Mac OS X versions 10.8.4 and below local root privilege escalation exploit written in Python.
>> TAG: #exploit
The ByteComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of “dataOffsets[]” boundary checks. This vulnerability allows for remote code execution. User interaction is required for this exploit in that the target must visit a malicious page or open a malicious file
The ByteComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of “dataOffsets[]” boundary checks. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.
dreamMail e-mail client v4.6.9.2 Stored XSS
Samba nttrans Reply – Integer Overflow Vulnerability
DeWeS 0.4.2 – Directory Traversal Vulnerability
Foreman (Red Hat OpenStack/Satellite) users/create Mass Assignment
Netgear ProSafe – Denial of Service Vulnerability
Netgear ProSafe – Information Disclosure Vulnerability
CBHotel Hotel Software and Booking system 1.8 – Multiple Vulnerabilities