Marsu

41 exploits Active since Jan 2006
CVE-2007-0790 EXPLOITDB c++ WORKING POC
SmartFTP 2.0.1002 - Buffer Overflow
Heap-based buffer overflow in SmartFTP 2.0.1002 allows remote FTP servers to execute arbitrary code via a large banner.
CVE-2007-2244 EXPLOITDB c WORKING POC
Adobe GoLive 9 - Buffer Overflow via Crafted BMP DIB or RLE File
Multiple buffer overflows in Adobe Photoshop CS2 and CS3, Illustrator CS3, and GoLive 9 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) BMP, (2) DIB, or (3) RLE file.
CVE-2007-2193 EXPLOITDB c WORKING POC
ACDSee 9.0/Pro 8.1/Photo Editor 4.0 - Stack-Based Buffer Overflow via Crafted XPM File
Stack-based buffer overflow in the ID_X.apl plugin in ACDSee 9.0 Build 108, Pro 8.1 Build 99, and Photo Editor 4.0 Build 195 allows user-assisted remote attackers to execute arbitrary code via a crafted XPM file with a long section string. NOTE: some of these details are obtained from third party information.
CVE-2007-2284 EXPLOITDB c WORKING POC
ABC-View Manager 1.42 - Buffer Overflow via Crafted PSP File
Buffer overflow in ABC-View Manager 1.42 allows user-assisted remote attackers to execute arbitrary code via a crafted .PSP file.
CVE-2007-0311 EXPLOITDB c WORKING POC
Texas Imperial Software WFTPD and WFTPD Pro Server < 3.25 - Denial of Service via Long SITE ADMIN Command
Texas Imperial Software WFTPD and WFTPD Pro Server 3.25 and earlier allow remote attackers to cause a denial of service (application crash) via a long SITE ADMIN command.
EIP-2026-116499 EXPLOITDB text WORKING POC
Visual Basic - 'vbe6.dll' Local Stack Overflow (PoC) / Denial of Service
CVE-2007-1080 EXPLOITDB c++ WORKING POC
TurboFTP <5.30 Build 572 - Buffer Overflow
Multiple heap-based buffer overflows in TurboFTP 5.30 Build 572 allow remote servers to cause a denial of service via (1) long filename in a response to a LIST command, and (2) a long response to a CWD command.
CVE-2007-1347 EXPLOITDB text WORKING POC
Microsoft Windows Explorer - Denial of Service via Crafted Office File Document Summary
Microsoft Windows Explorer on Windows 2000 SP4 FR and XP SP2 FR, and possibly other versions and platforms, allows remote attackers to cause a denial of service (memory corruption and crash) via an Office file with crafted document summary information, which causes an error in Ole32.dll.
CVE-2007-1037 EXPLOITDB c WORKING POC
News File Grabber <4.1.0.1 - Buffer Overflow
Stack-based buffer overflow in News File Grabber 4.1.0.1 and earlier allows remote attackers to execute arbitrary code via a .nzb file with a long subject field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-1569 EXPLOITDB c++ WORKING POC
NewsBin Pro 4.32 - Stack-Based Buffer Overflow via Long Filename in yEnc Article
Stack-based buffer overflow in NewsBin Pro 4.32 allows remote attackers to cause a denial of service or execute arbitrary code via a yEnc (yEncode) encoded article with a long filename, as demonstrated using a .nzb file. NOTE: some of these details are obtained from third party information.
CVE-2007-0038 EXPLOITDB c WORKING POC
Microsoft Windows 2000 SP4 through Vista - Remote Code Execution via Animated Cursor RIFF File
Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this might be a duplicate of CVE-2007-1765; if so, then CVE-2007-0038 should be preferred.
CVE-2006-0441 EXPLOITDB c WORKING POC
Sami FTP Server 2.0.1 - Stack-Based Buffer Overflow via Long USER Command
Stack-based buffer overflow in Sami FTP Server 2.0.1 allows remote attackers to execute arbitrary code via a long USER command, which triggers the overflow when the log is viewed.
CVE-2007-0825 EXPLOITDB c++ WORKING POC
FlashFXP 3.4.0 build 1145 - Denial of Service via PWD Command Response
FlashFXP 3.4.0 build 1145 allows remote servers to cause a denial of service (CPU consumption) via a response to a PWD command that contains a long string with deeply nested directory structure, possibly due to a buffer overflow.
CVE-2007-1079 EXPLOITDB c++ WORKING POC
Rhino Software, Inc. FTP Voyager <14.0.0.3 - Buffer Overflow
Stack-based buffer overflow in Rhino Software, Inc. FTP Voyager 14.0.0.3 and earlier allows remote servers to cause a denial of service (crash) via a long response to a CWD command, which triggers the overflow when the user aborts the command.
CVE-2007-1082 EXPLOITDB c++ WORKING POC
FTP Explorer < 1.0.1.52 - Denial of Service via Long PWD Response
FTP Explorer 1.0.1 Build 047, and other versions before 1.0.1.52, allows remote servers to cause a denial of service (CPU consumption) via a long response to a PWD command.
CVE-2007-0338 EXPLOITDB c WORKING POC
Dream FTP Server - Remote Code Execution via USER Command Format String Overflow
Heap-based buffer overflow in Dream FTP Server allows remote attackers to execute arbitrary code via a USER command with a large number of format string specifiers, which triggers the overflow during processing of the Server Log.