Berend-Jan Wever

23 exploits Active since Oct 2002
CVE-2005-1988 EXPLOITDB html WORKING POC
Internet Explorer <6.0 - RCE
Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to execute arbitrary code via a web site or an HTML e-mail containing a crafted JPEG image that causes memory corruption, aka "JPEG Image Rendering Memory Corruption Vulnerability".
CVE-2005-1989 EXPLOITDB html WORKING POC
Internet Explorer <6.0 - Info Disclosure
Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to obtain information and possibly execute code when browsing from a web site to a web folder view using WebDAV, aka "Web Folder Behaviors Cross-Domain Vulnerability".
CVE-2023-52173 WRITEUP CRITICAL WRITEUP
Xnview Classic < 2.51.3 - Out-of-Bounds Write
XnView Classic before 2.51.3 on Windows has a Write Access Violation at xnview.exe+0x3ADBD0.
CVSS 9.8
CVE-2005-2871 EXPLOITDB html WORKING POC
Mozilla Firefox <1.0.6 - Buffer Overflow
Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec.
CVE-2005-1990 EXPLOITDB html WORKING POC
Microsoft IE - Denial of Service
Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, including (1) devenum.dll, (2) diactfrm.dll, (3) wmm2filt.dll, (4) fsusd.dll, (5) dmdskmgr.dll, (6) browsewm.dll, (7) browseui.dll, (8) shell32.dll, (9) mshtml.dll, (10) inetcfg.dll, (11) infosoft.dll, (12) query.dll, (13) syncui.dll, (14) clbcatex.dll, (15) clbcatq.dll, (16) comsvcs.dll, and (17) msconf.dll, which causes memory corruption, aka "COM Object Instantiation Memory Corruption Vulnerability," a different vulnerability than CVE-2005-2087.
CVE-2005-0416 EXPLOITDB c++ WORKING POC
Microsoft Windows NT - Buffer Overflow
The Windows Animated Cursor (ANI) capability in Windows NT, Windows 2000 through SP4, Windows XP through SP1, and Windows 2003 allows remote attackers to execute arbitrary code via the AnimationHeaderBlock length field, which leads to a stack-based buffer overflow.
EIP-2026-118799 EXPLOITDB html WORKING POC
Microsoft Internet Explorer - '.ANI' Remote Stack Overflow (MS05-002) (2)
CVE-2005-2087 EXPLOITDB html WORKING POC
Microsoft IE - Resource Management Error
Internet Explorer 5.01 SP4 up to 6 on various Windows operating systems, including IE 6.0.2900.2180 on Windows XP, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not ActiveX controls, as demonstrated using the JVIEW Profiler (Javaprxy.dll). NOTE: the researcher says that the vendor could not reproduce this problem.
EIP-2026-118804 EXPLOITDB html WORKING POC
Microsoft Internet Explorer - DHTML Object Memory Corruption
CVE-2005-0553 EXPLOITDB text WRITEUP
Microsoft Internet Explorer <6 - Code Injection
Race condition in the memory management routines in the DHTML object processor in Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail, aka "DHTML Object Memory Corruption Vulnerability".
CVE-2004-0842 EXPLOITDB text WORKING POC
Internet Explorer <6.0 SP1 - Memory Corruption
Internet Explorer 6.0 SP1 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (application crash from "memory corruption") via certain malformed Cascading Style Sheet (CSS) elements that trigger heap-based buffer overflows, as demonstrated using the "<STYLE>@;/*" string, possibly due to a missing comment terminator that may cause an invalid length to trigger a large memory copy operation, aka the "CSS Heap Memory Corruption Vulnerability."
CVE-2004-1050 EXPLOITDB html WORKING POC
Avaya Ip600 Media Servers - Buffer Overflow
Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability."
CVE-2006-0187 EXPLOITDB perl WORKING POC
Microsoft Visual Studio 2005 - RCE
By design, Microsoft Visual Studio 2005 automatically executes code in the Load event of a user-defined control (UserControl1_Load function), which allows user-assisted attackers to execute arbitrary code by tricking the user into opening a malicious Visual Studio project file.
CVE-2005-2127 EXPLOITDB perl WORKING POC
ATI Catalyst Driver - Memory Corruption
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, as originally demonstrated using the (1) DDS Library Shape Control (Msdds.dll) COM object, and other objects including (2) Blnmgrps.dll, (3) Ciodm.dll, (4) Comsvcs.dll, (5) Danim.dll, (6) Htmlmarq.ocx, (7) Mdt2dd.dll (as demonstrated using a heap corruption attack with uninitialized memory), (8) Mdt2qd.dll, (9) Mpg4ds32.ax, (10) Msadds32.ax, (11) Msb1esen.dll, (12) Msb1fren.dll, (13) Msb1geen.dll, (14) Msdtctm.dll, (15) Mshtml.dll, (16) Msoeacct.dll, (17) Msosvfbr.dll, (18) Mswcrun.dll, (19) Netshell.dll, (20) Ole2disp.dll, (21) Outllib.dll, (22) Psisdecd.dll, (23) Qdvd.dll, (24) Repodbc.dll, (25) Shdocvw.dll, (26) Shell32.dll, (27) Soa.dll, (28) Srchui.dll, (29) Stobject.dll, (30) Vdt70.dll, (31) Vmhelper.dll, and (32) Wbemads.dll, aka a variant of the "COM Object Instantiation Memory Corruption vulnerability."
EIP-2026-115859 EXPLOITDB html WORKING POC
Mozilla Firefox 0.8/0.9/0.10 - Infinite Array Sort Denial of Service
EIP-2026-115691 EXPLOITDB text WORKING POC
Microsoft Internet Explorer 5/6 - Recursive JavaScript Event Denial of Service
EIP-2026-115703 EXPLOITDB text WORKING POC
Microsoft Internet Explorer 6 - JavaScript Null Pointer Exception Denial of Service
EIP-2026-115702 EXPLOITDB html WORKING POC
Microsoft Internet Explorer 6 - Infinite Array Sort Denial of Service
EIP-2026-106159 EXPLOITDB text WRITEUP
Coppermine Photo Gallery 1.0 - PHP Code Injection
EIP-2026-104568 EXPLOITDB html WORKING POC
Apple Safari Web Browser 1.x - Infinite Array Sort Denial of Service
EIP-2026-103595 EXPLOITDB html WORKING POC
Netscape Navigator 7.2 - Infinite Array Sort Denial of Service
EIP-2026-103556 EXPLOITDB html WORKING POC
Mozilla Camino Web Browser 0.7/0.8 - Infinite Array Sort Denial of Service
CVE-2002-1007 EXPLOITDB text WORKING POC
Blackboard - XSS
Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web script via (1) the course_id parameter in a link to login.pl, (2) the CTID parameter in ProcessInfo.cgi, or (3) the Message parameter in index.cgi.