MC

460 exploits Active since Mar 1998
CVE-2004-1211 EXPLOITDB ruby WORKING POC
David Harris Mercury - Memory Corruption
Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long arguments to the (1) EXAMINE, (2) SUBSCRIBE, (3) STATUS, (4) APPEND, (5) CHECK, (6) CLOSE, (7) EXPUNGE, (8) FETCH, (9) RENAME, (10) DELETE, (11) LIST, (12) SEARCH, (13) CREATE, or (14) UNSUBSCRIBE commands.
CVE-2005-4411 EXPLOITDB ruby WORKING POC
Mercury Mail Transport System <4.01b - RCE
Buffer overflow in Mercury Mail Transport System 4.01b allows remote attackers to execute arbitrary code via a long request to TCP port 105.
CVE-2006-1255 EXPLOITDB ruby WORKING POC
Mercur Messaging 5.0 SP3 - Buffer Overflow
Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string to the (1) LOGIN or (2) SELECT command, a different set of attack vectors and possibly a different vulnerability than CVE-2003-1177.
CVE-2006-6707 EXPLOITDB ruby WORKING POC
NeoTrace Express <3.25 - RCE
Stack-based buffer overflow in the NeoTraceExplorer.NeoTraceLoader ActiveX control (NeoTraceExplorer.dll) in NeoTrace Express 3.25 and NeoTrace Pro (aka McAfee Visual Trace) 3.25 allows remote attackers to execute arbitrary code via a long argument string to the TraceTarget method. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-118763 EXPLOITDB ruby WORKING POC
McAfee Remediation Client - ActiveX Control Buffer Overflow (Metasploit)
CVE-2006-4305 EXPLOITDB ruby WORKING POC
Mysql Maxdb < 7.6.00.22 - Buffer Overflow
Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote attackers to execute arbitrary code via a long database name when connecting via a WebDBM client.
CVE-2006-6423 EXPLOITDB ruby WORKING POC
MailEnable <2.35 - Buffer Overflow
Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix.
CVE-2005-2278 EXPLOITDB ruby WORKING POC
Mailenable Professional - Buffer Overflow
Stack-based buffer overflow in the IMAP daemon (imapd) in MailEnable Professional 1.54 allows remote authenticated users to execute arbitrary code via the status command with a long mailbox name.
CVE-2005-3155 EXPLOITDB ruby WORKING POC
MailEnable <1.1,1.6 - RCE
Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and Professional 1.6 allows remote attackers to execute arbitrary code.
CVE-2007-5660 EXPLOITDB ruby WORKING POC
Macrovision Flexnet Connect - Buffer Overflow
Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow.
CVE-2007-5660 EXPLOITDB ruby WORKING POC
Macrovision Flexnet Connect - Buffer Overflow
Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow.
CVE-2007-2918 EXPLOITDB ruby WORKING POC
Logitech VideoCall - Buffer Overflow
Multiple stack-based buffer overflows in ActiveX controls (1) VibeC in (a) vibecontrol.dll, (2) CallManager and (3) ViewerClient in (b) StarClient.dll, (4) ComLink in (c) uicomlink.dll, and (5) WebCamXMP in (d) wcamxmp.dll in Logitech VideoCall allow remote attackers to cause a denial of service (browser crash) and execute arbitrary code via unspecified vectors.
CVE-2007-1674 EXPLOITDB ruby WORKING POC
Landesk Management Suite - Buffer Overflow
Stack-based buffer overflow in the Alert Service (aolnsrvr.exe) in LANDesk Management Suite 8.7 allows remote attackers to execute arbitrary code via a crafted packet to port 65535/UDP.
CVE-2007-1674 EXPLOITDB ruby WORKING POC
Landesk Management Suite - Buffer Overflow
Stack-based buffer overflow in the Alert Service (aolnsrvr.exe) in LANDesk Management Suite 8.7 allows remote attackers to execute arbitrary code via a crafted packet to port 65535/UDP.
CVE-2003-0220 EXPLOITDB ruby WORKING POC
Kerio Personal Firewall <2.1.4 - RCE
Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet.
CVE-2003-1336 EXPLOITDB ruby WORKING POC
Mirc < 6.1 - Memory Corruption
Buffer overflow in mIRC before 6.11 allows remote attackers to execute arbitrary code via a long irc:// URL.
CVE-2010-3973 EXPLOITDB ruby WORKING POC
Microsoft Wmi Administrative Tools < 1.1 - Code Injection
The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted argument to the AddContextRef method, possibly an untrusted pointer dereference, aka "Microsoft WMITools ActiveX Control Vulnerability."
CVE-2007-4006 EXPLOITDB ruby WORKING POC
Mike Dubman Windows RSH daemon (rshd) 1.7 - Buffer Overflow
Buffer overflow in Mike Dubman Windows RSH daemon (rshd) 1.7 has unknown impact and remote attack vectors, aka ZD-00000034. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.
CVE-2007-4466 EXPLOITDB ruby WORKING POC
EA SnoopyCtrl < - RCE
Multiple stack-based buffer overflows in Electronic Arts (EA) SnoopyCtrl ActiveX control (NPSnpy.dll) allow remote attackers to execute arbitrary code via unspecified methods and parameters.
CVE-2008-4384 EXPLOITDB ruby WORKING POC
Iseemedia Lpviewer - Memory Corruption
Multiple stack-based buffer overflows in MGI Software LPViewer ActiveX control (LPControl.dll), as acquired by Roxio and iseemedia, allow remote attackers to execute arbitrary code via the (1) url, (2) toolbar, and (3) enableZoomPastMax methods.
CVE-2006-4847 EXPLOITDB ruby WORKING POC
Ipswitch WS_FTP Server <5.05 - Buffer Overflow
Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.
CVE-2004-0798 EXPLOITDB ruby WORKING POC
Ipswitch WhatsUp Gold <8.03.1 - RCE
Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter.
CVE-2007-3925 EXPLOITDB ruby WORKING POC
Ipswitch Imail Server < 2006.2 - Memory Corruption
Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 before 2006.21 allow remote authenticated users to execute arbitrary code via the (1) Search or (2) Search Charset command.
CVE-2011-1566 EXPLOITDB ruby WORKING POC
7-Technologies IGSS <9.00.00.11059 - Path Traversal
Directory traversal vulnerability in dc.exe 9.00.00.11059 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to execute arbitrary programs via ..\ (dot dot backslash) sequences in opcodes (1) 0xa and (2) 0x17 to TCP port 12397.
CVE-2007-4880 EXPLOITDB ruby WORKING POC
IBM Tivoli Storage Manager Client - Memory Corruption
Buffer overflow in the Client Acceptor Daemon (CAD), dsmcad.exe, in certain IBM Tivoli Storage Manager (TSM) clients 5.1 before 5.1.8.1, 5.2 before 5.2.5.2, 5.3 before 5.3.5.3, and 5.4 before 5.4.1.2 allows remote attackers to execute arbitrary code via crafted HTTP headers, aka IC52905.