The BytePackedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of “dataBitOffset” boundary checks. This exploit code demonstrates remote code execution by popping calc.exe
>> TAG: #Security
Cogent DataHub HTTP Server Buffer Overflow
Mozilla Firefox 3.5.4 – Local Color Map Exploit
Mozilla Firefox 3.6 – Integer Overflow Exploit
PCMAN FTP 2.07 STOR Command – Buffer Overflow Exploit
Wikileaks Just Released A Massive 'Insurance' File That No One Can Open Business Insider You can download the files via torrent but since they are encrypted — and Wikileaks has not yet provided the key — you won't be able to open them. We can garner at least one thing of note from the file names alone: They probably have a very high … and more
Copy to WebDAV v1.1 iOS – Multiple Vulnerabilities
Quack Chat 1.0 – Multiple Vulnerabilities
Oracle Java IntegerInterleavedRaster.verify() Signed Integer Overflow
Joomla Media Manager File Upload Vulnerability