CVE-2014-0980
50Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 40%
from disclosure to weapon0 days
Published on NVDFeb 11
1st PoCFeb 6
metasploitFeb 5
exploitation probability
40%top 2% of all CVEs
observed exploitation
nono source reports it
6 public exploit(s)
Buffer overflow in Poster Software PUBLISH-iT 3.6d allows remote attackers to execute arbitrary code via a crafted PUI file.
Affected products
n/a · n/apublic PoCs found — 6
cve_referencepacketstormsecurity.com/files/125089unverifiedcve_referencewww.exploit-db.com/exploits/31461unverifiedexploitdbwww.exploit-db.com/exploits/31461unverifiedexploitdbwww.exploit-db.com/exploits/36437unverifiedexploitdbwww.exploit-db.com/exploits/31524unverifiedexploitdbwww.exploit-db.com/exploits/36104unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://osvdb.org/102911http://packetstormsecurity.com/files/125089http://seclists.org/fulldisclosure/2014/Feb/34http://secunia.com/advisories/56618https://exchange.xforce.ibmcloud.com/vulnerabilities/90989http://www.coresecurity.com/advisories/publish-it-buffer-overflow-vulnerabilityhttp://www.exploit-db.com/exploits/31461http://www.securityfocus.com/archive/1/530943/100/0/threadedhttp://www.securityfocus.com/bid/65366