HTTP: User Agent Overflow

References

BugTraq: 56057 14242 36600 23608 59162 58504 19192 35660 57726 52034 24217 52161 33898 56054

CVE: CVE-2012-1875

URL: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.43 https://community.rapid7.com/community/metasploit/blog/2015/01/01/12-days-of-haxmas-exploiting-cve-2014-9390-in-git-and-mercurial http://git-blame.blogspot.com.es/2014/12/git-1856-195-205-214-and-221-and.html http://article.gmane.org/gmane.linux.kernel/1853266 https://github.com/blog/1938-vulnerability-announced-update-your-git-clients https://www.mehmetince.net/one-git-command-may-cause-you-hacked-cve-2014-9390-exploitation-for-shell/ http://mercurial.selenic.com/wiki/WhatsNew#Mercurial_3.2.3_.282014-12-18.29 http://selenic.com/repo/hg-stable/rev/c02a05cc6f5e http://selenic.com/repo/hg-stable/rev/6dad422ecc5a http://seclists.org/oss-sec/2017/q3/280 http://securitypadawan.blogspot.com/2014/02/php-meterpreter-web-delivery.html http://www.pentestgeek.com/2013/07/19/invoke-shellcode/ http://www.powershellmagazine.com/2013/04/19/pstip-powershell-command-line-switches-shortcuts/ http://www.darkoperator.com/blog/2013/3/21/powershell-basics-execution-policy-and-code-signing-part-2.html https://bugzilla.mozilla.org/show_bug.cgi?id=503286 http://schierlm.users.sourceforge.net/CVE-2012-1723.html http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html https://bugzilla.redhat.com/show_bug.cgi?id=829373 http://icedtea.classpath.org/hg/release/icedtea7-forest-2.1/hotspot/rev/253e7c32def9 http://icedtea.classpath.org/hg/release/icedtea7-forest-2.1/hotspot/rev/8f86ad60699b http://www.security-explorations.com/materials/SE-2012-01-ORACLE-5.pdf http://www.security-explorations.com/materials/se-2012-01-report.pdf http://www.defcon.org/images/defcon-17/dc-17-presentations/defcon-17-valsmith-metaphish.pdf http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html http://malware.dontneedcoffee.com/2012/11/cool-ek-hello-my-friend-cve-2012-5067.html http://blogs.technet.com/b/mmpc/archive/2012/11/15/a-technical-analysis-on-new-java-vulnerability-cve-2012-5076.aspx http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/160cde99bb1a http://www.security-explorations.com/materials/SE-2012-01-ORACLE-12.pdf http://www.security-explorations.com/materials/se-2012-01-61.zip http://malware.dontneedcoffee.com/2013/01/0-day-17u10-spotted-in-while-disable.html http://labs.alienvault.com/labs/index.php/2013/new-year-new-java-zeroday/ http://pastebin.com/cUG2ayjh http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3 http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx http://schierlm.users.sourceforge.net/TypeConfusion.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0507 https://community.rapid7.com/community/metasploit/blog/2012/03/29/cve-2012-0507--java-strikes-again http://www.mozilla.org/security/announce/mfsa2006-45.html http://www.security-explorations.com/materials/SE-2012-01-ORACLE-8.pdf http://www.security-explorations.com/materials/SE-2012-01-ORACLE-9.pdf http://security-obscurity.blogspot.com.es/2013/01/about-new-java-0-day-vulnerability.html http://pastebin.com/QWU1rqjf http://malware.dontneedcoffee.com/2013/02/cve-2013-0431-java-17-update-11.html https://developer.mozilla.org/en/Extensions/Bootstrapped_extensions http://dvlabs.tippingpoint.com/blog/2007/06/27/xpi-the-next-malware-vector http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/2a9c79db0040 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5076 http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/ http://www.deependresearch.org/2012/08/java-7-0-day-vulnerability-information.html http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day https://bugzilla.redhat.com/show_bug.cgi?id=852051 http://secunia.com/advisories/51733/ http://www.contextis.com/research/blog/java-pwn2own/ http://immunityproducts.blogspot.com/2013/04/yet-another-java-security-warning-bypass.html http://slightlyrandombrokenthoughts.blogspot.com/2010/04/java-trusted-method-chaining-cve-2010.html http://schierlm.users.sourceforge.net/CVE-2011-3544.html http://www.mozilla.org/security/announce/mfsa2005-50.html http://support.apple.com/kb/HT3592 http://redpig.dataspill.org/2009/05/drive-by-attack-for-itunes-811.html http://weblog.ikvm.net/PermaLink.aspx?guid=acd2dd6d-1028-4996-95df-efa42ac237f0 http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/b453d9be6b3f https://en.wikipedia.org/wiki/Macro_virus http://www.agarri.fr/blog/ http://www.adobe.com/support/security/bulletins/apsb08-24.html