Nine:Situations:Group::pyrokinesis

20 exploits Active since Oct 2008
CVE-2009-4668 EXPLOITDB php WORKING POC
jetAudio <7.5.3.15 - Buffer Overflow
Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long ID3 tag in an MP3 file. NOTE: some of these details are obtained from third party information.
CVE-2009-1743 EXPLOITDB php WORKING POC
Pinnacle Studio 12 - Path Traversal and Arbitrary File Write via Hollywood FX Archive Filename
Directory traversal vulnerability in InstallHFZ.exe 6.5.201.0 in Pinnacle Hollywood Effects 6, a module in Pinnacle Systems Pinnacle Studio 12, allows remote attackers to create and overwrite arbitrary files via a filename containing a ..\ (dot dot backslash) sequence in a Hollywood FX Compressed Archive (.hfz) file. NOTE: this can be leveraged for code execution by decompressing a file to a Startup folder. NOTE: some of these details are obtained from third party information.
EIP-2026-119004 EXPLOITDB html WORKING POC
Oracle - Document Capture BlackIce DEVMODE
CVE-2008-4493 EXPLOITDB html WORKING POC
Microsoft Digital Image 2006 Starter Edition - Arbitrary File Upload via PicturePusher ActiveX Control
Microsoft PicturePusher ActiveX control (PipPPush.DLL 7.00.0709), as used in Microsoft Digital Image 2006 Starter Edition, allows remote attackers to force the upload of arbitrary files by using the AddString and Post methods and a modified PostURL to construct an HTTP POST request. NOTE: this issue might only be exploitable in limited environments or non-default browser settings.
CVE-2008-6748 EXPLOITDB html WORKING POC
Megacubo 5.0.7 - Remote Code Execution via mega:// URI Play Action
Eval injection vulnerability in Megacubo 5.0.7 allows remote attackers to inject and execute arbitrary PHP code via the play action in a mega:// URI.
EIP-2026-118614 EXPLOITDB text WORKING POC
Google Apps - mailto URI handler cross-browser Remote command Execution
EIP-2026-118514 EXPLOITDB html WORKING POC
EMC Captiva QuickScan Pro 4.6 SP1 and EMC Documentum ApllicationXtender Desktop 5.4 (keyhelp.ocx 1.2.312) - Remote Overflow
CVE-2009-1744 EXPLOITDB php WORKING POC
Pinnacle Studio 12 - Denial of Service via Crafted Hollywood FX Archive
InstallHFZ.exe 6.5.201.0 in Pinnacle Hollywood Effects 6, a module in Pinnacle Systems Pinnacle Studio 12, allows remote attackers to cause a denial of service (application crash) via a crafted Hollywood FX Compressed Archive (.hfz) file.
CVE-2009-2261 EXPLOITDB php WORKING POC
PeaZIP <2.6.1-2.5.1 - Command Injection
PeaZIP 2.6.1, 2.5.1, and earlier on Windows allows user-assisted remote attackers to execute arbitrary commands via a .zip archive with a .txt file whose name contains | (pipe) characters and a command.
CVE-2009-4676 EXPLOITDB php WORKING POC
JetAudio <7.5.3.15 - Buffer Overflow
Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long title in a FLAC file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-1068 EXPLOITDB python WORKING POC
BS.Player <=2.34 Build 980 - Stack-based Buffer Overflow via Long Hostname in .bsl Playlist File
Stack-based buffer overflow in BS.Player (bsplayer) 2.32 Build 975 Free and 2.34 Build 980 PRO and earlier allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long hostname in a .bsl playlist file.
CVE-2009-1068 EXPLOITDB php WORKING POC
BS.Player <=2.34 Build 980 - Stack-based Buffer Overflow via Long Hostname in .bsl Playlist File
Stack-based buffer overflow in BS.Player (bsplayer) 2.32 Build 975 Free and 2.34 Build 980 PRO and earlier allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long hostname in a .bsl playlist file.
CVE-2009-1039 EXPLOITDB php WORKING POC
CDex 1.70b2 - Remote Code Execution via Crafted Ogg Vorbis Info Header
Buffer overflow in CDex 1.70b2 allows remote attackers to execute arbitrary code via a crafted Info header in an Ogg Vorbis (.ogg) file.
CVE-2009-4195 EXPLOITDB php WORKING POC
Adobe Illustrator <14.0.0 - Buffer Overflow
Buffer overflow in Adobe Illustrator CS4 14.0.0, CS3 13.0.3 and earlier, and CS3 13.0.0 allows remote attackers to execute arbitrary code via a long DSC comment in an Encapsulated PostScript (.eps) file. NOTE: some of these details are obtained from third party information.
CVE-2009-4195 EXPLOITDB ruby WORKING POC
Adobe Illustrator <14.0.0 - Buffer Overflow
Buffer overflow in Adobe Illustrator CS4 14.0.0, CS3 13.0.3 and earlier, and CS3 13.0.0 allows remote attackers to execute arbitrary code via a long DSC comment in an Encapsulated PostScript (.eps) file. NOTE: some of these details are obtained from third party information.
CVE-2009-4195 EXPLOITDB ruby WORKING POC
Adobe Illustrator <14.0.0 - Buffer Overflow
Buffer overflow in Adobe Illustrator CS4 14.0.0, CS3 13.0.3 and earlier, and CS3 13.0.0 allows remote attackers to execute arbitrary code via a long DSC comment in an Encapsulated PostScript (.eps) file. NOTE: some of these details are obtained from third party information.
CVE-2009-1915 EXPLOITDB php WORKING POC
ICQ 6.5 - Stack-based Buffer Overflow via Long URL Parameter in .URL File
Stack-based buffer overflow in the URL Search Hook (ICQToolBar.dll) in ICQ 6.5 allows remote attackers to cause a denial of service (persistent crash) and possibly execute arbitrary code via an Internet shortcut .URL file containing a long URL parameter, which triggers a crash when browsing a folder that contains this file.
CVE-2009-3693 EXPLOITDB html WORKING POC
Persits XUpload - Path Traversal via MakeHttpRequest Method
Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via \.. (backwards slash dot dot) sequences in the third argument to the MakeHttpRequest method.
CVE-2009-1960 EXPLOITDB text WORKING POC
DokuWiki 2009-02-14, rc2009-02-06, rc2009-01-30 - Remote Code Execution via config_cascade Parameter
inc/init.php in DokuWiki 2009-02-14, rc2009-02-06, and rc2009-01-30, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via the config_cascade[main][default][] parameter to doku.php. NOTE: PHP remote file inclusion is also possible in PHP 5 using ftp:// URLs.
CVE-2009-2261 EXPLOITDB ruby WORKING POC
PeaZIP <2.6.1-2.5.1 - Command Injection
PeaZIP 2.6.1, 2.5.1, and earlier on Windows allows user-assisted remote attackers to execute arbitrary commands via a .zip archive with a .txt file whose name contains | (pipe) characters and a command.