Showing 1 - 13 of 13

Files from Yaniv Miron

Microsoft Patch Analysis Presentation: Posted Aug 19, 2011; Authored by Yaniv Miron; Microsoft Patch Analysis presentation slides from Confidence 2010.; tags | paper; SHA-256 | 7ec969f7ce7dd6a082eb350a5cc69296faf9cf9787d943e97bba72f29e1d3c0a; Download | Favorite | View

Microsoft Windows CreateSizeDIBSECTION Stack Buffer Overflow: Posted Feb 10, 2011; Authored by Yaniv Miron, jduck, Moti, Xu Hao | Site metasploit.com; This Metasploit module exploits a stack-based buffer overflow in the handling of thumbnails within .MIC files and various Office documents. When processing a thumbnail bitmap containing a negative 'biClrUsed' value, a stack-based buffer overflow occurs. This leads to arbitrary code execution. In order to trigger the vulnerable code, the folder containing the document must be viewed using the "Thumbnails" view.; tags | exploit, overflow, arbitrary, code execution; advisories | CVE-2010-3970, OSVDB-70263; SHA-256 | ff0746ba8e2fc6963fae334d5cae3d633461ec95d7ca6d6099761907cf4797c4; Download | Favorite | View

iDEFENSE Security Advisory 2011-02-08.1: Posted Feb 8, 2011; Authored by iDefense Labs, Yaniv Miron, Kobi Pariente | Site idefense.com; iDefense Security Advisory 02.08.11 - Remote exploitation of a buffer overflow vulnerability in multiple versions of Microsoft Corp.'s Windows could allow attackers to execute arbitrary code on the targeted host. An integer overflow vulnerability exists in the "shimgvw" library. During the processing of an image within a certain function, a bitmap containing a large "biWidth" value can be used to cause an integer calculation overflow. This condition can lead to the overflow of a heap buffer and may result in the execute arbitrary code on the targeted host.; tags | advisory, remote, overflow, arbitrary; systems | windows; advisories | CVE-2011-3970; SHA-256 | f6124a1b8cbfad6d5655d8dd9b8857fd339410ce72f7e673b15b3fbb4d62778c; Download | Favorite | View

Microsoft Windows CreateSizedDIBSECTION Stack Buffer Overflow: Posted Jan 5, 2011; Authored by Yaniv Miron, jduck, Moti, Xu Hao | Site metasploit.com; This Metasploit module exploits a stack-based buffer overflow in the handling of thumbnails within .MIC files and various Office documents. When processing a thumbnail bitmap containing a negative 'biClrUsed' value, a stack-based buffer overflow occurs. This leads to arbitrary code execution. In order to trigger the vulnerable code, the folder containing the document must be viewed using the "Thumbnails" view.; tags | exploit, overflow, arbitrary, code execution; advisories | CVE-2010-3970, OSVDB-70263; SHA-256 | 324a4cf6708fa3e2e4a6d04a2e921ca6490b4047ccd7b0dfca5643c50afc11c8; Download | Favorite | View

Aris AGX agXchange ESM Open Redirection: Posted Mar 22, 2010; Authored by Yaniv Miron; The Aris AGX agXchange ESM safety submissions module suffers from an open redirection vulnerability.; tags | exploit; SHA-256 | 2c9de39e17d4804bef609db851591fe352f2c6759ab33b6236daaa76c6ef0832; Download | Favorite | View

IBM Lotus 6.x HTTP Response Splitting: Posted Mar 20, 2010; Authored by Yaniv Miron; IBM Lotus version 6.x suffers from a HTTP response splitting vulnerability.; tags | exploit, web; SHA-256 | eb17a890d0e369f28679e022d3d6d0ec5c394507a4192671f18179c81f926f67; Download | Favorite | View

Friendly-Tech FriendlyTR69 2.8.9 SQL Injection: Posted Mar 10, 2010; Authored by Yaniv Miron; Friendly-Tech FriendlyTR69 CPE remote management version 2.8.9 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 58ccac000cdd3134afda51cec0b760989d3af73eaba4ecc1194b1016dcfa7bd1; Download | Favorite | View

IBM ENOVIA SmarTeam 5 Cross Site Scripting: Posted Mar 9, 2010; Authored by Yaniv Miron; IBM ENOVIA SmarTeam version 5 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 2a2209931b1ffd42b7662b43ba4d47eb79ceb56b8533c08525649d627220dac8; Download | Favorite | View

Sparta Systems TrackWise TeamAccess Cross Site Scripting: Posted Mar 3, 2010; Authored by Yaniv Miron; The Sparta Systems TrackWise TeamAccess module suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 52aeca03b84206b3c2b015722e3fbbb96730fc996397f673d8eb9f960cfe130d; Download | Favorite | View

Eshbel Priority MarketGate Cross Site Scripting: Posted Mar 3, 2010; Authored by Yaniv Miron; Eshbel Priority MarketGate module suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | ba1eb4771be17163701c33bc9cd1834c5df42518f2f7cfe06aaa3c6efd2d9e92; Download | Favorite | View

Oracle Siebel 7.x CRM Cross Site Scripting: Posted Mar 1, 2010; Authored by Yaniv Miron; Oracle Siebel CRM version 7.x suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | d9b8d785baaec4c817bb1fc5be6e354ef43d9a6c8da1f1bffdc2b704fbf65d0b; Download | Favorite | View

ARISg5 5.0 Cross Site Scripting: Posted Feb 27, 2010; Authored by Yaniv Miron; ARISg5 version 5.0 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | c5198d5f0e7e3bc211bc96fbfda873a31bfed02e818bcd04d6b3f10e9eec1edf; Download | Favorite | View

apache-utf7xss.txt: Posted May 9, 2008; Authored by Yaniv Miron, Yossi Yakubov; Apache versions 2.2.x and 1.3.x suffer from a cross site scripting vulnerability leveraging UTF-7 encoding on 403 forbidden pages.; tags | exploit, xss; SHA-256 | 8fffd3a81ffabcbd3507f0163054297820bd7db26ac5b1589bffae4cacbe171d; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days