Muris Kurgas a.k.a. j0rgan

7 exploits Active since Jan 2008
CVE-2007-6681 EXPLOITDB python WORKING POC
VLC < 0.8.6d - Remote Code Execution via Long Subtitle in MicroDvd SSA or Vplayer File
Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a (1) MicroDvd, (2) SSA, and (3) Vplayer file.
CVE-2008-0073 EXPLOITDB python WORKING POC
xine-lib 1.1.10.1 - Remote Code Execution via Large streamid SDP Parameter
Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.
CVE-2008-0295 EXPLOITDB python WORKING POC
VLC Media Player < 0.8.6d - Heap-Based Buffer Overflow via Long SDP Data
Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier, allows user-assisted remote attackers to cause a denial of service (crash) or execute arbitrary code via long Session Description Protocol (SDP) data.
CVE-2008-0296 EXPLOITDB python WORKING POC
VLC Media Player < 0.8.6d - Heap-Based Buffer Overflow via RTSP Long String
Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string.
CVE-2008-0984 EXPLOITDB python WORKING POC
Miro Player < 1.1 - Remote Code Execution via Malformed MP4 File
The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file.
CVE-2008-1489 EXPLOITDB python WORKING POC
VLC - Integer Overflow and Heap-Based Buffer Overflow via Crafted MP4 RDRF Box
Integer overflow in the MP4_ReadBox_rdrf function in libmp4.c for VLC 0.8.6e allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MP4 RDRF box that triggers a heap-based buffer overflow, a different vulnerability than CVE-2008-0984.
CVE-2008-1769 EXPLOITDB python WORKING POC
VLC < 0.8.6f - Denial of Service via Crafted Cinepak File
VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via a crafted Cinepak file that triggers an out-of-bounds array access and memory corruption.