by Julien Ahrens | Tuesday, March 26, 2013 | Advisory
That’s amazing bad. Where should I start? In July 2012 I’ve reported a critical SQL – Injection flaw on the official website of Lower Bavaria alongside another small XSS flaw to the owner of the website. The answer did not take that long asking for...
by Julien Ahrens | Tuesday, March 19, 2013 | Advisory, Exploit
OK…honestly… I promise (!)… this is the last advisory about the ProShow Producer application, but also the most dangerous one with a CVSS Score of 7,2 and exploitable on at least all english Microsoft Windows based operating systems! The facts ?...
by Julien Ahrens | Saturday, March 16, 2013 | Advisory
Hello readers! Take a moment and read the following article on Wikipedia about the German TÜV which is described as: TÜVs (German pronunciation: [ˈtʏf]; short for German: Technischer Überwachungs-Verein, English: Technical Inspection Association) are German...
by Julien Ahrens | Wednesday, March 13, 2013 | Exploit
I’ve discovered another 0day Remote Code Execution flaw in a CNET.com Top10 software of its category, which has been downloaded more than 6 million times right now. Affected Versions and CVSS I’ve successfully verified the vulnerability in the following...
by Julien Ahrens | Tuesday, March 5, 2013 | Advisory, Exploit
Have you read my last advisory about the HP Intelligent Management Center v5.1 E0202 topoContent.jsf Non-Persistent Cross-Site Scripting Vulnerability ? You should do! Taken by itself it’s not even an interesting vulnerability. But! You’re able...
by Julien Ahrens | Saturday, February 23, 2013 | Advisory
This is a sweet vulnerability, because all ProShow installations on all Microsoft Windows operating systems up to Windows 8 are exploitable! Let’s have a look at the details and how to exploit it to get a remote shell 🙂 When launching the application, it loads...
by Julien Ahrens | Monday, February 18, 2013 | Advisory
And here’s the next one. A SEH-based Buffer Overflow – exploitable on all 32bit windows systems out there :-). The application does not validate (again, but in a different module) the length of the title value while loading the contents of a ProShow...
by Julien Ahrens | Thursday, February 14, 2013 | Advisory
Hello readers, as predicted 🙂 … here’s the next vulnerability in the ProShow Producer application by Photodex. This time, it’s a dangerous memory corruption which could lead to “remote” code execution using a crafted .pxs file. An...
by Julien Ahrens | Saturday, January 26, 2013 | Exploit
After my last advisory about the ProShow Producer application by Photodex and the nice Metasploit module created by mr.pr0n, I decided to dig deeper into this application, because the vendor does not care about his product security! The application is...
by Julien Ahrens | Tuesday, January 15, 2013 | General
Last year while playing with the famous peach fuzzer for the first time, I discovered two Remote Denial of Service vulnerabilities in the DNS and HTTP modules of the handy all-in-one server “Serva”. The root cause for both DoS conditions are standard...