http://aluigi.altervista.org/adv/steamcazz-adv.txt http://www.security-assessment.com/files/documents/advisory/ICONICS_WebHMI.pdf http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-11-080-02.pdf http://www.stratsec.net/Research/Advisories/TeeChart-Professional-Integer-Overflow http://www.vmware.com/security/advisories/VMSA-2012-0015.html http://blog.malerisch.net/2012/12/maxthon-cross-context-scripting-xcs-about-history-rce.html http://www.microsoft.com/technet/security/advisory/2458511.mspx http://contagiodump.blogspot.com/2012/03/mar-2-cve-2012-0754-irans-oil-and.html http://www.adobe.com/support/security/bulletins/apsb12-03.html http://d0cs4vage.blogspot.com/2011/06/insecticides-dont-kill-bugs-patch.html http://fhoguin.com/2011/03/oracle-java-unsigned-applet-applet2classloader-remote-code-execution-vulnerability-zdi-11-084-explained/ http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html http://blog.harmonysecurity.com/2010/10/oracle-java-ie-browser-plugin-stack.html http://code.google.com/p/skylined/issues/detail?id=23 http://skypher.com/index.php/2010/10/13/issue-2-oracle-java-object-launchjnlp-docbase/ http://www.oracle.com/technetwork/topics/security/javacpuoct2010-176258.html http://www.adobe.com/support/security/bulletins/apsb10-02.html http://aluigi.altervista.org/adv/pcvue_1-adv.txt http://www.dell.com/support/drivers/us/en/04/DriverDetails/DriverFileFormats?c=us&l=en&s=bsd&cs=04&DriverId=R230103 http://vreugdenhilresearch.nl/java-midi-parse-vulnerabilities/ http://www.microsoft.com/technet/security/advisory/2219475.mspx http://secunia.com/advisories/37169/ https://bugzilla.mozilla.org/show_bug.cgi?id=634986 http://www.mozilla.org/security/announce/2011/mfsa2011-13.html https://bugzilla.mozilla.org/show_bug.cgi?id=708198 http://seclists.org/fulldisclosure/2012/Jul/375 http://forums.ubi.com/showthread.php/699940-Uplay-PC-Patch-2-0-4-Security-fix http://secunia.com/secunia_research/2011-37/ http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=819 http://technet.microsoft.com/en-us/security/advisory/2757760 http://eromang.zataz.com/2012/09/16/zero-day-season-is-really-not-over-yet/ https://bugzilla.mozilla.org/show_bug.cgi?id=664009 http://www-304.ibm.com/support/docview.wss?uid=swg21596862 http://secunia.com/advisories/22999/ http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=591 http://blog.zoller.lu/2010/08/cve-2010-xn-loadlibrarygetprocaddress.html http://www.acrossecurity.com/aspr/ASPR-2010-08-18-1-PUB.txt http://contagiodump.blogspot.com/2010/09/cve-david-leadbetters-one-point-lesson.html http://www.adobe.com/support/security/advisories/apsa10-02.html http://www.microsoft.com/technet/security/advisory/979352.mspx http://wepawet.iseclab.org/view.php?hash=1aea206aa64ebeabb07237f1e2230d0f&type=js http://secunia.com/advisories/29315/ http://www.adobe.com/support/security/bulletins/apsb09-04.html http://secunia.com/advisories/40729/ http://support.apple.com/kb/HT4290 http://www.zerodayinitiative.com/advisories/ZDI-15-156/ http://www.zerodayinitiative.com/advisories/ZDI-16-481/ http://labs.alienvault.com/labs/index.php/2012/cve-2012-1535-adobe-flash-being-exploited-in-the-wild/ https://developer.apple.com/fonts/TTRefMan/RM06/Chap6.html http://contagiodump.blogspot.com.es/2012/08/cve-2012-1535-samples-and-info.html https://community.rapid7.com/community/metasploit/blog/2012/08/17/adobe-flash-player-exploit-cve-2012-1535-now-available-for-metasploit http://www.adobe.com/support/security/bulletins/apsb12-18.html http://secunia.com/secunia_research/2012-1/ http://secunia.com/secunia_research/2012-25/ http://ifsec.blogspot.com/2011/10/internet-explorer-option-element-remote.html http://pastebin.com/YLH725Aj http://bugix-security.blogspot.com/2011/03/cve-2011-0609-adobe-flash-player.html http://www.adobe.com/devnet/swf.html http://www.adobe.com/support/security/advisories/apsa11-01.html http://www.f-secure.com/weblog/archives/00002226.html http://aluigi.altervista.org/adv/netiware_1-adv.txt http://dvlabs.tippingpoint.com/advisory/TPTI-10-06 http://www.videolan.org/security/sa1201.html http://git.videolan.org/?p=vlc/vlc-2.0.git;a=commit;h=11a95cce96fffdbaba1be6034d7b42721667821c http://secunia.com/advisories/27418/ http://www.kahusecurity.com/2011/cve-2011-2140-caught-in-the-wild/ http://www.adobe.com/support/security/bulletins/apsb11-21.html http://0x1byte.blogspot.com/2011/11/analysis-of-cve-2011-2140-adobe-flash.html http://secunia.com/secunia_research/2006-7/advisory/ http://seclists.org/lists/bugtraq/2006/Mar/0410.html