Francis Provencher

111 exploits Active since Mar 2009
EIP-2026-115959 EXPLOITDB text WORKING POC
Novell Client for Windows 2000/XP - ActiveX Remote Denial of Service
CVE-2012-0271 EXPLOITDB text WORKING POC
Novell GroupWise <8.0.3-2012.SP1 - RCE
Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow, as demonstrated by a request with -1 in the Content-Length HTTP header.
EIP-2026-115962 EXPLOITDB html WORKING POC
Novell Groupwise Client 7.0.3.1294 - 'gxmim1.dll' ActiveX Control Buffer Overflow (PoC)
CVE-2015-0081 EXPLOITDB text WRITEUP
Windows Text Services - Remote Code Execution via Crafted Website or File
Windows Text Services (WTS) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "WTS Remote Code Execution Vulnerability."
CVE-2010-0816 EXPLOITDB text WORKING POC
Microsoft Outlook Express <6 SP1 - RCE
Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, 6, and 6 SP1; Windows Live Mail on Windows XP SP2 and SP3, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; and Windows Mail on Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote e-mail servers and man-in-the-middle attackers to execute arbitrary code via a crafted (1) POP3 or (2) IMAP response, as demonstrated by a certain +OK response on TCP port 110, aka "Outlook Express and Windows Mail Integer Overflow Vulnerability."
CVE-2015-3110 EXPLOITDB text WRITEUP
Adobe Photoshop CC < 16.0 and Bridge CC < 6.11 - Remote Code Execution
Integer overflow in Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allows attackers to execute arbitrary code via unspecified vectors.
EIP-2026-115931 EXPLOITDB python WORKING POC
Network Instrument Observer - SNMP SetRequest Denial of Service
CVE-2012-1769 EXPLOITDB text WRITEUP
Oracle Fusion Middleware 8.3.5 and 8.3.7 - Denial of Service in Outside In Filters
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-1766, CVE-2012-1767, CVE-2012-1770, CVE-2012-1771, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3107, CVE-2012-3108, and CVE-2012-3110.
CVE-2015-3112 EXPLOITDB text WRITEUP
Adobe Photoshop CC <16.0 - Memory Corruption
Adobe Photoshop CC before 16.0 (aka 2015.0.0) and Adobe Bridge CC before 6.11 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2015-4877 EXPLOITDB text WRITEUP
Oracle Fusion Middleware 8.5.0-8.5.2 - Denial of Service in Outside In Filters
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4878.
CVE-2015-4878 EXPLOITDB text WRITEUP
Oracle Fusion Middleware 8.5.0-8.5.2 - Denial of Service in Outside In Filters
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4877.
CVE-2012-1744 EXPLOITDB text WRITEUP
Oracle Outside In Tech <8.3.5,8.3.7 - DoS
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent users to affect availability via unknown vectors related to Outside In Filters.
CVE-2015-0493 EXPLOITDB text WRITEUP
Oracle Outside In Technology - Unspecified Vuln
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.4.1, 8.5.0, and 8.5.1 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-0474.
CVE-2009-3863 EXPLOITDB text WORKING POC
Novell Groupwise Client 7.0.3.1294 - Buffer Overflow
Buffer overflow in the gxmim1.dll ActiveX control in Novell Groupwise Client 7.0.3.1294 allows remote attackers to cause a denial of service (application crash) via a long argument to the SetFontFace method.
EIP-2026-115963 EXPLOITDB text WORKING POC
Novell Groupwise Internet Agent - LDAP BIND Request Overflow
CVE-2010-4323 EXPLOITDB perl WORKING POC
Novell ZENworks Configuration Manager < 11.0 - Remote Code Execution via Long TFTP Request
Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks Configuration Manager (ZCM) 10.3.1, 10.3.2, and 11.0, and earlier versions, allows remote attackers to execute arbitrary code via a long TFTP request.
EIP-2026-116034 EXPLOITDB text WRITEUP
Paintshop Pro X7 - '.gif' Conversion Heap Memory Corruption 'LZWMinimumCodeSize' (Denial of Service)
EIP-2026-115941 EXPLOITDB text WRITEUP
Nitro Pro 10.5.7.32 / Nitro Reader 5.5.3.1 - Heap Memory Corruption
CVE-2012-1770 EXPLOITDB text WRITEUP
Oracle Fusion Middleware 8.3.5 and 8.3.7 - Denial of Service in Outside In Filters
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.3.5 and 8.3.7 allows context-dependent attackers to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2012-1766, CVE-2012-1767, CVE-2012-1769, CVE-2012-1771, CVE-2012-1772, CVE-2012-1773, CVE-2012-3106, CVE-2012-3107, CVE-2012-3108, and CVE-2012-3110.
CVE-2012-0278 EXPLOITDB text WRITEUP
IrfanView <4.3.4.0 - Buffer Overflow
Heap-based buffer overflow in the FlashPix PlugIn before 4.3.4.0 for IrfanView might allow remote attackers to execute arbitrary code via a .fpx file containing a crafted FlashPix image that is not properly handled during decompression.
EIP-2026-115469 EXPLOITDB text WRITEUP
IrfanView 4.33 - Format PlugIn ECW Decompression Heap Overflow
CVE-2011-1206 EXPLOITDB text WORKING POC
IBM Tivoli Directory Server 5.2-6.3 - Remote Code Execution via Crafted LDAP Request
Stack-based buffer overflow in the server process in ibmslapd.exe in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010, 6.0 before 6.0.0.67 (aka 6.0.0.8-TIV-ITDS-IF0009), 6.1 before 6.1.0.40 (aka 6.1.0.5-TIV-ITDS-IF0003), 6.2 before 6.2.0.16 (aka 6.2.0.3-TIV-ITDS-IF0002), and 6.3 before 6.3.0.3 (aka 6.3.0.0-TIV-ITDS-IF0003) allows remote attackers to execute arbitrary code via a crafted LDAP request. NOTE: some of these details are obtained from third party information.
EIP-2026-115468 EXPLOITDB text SUSPICIOUS
IrfanView 4.33 - Format PlugIn '.TTF' File Parsing Stack Overflow
CVE-2012-0025 EXPLOITDB text WRITEUP
FlashPix PlugIn 4.2.2.0 for IrfanView - Denial of Service via Crafted FPX Image
Double free vulnerability in the Free_All_Memory function in jpeg/dectile.c in libfpx before 1.3.1-1, as used in the FlashPix PlugIn 4.2.2.0 for IrfanView, allows remote attackers to cause a denial of service (crash) via a crafted FPX image.
CVE-2009-5022 EXPLOITDB text WORKING POC
libtiff < 3.9.5 - Heap-based Buffer Overflow in OJPEG Decoder
Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrary code via a crafted TIFF file.