Marsu

41 exploits Active since Jan 2006
CVE-2007-1765 EXPLOITDB c WORKING POC
Microsoft Windows 2000 < 6 - Denial of Service
Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.
CVE-2007-1765 EXPLOITDB c WORKING POC
Microsoft Windows 2000 < 6 - Denial of Service
Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.
CVE-2007-1075 EXPLOITDB c++ WORKING POC
TurboFTP 5.30 - DoS
TurboFTP 5.30 Build 572 allows remote servers to cause a denial of service (CPU consumption) via a response with a large number of newline characters.
CVE-2007-2365 EXPLOITDB c WORKING POC
Adobe Golive - Memory Corruption
Buffer overflow in Adobe Photoshop CS2 and CS3, Photoshop Elements 5.0, Illustrator CS3, and GoLive 9 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.
CVE-2008-0320 METASPLOIT ruby WORKING POC
OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.
CVE-2007-1568 EXPLOITDB c++ WORKING POC
Daansystems Newsreactor - Buffer Overflow
Stack-based buffer overflow in DaanSystems NewsReactor 20070220.21 allows remote attackers to execute arbitrary code via a yEnc (yEncode) encoded article with a long filename.
CVE-2007-1568 EXPLOITDB c++ WORKING POC
Daansystems Newsreactor - Buffer Overflow
Stack-based buffer overflow in DaanSystems NewsReactor 20070220.21 allows remote attackers to execute arbitrary code via a yEnc (yEncode) encoded article with a long filename.
CVE-2007-2194 EXPLOITDB c WORKING POC
Gentoo Xnview - Buffer Overflow
Stack-based buffer overflow in XnView 1.90.3 allows user-assisted remote attackers to execute arbitrary code via a crafted XPM file with a long section string. NOTE: some of these details are obtained from third party information.
CVE-2007-2498 EXPLOITDB c WORKING POC
Winamp <5.34 - RCE
libmp4v2.dll in Winamp 5.02 through 5.34 allows user-assisted remote attackers to execute arbitrary code via a certain .MP4 file. NOTE: some of these details are obtained from third party information.
CVE-2008-0320 EXPLOITDB ruby WORKING POC
OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.
EIP-2026-117719 EXPLOITDB c WORKING POC
Open Office.org 2.31 - swriter Local Code Execution
CVE-2007-1041 EXPLOITDB perl WORKING POC
S&H Computer Systems News Rover 12.1 Rev 1 - Buffer Overflow
Multiple stack-based buffer overflows in S&H Computer Systems News Rover 12.1 Rev 1 allow remote attackers to execute arbitrary code via a .nzb file with a long (1) group or (2) subject string.
CVE-2007-1041 EXPLOITDB c WORKING POC
S&H Computer Systems News Rover 12.1 Rev 1 - Buffer Overflow
Multiple stack-based buffer overflows in S&H Computer Systems News Rover 12.1 Rev 1 allow remote attackers to execute arbitrary code via a .nzb file with a long (1) group or (2) subject string.
CVE-2007-1074 EXPLOITDB c WORKING POC
NewsBin Pro 5.33-4.x - Buffer Overflow
Multiple buffer overflows in NewsBin Pro 5.33 and NewsBin Pro 4.x allow user-assisted remote attackers to execute arbitrary code via a long (1) DataPath or (2) DownloadPath attributed in a (a) NBI file, or (3) a long group field in a (b) NZB file.
CVE-2007-2192 EXPLOITDB c WORKING POC
Antonio DA Cruz Photofiltre Studio - Buffer Overflow
Buffer overflow in Photofiltre Studio 8.1.1 allows user-assisted remote attackers to execute arbitrary code via a crafted .tif file.
CVE-2007-0038 EXPLOITDB c WORKING POC
Microsoft Windows 2000 - Memory Corruption
Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this might be a duplicate of CVE-2007-1765; if so, then CVE-2007-0038 should be preferred.
CVE-2007-2366 EXPLOITDB c WORKING POC
Corel Paint Shop Pro 11.20 - RCE
Buffer overflow in Corel Paint Shop Pro 11.20 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.
CVE-2008-0118 EXPLOITDB text SUSPICIOUS
Microsoft Office - Code Injection
Unspecified vulnerability in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, Excel Viewer 2003 up to SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption from an "allocation error," aka "Microsoft Office Memory Corruption Vulnerability."
CVE-2007-1867 EXPLOITDB c WORKING POC
Irfanview - Buffer Overflow
Buffer overflow in IrfanView 3.99 allows remote attackers to execute arbitrary code via a crafted animated cursor (ANI) file.
CVE-2007-2209 EXPLOITDB c WORKING POC
Accusoft Imagegear - Buffer Overflow
Buffer overflow in igcore15d.dll 15.1.2.0 and 15.2.0.0 for AccuSoft ImageGear, as used in Corel Paint Shop Pro Photo 11.20 and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted .CLP file. NOTE: some details were obtained from third party sources.
CVE-2007-2283 EXPLOITDB c WORKING POC
Freshdevices Freshview - Buffer Overflow
Buffer overflow in Fresh View 7.15 allows user-assisted remote attackers to execute arbitrary code via a crafted .PSP file.
CVE-2007-2356 EXPLOITDB c WORKING POC
Gimp 2.2.14 - Buffer Overflow
Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file.
EIP-2026-117354 EXPLOITDB c WORKING POC
Ipswitch WS_FTP 5.05 - Server Manager Local Site Buffer Overflow
CVE-2007-2363 EXPLOITDB c WORKING POC
IrfanView <4.00 - RCE
Buffer overflow in IrfanView 4.00 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted .IFF file.
CVE-2008-0493 EXPLOITDB c WORKING POC
Irfanview - Memory Corruption
fpx.dll 3.9.8.0 in the FlashPix plugin for IrfanView 4.10 allows remote attackers to execute arbitrary code via a crafted FlashPix (.FPX) file, which triggers heap corruption. NOTE: some of these details are obtained from third party information.