libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to ~/Downloads, it is then automatically scanned by tracker-miners. And because it has a .cue filename extension, tracker-miners use libcue to parse the file. The file exploits the vulnerability in libcue to gain code execution. This issue is patched in version 2.3.0. This particular archive holds three proof of concept exploits.
642dbf93a2ac7ad97ec0e5940fb62ec821a66ce449bbde84890a9695362e981aProof of concept exploit for a SPARQL injection vulnerability in VIVO that triggers a denial of service.
03a908c86212c5d8cb01cd14ceb44e5ff14b5a0ad5966f87f7b111117d9a3ab6Proof of concept exploit for a buffer overflow in strongSwan VPN's charon server.
381239d433a012d932de3871f064091c52ad26bb7b01de975c5e82fe37562652Proof of concept exploit for a buffer overflow remote code execution vulnerability in librelp.
e494ed907a60d68aba585cbc21eba08e50daffab41973ff8ba84e679096953dcProof of concept exploit for polkit that triggers an eventfd file descriptor leak.
f9b681fc933ff4d272ea49c02694d6c797b953465a57f0c30ab341372a92d369Facebook Fizz suffered from a remotely triggerable infinite loop denial of service condition due to an integer overflow.
5af505c975ff4a29b7c3d8cd18aec2e20e97fd465a21a6d2441d3e348521e614Proof of concept exploit for a path traversal vulnerability in Ansible's fetch module.
8c4c608182c45d96419302765b9eaa12ca07e339dc23cb5c1ded2218533abe68libssh2 version 1.8.2 contains a remotely trigger-able out-of-bounds read, potentially leading to information disclosure.
47dbaa31a29d74354b7f8716952609a928ff2194c685ff7f70671eae2d710286libssh2 version 1.9.0 contains a remotely trigger-able out-of-bounds read, leading to denial of service or potentially to information disclosure.
e79ff6b1f659b8e1be88dd359afcecafb7933238e7e489068a3bd0a273b7d191libssh proof of concept authentication bypass exploit, which, under certain conditions, may enable a remote attacker to gain unauthorized access to another user's account via ssh login. Versions 0.9.0 through 0.9.6 and 0.10.0 through 0.10.4 are affected.
9bd1a8957c6bb9f405736511d3ad44169c96d1094aebcfdbf0555a4786bbe3ebProof of concept exploit for a D-Bus denial of service condition that can be triggered via a file descriptor leak.
87e71894350d7dbd3c36666fe7e024bd14e19415a79f2aed19e7d9102383633cApple XNU kernel memory exposure proof of concept exploit that is designed for macOS High Sierra version 10.13.
38dd575e5b5287e0c5ce77e2d2ac39c63d630fc15948a59b9200382df1ff09b0Proof of concept exploit for a remotely trigger-able heap buffer overflow vulnerability in iOS 11.4.1 and macOS 10.13.6. This exploit can be used to crash any vulnerable iOS or macOS device that is connected to the same network as the attacker's computer. The vulnerability can be triggered without any user interaction on the victim's device. The exploit involves sending a TCP packet with non-zero options in the IP and TCP headers.
5352cd5286d39bd38e49f40ff6d66d63f42d4b951311bef0126c92981172e14fmacOS NFS client buffer overflow proof of concept exploit. These issues were addressed in macOS version 10.13.6.
917b85555ca4494b492d414d04dedd1a7811edb66c81d2df1ef9435751ac4474Proof-of-concept exploit for a remote code execution vulnerability in the packet-mangler component of macOS. The vulnerability was fixed in macOS High Sierra 10.13.5, which was released on June 1, 2018.
6bb19f476695922a3e4295da78b226643f1cf515a1ee4fc61b849f6bce9c9eb7Proof of concept exploit for a double-free memory corruption vulnerability in Ubuntu accountsservice.
a24f0c965168bcc3814136c8ee24f8fd5c7b0fb07f7be9bcaa47978b144f0e8fFive proof of concept exploits that encompass integer overflow and denial of service conditions in Ubuntu's Apport and Whoopsie components.
04883ffd913b86aa2c8a13bf6757fef0b0d4525b563200cbd5563f587cdfc221Proof of concept exploits for libsane. The first enumerates a series of memory corruption issues and the second pops a calculator.
5ceb1ae3ba7a731ca6ae7c87b33be4c77455ddf79d5edc4c07eb4b5cf09b23b2Microsoft ChakaCore proof of concept exploit for a remote code execution vulnerability.
2e0ec88002fb1391d58a60ee453157c9d0449ba5f50a42e34b268e8ddd28c73fProof of concept exploit for an authentication bypass vulnerability in polkit.
458437eef69ad8bf3f51e3b80d608d2052ad08a989fbda8025248aff1d4b2a27Proof of concept exploit for a type confusion bug in the JIT compiler of Chrome that can be used to achieve remote code execution.
30eeadf8f371d4a17379456833c3996be91c75c93e2bc055f9e6f40682fc5995Proof of concept for a logic bug in the implementation of the garbage collector (GC) in v8 (the JavaScript interpreter of Chrome). The exploit poc.js is tested on v8 version 9.4.146.16 (commit 452f57b), which is the version shipped with Chrome 94.0.4606.61, the one before the bug was fixed, on Ubuntu 20.04.
9bcd05375f4716e560bf2a6e62f7e0eed58e6eb6f38f4070b6205036e9ca28caProof of concept remote code execution exploit that demonstrates a vulnerability in the Chrome renderer sandbox by simply visiting a malicious website.
0bef9994895034465485b3ccc1c259c22c1bde140f7e3d288d935477095db1e7Proof of concept exploit for a Chrome use-after-free vulnerability of non-garbage-collected objects, which is allocated by the PartitionAlloc memory allocator.
3c22f0abad82c2cbf4c1d29bf8cfddf026899fc8272a11d1fea6c2c2b02b6e21Proof of concept exploit for a Chrome renderer remote code execution vulnerability.
9fe14db33f51b4c5ac882ae3b87ce8ce4342d37160fda598491088767b81b67e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed