by Julien Ahrens | Saturday, February 23, 2013 | Advisory
This is a sweet vulnerability, because all ProShow installations on all Microsoft Windows operating systems up to Windows 8 are exploitable! Let’s have a look at the details and how to exploit it to get a remote shell 🙂 When launching the application, it loads...
by Julien Ahrens | Monday, February 18, 2013 | Advisory
And here’s the next one. A SEH-based Buffer Overflow – exploitable on all 32bit windows systems out there :-). The application does not validate (again, but in a different module) the length of the title value while loading the contents of a ProShow...
by Julien Ahrens | Thursday, February 14, 2013 | Advisory
Hello readers, as predicted 🙂 … here’s the next vulnerability in the ProShow Producer application by Photodex. This time, it’s a dangerous memory corruption which could lead to “remote” code execution using a crafted .pxs file. An...
by Julien Ahrens | Saturday, January 26, 2013 | Exploit
After my last advisory about the ProShow Producer application by Photodex and the nice Metasploit module created by mr.pr0n, I decided to dig deeper into this application, because the vendor does not care about his product security! The application is...
by Julien Ahrens | Tuesday, January 15, 2013 | General
Last year while playing with the famous peach fuzzer for the first time, I discovered two Remote Denial of Service vulnerabilities in the DNS and HTTP modules of the handy all-in-one server “Serva”. The root cause for both DoS conditions are standard...
