Greg Linares

21 exploits Active since Sep 2006
CVE-2006-6199 EXPLOITDB c WORKING POC
BlazeVideo BlazeDVD Standard and Professional 5.0 - Stack-based Buffer Overflow via PLF Playlist Filename
Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist.
CVE-2006-6396 EXPLOITDB c WORKING POC
BlazeVideo HDTV Player <3.5 - Buffer Overflow
Stack-based buffer overflow in BlazeVideo HDTV Player 2.1, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist, a different product than CVE-2006-6199. NOTE: it was later reported that 3.5 is also affected.
CVE-2006-6251 EXPLOITDB ruby WORKING POC
VUPlayer < 2.44 - Remote Code Execution via Long M3U File String
Stack-based buffer overflow in VUPlayer 2.44 and earlier allows remote attackers to execute arbitrary code via a long string in an M3U file, aka an "M3U UNC Name" attack.
CVE-2006-5551 EXPLOITDB c WORKING POC
qk_smtp < 3.0.1 - Remote Code Execution via RCPT TO Command
Stack-based buffer overflow in QK SMTP 3.01 and earlier might allow remote attackers to execute arbitrary code via a long argument to the RCPT TO command.
CVE-2006-6124 EXPLOITDB text WRITEUP
SeleniumServer Web Server 1.0 - Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in SeleniumServer Web Server 1.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2006-5597 EXPLOITDB c WORKING POC
MiniHTTP Web Forum & File Server PowerPack 4.0 - RCE
join.asp in MiniHTTP Web Forum & File Server PowerPack 4.0 allows remote attackers to add or modify arbitrary user accounts via modified (1) frmMailBox and (2) frmUserPass parameters.
CVE-2006-4379 EXPLOITDB c WORKING POC
Ipswitch Collaboration Suite, IMail, IMail Plus, and IMail Secure - Stack-Based Buffer Overflow via SMTP Daemon
Stack-based buffer overflow in the SMTP Daemon in Ipswitch Collaboration 2006 Suite Premium and Standard Editions, IMail, IMail Plus, and IMail Secure allows remote attackers to execute arbitrary code via a long string located after an '@' character and before a ':' character.
CVE-2006-5715 EXPLOITDB c WORKING POC
Easy File Sharing (EFS) Easy Address Book 1.2 - Info Disclosure
Easy File Sharing (EFS) Easy Address Book 1.2, when run on an NTFS file system, allows remote attackers to read arbitrary files under the web root by appending "::$DATA" to the end of an HTTP GET request, which accesses the alternate data stream.
CVE-2006-5714 EXPLOITDB c WORKING POC
Easy File Sharing EFS Web Server 4.0 - Info Disclosure
Easy File Sharing (EFS) Web Server 4.0, when running on an NTFS file system, allows remote attackers to read arbitrary files under the web root by appending "::$DATA" to the end of a HTTP GET request, which accesses the alternate data stream.
EIP-2026-118388 EXPLOITDB text WORKING POC
Conxint FTP 2.2.603 - Multiple Directory Traversal Vulnerabilities
EIP-2026-118185 EXPLOITDB c WORKING POC
XMPlay 3.3.0.4 - '.PLS' Local Buffer Overflow
CVE-2006-6251 EXPLOITDB c WORKING POC
VUPlayer < 2.44 - Remote Code Execution via Long M3U File String
Stack-based buffer overflow in VUPlayer 2.44 and earlier allows remote attackers to execute arbitrary code via a long string in an M3U file, aka an "M3U UNC Name" attack.
CVE-2006-6063 EXPLOITDB c WORKING POC
XMPlay < 3.3.0.5 - Stack-Based Buffer Overflow via M3U File
Stack-based buffer overflow in Un4seen XMPlay 3.3.0.5 and earlier allows remote attackers to execute arbitrary code via a M3U file containing a long (1) FileName, and cause a crash via a long (2) DisplayName.
CVE-2006-6063 EXPLOITDB c WORKING POC
XMPlay < 3.3.0.5 - Stack-Based Buffer Overflow via M3U File
Stack-based buffer overflow in Un4seen XMPlay 3.3.0.5 and earlier allows remote attackers to execute arbitrary code via a M3U file containing a long (1) FileName, and cause a crash via a long (2) DisplayName.
CVE-2006-6287 EXPLOITDB c WORKING POC
AtomixMP3 < 2.3 - Stack-Based Buffer Overflow via Long M3U Pathname
Stack-based buffer overflow in AtomixMP3 2.3 and earlier allows remote attackers to execute arbitrary code via a long pathname in an M3U file.
CVE-2009-0450 EXPLOITDB c WORKING POC
BlazeVideo HDTV Player <3.5 - Buffer Overflow
Stack-based buffer overflow in BlazeVideo HDTV Player 3.5 and earlier allows remote attackers to execute arbitrary code via a long string in a playlist (aka .plf) file.
CVE-2008-5431 EXPLOITDB c WORKING POC
Teamtek Universal FTP Server 1.0.44 - DoS
Teamtek Universal FTP Server 1.0.44 allows remote attackers to cause a denial of service via (1) a certain CWD command, (2) a long LIST command, or (3) a certain PORT command.
CVE-2006-6250 EXPLOITDB c WORKING POC
Songbird Media Player < 0.2 - Denial of Service via M3U Playlist Extended ASCII Handling
Format string vulnerability in Songbird Media Player 0.2 and earlier allows remote attackers to cause a denial of service (crash) via an M3U Playlist file containing extended ASCII, which causes the Unicode converter to be invoked.
CVE-2006-5552 EXPLOITDB c WORKING POC
RevilloC MailServer <= 1.21 - Remote Code Execution via Long MAIL FROM or RCPT TO Argument
Multiple heap-based buffer overflows in RevilloC MailServer 1.21 and earlier allow remote attackers to cause a denial of service (CPU consumption or application crash) or execute arbitrary code via a long argument to the (1) MAIL FROM or (2) RCPT TO command.
CVE-2006-5551 EXPLOITDB c WORKING POC
qk_smtp < 3.0.1 - Remote Code Execution via RCPT TO Command
Stack-based buffer overflow in QK SMTP 3.01 and earlier might allow remote attackers to execute arbitrary code via a long argument to the RCPT TO command.
CVE-2006-6261 EXPLOITDB c WORKING POC
Quintessential Player < 4.50.1.82 - Buffer Overflow via Crafted M3U, M3U-8, or PLS File
Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a) NumberofEntries, (b) Length (aka Length1), (c) Filename (aka File1), (d) Title (aka Title1) field, or other unspecified fields.