Adobe Flash Player APSB17-07 Multiple Memory Corruption Vulnerabilities
Monthly Archives: March 2017
Vuln: Adobe Flash Player CVE-2017-3000 Information Disclosure Vulnerability
Adobe Flash Player CVE-2017-3000 Information Disclosure Vulnerability
Vuln: Adobe Flash Player APSB17-07 Multiple Use After Free Remote Code Execution Vulnerabilities
Adobe Flash Player APSB17-07 Multiple Use After Free Remote Code Execution Vulnerabilities
Vuln: Microsoft Windows Hyper-V CVE-2017-0021 Memory Corruption Vulnerability
Microsoft Windows Hyper-V CVE-2017-0021 Memory Corruption Vulnerability
IBM WebSphere Remote Code Execution Java Deserialization
This Metasploit module exploits a vulnerability in IBM’s WebSphere Application Server. An unsafe deserialization call of unauthenticated Java objects exists to the Apache Commons Collections (ACC) library, which allows remote arbitrary code execution. Authentication is not required in order to exploit this vulnerability.
Apache Struts Jakarta Multipart Parser OGNL Injection
This Metasploit module exploits a remote code execution vulnerability in Apache Struts version 2.3.5 – 2.3.31, and 2.5 – 2.5.10. Remote Code Execution can be performed via http Content-Type header. Native payloads will be converted to executables and dropped in the server’s temp dir. If this fails, try a cmd/* payload, which won’t have to write to the disk.
Microsoft Windows COM Session Moniker Privilege Escalation
Microsoft Windows suffers from a COM session moniker elevation of privilege vulnerability.
Adobe Flash AVC Header Slicing Heap Overflow
Adobe Flash suffers from a heap overflow vulnerability in AVC header slicing.
Adobe Flash ATF Planar Decompression Heap Overflow
Adobe Flash suffers from a heap overflow vulnerability in ATF Planar Decompression.
Adobe Flash ATF Thumbnailing Heap Overflow
Adobe Flash suffers from a heap overflow vulnerability in ATF thumbnailing.