MC

466 exploits Active since Mar 1998
CVE-2008-4384 EXPLOITDB ruby WORKING POC
LPViewer ActiveX Control - Stack-Based Buffer Overflow via url/toolbar/enableZoomPastMax Methods
Multiple stack-based buffer overflows in MGI Software LPViewer ActiveX control (LPControl.dll), as acquired by Roxio and iseemedia, allow remote attackers to execute arbitrary code via the (1) url, (2) toolbar, and (3) enableZoomPastMax methods.
CVE-2006-4847 EXPLOITDB ruby WORKING POC
Ipswitch WS_FTP Server <5.05 - Buffer Overflow
Multiple buffer overflows in Ipswitch WS_FTP Server 5.05 before Hotfix 1 allow remote authenticated users to execute arbitrary code via long (1) XCRC, (2) XSHA1, or (3) XMD5 commands.
CVE-2004-0798 EXPLOITDB ruby WORKING POC
Ipswitch WhatsUp Gold <8.03.1 - RCE
Buffer overflow in the _maincfgret.cgi script for Ipswitch WhatsUp Gold before 8.03 Hotfix 1 allows remote attackers to execute arbitrary code via a long instancename parameter.
CVE-2007-3925 EXPLOITDB ruby WORKING POC
Ipswitch IMail Server < 2006.21 - Authenticated Remote Code Execution via IMAP Search Command
Multiple buffer overflows in the IMAP service (imapd32.exe) in Ipswitch IMail Server 2006 before 2006.21 allow remote authenticated users to execute arbitrary code via the (1) Search or (2) Search Charset command.
CVE-2011-1566 EXPLOITDB ruby WORKING POC
7-Technologies IGSS <9.00.00.11059 - Path Traversal
Directory traversal vulnerability in dc.exe 9.00.00.11059 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allows remote attackers to execute arbitrary programs via ..\ (dot dot backslash) sequences in opcodes (1) 0xa and (2) 0x17 to TCP port 12397.
CVE-2007-4880 EXPLOITDB ruby WORKING POC
IBM Tivoli Storage Manager Client 5.1-5.4 - Remote Code Execution via Crafted HTTP Headers
Buffer overflow in the Client Acceptor Daemon (CAD), dsmcad.exe, in certain IBM Tivoli Storage Manager (TSM) clients 5.1 before 5.1.8.1, 5.2 before 5.2.5.2, 5.3 before 5.3.5.3, and 5.4 before 5.4.1.2 allows remote attackers to execute arbitrary code via crafted HTTP headers, aka IC52905.
CVE-2009-0215 EXPLOITDB ruby WORKING POC
IBM Access Support ActiveX Control - Stack-Based Buffer Overflow
Stack-based buffer overflow in the GetXMLValue method in the IBM Access Support ActiveX control in IbmEgath.dll, as distributed on IBM and Lenovo computers, allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2008-4385 EXPLOITDB ruby WORKING POC
System Requirements Lab 3 - Remote Code Execution via Malicious Website Argument to Init Method
Husdawg, LLC Systems Requirements Lab 3, as used by Instant Expert Analysis, allows remote attackers to force the download and execution of arbitrary programs via by specifiying a malicious website argument to the Init method in (1) a certain ActiveX control (sysreqlab2.cab, sysreqlab.dll, sysreqlabsli.dll, or sysreqlab2.dll) and (2) a certain Java applet in RLApplet.class in sysreqlab2.jar or sysreqlab.jar.
CVE-2005-1815 EXPLOITDB ruby WORKING POC
Hummingbird Connectivity 10.0.0.1 and 9.0.0.4 - Buffer Overflow via FTP or LPD Command
Multiple buffer overflows in Hummingbird Connectivity inetD 10.0.0.1 and 9.0.0.4 allows attackers to cause a denial of service and possibly execute arbitrary code via (1) an FTP command with a long argument to FTPD (ftpdw.exe) or (2) a large amount of data to LPD (Lpdw.exe).
CVE-2011-0276 EXPLOITDB ruby WORKING POC
HP OpenView Performance Insight Server <5.4 - RCE
HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class.
CVE-2009-4178 EXPLOITDB ruby WORKING POC
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Heap-based buffer overflow in OvWebHelp.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Topic parameter.
CVE-2007-6204 EXPLOITDB ruby WORKING POC
HP OpenView Network Node Manager <7.51 - RCE
Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to execute arbitrary code via unspecified long arguments to (1) ovlogin.exe, (2) OpenView5.exe, (3) snmpviewer.exe, and (4) webappmon.exe, as demonstrated via a long Action parameter to OpenView5.exe.
CVE-2010-1553 EXPLOITDB ruby WORKING POC
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid MaxAge parameter.
CVE-2010-1554 EXPLOITDB ruby WORKING POC
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter.
CVE-2010-1555 EXPLOITDB ruby WORKING POC
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter.
CVE-2007-3872 EXPLOITDB ruby WORKING POC
HP OpenView Operations < a.07.50 - Remote Code Execution via Crafted Requests
Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests.
CVE-2007-6530 EXPLOITDB ruby WORKING POC
Persits Software XUpload <3.0 - Buffer Overflow
Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remote attackers to execute arbitrary code via a long argument to the AddFolder function.
CVE-2011-1865 EXPLOITDB ruby WORKING POC
HP OpenView Storage Data Protector <6.20 - Buffer Overflow
Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters.
CVE-2009-2685 EXPLOITDB ruby WORKING POC
HP Power Manager - Stack-based Buffer Overflow via Login Variable
Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable.
CVE-2005-0768 EXPLOITDB ruby WORKING POC
GoodTech Telnet Server 4.0-5.0 - Remote Code Execution via Long String to Port 2380
Buffer overflow in the administration web server for GoodTech Telnet Server 4.0 and 5.0, and possibly all versions before 5.0.7, allows remote attackers to execute arbitrary code via a long string to port 2380.
CVE-2007-5779 EXPLOITDB ruby WORKING POC
GOM Player 2.1.6.3499 - Buffer Overflow via GomWeb Control OpenUrl Method
Buffer overflow in the GomManager (GomWeb Control) ActiveX control in GomWeb3.dll 1.0.0.12 in Gretech Online Movie Player (GOM Player) 2.1.6.3499 allows remote attackers to execute arbitrary code via a long argument to the OpenUrl method.
CVE-2005-1812 EXPLOITDB ruby WORKING POC
FutureSoft TFTP Server Evaluation Version 1.0.0.1 - Remote Code Execution via Long Filename or Transfer Mode String
Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote attackers to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Read Request (RRQ) or Write Request (WRQ) packet.
CVE-2006-2407 EXPLOITDB ruby WORKING POC
freeFTPd 1.0.10 - Stack-Based Buffer Overflow via Long Key Exchange Algorithm String
Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string.
CVE-2005-3683 EXPLOITDB ruby WORKING POC
freeFTPd < 1.0.9 - Stack-Based Buffer Overflow via Long USER Command
Stack-based buffer overflow in freeFTPd before 1.0.9 with Logging enabled, allows remote attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via a long USER command.
CVE-2009-0183 EXPLOITDB ruby WORKING POC
Free Download Manager <3.0.844 - Buffer Overflow
Stack-based buffer overflow in Remote Control Server in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allows remote attackers to execute arbitrary code via a long Authorization header in an HTTP request.