Damian Frizza

5 exploits Active since Jan 2008
CVE-2009-2533 EXPLOITDB text WORKING POC
RealNetworks Helix Server <13.0.0 - DoS
rmserver in RealNetworks Helix Server and Helix Mobile Server before 13.0.0 allows remote attackers to cause a denial of service (daemon exit) via multiple RTSP SET_PARAMETER requests with empty DataConvertBuffer headers.
CVE-2009-3840 EXPLOITDB text WORKING POC
HP OpenView Network Node Manager 7.51 and 7.53 - Denial of Service via Invalid Error Code Field
The embedded database engine service (aka ovdbrun.exe) in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to cause a denial of service (daemon crash) via an invalid Error Code field in a packet.
CVE-2010-3329 EXPLOITDB text WORKING POC
Microsoft Internet Explorer <8 - RCE
mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code via a crafted Microsoft Office document that causes the HtmlDlgHelper class destructor to access uninitialized memory, aka "Uninitialized Memory Corruption Vulnerability."
CVE-2009-2534 EXPLOITDB text WORKING POC
RealNetworks Helix Server <13.0.0 - DoS
RealNetworks Helix Server and Helix Mobile Server before 13.0.0 allow remote attackers to cause a denial of service (daemon crash) via an RTSP SETUP request that (1) specifies the / URI or (2) lacks a / character in the URI.
CVE-2008-0387 EXPLOITDB php WORKING POC
Firebird < 1.0.3, 1.5.x < 1.5.6, 2.0.x < 2.0.4, 2.1.x < 2.1.0 RC1 - Remote Code Execution via Crafted XDR Requests
Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, and (6) op_start_send_and_receive XDR requests, which triggers memory corruption.