Jeremy Brown

75 exploits Active since Mar 2008
EIP-2026-118368 EXPLOITDB python WORKING POC
ClearSCADA - Remote Authentication Bypass
CVE-2011-1220 EXPLOITDB ruby WORKING POC
IBM Tivoli Management Framework - Memory Corruption
Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 allows remote authenticated users to execute arbitrary code via a long opts field.
EIP-2026-118669 EXPLOITDB python WORKING POC
IBM Tivoli Endpoint 4.1.1 - Remote SYSTEM
CVE-2011-5227 EXPLOITDB ruby WORKING POC
Enterasys Netsight < 4.1.0.79 - Memory Corruption
Stack-based buffer overflow in the Syslog service (nssyslogd.exe) in Enterasys Network Management Suite (NMS) before 4.1.0.80 allows remote attackers to execute arbitrary code via a long PRIO field in a message to UDP port 514.
EIP-2026-117634 EXPLOITDB text WORKING POC
Mozilla Firefox 3.5.3 - Local Download Manager Temp File Creation
CVE-2014-7872 EXPLOITDB text WRITEUP
Comodo Geekbuddy < 4.18.120 - Access Control
Comodo GeekBuddy before 4.18.121 does not restrict access to the VNC server, which allows local users to gain privileges by connecting to the server.
CVE-2009-1586 EXPLOITDB perl WORKING POC
Shemes Grabit < 1.7.2 - Memory Corruption
Stack-based buffer overflow in the NZB importer feature in GrabIt 1.7.2 Beta 3 and earlier allows remote attackers to execute arbitrary code via a crafted DTD reference in a DOCTYPE element in an NZB file.
EIP-2026-117228 EXPLOITDB ruby WORKING POC
gAlan 0.2.1 - Universal Buffer Overflow (Metasploit)
CVE-2010-4740 EXPLOITDB python WORKING POC
SCADA Engine BACnet OPC Client <1.0.25 - Buffer Overflow
Stack-based buffer overflow in WTclient.dll in SCADA Engine BACnet OPC Client before 1.0.25 allows user-assisted remote attackers to execute arbitrary code via a crafted .csv file, related to a status log message.
EIP-2026-116993 EXPLOITDB perl WORKING POC
CoolPlayer 2.19 - 'PlaylistSkin' Local Buffer Overflow
EIP-2026-116873 EXPLOITDB ruby WORKING POC
BACnet OPC Client - Local Buffer Overflow (Metasploit) (2)
EIP-2026-116631 EXPLOITDB html WORKING POC
Yahoo Messenger 8.1 - ActiveX Remote Denial of Service
CVE-2008-6175 EXPLOITDB perl WORKING POC
K2sxs Silvershield - Improper Input Validation
SilverSHielD 1.0.2.34 allows remote attackers to cause a denial of service (application crash) via a crafted argument to the opendir SFTP command.
CVE-2009-2564 EXPLOITDB text WORKING POC
NOS Microsystems getPlus Download Manager - Privilege Escalation
NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: within Adobe Reader, the scope of this issue is limited because the program is deleted and the associated service is not automatically launched after a successful installation and reboot.
EIP-2026-115785 EXPLOITDB python WORKING POC
Microsoft Windows 10 (x86/x64) - WLAN AutoConfig Denial of Service (PoC)
CVE-2008-1311 EXPLOITDB perl WORKING POC
PacketTrap pt360 Tool Suite PRO <2.0.3901.0 - DoS
The TFTP server in PacketTrap pt360 Tool Suite PRO 2.0.3901.0 and earlier allows remote attackers to cause a denial of service (daemon hang) by uploading a file named (1) '|' (pipe), (2) '"' (quotation mark), or (3) "<>" (less than, greater than); or (4) a file with a long name. NOTE: the issue for vector 4 might exist because of an incomplete fix for CVE-2008-1312.
CVE-2011-0489 EXPLOITDB python WORKING POC
Objectivity/db - Authentication Bypass
The server components in Objectivity/DB 10.0 do not require authentication for administrative commands, which allows remote attackers to modify data, obtain sensitive information, or cause a denial of service by sending requests over TCP to (1) the Lock Server or (2) the Advanced Multithreaded Server, as demonstrated by commands that are ordinarily sent by the (a) ookillls and (b) oostopams applications. NOTE: some of these details are obtained from third party information.
EIP-2026-115967 EXPLOITDB perl WORKING POC
Novell Netware 6.5 - 'ICEbrowser' Remote System Denial of Service
EIP-2026-115929 EXPLOITDB text WRITEUP
netsurf Web browser 1.2 - Multiple Vulnerabilities
CVE-2009-2953 EXPLOITDB perl WORKING POC
Mozilla Firefox - Resource Management Error
Mozilla Firefox 3.0.6 through 3.0.13, and 3.5.x, allows remote attackers to cause a denial of service (CPU consumption) via JavaScript code with a long string value for the hash property (aka location.hash), a related issue to CVE-2008-5715.
CVE-2008-5232 EXPLOITDB html WORKING POC
Microsoft Windows Media Services <4.1.00.3917 - RCE
Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary code via a long argument. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-4775 EXPLOITDB perl WORKING POC
Ipswitch WS_FTP Pro <12.2 - DoS
Format string vulnerability in Ipswitch WS_FTP Professional 12 before 12.2 allows remote attackers to cause a denial of service (crash) via format string specifiers in the status code portion of an HTTP response.
EIP-2026-115427 EXPLOITDB python WORKING POC
IGSS 8 ODBC Server - Multiple Remote Uninitialized Pointer Free Denial of Service Vulnerabilities
CVE-2008-4071 EXPLOITDB html WORKING POC
Adobe Acrobat - Improper Input Validation
A certain ActiveX control in Adobe Acrobat 9, when used with Microsoft Windows Vista and Internet Explorer 7, allows remote attackers to cause a denial of service (browser crash) via an src property value with an invalid acroie:// URL.
CVE-2008-4762 EXPLOITDB perl WORKING POC
Freesshd - Memory Corruption
Stack-based buffer overflow in freeSSHd 1.2.1 allows remote authenticated users to cause a denial of service (service crash) and potentially execute arbitrary code via a long argument to the (1) rename and (2) realpath parameters.