收集的几个存在漏洞的程序

存在漏洞的一些小软件，适合测试和演示用。

附上漏洞小软件和msf利用模块。这些漏洞都在winXPsp3上面测试通过的。

 

1、Adobe Flash Player MP4 SequenceParameterSetNALUnit Buffer Overflow

CVE-2011-2140

漏洞模块：exploit/windows/browser/adobe_flash_sps

漏洞文件名称：install_flash_player_ax.exe (flash 10.3.185以下版本理论都存在漏洞)

 

2、Windows Media Player (WMP) Remote Code Execution

CVE2012-0003，MS12-004

漏洞模块：exploit/windows/browser/ms12_004_midi

漏洞影响：vista、XP、win7、winServ 2008

 

3、CCMPlayer1.5 Buffer Overflow Vulnerability

漏洞模块：exploit/windows/fileformat/ccmplayer_m3u_bof

漏洞文件名称：CCMPlay.exe

 

4、Free MP3 CD Ripper 1.1 WAV File Stack Buffer Overflow

漏洞模块：exploit/windows/fileformat/free_mp3_ripper_wav

漏洞文件名称：FMCRSetup.exe

漏洞影响：暂测windows XP sp3

 

5、NJStar Communicator 3.00 MiniSMTP Buffer Overflow

漏洞模块：exploit/windows/smtp/njstar_smtp_bof

漏洞文件名称：njstar-300.exe

漏洞影响：WinXP SP2/SP3 WinServ2003 sp0/sp1/sp2

 

6、Kolibri HTTP Server HEAD Buffer Overflow

漏洞模块：exploit/windows/http/kolibri_http

漏洞文件名称：Kolibri-2.0-win.zip

漏洞影响：winXP sp3，winServ2003 sp2

 

7、TugZip 3.5 Zip File Parsing Buffer Overflow Vulnerability

漏洞模块：exploit/windows/fileformat/tugzip

漏洞文件名称：tugzip35.exe

漏洞影响：安装的win系统都影响

 

8、GoldenFTP PASS Stack Buffer Overflow

漏洞模块：exploit/windows/ftp/goldenftp_pass_bof

漏洞文件名称：golden-ftp-server-v4-70.rar

漏洞影响：winXP Pro sp0/sp1/sp2/sp3

 

9、Wireshark packet-dect.c Stack Buffer Overflow

漏洞模块：exploit/windows/misc/wireshark_packet_dect

漏洞文件名称：wireshark-win32-1.3.5.exe

漏洞影响：Windows平台，wireshark<1.4.4版本

 

10、MS11-003 Microsoft Internet Explorer CSS Recursive Import Use After Free

漏洞模块：exploit/windows/browser/ms11_003_ie_css_import

漏洞影响：windows平台，IE6、7、8ß

暂时就先这么多吧，等以后发现新的，再整理。