MC

466 exploits Active since Mar 1998
CVE-2006-6063 EXPLOITDB ruby WORKING POC
XMPlay < 3.3.0.5 - Stack-Based Buffer Overflow via M3U File
Stack-based buffer overflow in Un4seen XMPlay 3.3.0.5 and earlier allows remote attackers to execute arbitrary code via a M3U file containing a long (1) FileName, and cause a crash via a long (2) DisplayName.
CVE-2008-4654 EXPLOITDB ruby WORKING POC
VLC Media Player 0.9.0-0.9.4 - Stack-Based Buffer Overflow in Ty Demux Plugin
Stack-based buffer overflow in the parse_master function in the Ty demux plugin (modules/demux/ty.c) in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value.
EIP-2026-118045 EXPLOITDB ruby WORKING POC
VariCAD 2010-2.05 EN - '.DWB' Local Stack Buffer Overflow (Metasploit)
CVE-2009-0565 EXPLOITDB ruby WORKING POC
Microsoft Office Word 2000 SP3, 2002 SP3, 2007 SP1-SP2 - Remote Code Execution via Malformed Record
Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a malformed record that triggers memory corruption, aka "Word Buffer Overflow Vulnerability."
CVE-2007-4776 EXPLOITDB ruby WORKING POC
Microsoft Visual Basic 6.0 and Enterprise Edition 6.0 SP6 - Buffer Overflow via Long Reference Line in VBP File
Buffer overflow in Microsoft Visual Basic 6.0 and Enterprise Edition 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a Visual Basic project (vbp) file containing a long Reference line, related to VBP_Open and OLE. NOTE: there are limited usage scenarios under which this would be a vulnerability.
CVE-2007-2864 EXPLOITDB ruby WORKING POC
CA Products <30.6 - Buffer Overflow
Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.
CVE-2005-0043 EXPLOITDB ruby WORKING POC
Apple iTunes 4.7 - Remote Code Execution via Long URL in Playlist Files
Buffer overflow in Apple iTunes 4.7 allows remote attackers to execute arbitrary code via a long URL in (1) .m3u or (2) .pls playlist files.
CVE-2011-0257 EXPLOITDB ruby WORKING POC
Apple QuickTime PICT PnSize Buffer Overflow
Integer signedness error in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PnSize opcode in a PICT file that triggers a stack-based buffer overflow.
EIP-2026-116873 EXPLOITDB ruby WORKING POC
BACnet OPC Client - Local Buffer Overflow (Metasploit) (2)
CVE-2006-6199 EXPLOITDB ruby WORKING POC
BlazeVideo BlazeDVD Standard and Professional 5.0 - Stack-based Buffer Overflow via PLF Playlist Filename
Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist.
CVE-2007-2193 EXPLOITDB ruby WORKING POC
ACDSee 9.0/Pro 8.1/Photo Editor 4.0 - Stack-Based Buffer Overflow via Crafted XPM File
Stack-based buffer overflow in the ID_X.apl plugin in ACDSee 9.0 Build 108, Pro 8.1 Build 99, and Photo Editor 4.0 Build 195 allows user-assisted remote attackers to execute arbitrary code via a crafted XPM file with a long section string. NOTE: some of these details are obtained from third party information.
CVE-2009-0658 EXPLOITDB HIGH ruby WORKING POC
Adobe Reader <9.0 - Buffer Overflow
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.
CVSS 7.8
CVE-2009-0658 EXPLOITDB HIGH ruby WORKING POC
Adobe Reader <9.0 - Buffer Overflow
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.
CVSS 7.8
CVE-2008-2992 EXPLOITDB HIGH ruby WORKING POC
Adobe Acrobat and Reader < 8.1.2 - Remote Code Execution via util.printf Format String
Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104.
CVSS 7.8
CVE-2008-2992 EXPLOITDB HIGH ruby WORKING POC
Adobe Acrobat and Reader < 8.1.2 - Remote Code Execution via util.printf Format String
Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104.
CVSS 7.8
CVE-2009-0927 EXPLOITDB HIGH ruby WORKING POC
Adobe Acrobat Reader 7.0-7.1.1 - Remote Code Execution via Collab.getIcon Method
Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658.
CVSS 8.8
CVE-2009-0927 EXPLOITDB HIGH ruby WORKING POC
Adobe Acrobat Reader 7.0-7.1.1 - Remote Code Execution via Collab.getIcon Method
Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658.
CVSS 8.8
CVE-2007-5659 EXPLOITDB HIGH ruby WORKING POC
Adobe Acrobat and Reader < 8.1.2 - Remote Code Execution via Long JavaScript Method Arguments
Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655.
CVSS 7.8
CVE-2001-0797 EXPLOITDB ruby WORKING POC
SGI IRIX - Buffer Overflow in Login via Telnet/Rlogin Arguments
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
CVE-2011-2523 EXPLOITDB CRITICAL ruby WORKING POC
vsftpd 2.3.4 - Backdoor Command Execution
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
CVSS 9.8
CVE-2007-0882 EXPLOITDB ruby WORKING POC
Solaris 10 and 11 - Unauthenticated Argument Injection in telnetd via -f Sequence
Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by the bin account.
CVE-2001-0797 EXPLOITDB ruby WORKING POC
SGI IRIX - Buffer Overflow in Login via Telnet/Rlogin Arguments
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
CVE-2007-0882 EXPLOITDB ruby WORKING POC
Solaris 10 and 11 - Unauthenticated Argument Injection in telnetd via -f Sequence
Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by the bin account.
CVE-2010-0904 EXPLOITDB ruby WORKING POC
Oracle Secure Backup 10.3.0.1 - Info Disclosure
Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote attackers to affect integrity via unknown vectors.
CVE-2008-2905 EXPLOITDB ruby WORKING POC
Mambo < 4.6.4 - Remote Code Execution via mosConfig_absolute_path Parameter
PHP remote file inclusion vulnerability in includes/Cache/Lite/Output.php in the Cache_Lite package in Mambo 4.6.4 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.