>> CATEGORY: exploit

DiskBoss Enterprise version 7.4.28 GET buffer overflow exploit.

Sony IPELA ENGINE IP Cameras contain multiple backdoors that, among other functionality, allow an attacker to enable the Telnet/SSH service for remote administration over the network. Other available functionality may…

A specially crafted web-page can trigger a memory corruption vulnerability in Microsoft Internet Explorer 9. A pointer set up to point to certain data on the stack can be used…

GNU Netcat version 0.7.1 suffers from an out-of-bounds array write.

Windows System Information MSINFO32.exe version 6.1.7601 suffers from an XML external entity (XXE) injection vulnerability that allows for file exfiltration.

Shuttle Tech ADSL Wireless 920 WM suffers from cross site scripting, directory traversal, and default telnet root password vulnerabilities.

Microsoft Excel Starter 2010 suffers from an XML eXternal Entity vulnerability that allows for remote file disclosure.

Windows Media Center “ehshell.exe” is vulnerable to an XML External Entity attack allowing remote access to any files on a victim’s computer, if they open an XXE laden “.mcl” file…

Microsoft Internet Explorer 9 suffers from a CDoc::ExecuteScriptUri use-after-free vulnerability.

BlackStratus LOGStorm has multiple vulnerabilities that allow a remote unauthenticated user, among other things, to assume complete control over the virtual appliance with root privileges. This is possible due to…