Billy Rios

4 exploits Active since Aug 2007
CVE-2007-3845 EXPLOITDB text WORKING POC
Mozilla Firefox <2.0.0.6, Thunderbird <1.5.0.13 & 2.x <2.0.0.6, Sea...
Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x before 2.0.0.6, and SeaMonkey before 1.1.4 allow remote attackers to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the file extension at the end of the URI," a variant of CVE-2007-4041. NOTE: the vendor states that "it is still possible to launch a filetype handler based on extension rather than the registered protocol handler."
CVE-2007-3896 EXPLOITDB text WORKING POC
Microsoft Internet Explorer - Improper Input Validation
The URL handling in Shell32.dll in the Windows shell in Microsoft Windows XP and Server 2003, with Internet Explorer 7 installed, allows remote attackers to execute arbitrary programs via invalid "%" sequences in a mailto: or other URI handler, as demonstrated using mIRC, Outlook, Firefox, Adobe Reader, Skype, and other applications. NOTE: this issue might be related to other issues involving URL handlers in Windows systems, such as CVE-2007-3845. There also might be separate but closely related issues in the applications that are invoked by the handlers.
EIP-2026-118642 EXPLOITDB ruby WORKING POC
Honeywell Tema Remote Installer - ActiveX Remote Code Execution (Metasploit)
CVE-2009-0162 EXPLOITDB xml WORKING POC
Safari <3.2.3-4 Public Beta - XSS
Cross-site scripting (XSS) vulnerability in Safari before 3.2.3, and 4 Public Beta, on Apple Mac OS X 10.5 before 10.5.7 and Windows allows remote attackers to inject arbitrary web script or HTML via a crafted feed: URL.