http://seclists.org/lists/fulldisclosure/2006/Mar/1439.html http://secunia.com/advisories/30709/ http://support.apple.com/kb/HT5581 http://www.novell.com/support/kb/doc.php?id=7011688 http://securityresponse.symantec.com/avcenter/security/Content/2007.05.16.html http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=497 http://secunia.com/advisories/42445/ http://xforce.iss.net/xforce/xfdb/63666 http://blogs.adobe.com/psirt/2009/10/adobe_reader_and_acrobat_issue_1.html http://www.adobe.com/support/security/bulletins/apsb09-15.html http://labs.alienvault.com/labs/index.php/2012/ongoing-attacks-exploiting-cve-2012-1875/ https://twitter.com/binjo/status/212795802974830592 https://community.rapid7.com/community/metasploit/blog/2012/06/18/metasploit-exploits-critical-microsoft-vulnerabilities http://pwnanisec.blogspot.com/2012/10/exploiting-command-injection.html http://www-304.ibm.com/support/docview.wss?uid=swg21598348 http://aluigi.org/adv/ole32_1-adv.txt http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=966 https://bugzilla.mozilla.org/show_bug.cgi?id=607222 http://www.mozilla.org/security/announce/2010/mfsa2010-73.html http://www.coresecurity.com/content/vlc-vulnerabilities-amv-nsv-files http://git.videolan.org/?p=vlc/vlc-1.1.git;a=commitdiff;h=fe44129dc6509b3347113ab0e1a0524af1e0dd11 http://www.microsoft.com/technet/security/advisory/981169.mspx http://blogs.technet.com/msrc/archive/2010/02/28/investigating-a-new-win32hlp-and-internet-explorer-issue.aspx http://isec.pl/vulnerabilities/isec-0027-msgbox-helpfile-ie.txt http://www.microsoft.com/technet/security/advisory/2488013.mspx http://www.wooyun.org/bugs/wooyun-2010-0885 http://seclists.org/fulldisclosure/2010/Dec/110 http://secunia.com/secunia_research/2010-104/ https://bugzilla.mozilla.org/show_bug.cgi?id=708186 http://dsecrg.com/files/pub/pdf/HITB%20-%20Attacking%20SAP%20Users%20with%20Sapsploit.pdf http://lists.apple.com/archives/Security-announce/2011/Jul/msg00002.html http://secunia.com/advisories/26970/ http://dvlabs.tippingpoint.com/advisory/TPTI-12-05 http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html https://community.rapid7.com/community/metasploit/blog/2012/08/15/the-stack-cookies-bypass-on-cve-2012-0549 http://www.cvedetails.com/cve/CVE-2005-1790 https://speakerd.s3.amazonaws.com/presentations/0df98910d26c0130e8927e81ab71b214/for-share.pdf http://sotiriu.de/adv/NSOADV-2010-005.txt http://archives.neohapsis.com/archives/fulldisclosure/2010-04/0122.html http://www.reversemode.com/index.php?option=com_content&task=view&id=67&Itemid=1 https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html http://www.vmware.com/in/security/advisories/VMSA-2016-0010.html http://subt0x10.blogspot.com/2016/04/bypass-application-whitelisting-script.html https://www.trustedsec.com/july-2015/malicious-htas/ https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6136 http://technet.microsoft.com/en-us/security/msvr/msvr11-014 https://securingtomorrow.mcafee.com/mcafee-labs/critical-office-zero-day-attacks-detected-wild/ https://www.fireeye.com/blog/threat-research/2017/04/acknowledgement_ofa.html https://www.helpnetsecurity.com/2017/04/10/ms-office-zero-day/ https://www.fireeye.com/blog/threat-research/2017/04/cve-2017-0199-hta-handler.html https://www.checkpoint.com/defense/advisories/public/2017/cpai-2017-0251.html https://github.com/nccgroup/Cyber-Defence/blob/master/Technical%20Notes/Office%20zero-day%20(April%202017)/2017-04%20Office%20OLE2Link%20zero-day%20v0.4.pdf https://blog.nviso.be/2017/04/12/analysis-of-a-cve-2017-0199-malicious-rtf-document/ https://www.hybrid-analysis.com/sample/ae48d23e39bf4619881b5c4dd2712b8fabd4f8bd6beb0ae167647995ba68100e?environmentId=100 https://www.mdsec.co.uk/2017/04/exploiting-cve-2017-0199-hta-handler-vulnerability/ https://www.microsoft.com/en-us/download/details.aspx?id=10725 https://msdn.microsoft.com/en-us/library/dd942294.aspx https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-CFB/[MS-CFB https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0199 https://blog.exodusintel.com/2015/08/13/stagefright-mission-accomplished/ http://googleprojectzero.blogspot.com/2015/09/stagefrightened.html https://raw.githubusercontent.com/NorthBit/Public/master/NorthBit-Metaphor.pdf https://github.com/NorthBit/Metaphor http://drops.wooyun.org/papers/7558 http://translate.wooyun.io/2015/08/08/Stagefright-Vulnerability-Disclosure.html https://www.nccgroup.trust/globalassets/our-research/uk/whitepapers/2016/01/libstagefright-exploit-notespdf/