Alfredo Ortega

9 exploits Active since Mar 2007
CVE-2008-5660 EXPLOITDB text WORKING POC
Vinagre 0.5.x-0.5.1 and 2.x-2.24.1 - Remote Code Execution via Format String in URI or VNC Response
Format string vulnerability in the vinagre_utils_show_error function (src/vinagre-utils.c) in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response.
CVE-2009-0323 EXPLOITDB text WRITEUP
W3C Amaya < 11.0 - Remote Code Execution via Long Input Tag Type Parameter
Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 allow remote attackers to execute arbitrary code via (1) a long type parameter in an input tag, which is not properly handled by the EndOfXmlAttributeValue function; (2) an "HTML GI" in a start tag, which is not properly handled by the ProcessStartGI function; and unspecified vectors in (3) html2thot.c and (4) xml2thot.c, related to the msgBuffer variable. NOTE: these are different vectors than CVE-2008-6005.
CVE-2007-1365 EXPLOITDB python WORKING POC
OpenBSD 3.9-4.0 - Remote Code Execution via IPv6 Fragmented Packet Handling
Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to "incorrect mbuf handling for ICMP6 packets." NOTE: this was originally reported as a denial of service.
CVE-2008-2542 EXPLOITDB python WORKING POC
NASA Ames Research Center BigView 1.8 - Stack-Based Buffer Overflow via Crafted PNM File
Stack-based buffer overflow in the getline function in Ppm/ppm.C in NASA Ames Research Center BigView 1.8 allows user-assisted remote attackers to execute arbitrary code via a crafted PNM file.
CVE-2008-1136 EXPLOITDB python WORKING POC
SynCE vdccm 0.92-0.10.0 - Remote Code Execution via TCP Port 5679
The Utils::runScripts function in src/utils.cpp in vdccm 0.92 through 0.10.0 in SynCE (SynCE-dccm) allows remote attackers to execute arbitrary commands via shell metacharacters in a certain string to TCP port 5679.
CVE-2008-2382 EXPLOITDB python WORKING POC
QEMU < 0.9.1 and KVM < 79 - Denial of Service via VNC Protocol Message
The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message.
EIP-2026-100693 EXPLOITDB python WORKING POC
OpenBSD - ICMPv6 Fragment Remote Execution
CVE-2008-0986 EXPLOITDB html WORKING POC
Google Android SDK m3-rc37a and earlier, m5-rc14 - Remote Code Execution via BMP Header Integer Overflow
Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3-rc37a and earlier, and m5-rc14, allows remote attackers to execute arbitrary code via a crafted BMP file with a header containing a negative offset field.
CVE-2008-0985 EXPLOITDB python WORKING POC
Google Android SDK - Heap-Based Buffer Overflow via Crafted GIF File
Heap-based buffer overflow in the GIF library in the WebKit framework for Google Android SDK m3-rc37a and earlier allows remote attackers to execute arbitrary code via a crafted GIF file whose logical screen height and width are different than the actual height and width.