Souhail Hammou

8 exploits Active since Jun 2013
CVE-2018-6593 EXPLOITDB HIGH c WORKING POC
MalwareFox AntiMalware 2.74.0.150 - Privilege Escalation via IOCTL 0x8000204C
An issue was discovered in MalwareFox AntiMalware 2.74.0.150. Improper access control in zam32.sys and zam64.sys allows a non-privileged process to register itself with the driver by connecting to the filter communication port and then using IOCTL 0x8000204C to \\.\ZemanaAntiMalware to elevate privileges.
CVSS 7.8
CVE-2018-6606 EXPLOITDB HIGH c WORKING POC
MalwareFox AntiMalware 2.74.0.150 - Privilege Escalation via IOCTL 0x80002010 and 0x8000204C
An issue was discovered in MalwareFox AntiMalware 2.74.0.150. Improper access control in zam32.sys and zam64.sys allows a non-privileged process to register itself with the driver by sending IOCTL 0x80002010 and then using IOCTL 0x8000204C to \\.\ZemanaAntiMalware to elevate privileges.
CVSS 7.8
CVE-2018-7289 EXPLOITDB LOW text WRITEUP
Armadito 0.12.7.2 - Info Disclosure
An issue was discovered in armadito-windows-driver/src/communication.c in Armadito 0.12.7.2. Malware with filenames containing pure UTF-16 characters can bypass detection. The user-mode service will fail to open the file for scanning after the conversion is done from Unicode to ANSI. This happens because characters that cannot be converted from Unicode are replaced with '?' characters.
CVSS 3.3
CVE-2012-6568 EXPLOITDB perl WORKING POC
Huawei UTPS 1.0 - Buffer Overflow via IDS_PLUGIN_NAME in Plugin Configuration File
Buffer overflow in the back-end component in Huawei UTPS 1.0 allows local users to gain privileges via a long IDS_PLUGIN_NAME string in a plug-in configuration file.
EIP-2026-115804 EXPLOITDB perl WORKING POC
Microsoft Windows Media Player 10 - '.avi' Integer Division By Zero Crash (PoC)
EIP-2026-115444 EXPLOITDB perl WORKING POC
Internet Download Manager - Memory Corruption
CVE-2018-10828 EXPLOITDB MEDIUM c WORKING POC
Alps Pointing-device Driver 10.1.101.207 - Denial of Service via ApMsgFwd File Mapping Object
An issue was discovered in Alps Pointing-device Driver 10.1.101.207. ApMsgFwd.exe allows the current user to map and write to the "ApMsgFwd File Mapping Object" section. ApMsgFwd.exe uses the data written to this section as arguments to functions. This causes a denial of service condition when invalid pointers are written to the mapped section. This driver has been used with Dell, ThinkPad, and VAIO devices.
CVSS 5.5
EIP-2026-108371 EXPLOITDB text WRITEUP
Joomla! Component com_icagenda - 'id' Multiple Vulnerabilities