Microsoft

Affected Products
Office Excel

TippingPoint™ IPS Customer Protection
TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 9244. For further product information on the TippingPoint IPS:
http://www.tippingpoint.com
Vulnerability Details
This vulnerability allows remote attackers to execute arbitrary code on vulnerable

[Read All About This Article]

Microsoft Internet Explorer Stylesheet Array Removal Remote Code Execution Vulnerability

Posted in 0day, Vulnerable InforMation on June 9th, 2010 by admin – Be the first to comment

ZDI-10-102: June 8th, 2010
CVE ID
CVE-2010-1262
Affected Vendors
Microsoft

Affected Products
Internet Explorer 8

TippingPoint™ IPS Customer Protection
TippingPoint IPS customers are protected against this vulnerability by Digital Vaccine protection filter ID 9735. For further product information on the TippingPoint IPS:
http://www.tippingpoint.com
Vulnerability Details
This vulnerability allows remote attackers to execute

[Read All About This Article]

Invision Power Board Currency Mod(edit) SQL injection

Posted in 0day, Vulnerable InforMation, exploit on March 13th, 2010 by admin – Be the first to comment

# Title: Invision Power Board Currency Mod(edit) SQL injection
# EDB-ID: 11702
# CVE-ID: ()
# OSVDB-ID: ()
# Author: Pr0T3cT10n
# Published: 2010-03-12
# Verified: no
# Download Exploit Code
# Download N/A

view sourceprint?# Exploit Title: Invision Power Board Currency Mod(edit) SQL injection

# Date: 17/04/2007

# Author: Pr0T3cT10n

# Software Link: www.invisionpower.com

#

[Read All About This Article]

Apache Spamassassin Milter Plugin Remote Root Command Execution

Posted in 0day, Vulnerable InforMation, exploit on March 13th, 2010 by admin – Be the first to comment

# Title: Apache Spamassassin Milter Plugin Remote Root Command Execution
# EDB-ID: 11662
# CVE-ID: ()
# OSVDB-ID: ()
# Author: Kingcope
# Published: 2010-03-09
# Verified: yes
# Download Exploit Code
# Download N/A

view sourceprint?
Description: The Spamassassin Milter plugin suffers from a remote root command execution vulnerability. Full exploit details provided.

Author: Kingcope

Spamassassin Milter Plugin Remote

[Read All About This Article]

Apache 2.2.14 mod_isapi Dangling Pointer Remote SYSTEM Exploit

Posted in 0day, Vulnerable InforMation, exploit on March 13th, 2010 by admin – Be the first to comment

# Title: Apache 2.2.14 mod_isapi Dangling Pointer Remote SYSTEM Exploit
# EDB-ID: 11650
# CVE-ID: (CVE-2010-0425)
# OSVDB-ID: ()
# Author: Brett Gervasoni
# Published: 2010-03-07
# Verified: yes
# Download Exploit Code
# Download N/A

view sourceprint?/*

* Apache 2.2.14 mod_isapi Dangling Pointer Remote SYSTEM Exploit (CVE-2010-0425)

*

[Read All About This Article]

Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta)

Posted in 0day, Vulnerable InforMation, exploit on March 13th, 2010 by admin – Be the first to comment

# Title: Microsoft Internet Explorer iepeers.dll Use-After-Free Exploit (meta)

# EDB-ID: 11683

# CVE-ID: ()

# OSVDB-ID: ()

# Author: Trancer

# Published: 2010-03-10

# Verified: yes

# Download Exploit Code

# Download N/A

view sourceprint?##

# ie_iepeers_pointer.rb

#

# Microsoft Internet Explorer iepeers.dll use-after-free exploit for the Metasploit Framework

#

# Tested successfully on the

[Read All About This Article]

Internet Explorer ‘winhlp32.exe’ ‘MsgBox()’ Remote Code Execution Vulnerability

Posted in Vulnerable InforMation, exploit on March 6th, 2010 by admin – Be the first to comment

# Title: Internet Explorer ‘winhlp32.exe’ ‘MsgBox()’ Remote Code Execution Vulnerability

# EDB-ID: 11615

# CVE-ID: ()

# OSVDB-ID: ()

# Author: Maurycy Prodeus

# Published: 2010-03-02

# Verified: yes

# Download Exploit Code

# Download N/A

view sourceprint?Microsoft Internet Explorer is prone to a remote code execution vulnerability.

 

Source (iSEC Security

[Read All About This Article]

Internet Explorer (6/7) Remote Code Execution -Remote User Add Exploit

Posted in Vulnerable InforMation, exploit on March 6th, 2010 by admin – Be the first to comment

# Title: Internet Explorer (6/7) Remote Code Execution -Remote User Add Exploit
# EDB-ID: 11457
# CVE-ID: ()
# OSVDB-ID: ()
# Author: Sioma Labs
# Published: 2010-02-15
# Verified: yes
# Download Exploit Code
# Download N/A

view sourceprint?# Exploit Title: Internet Explorer ( 6/7) Remote Code Execution -Remote User Add Exploit

# Date: 15/02/2010

# Author: Sioma Labs

# Software Link: N/A

# Version: IE 7

[Read All About This Article]

IE wshom.ocx (Run) ActiveX Remote Code Execution ( add admin user)

Posted in Vulnerable InforMation, exploit on January 27th, 2010 by admin – Be the first to comment

fa01ca4b5af5d29777172c1a3fea45cf003

[Read All About This Article]

Windows Media Player 11 ActiveX launchURL() files download

Posted in 0day, Vulnerable InforMation, exploit on January 18th, 2010 by admin – Be the first to comment

This is a vulnerability into Windows Media Player ActiveX launchURL() function

which someone can download what ever file into the vulnerable machine !!!
Discovered and written by Jacky!
Tested version: 11.0.5358.4827
Tested machine: Windows XP SP3 & Windows XP SP2

fa01ca4b5af5d29777172c1a3fea45cf004

[Read All About This Article]