Francis Provencher

111 exploits Active since Mar 2009
CVE-2015-3111 EXPLOITDB WRITEUP
Adobe Photoshop CC <16.0 - Buffer Overflow
Heap-based buffer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allows attackers to execute arbitrary code via unspecified vectors.
CVE-2015-0474 EXPLOITDB WRITEUP
Oracle Outside In Technology - DoS
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.1, 8.5.0, and 8.5.1 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-0493.
CVE-2011-5232 EXPLOITDB WRITEUP
(pending title)
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0025. Reason: This candidate is a duplicate of CVE-2012-0025. Notes: All CVE users should reference CVE-2012-0025 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2012-4914 METASPLOIT ruby WORKING POC
CoolPDF 3.0.2.256 - Buffer Overflow
Stack-based buffer overflow in the reader in CoolPDF 3.0.2.256 allows remote attackers to execute arbitrary code via a PDF document with a crafted stream.
CVE-2009-3838 EXPLOITDB text WORKING POC
Pmail Pegasus Mail - Memory Corruption
Stack-based buffer overflow in Pegasus Mail (PMail) 4.41 and possibly 4.51 allows remote POP3 servers to cause a denial of service (application crash) or possibly execute arbitrary code via a long error message.
CVE-2012-4914 EXPLOITDB ruby WORKING POC
CoolPDF 3.0.2.256 - Buffer Overflow
Stack-based buffer overflow in the reader in CoolPDF 3.0.2.256 allows remote attackers to execute arbitrary code via a PDF document with a crafted stream.
EIP-2026-118523 EXPLOITDB ruby WORKING POC
Eureka Email 2.2q - ERR Remote Buffer Overflow (Metasploit) (1)
EIP-2026-117816 EXPLOITDB text WRITEUP
QuickHeal AntiVirus 2010 - Local Privilege Escalation
CVE-2015-3632 EXPLOITDB text WRITEUP
Foxit Reader <7.1.5 - DoS
Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted GIF in a PDF file.
CVE-2012-0276 EXPLOITDB text WORKING POC
XnView <1.99 - Buffer Overflow
Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed TIFF image or (2) SGI32LogLum compressed TIFF image with the PhotometricInterpretation encoding set to LogL.
CVE-2012-0277 EXPLOITDB text WRITEUP
XnView <1.99 - Buffer Overflow
Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PCT image.
EIP-2026-116626 EXPLOITDB text WORKING POC
XnView FlashPix Image Processing - Heap Overflow
EIP-2026-116621 EXPLOITDB text WRITEUP
XnView - '.FlashPix' Image Processing Heap Overflow
EIP-2026-116580 EXPLOITDB text WRITEUP
WPS Office < 2016 - '.ppt' Heap Memory Corruption
EIP-2026-116579 EXPLOITDB text WRITEUP
WPS Office < 2016 - '.ppt' drawingContainer Memory Corruption
EIP-2026-116581 EXPLOITDB text WRITEUP
WPS Office < 2016 - '.xls' Heap Memory Corruption
EIP-2026-116608 EXPLOITDB text WORKING POC
XLPD 3.0 - Remote Denial of Service
EIP-2026-116620 EXPLOITDB text WRITEUP
XnView - '.ECW' Image Processing Heap Overflow
EIP-2026-116578 EXPLOITDB text WRITEUP
WPS Office < 2016 - '.doc' OneTableDocumentStream Memory Corruption
CVE-2012-0282 EXPLOITDB text WRITEUP
XnView <1.99 - Buffer Overflow
Heap-based buffer overflow in XnView before 1.99 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted ImageLeftPosition value in an ImageDescriptor structure in a GIF image.
EIP-2026-116489 EXPLOITDB text WRITEUP
VideoLAN VLC Media Player 2.2.1 - '.mp4' Heap Memory Corruption
CVE-2012-0276 EXPLOITDB text WRITEUP
XnView <1.99 - Buffer Overflow
Multiple heap-based buffer overflows in XnView before 1.99 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a (1) SGI32LogLum compressed TIFF image or (2) SGI32LogLum compressed TIFF image with the PhotometricInterpretation encoding set to LogL.
EIP-2026-116622 EXPLOITDB text WRITEUP
XnView - '.RAS' Image Processing Heap Overflow
CVE-2012-0271 EXPLOITDB text WORKING POC
Novell GroupWise <8.0.3-2012.SP1 - RCE
Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow, as demonstrated by a request with -1 in the Content-Length HTTP header.
CVE-2011-4189 EXPLOITDB text WORKING POC
Novell GroupWise <8.02HP3 - RCE
The client in Novell GroupWise 8.0x through 8.02HP3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via a long e-mail address in an Address Book (aka .NAB) file.