Code Audit Labs

7 exploits Active since Aug 2007
CVE-2007-4145 EXPLOITDB html WORKING POC
BlueSkychat V2.V2Ctrl.1 <8.1.2.0 - Buffer Overflow
Heap-based buffer overflow in the BlueSkychat (BlueSkyCat) ActiveX control (V2.V2Ctrl.1) in v2.ocx 8.1.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the second argument to the ConnecttoServer method.
CVE-2009-1511 EXPLOITDB perl WORKING POC
Windows XP SP3 - Denial of Service via PNG btChunkLen Value
GDI+ in Microsoft Windows XP SP3 allows remote attackers to cause a denial of service (infinite loop) via a PNG file that contains a certain large btChunkLen value.
EIP-2026-115736 EXPLOITDB perl WORKING POC
Microsoft Media Player - 'quartz.dll .mid' Denial of Service
EIP-2026-115737 EXPLOITDB perl WORKING POC
Microsoft Media Player - 'quartz.dll .wav' Multiple Remote Denial of Service Vulnerabilities
CVE-2007-4939 EXPLOITDB text WRITEUP
Media Player Classic < 6.4.9.0 - Heap-Based Buffer Overflow via AVI File Indx Chunk
Heap-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with an "indx truck size" of 0xffffffff, and certain wLongsPerEntry and nEntriesInuse values.
CVE-2007-4938 EXPLOITDB text WORKING POC
MPlayer - Heap-based Buffer Overflow via AVI File Indx Truck Size
Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value.
CVE-2007-4941 EXPLOITDB text WORKING POC
KMPlayer < 2.9.3.1210 - Denial of Service via Malformed AVI File
KMPlayer 2.9.3.1210 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a .avi file with certain large "indx truck size" and nEntriesInuse values.