MC

460 exploits Active since Mar 1998
CVE-2009-3861 EXPLOITDB ruby WORKING POC
SafeNet SoftRemote <10.8.9 - Buffer Overflow
Stack-based buffer overflow in SafeNet SoftRemote 10.8.5 (Build 2) and 10.3.5 (Build 6), and possibly other versions before 10.8.9, allows local users to execute arbitrary code via a long string in a (1) TREENAME or (2) GROUPNAME Policy file (spd).
CVE-2008-1914 EXPLOITDB ruby WORKING POC
BigAnt IM Server <2.2 - Buffer Overflow
Stack-based buffer overflow in the AntServer module (AntServer.exe) in BigAnt IM Server in BigAnt Messenger 2.2 allows remote attackers to execute arbitrary code via a long URI in a request to TCP port 6080. NOTE: some of these details are obtained from third party information.
CVE-2005-4085 EXPLOITDB ruby WORKING POC
Bluecoat Webproxy - Buffer Overflow
Buffer overflow in BlueCoat (a) WinProxy before 6.1a and (b) the web console access functionality in ProxyAV before 2.4.2.3 allows remote attackers to execute arbitrary code via a long Host: header.
CVE-2009-2227 EXPLOITDB ruby WORKING POC
B Labs Bopup Comm Server <3.2.26.5460 - Buffer Overflow
Stack-based buffer overflow in B Labs Bopup Communication Server 3.2.26.5460 allows remote attackers to execute arbitrary code via a crafted request to TCP port 19810.
CVE-2008-0311 EXPLOITDB ruby WORKING POC
Borland Caliberrm - Memory Corruption
Stack-based buffer overflow in the PGMWebHandler::parse_request function in the StarTeam Multicast Service component (STMulticastService) 6.4 in Borland CaliberRM 2006 allows remote attackers to execute arbitrary code via a large HTTP request.
CVE-2007-3566 EXPLOITDB ruby WORKING POC
Borland Software Interbase - Buffer Overflow
Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp.
CVE-2007-6166 EXPLOITDB ruby WORKING POC
Apple QuickTime <7.3.1 - Buffer Overflow
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.
CVE-2007-5107 EXPLOITDB ruby WORKING POC
Ask.com Ask Toolbar < 4.0.2.53 - Memory Corruption
Stack-based buffer overflow in the AskJeevesToolBar.SettingsPlugin.1 ActiveX control in askBar.dll in IAC Search & Media ask.com Ask Toolbar 4.0.2.53 and earlier allows remote attackers to execute arbitrary code via a long ShortFormat property value. NOTE: some of these details are obtained from third party information. NOTE: the researcher claims that this is the same as CVE-2007-5108, but there is insufficient detail for CVE-2007-5108 to be certain.
EIP-2026-118286 EXPLOITDB ruby WORKING POC
AtHocGov IWSAlerts - ActiveX Control Buffer Overflow (Metasploit)
CVE-2007-6377 EXPLOITDB ruby WORKING POC
BadBlue <2.72b - Buffer Overflow
Stack-based buffer overflow in the PassThru functionality in ext.dll in BadBlue 2.72b and earlier allows remote attackers to execute arbitrary code via a long query string.
EIP-2026-118311 EXPLOITDB ruby WORKING POC
Belkin Bulldog Plus - Web Service Buffer Overflow (Metasploit)
CVE-2006-5650 EXPLOITDB ruby WORKING POC
America Online ICQ 5.1 - RCE
The ICQPhone.SipxPhoneManager ActiveX control in America Online ICQ 5.1 allows remote attackers to download and execute arbitrary code via the DownloadAgent function, as demonstrated using an ICQ avatar.
CVE-2006-5650 EXPLOITDB ruby WORKING POC
America Online ICQ 5.1 - RCE
The ICQPhone.SipxPhoneManager ActiveX control in America Online ICQ 5.1 allows remote attackers to download and execute arbitrary code via the DownloadAgent function, as demonstrated using an ICQ avatar.
CVE-2003-0471 EXPLOITDB ruby WORKING POC
Alt-N WebAdmin - Buffer Overflow via USER Argument
Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument.
CVE-2006-3524 EXPLOITDB ruby WORKING POC
SIPfoundry sipXtapi <20060324 - RCE
Buffer overflow in SIPfoundry sipXtapi released before 20060324 allows remote attackers to execute arbitrary code via a long CSeq field value in an INVITE message.
CVE-2006-6183 EXPLOITDB ruby WORKING POC
3com 3ctftpsvc < 2.0.1 - Memory Corruption
Multiple stack-based buffer overflows in 3Com 3CTftpSvc 2.0.1, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long mode field (aka transporting mode) in a (1) GET or (2) PUT command.
CVE-2006-6063 EXPLOITDB ruby WORKING POC
Un4seen Xmplay < 3.3.0.5 - Buffer Overflow
Stack-based buffer overflow in Un4seen XMPlay 3.3.0.5 and earlier allows remote attackers to execute arbitrary code via a M3U file containing a long (1) FileName, and cause a crash via a long (2) DisplayName.
CVE-2006-6251 EXPLOITDB ruby WORKING POC
Vuplayer < 2.44 - Buffer Overflow
Stack-based buffer overflow in VUPlayer 2.44 and earlier allows remote attackers to execute arbitrary code via a long string in an M3U file, aka an "M3U UNC Name" attack.
EIP-2026-118074 EXPLOITDB ruby WORKING POC
VUPlayer - '.cue' Local Buffer Overflow (Metasploit)
CVE-2007-0015 EXPLOITDB ruby WORKING POC
Apple Quicktime - Buffer Overflow
Buffer overflow in Apple QuickTime 7.1.3 allows remote attackers to execute arbitrary code via a long rtsp:// URI.
CVE-2008-4654 EXPLOITDB ruby WORKING POC
Videolan Vlc Media Player - Memory Corruption
Stack-based buffer overflow in the parse_master function in the Ty demux plugin (modules/demux/ty.c) in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value.
EIP-2026-118045 EXPLOITDB ruby WORKING POC
VariCAD 2010-2.05 EN - '.DWB' Local Stack Buffer Overflow (Metasploit)
CVE-2009-0565 EXPLOITDB ruby WORKING POC
Microsoft Office - Buffer Overflow
Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a malformed record that triggers memory corruption, aka "Word Buffer Overflow Vulnerability."
CVE-2007-4776 EXPLOITDB ruby WORKING POC
Microsoft Visual Basic - Memory Corruption
Buffer overflow in Microsoft Visual Basic 6.0 and Enterprise Edition 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a Visual Basic project (vbp) file containing a long Reference line, related to VBP_Open and OLE. NOTE: there are limited usage scenarios under which this would be a vulnerability.
CVE-2007-2864 EXPLOITDB ruby WORKING POC
CA Products <30.6 - Buffer Overflow
Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.