MC

466 exploits Active since Mar 1998
CVE-2002-1123 EXPLOITDB ruby WORKING POC
Microsoft SQL Server 2000 and MSDE 2000 - Remote Code Execution via Long TCP Port 1433 Request
Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote attackers to execute arbitrary code via a long request to TCP port 1433, aka the "Hello" overflow.
CVE-2005-1213 EXPLOITDB ruby WORKING POC
Microsoft Outlook Express <6 SP1 - Buffer Overflow
Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field.
CVE-2001-0500 EXPLOITDB ruby WORKING POC
Index Server and Indexing Service - Remote Code Execution via Long Argument to ISAPI Extension
Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.
CVE-2007-3901 EXPLOITDB ruby WORKING POC
Microsoft DirectX 7.0-10.0 - Remote Code Execution via SAMI File Parsing
Stack-based buffer overflow in the DirectShow Synchronized Accessible Media Interchange (SAMI) parser in quartz.dll for Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted SAMI file.
CVE-2007-4440 EXPLOITDB ruby WORKING POC
MercuryS SMTP <4.51 - Buffer Overflow
Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mail Transport System, possibly 4.51 and earlier, allows remote attackers to execute arbitrary code via a long AUTH CRAM-MD5 string. NOTE: this might overlap CVE-2006-5961.
CVE-2007-1373 EXPLOITDB ruby WORKING POC
Mercury Mail Transport System < 4.01b - Remote Code Execution via Long LOGIN Command
Stack-based buffer overflow in Mercury/32 (aka Mercury Mail Transport System) 4.01b and earlier allows remote attackers to execute arbitrary code via a long LOGIN command. NOTE: this might be the same issue as CVE-2006-5961.
CVE-2004-1211 EXPLOITDB ruby WORKING POC
Mercury/32 4.01a - Authenticated Buffer Overflow via IMAP Command Arguments
Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long arguments to the (1) EXAMINE, (2) SUBSCRIBE, (3) STATUS, (4) APPEND, (5) CHECK, (6) CLOSE, (7) EXPUNGE, (8) FETCH, (9) RENAME, (10) DELETE, (11) LIST, (12) SEARCH, (13) CREATE, or (14) UNSUBSCRIBE commands.
CVE-2005-4411 EXPLOITDB ruby WORKING POC
Mercury Mail Transport System <4.01b - RCE
Buffer overflow in Mercury Mail Transport System 4.01b allows remote attackers to execute arbitrary code via a long request to TCP port 105.
CVE-2006-1255 EXPLOITDB ruby WORKING POC
Mercur Messaging 5.0 SP3 - Buffer Overflow
Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string to the (1) LOGIN or (2) SELECT command, a different set of attack vectors and possibly a different vulnerability than CVE-2003-1177.
CVE-2006-6707 EXPLOITDB ruby WORKING POC
McAfee NeoTrace and Visual Trace 3.25 - Stack-Based Buffer Overflow via TraceTarget Method
Stack-based buffer overflow in the NeoTraceExplorer.NeoTraceLoader ActiveX control (NeoTraceExplorer.dll) in NeoTrace Express 3.25 and NeoTrace Pro (aka McAfee Visual Trace) 3.25 allows remote attackers to execute arbitrary code via a long argument string to the TraceTarget method. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-118763 EXPLOITDB ruby WORKING POC
McAfee Remediation Client - ActiveX Control Buffer Overflow (Metasploit)
CVE-2006-4305 EXPLOITDB ruby WORKING POC
MaxDB < 7.6.00.30 - Remote Code Execution via Long Database Name
Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote attackers to execute arbitrary code via a long database name when connecting via a WebDBM client.
CVE-2006-6423 EXPLOITDB ruby WORKING POC
MailEnable Professional and Enterprise Edition 1.1-2.35 - Stack-Based Buffer Overflow via IMAP Service
Stack-based buffer overflow in the IMAP service for MailEnable Professional and Enterprise Edition 2.0 through 2.35, Professional Edition 1.6 through 1.84, and Enterprise Edition 1.1 through 1.41 allows remote attackers to execute arbitrary code via a pre-authentication command followed by a crafted parameter and a long string, as addressed by the ME-10025 hotfix.
