This archive contains all of the 322 exploits added to Packet Storm in February, 2012.
95f6899f44b193d7ba245c6c8868cf129dee61f977068163913633b3680c05e9
Netmechanica NetDecision HTTP Server version 4.5.1 suffers from a denial of service vulnerability. Proof of concept included.
ca7ef23ba9cddc766da91fa094b455ac195767a04b5de95766cd28f60896aac8
Dotclear version 2.4.1.2 suffers from multiple cross site scripting vulnerabilities.
1633e6f76281da7b22a07b63915222b61722ccb291e2995dfcf8a370d633aecc
Netmechanica NetDecision Traffic Grapher Server version 4.5.1 suffers from an information disclosure vulnerability. Proof of concept exploit included.
4f4a2b5632ea55b2d28166670eeaf8ab65b35106db8518ff6257c36d4a0c1575
Yealink VOIP Phone suffers from a persistent cross site scripting vulnerability.
1c5d7a80bb2cf3d1f660ade3a9a696b35ca2ec64015f60892c18290b1f7c608c
This Metasploit module exploits a vulnerability found in ASUS Net4Switch's ipswcom.dll ActiveX control. A buffer overflow condition is possible in multiple places all because of the poor use of the CxDbgPrint() function, which allows remote attackers to gain arbitrary code execution under the context of the user.
5a0d5660197cc09bd3b197a510a2691b26d23e0b9efcd8f318ca25b4b430ea47
This Metasploit module exploits a stack-based buffer overflow vulnerability in IBM Personal Communications I-Series. The issue affects file parsing in which data copied to a location in memory exceeds the size of the reserved destination area. The buffer is located on the runtime program stack. Versions tested: IBM System i Access for Windows V6R1M0 version 06.01.0001.0000a which bundles pcsws.exe version 5090.27271.709.
466e2459c3b7c7835607910609c5997d620ec132852f11a98e5e4ee4f42e0214
AliveChat suffers from a cross site scripting vulnerability.
3ba907a2a1ddde8f9eeafe44610f701ec4c866da849c021d82239b377383029d
WebfolioCMS versions 1.1.4 and below suffer from a cross site request forgery vulnerability.
0849389ad4d6fe3af34e505d20e49d82b9c9e5c38b3487cb54bffc1e05aee6f1
Netmechanica NetDecision 4.5.1 Dashboard Server version 1.0 is prone to an information disclosure vulnerability. Proof of concept exploit included.
9e78999e2f80125d161a1e724c61cc2d21074ece71a296f2bd0eb7164fdb24ce
This is a proof of concept exploit that allows an attacker to execute arbitrary code via vectors involving a dereferenced memory address in Microsoft Internet Explorer 8. It leverages the issue discussed in MS11-081. The exploit is slightly crippled by the author.
31cef28f3ae91f47c652ada6f2b786f3ba4d464050c6d2c3cfd46b5a0f99df82
BrewBlogger version 2.3.2 suffers from cross site request forgery, shell upload, and remote SQL injection vulnerabilities.
674b26c64d971b9a144e02536d38c471153b34e1b24f8b7e3dc3d6f7ef29a66b
Oracle Live Help On Demand Webcare suffers from a cross site scripting vulnerability.
7e4f2111017c66130c9ae165a74c12a728cbd0c8a2ff74c16cbbac908f8ac1a3
European Central Bank suffers from a remote SQL injection vulnerability.
10f0d549cf310d858a1b2e73ce8e57e3f013bbc82d4cf188d703935ff27417d3
Bravenet Web Services suffers from a cross site scripting vulnerability.
13e0082063b74510016efa214322429d1ea204a41d51404d33e56e83e8b7b8b1
Topics Viewer suffers from a cross site request forgery vulnerability.
4aedd9119d03bf833a70528ca35e61259571bb87e96ca763e711b23712486f98
Osdev suffers from a cross site scripting vulnerability.
65941ace19ec0e9d2655c71cbc659d728db5a42dd20710621a569b1012d8a767
ImgPals Photo Host version 1.0 STABLE suffers from a remote administrative account disabling vulnerability.
8c780762899fca7c8bc34cb516d77adf4aed068e1971cb7d7c17d6457fafd235
Microsoft AdCenter Service at advertising.microsoft.com suffers from a cross site scripting vulnerability.
bfc3b732d673df4880817aa7756d4afdd7c03f172b1d0eec1bcb0099bf1d84cb
Sysax Multi Server versions 5.53 and below SSH username buffer overflow pre-authentication remote code execution exploit with egghunter shellcode that binds a shell to port 4444.
1a9e244ba23211e8a0745f4370e9f10d0e94ad75ca261b64e8e40b6e0606839f
Sysax Multi Server version 5.53 SFTP post authentication SEH exploit with egghunter shellcode that binds a shell to port 4444.
e3ee80f9e583422dca0ef40fef6b1c192c1da12311e53628b885e95e7f419bbe
Socusoft Photo 2 Video version 8.05 suffers from a buffer overflow vulnerability.
ec0e7d80300a84c40d226a2e9521bc1913c77ea22caf5e0a89c1471ddcca54d6
OSQA CMS version 3b suffers from a cross site scripting vulnerability.
8ccd9aaca10f4913b22f49de9b319d8b4ec82f417d7ad5124948fd42f0a4705a
Wolf CMS version 0.7.5 suffers from cross site scripting and remote SQL injection vulnerabilities.
b9e7ab88017430740c0d855ac83d248cf03578f89ecbe93156b18443bc9dec1b
Mozilla Firefox version 4.0.1 Array.reduceRight() integer overflow exploit.
7765d8391885eb46e7e47c01a9ee30c61bc0afc6001023851f365b67c51d6eae