exploit – Page 1724 –

>> Python 2.7 strop.replace() Integer Overflow

USER: deepcore // 2015-11-03 // 0 CMT

Python version 2.7 strop.replace() method suffers from an integer overflow that can be exploited to write outside the bounds of the string buffer and potentially achieve code execution. The issue…

[EXPLOIT]

>> Python 2.7 array.fromstring Use After Free

USER: deepcore // 2015-11-03 // 0 CMT

Python 2.7 array.fromstring() method suffers from a use after free caused by unsafe realloc use. The issue is triggered when an array is concatenated to itself via fromstring() call.

[EXPLOIT]

>> Python 2.7 Hotshot pack_string Heap Buffer Overflow

USER: deepcore // 2015-11-03 // 0 CMT

Python version 2.7 hotshot module suffers from a heap buffer overflow due to a memcpy in the pack_string function at line 633.

[EXPLOIT]

>> Spetnik TCPing Utility 2.1.0 Buffer Overflow

USER: deepcore // 2015-11-03 // 0 CMT

If TCPing is called with an specially crafted CL argument it will cause an exception and overwrite the pointers to next SEH record and SEH handler with our buffer and…

[EXPLOIT]

>> actiTIME 2015.2 Privilege Escalation / Open Redirect

USER: deepcore // 2015-11-03 // 0 CMT

actiTIME 2015.2 suffers from multiple security vulnerabilities including open redirection, HTTP response splitting, and unquoted service path elevation of privilege.

[EXPLOIT]

>> Packet Storm New Exploits For October, 2015

USER: deepcore // 2015-11-03 // 0 CMT

This archive contains 166 exploits that were added to Packet Storm in October, 2015.

[EXPLOIT]

>> Port Scan v2.0 iOS – Command Inject Vulnerability

USER: deepcore // 2015-11-02 // 0 CMT

The Vulnerability Laboratory Core Research Team discovered a local command inject vulnerability in the official Port Scan v2.0 iOS mobile application.