CVE-2005-2278 EXPLOITDB ruby WORKING POC
MailEnable Professional 1.54 - Authenticated Stack-Based Buffer Overflow via IMAP Status Command
Stack-based buffer overflow in the IMAP daemon (imapd) in MailEnable Professional 1.54 allows remote authenticated users to execute arbitrary code via the status command with a long mailbox name.
CVE-2005-3155 EXPLOITDB ruby WORKING POC
MailEnable Enterprise 1.1 and Professional 1.6 - Buffer Overflow in W3C Logging
Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and Professional 1.6 allows remote attackers to execute arbitrary code.
CVE-2007-5660 EXPLOITDB ruby WORKING POC
MacroVision FLEXnet Connect and InstallShield 2008 - Remote Code Execution via Update Service ActiveX Control
Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow.
CVE-2007-5660 EXPLOITDB ruby WORKING POC
MacroVision FLEXnet Connect and InstallShield 2008 - Remote Code Execution via Update Service ActiveX Control
Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involving a buffer overflow.
CVE-2007-2918 EXPLOITDB ruby WORKING POC
Logitech VideoCall - Buffer Overflow
Multiple stack-based buffer overflows in ActiveX controls (1) VibeC in (a) vibecontrol.dll, (2) CallManager and (3) ViewerClient in (b) StarClient.dll, (4) ComLink in (c) uicomlink.dll, and (5) WebCamXMP in (d) wcamxmp.dll in Logitech VideoCall allow remote attackers to cause a denial of service (browser crash) and execute arbitrary code via unspecified vectors.
CVE-2007-1674 EXPLOITDB ruby WORKING POC
LANDesk Management Suite 8.7 - Remote Code Execution via Crafted UDP Packet to Alert Service
Stack-based buffer overflow in the Alert Service (aolnsrvr.exe) in LANDesk Management Suite 8.7 allows remote attackers to execute arbitrary code via a crafted packet to port 65535/UDP.
CVE-2007-1674 EXPLOITDB ruby WORKING POC
LANDesk Management Suite 8.7 - Remote Code Execution via Crafted UDP Packet to Alert Service
Stack-based buffer overflow in the Alert Service (aolnsrvr.exe) in LANDesk Management Suite 8.7 allows remote attackers to execute arbitrary code via a crafted packet to port 65535/UDP.
CVE-2003-0220 EXPLOITDB ruby WORKING POC
Kerio Personal Firewall <2.1.4 - RCE
Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet.
CVE-2003-1336 EXPLOITDB ruby WORKING POC
mIRC < 6.11 - Remote Code Execution via Long irc:// URL
Buffer overflow in mIRC before 6.11 allows remote attackers to execute arbitrary code via a long irc:// URL.
CVE-2010-3973 EXPLOITDB ruby WORKING POC
WMI Administrative Tools < 1.1 - Remote Code Execution via WBEMSingleView.ocx AddContextRef Method
The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted argument to the AddContextRef method, possibly an untrusted pointer dereference, aka "Microsoft WMITools ActiveX Control Vulnerability."
CVE-2007-4006 EXPLOITDB ruby WORKING POC
Mike Dubman Windows RSH daemon (rshd) 1.7 - Buffer Overflow
Buffer overflow in Mike Dubman Windows RSH daemon (rshd) 1.7 has unknown impact and remote attack vectors, aka ZD-00000034. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine.
CVE-2007-4466 EXPLOITDB ruby WORKING POC
Electronic Arts SnoopyCtrl - Stack-Based Buffer Overflow
Multiple stack-based buffer overflows in Electronic Arts (EA) SnoopyCtrl ActiveX control (NPSnpy.dll) allow remote attackers to execute arbitrary code via unspecified methods and parameters.