Luigi Auriemma

568 exploits Active since Feb 2002
CVE-2005-3492 EXPLOITDB c WORKING POC
Johannes F. Kuhlmann Flatfrag - Denial of Service
FlatFrag 0.3 and earlier allows remote attackers to cause a denial of service (crash) by sending an NT_CONN_OK command from a client that is not connected, which triggers a null dereference.
EIP-2026-115253 EXPLOITDB c WORKING POC
Flash Messaging 5.2.0g - Remote Denial of Service
EIP-2026-115226 EXPLOITDB text WRITEUP
EViews 7.0.0.1 (aka 7.2) - Multiple Vulnerabilities
CVE-2011-3494 EXPLOITDB text WRITEUP
eSignal <10.6.2425 - RCE/DoS
WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long StyleTemplate element in a QUO, SUM or POR file, which triggers a stack-based buffer overflow, or (2) a long Font->FaceName field (aka FaceName element), which triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information.
CVE-2011-3488 EXPLOITDB text WRITEUP
Equis MetaStock <11 - RCE
Use-after-free vulnerability in Equis MetaStock 11 and earlier allows remote attackers to execute arbitrary code via a malformed (1) mwc chart, (2) mws chart, (3) mwt template, or (4) mwl layout.
EIP-2026-115221 EXPLOITDB text WRITEUP
Epson EventManager 2.50 - Denial of Service
CVE-2006-2393 EXPLOITDB text STUB
Empire Server - Denial of Service
The client_cmd function in Empire 4.3.2 and earlier allows remote attackers to cause a denial of service (application crash) by causing long text strings to be appended to the player->client buffer, which causes an invalid memory access.
CVE-2006-3668 EXPLOITDB c WORKING POC
Dynamic Universal Music Bibliotheque Dumb < 0.9.3 - Memory Corruption
Heap-based buffer overflow in the it_read_envelope function in Dynamic Universal Music Bibliotheque (DUMB) 0.9.3 and earlier and current CVS as of 20060716, including libdumb, allows user-assisted attackers to execute arbitrary code via a ".it" (Impulse Tracker) file with an envelope with a large number of nodes.
EIP-2026-115145 EXPLOITDB c WORKING POC
Digital Reality Game Engine 1.0.x - Remote Denial of Service
CVE-2010-4142 EXPLOITDB text WORKING POC
Realflex Realwin - Memory Corruption
Multiple stack-based buffer overflows in DATAC RealWin 2.0 Build 6.1.8.10 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) SCPC_INITIALIZE, (2) SCPC_INITIALIZE_RF, or (3) SCPC_TXTEVENT packet. NOTE: it was later reported that 1.06 is also affected by one of these requests.
CVE-2011-1564 EXPLOITDB text WORKING POC
DATAC RealFlex RealWin <2.1 Build 6.1.10.10 - RCE
Multiple integer overflows in the HMI application in DATAC RealFlex RealWin 2.1 (Build 6.1.10.10) and earlier allow remote attackers to execute arbitrary code via crafted (1) On_FC_MISC_FCS_MSGBROADCAST and (2) On_FC_MISC_FCS_MSGSEND packets, which trigger a heap-based buffer overflow.
CVE-2011-3492 EXPLOITDB text WORKING POC
Azeotech DAQFactory <5.85.1853 - Buffer Overflow
Stack-based buffer overflow in Azeotech DAQFactory 5.85 build 1853 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted NETB packet to UDP port 20034.
CVE-2006-1101 EXPLOITDB c WORKING POC
Sauerbraten Cube - Denial of Service
The (1) sgetstr and (2) getint functions in Sauerbraten 2006_02_28, as derived from the Cube engine, allow remote attackers to cause a denial of service (segmentation fault) via long streams of input data that trigger an out-of-bounds read, as demonstrated using SV_EXT tag data in the Cube engine, which is not properly handled by getint.
EIP-2026-115112 EXPLOITDB c WORKING POC
csDoom 0.7 - Multiple Vulnerabilities/Denial of Service
CVE-2006-1010 EXPLOITDB c WORKING POC
Crossfire - Buffer Overflow
Buffer overflow in socket/request.c in CrossFire before 1.9.0, when oldsocketmode is enabled, allows remote attackers to cause a denial of service (segmentation fault) and possibly execute code by sending the server a large request.
EIP-2026-115074 EXPLOITDB text SUSPICIOUS
Computer Associates eTrust Secure Content Manager 8.0 - 'eCSqdmn' Remote Denial of Service
CVE-2008-1979 EXPLOITDB text WRITEUP
CA ARCserve Backup <12.0.5454.0 - DoS
The Discovery Service (casdscvc) in CA ARCserve Backup 12.0.5454.0 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large integer value used in an increment to TCP port 41523, which triggers a buffer over-read.
CVE-2011-3493 EXPLOITDB text WORKING POC
Cogent DataHub <7.1.1.63 - Buffer Overflow
Multiple stack-based buffer overflows in the DH_OneSecondTick function in Cogent DataHub 7.1.1.63 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) domain, (2) report_domain, (3) register_datahub, or (4) slave commands.
CVE-2011-3501 EXPLOITDB text WORKING POC
Cogent DataHub <7.1.1.63 - DoS
Integer overflow in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to cause a denial of service (crash) via a negative or large Content-Length value.
EIP-2026-115063 EXPLOITDB c WORKING POC
Codename Eagle 1.42 - Socket Unreacheable Denial of Service
EIP-2026-115050 EXPLOITDB text SUSPICIOUS
Chrome Engine 4 - Denial of Service
CVE-2005-2639 EXPLOITDB c WORKING POC
Chris Moneymaker's World Poker Championship 1.0 - Buffer Overflow
Buffer overflow in Chris Moneymaker's World Poker Championship 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long nickname.
EIP-2026-115047 EXPLOITDB c WORKING POC
Chesapeake TFTP Server 1.0 - Directory Traversal / Denial of Service (PoC)
CVE-2004-2151 EXPLOITDB c WORKING POC
Chatman <1.1.1 RC1 - DoS
Chatman 1.1.1 RC1 and earlier allows remote attackers to cause a denial of service (memory consumption or application crash) via a very large data size.
CVE-2012-0242 EXPLOITDB text WRITEUP
Advantech Webaccess < 6.0 - Format String Vulnerability
Format string vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via format string specifiers in a message string.