Joseph Sheridan

9 exploits Active since Jul 2012
CVE-2012-2763 METASPLOIT ruby WORKING POC
GIMP <2.6.12-2.6.13 - RCE
Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long string in a command to the script-fu server.
CVE-2012-2763 EXPLOITDB ruby WORKING POC
GIMP <2.6.12-2.6.13 - RCE
Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long string in a command to the script-fu server.
CVE-2012-4988 EXPLOITDB text WRITEUP
XnView <1.99.1 - Buffer Overflow
Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image file.
CVE-2012-2763 EXPLOITDB c WORKING POC
GIMP <2.6.12-2.6.13 - RCE
Buffer overflow in the readstr_upto function in plug-ins/script-fu/tinyscheme/scheme.c in GIMP 2.6.12 and earlier, and possibly 2.6.13, allows remote attackers to execute arbitrary code via a long string in a command to the script-fu server.
CVE-2012-3585 EXPLOITDB text WRITEUP
Irfanview Plugins < 4.33 - Memory Corruption
Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin in the formats plugins in IrfanView PlugIns before 4.34 allows remote attackers to execute arbitrary code via a crafted JLS file.
CVE-2013-2594 EXPLOITDB text WRITEUP
Hornbill Supportworks ITSM <3.4.14 - SQL Injection
SQL injection vulnerability in reports/calldiary.php in Hornbill Supportworks ITSM 1.0.0 through 3.4.14 allows remote attackers to execute arbitrary SQL commands via the callref parameter.
CVE-2012-4240 EXPLOITDB text WRITEUP
Group-office Groupoffice < 4.0.89 - SQL Injection
SQL injection vulnerability in modules/calendar/json.php in Group-Office community before 4.0.90 allows remote authenticated users to execute arbitrary SQL commands via the sort parameter.
CVE-2012-4982 EXPLOITDB text WRITEUP
Forescout CounterACT <7.0 - Open Redirect
Open redirect vulnerability in assets/login on the Forescout CounterACT NAC device before 7.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the a parameter.
CVE-2012-3236 EXPLOITDB text WRITEUP
GIMP <2.8.1 - DoS
fits-io.c in GIMP before 2.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed XTENSION header of a .fit file, as demonstrated using a long string.