Mike Czumak

19 exploits Active since Dec 2006
CVE-2014-4114 EXPLOITDB HIGH python WORKING POC
MS14-060 Microsoft Windows OLE Package Manager Code Execution
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object in an Office document, as exploited in the wild with a "Sandworm" attack in June through October 2014, aka "Windows OLE Remote Code Execution Vulnerability."
CVSS 7.8
CVE-2013-7409 METASPLOIT ruby WORKING POC
ALLPlayer <5.8.1 - Buffer Overflow
Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .m3u (playlist) file.
CVE-2009-0261 METASPLOIT ruby WORKING POC
EffectMatrix Total Video Player <1.31 - Buffer Overflow
Stack-based buffer overflow in EffectMatrix Total Video Player 1.31 allows user-assisted attackers to execute arbitrary code via a Skins\DefaultSkin\DefaultSkin.ini file with a large ColumnHeaderSpan value.
CVE-2014-6352 EXPLOITDB HIGH python WORKING POC
MS14-064 Microsoft Windows OLE Package Manager Code Execution
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted PowerPoint document.
CVSS 7.8
EIP-2026-118021 EXPLOITDB perl WORKING POC
Total Video Player 1.3.1 - 'Settings.ini' Local Buffer Overflow (SEH)
EIP-2026-118022 EXPLOITDB ruby WORKING POC
Total Video Player 1.3.1 - 'Settings.ini' Local Buffer Overflow (SEH) (Metasploit)
CVE-2013-6937 EXPLOITDB python WORKING POC
Videocharge Watermark Master - Memory Corruption
Buffer overflow in VideoCharge Software Watermark Master 2.2.23 allows remote attackers to execute arbitrary code via a long string in the name attribute of the cols element in a .wstyle file.
CVE-2013-6874 EXPLOITDB perl WORKING POC
Vortexgroup Light Alloy < 4.7.3 - Memory Corruption
Stack-based buffer overflow in Vortex Light Alloy before 4.7.4 allows remote attackers to execute arbitrary code via a long URL in a .m3u file.
EIP-2026-117765 EXPLOITDB perl WORKING POC
Photodex ProShow Producer 5.0.3310 - Local Buffer Overflow (SEH)
CVE-2014-2030 EXPLOITDB HIGH perl WORKING POC
ImageMagick - Buffer Overflow
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick, possibly 6.8.8-5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PSD image, involving the L%06ld string, a different vulnerability than CVE-2014-1947.
CVSS 8.8
CVE-2013-7409 EXPLOITDB ruby WORKING POC
ALLPlayer <5.8.1 - Buffer Overflow
Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .m3u (playlist) file.
CVE-2013-7409 EXPLOITDB perl WORKING POC
ALLPlayer <5.8.1 - Buffer Overflow
Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .m3u (playlist) file.
CVE-2013-7409 EXPLOITDB perl WORKING POC
ALLPlayer <5.8.1 - Buffer Overflow
Buffer overflow in ALLPlayer 5.6.2 through 5.8.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .m3u (playlist) file.
EIP-2026-116842 EXPLOITDB perl WORKING POC
AudioCoder 0.8.22 - '.m3u' Local Buffer Overflow (SEH)
CVE-2006-6199 EXPLOITDB perl WORKING POC
Blazevideo Blaze Dvd - Memory Corruption
Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist.
EIP-2026-117012 EXPLOITDB perl WORKING POC
CyberLink Power2Go Essential 9.0.1002.0 - Registry Buffer Overflow (SEH Unicode)
CVE-2013-6356 EXPLOITDB perl WORKING POC
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue because of dependency on the victim's direct involvement in modifying the Windows registry to enable the attack. Notes: none
EIP-2026-116076 EXPLOITDB perl WORKING POC
Plogue Sforzando 1.665 - Buffer Overflow (SEH) (PoC)
EIP-2026-115082 EXPLOITDB python WORKING POC
CoolPlayer+ Portable 2.19.4 - Local Buffer Overflow