Abysssec

89 exploits Active since Feb 2009
CVE-2010-1297 EXPLOITDB HIGH python WORKING POC
Adobe Flash Player
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.
CVSS 7.8
CVE-2010-1681 EXPLOITDB python WORKING POC
Microsoft Visio - Buffer Overflow via Crafted DXF File
Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft Office Visio allows user-assisted remote attackers to execute arbitrary code via a crafted DXF file, a different vulnerability than CVE-2010-0254 and CVE-2010-0256.
EIP-2026-117485 EXPLOITDB text WRITEUP
Microsoft Excel 2007 SP2 - Buffer Overwrite (MS11-021)
CVE-2011-0105 EXPLOITDB ruby WORKING POC
MS11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac obtain a certain length value from an uninitialized memory location, which allows remote attackers to trigger a buffer overflow and execute arbitrary code via a crafted Excel file, aka "Excel Data Initialization Vulnerability."
CVE-2010-0822 EXPLOITDB python WORKING POC
MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow
Stack-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted OBJ (0x5D) record, aka "Excel Object Stack Overflow Vulnerability."
EIP-2026-116801 EXPLOITDB text WORKING POC
Apache Tomcat (Windows) - 'runtime.getRuntime().exec()' Local Privilege Escalation
CVE-2010-1247 EXPLOITDB python WORKING POC
Microsoft Office Excel 2002 SP3 - RCE
Unspecified vulnerability in Microsoft Office Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel file with a malformed RTD (0x813) record that triggers heap corruption, aka "Excel Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0823 and CVE-2010-1249.
CVE-2009-0927 EXPLOITDB HIGH text WORKING POC
Adobe Acrobat Reader 7.0-7.1.1 - Remote Code Execution via Collab.getIcon Method
Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658.
CVSS 8.8
CVE-2010-2201 EXPLOITDB python WORKING POC
Adobe Acrobat and Reader 9.x < 9.3.3 and 8.x < 8.2.3 - Remote Code Execution via Crafted Flash Content in PDF
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content involving the (1) pushstring (0x2C) operator, (2) debugfile (0xF1) operator, and an "invalid pointer vulnerability" that triggers memory corruption, a different vulnerability than CVE-2010-1285 and CVE-2010-2168.
CVE-2010-1199 EXPLOITDB python WORKING POC
Firefox 3.5.x-3.5.9 and 3.6.x-3.6.3 - Remote Code Execution via XSLT Node Sorting Integer Overflow
Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.
CVE-2010-3000 EXPLOITDB python WORKING POC
RealNetworks RealPlayer <11.1 - RCE
Multiple integer overflows in the ParseKnownType function in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allow remote attackers to execute arbitrary code via crafted (1) HX_FLV_META_AMF_TYPE_MIXEDARRAY or (2) HX_FLV_META_AMF_TYPE_ARRAY data in an FLV file.
CVE-2010-1900 EXPLOITDB python WORKING POC
Microsoft Works 9 - Remote Code Execution via Malformed Word File Record
Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Works 9 do not properly handle malformed records in a Word file, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, aka "Word Record Parsing Vulnerability."
CVE-2010-2752 EXPLOITDB python WORKING POC
Mozilla Firefox <3.5.11 & <3.6.7 - RCE
Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets (CSS) values in an array, related to references to external font resources and an inconsistency between 16-bit and 32-bit integers.
CVE-2010-1214 EXPLOITDB python WORKING POC
Mozilla Firefox <3.5.11 & SeaMonkey <2.0.6 - RCE
Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via plugin content with many parameter elements.
CVE-2010-2738 EXPLOITDB python WORKING POC
Microsoft Windows and Office - Remote Code Execution via Malformed OpenType Font Parsing
The Uniscribe (aka new Unicode Script Processor) implementation in USP10.DLL in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2, and Microsoft Office XP SP3, 2003 SP3, and 2007 SP2, does not properly validate tables associated with malformed OpenType fonts, which allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) Office document, aka "Uniscribe Font Parsing Engine Memory Corruption Vulnerability."
CVE-2010-1245 EXPLOITDB text WORKING POC
Microsoft Office <2008 for Mac - RCE
Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed SxView (0xB0) record, aka "Excel Record Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0824 and CVE-2010-0821.
CVE-2010-2703 EXPLOITDB python WORKING POC
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in the execvp_nc function in the ov.dll module in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53, when running on Windows, allows remote attackers to execute arbitrary code via a long HTTP request to webappmon.exe.
EIP-2026-115455 EXPLOITDB python WORKING POC
Ipswitch Imail Server - List Mailer Reply-To Address Memory Corruption
CVE-2010-2553 EXPLOITDB python WORKING POC
Windows XP SP2/SP3, Vista SP1/SP2, and Windows 7 - Remote Code Execution via Crafted Media File
The Cinepak codec in Microsoft Windows XP SP2 and SP3, Windows Vista SP1 and SP2, and Windows 7 does not properly decompress media files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Cinepak Codec Decompression Vulnerability."
EIP-2026-115650 EXPLOITDB text WRITEUP
Microsoft Excel - HFPicture Record Parsing Memory Corruption
CVE-2010-1248 EXPLOITDB text WORKING POC
Microsoft Office Excel <2004 - Buffer Overflow
Buffer overflow in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed HFPicture (0x866) record, aka "Excel HFPicture Memory Corruption Vulnerability."
CVE-2010-1248 EXPLOITDB text SUSPICIOUS
Microsoft Office Excel <2004 - Buffer Overflow
Buffer overflow in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed HFPicture (0x866) record, aka "Excel HFPicture Memory Corruption Vulnerability."
EIP-2026-115651 EXPLOITDB text SUSPICIOUS
Microsoft Excel 2002 - Memory Corruption
CVE-2010-2553 EXPLOITDB html WORKING POC
Windows XP SP2/SP3, Vista SP1/SP2, and Windows 7 - Remote Code Execution via Crafted Media File
The Cinepak codec in Microsoft Windows XP SP2 and SP3, Windows Vista SP1 and SP2, and Windows 7 does not properly decompress media files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Cinepak Codec Decompression Vulnerability."
CVE-2010-0480 EXPLOITDB python WORKING POC
Microsoft Windows MPEG Layer-3 Audio Codecs - Remote Code Execution via Crafted AVI File
Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a crafted AVI file, aka "MPEG Layer-3 Audio Decoder Stack Overflow Vulnerability."