Luigi Auriemma

568 exploits Active since Feb 2002
CVE-2004-1542 EXPLOITDB c WORKING POC
Raven Software Soldier OF Fortune - Buffer Overflow
Buffer overflow in Soldier of Fortune II 1.03 Gold and earlier allows remote attackers to cause a denial of service (server or client crash) via a long (1) query or (2) reply.
CVE-2008-1365 EXPLOITDB text WRITEUP
Trend Micro Officescan Corporate Edition - Memory Corruption
Stack-based buffer overflow in Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long encrypted password, which triggers the overflow in (1) cgiChkMasterPwd.exe, (2) policyserver.exe as reachable through cgiABLogon.exe, and other vectors.
CVE-2011-0517 EXPLOITDB text WORKING POC
Sielcosistemi Winlog Pro < 2.07.00 - Memory Corruption
Stack-based buffer overflow in Sielco Sistemi Winlog Pro 2.07.00 and earlier, when Run TCP/IP server is enabled, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted 0x02 opcode to TCP port 46823.
CVE-2004-0345 EXPLOITDB c WORKING POC
Red Faction client <1.20 - RCE
Buffer overflow in Red Faction client 1.20 and earlier allows remote servers to execute arbitrary code via a long server name.
CVE-2008-1054 EXPLOITDB text WRITEUP
Netwin Surgemail - Memory Corruption
Stack-based buffer overflow in the _lib_spawn_user_getpid function in (1) swatch.exe and (2) surgemail.exe in NetWin SurgeMail 38k4 and earlier, and beta 39a, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via an HTTP request with multiple long headers to webmail.exe and unspecified other CGI executables, which triggers an overflow when assigning values to environment variables. NOTE: some of these details are obtained from third party information.
CVE-2012-4357 EXPLOITDB text WRITEUP
Sielcosistemi Winlog Pro < 2.07.16 - Improper Input Validation
Array index error in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 might allow remote attackers to execute arbitrary code by referencing, within a port-46824 TCP packet, an invalid file-pointer index that leads to execution of an EnterCriticalSection code block.
CVE-2005-0568 EXPLOITDB c WORKING POC
Raven Software Soldier OF Fortune 2 - Denial of Service
Soldier of Fortune II 1.03 gold allows remote attackers to cause a denial of service (application crash) via a large cl_guid value, which results in an invalid pointer dereference.
EIP-2026-116462 EXPLOITDB text WRITEUP
Unreal Tournament 3 2.1 - 'STEAMBLOB' Remote Denial of Service
CVE-2005-3488 EXPLOITDB c WORKING POC
Scorched 3D - Denial of Service
Scorched 3D 39.1 (bf) and earlier allows remote attackers to cause a denial of service (long loop and server hang) via a negative numplayers value that bypasses a signed check in ServerConnectHandler.cpp.
CVE-2006-2012 EXPLOITDB text WRITEUP
Skulltag < 0.96f - Denial of Service
Format string vulnerability in Skulltag 0.96f and earlier allows remote attackers to cause a denial of service via the version string.
EIP-2026-116414 EXPLOITDB text SUSPICIOUS
ToCA Race Driver - Multiple Remote Denial of Service Vulnerabilities
CVE-2008-1690 EXPLOITDB text WRITEUP
WebContainer.exe <1.0.0.336 - DoS
WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a long URI in HTTP requests to TCP port 801. NOTE: some of these details are obtained from third party information.
CVE-2010-4371 EXPLOITDB text WRITEUP
Nullsoft Winamp < 5.581 - Memory Corruption
Buffer overflow in the in_mod plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to the comment box.
EIP-2026-116090 EXPLOITDB text WRITEUP
PowerNet Twin Client 8.9 - 'RFSync 1.0.0.1' Crash (PoC)
EIP-2026-116122 EXPLOITDB text WRITEUP
Qt 4.6.3 - Remote Denial of Service
CVE-2012-3797 EXPLOITDB text WRITEUP
Pro-face Pro-server EX < 1.30.000 - Memory Corruption
Pro-face WinGP PC Runtime 3.1.00 and earlier, and ProServr.exe in Pro-face Pro-Server EX 1.30.000 and earlier, does not properly check packet sizes before reusing packet memory buffers, which allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a short crafted packet with a certain opcode.
EIP-2026-115766 EXPLOITDB text WORKING POC
Microsoft Reader 2.1.1.3143 - Integer Overflow (2)
CVE-2005-0330 EXPLOITDB c WORKING POC
People CAN FLY Painkiller - Buffer Overflow
Buffer overflow in Painkiller 1.35 and earlier, and possibly other versions before 1.61, allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a long cd-key hash.
CVE-2004-1745 EXPLOITDB c WORKING POC
People CAN FLY Painkiller - Buffer Overflow
Buffer overflow in Painkiller 1.3.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long password.
EIP-2026-115763 EXPLOITDB text WORKING POC
Microsoft Reader 2.1.1.3143 - Array Overflow
EIP-2026-116118 EXPLOITDB text WORKING POC
QNX phrelay/phindows/phditto - Multiple Vulnerabilities
EIP-2026-115966 EXPLOITDB text WRITEUP
Novell Groupwise Messenger Client 2.1.0 - Unicode Stack Overflow
CVE-2003-0765 EXPLOITDB text WRITEUP
Winamp <2.91 - RCE
The IN_MIDI.DLL plugin 3.01 and earlier, as used in Winamp 2.91, allows remote attackers to execute arbitrary code via a MIDI file with a large "Track data size" value.
CVE-2007-1251 EXPLOITDB text WRITEUP
Netrek Vanilla Server 2.12.0 - RCE
Format string vulnerability in the new_warning function in ntserv/warning.c for Netrek Vanilla Server 2.12.0, when EVENTLOG is enabled, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in the message handling.
CVE-2004-2099 EXPLOITDB c WORKING POC
Need for Speed Hot Pursuit 2.0 <242 - Buffer Overflow
Buffer overflow in Need for Speed Hot Pursuit 2.0 client (NFSHP2), version 242 and earlier, allows remote attackers (servers) to execute arbitrary code via long (1) gamename, (2) gamever, (3) hostname, (4) gametype, (5) mapname or (6) gamemode commands.