Core Security Technologies

6 exploits Active since Nov 2001
CVE-2010-1929 EXPLOITDB text WORKING POC
Novell iManager <=2.7.3 FTF2 - Authenticated RCE via EnteredClassID/NewClassName
Multiple stack-based buffer overflows in the jclient._Java_novell_jclient_JClient_defineClass@20 function in jclient.dll in the Tomcat web server in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allow remote authenticated users to execute arbitrary code via the (1) EnteredClassID or (2) NewClassName parameter to nps/servlet/webacc.
CVE-2001-0550 EXPLOITDB text WORKING POC
wu-ftpd 2.6.1 - Remote Command Execution via Glob Function
wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).
CVE-2008-2006 EXPLOITDB WORKING POC
Apple iCal 3.0.1 - Denial of Service via Malformed .ics File
Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via a .ics file containing (1) a large 16-bit integer on a TRIGGER line, or (2) a large integer in a COUNT field on an RRULE line.
CVE-2010-1930 EXPLOITDB text WORKING POC
Novell iManager 2.7, 2.7.3, 2.7.3 FTF2 - Denial of Service via Long Tree Parameter
Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows remote attackers to cause a denial of service (daemon crash) via a long tree parameter in a login request to nps/servlet/webacc.
CVE-2008-1035 EXPLOITDB WORKING POC
Apple iCal 3.0.1 - Use-After-Free via Malformed CalDAV ATTACH Line
Use-after-free vulnerability in Apple iCal 3.0.1 on Mac OS X allows remote CalDAV servers, and user-assisted remote attackers, to trigger memory corruption or possibly execute arbitrary code via an "ATTACH;VALUE=URI:S=osumi" line in a .ics file, which triggers a "resource liberation" bug. NOTE: CVE-2008-2007 was originally used for this issue, but this is the appropriate identifier.
EIP-2026-103873 EXPLOITDB text WORKING POC
Blender 2.49b - '.blend' Remote Command Execution