Parvez Anwar

27 exploits Active since Jan 2007
CVE-2017-15920 EXPLOITDB HIGH c WORKING POC
Watchdog Anti-Malware and Online Security Pro 2.74.186.150 - NULL Pointer Dereference via ioctl 0x80002054
In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002054. This is due to the input buffer being NULL or the input buffer size being 0 as they are not validated.
CVSS 7.5
CVE-2013-0726 METASPLOIT ruby WORKING POC
ERDAS ER Viewer <13.00.0001 - Buffer Overflow
Stack-based buffer overflow in the ERM_convert_to_correct_webpath function in ermapper_u.dll in ERDAS ER Viewer before 13.00.0001 allows remote attackers to execute arbitrary code via a crafted pathname in an ERS file.
CVE-2012-0897 METASPLOIT ruby WORKING POC
IrfanView < 4.33 - Remote Code Execution via JPEG2000 QCD Marker Segment
Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.
CVE-2011-2595 METASPLOIT ruby WORKING POC
ACDSee FotoSlate 4.0 Build 146 - Stack-Based Buffer Overflow via PLP File Tag
Multiple stack-based buffer overflows in ACDSee FotoSlate 4.0 Build 146 allow remote attackers to execute arbitrary code via a long id parameter in a (1) String or (2) Int tag in a FotoSlate Project (aka PLP) file.
CVE-2017-14961 EXPLOITDB HIGH c WORKING POC
IKARUS anti.virus 2.16.7 - Arbitrary Write via ntguard.sys IOCtl 0x8300000c
In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300000c.
CVSS 7.8
CVE-2017-16237 EXPLOITDB HIGH c WORKING POC
Vir.IT eXplorer Anti-Virus <8.5.42 - Buffer Overflow
In Vir.IT eXplorer Anti-Virus before 8.5.42, the driver file (VIAGLT64.SYS) contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8273007C.
CVSS 7.8
CVE-2017-6178 EXPLOITDB HIGH c WORKING POC
USBPcap 1.1.0.0 - Privilege Escalation via IOCTL Call
The IofCallDriver function in USBPcap 1.1.0.0 allows local users to gain privileges via a crafted 0x00090028 IOCTL call, which triggers a NULL pointer dereference.
CVSS 7.8
CVE-2014-9641 EXPLOITDB c WORKING POC
Trend Micro Antivirus <2.0.0.1015 - Privilege Escalation
The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222400 IOCTL call.
CVE-2018-5701 EXPLOITDB CRITICAL c WORKING POC
iolo System Shield 5.0.0.136 - Arbitrary Write via amp.sys IOCtl 0x00226003
In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003.
CVSS 9.8
CVE-2014-7286 EXPLOITDB c WORKING POC
Symantec Deployment Solution <6.9 - Buffer Overflow
Buffer overflow in AClient in Symantec Deployment Solution 6.9 and earlier on Windows XP and Server 2003 allows local users to gain privileges via unspecified vectors.
EIP-2026-117964 EXPLOITDB c WORKING POC
STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation (1)
CVE-2015-1515 EXPLOITDB c WORKING POC
SoftSphere DefenseWall Personal Firewall 3.24 - Privilege Escalation
The dwall.sys driver in SoftSphere DefenseWall Personal Firewall 3.24 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222000, 0x00222004, 0x00222008, 0x0022200c, or 0x00222010 IOCTL call.
CVE-2007-0016 EXPLOITDB ruby WORKING POC
MoviePlay 4.76 - Stack-Based Buffer Overflow via LST File Filename
Stack-based buffer overflow in MoviePlay 4.76 allows remote attackers to execute arbitrary code via a long filename in a LST file.
CVE-2015-1305 EXPLOITDB c WORKING POC
McAfee Data Loss Prevention Endpoint - Privilege Escalation
McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted (1) 0x00224014 or (2) 0x0022c018 IOCTL call.
EIP-2026-117519 EXPLOITDB ruby WORKING POC
Microsoft Windows - AlwaysInstallElevated MSI (Metasploit)
CVE-2017-5329 EXPLOITDB HIGH c WORKING POC
Palo Alto Networks Terminal Services Agent < 7.0.6 - Out-of-bounds Write
Palo Alto Networks Terminal Services Agent before 7.0.7 allows local users to gain privileges via vectors that trigger an out-of-bounds write operation.
CVSS 7.8
CVE-2014-9632 EXPLOITDB c WORKING POC
AVG Internet Security <2013.3495-2015.5315 - Privilege Escalation
The TDI driver (avgtdix.sys) in AVG Internet Security before 2013.3495 Hot Fix 18 and 2015.x before 2015.5315 and Protection before 2015.5315 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x830020f8 IOCTL call.
CVE-2014-9643 EXPLOITDB c WORKING POC
K7 Computing Ultimate Security - Memory Corruption
K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8 IOCTL call.
CVE-2012-0897 EXPLOITDB ruby WORKING POC
IrfanView < 4.33 - Remote Code Execution via JPEG2000 QCD Marker Segment
Stack-based buffer overflow in the JPEG2000 plugin in IrfanView PlugIns before 4.33 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.
CVE-2013-0726 EXPLOITDB ruby WORKING POC
ERDAS ER Viewer <13.00.0001 - Buffer Overflow
Stack-based buffer overflow in the ERM_convert_to_correct_webpath function in ermapper_u.dll in ERDAS ER Viewer before 13.00.0001 allows remote attackers to execute arbitrary code via a crafted pathname in an ERS file.
CVE-2018-5410 EXPLOITDB HIGH c WORKING POC
Dokan <1.2.0.1000 - Buffer Overflow
Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are vulnerable to a stack-based buffer overflow in the dokan1.sys driver. An attacker can create a device handle to the system driver and send arbitrary input that will trigger the vulnerability. This vulnerability was introduced in the 1.0.0.5000 version update.
CVSS 7.8
CVE-2014-9633 EXPLOITDB c WORKING POC
COMODO Backup <4.4.1.23 - Privilege Escalation
The bdisk.sys driver in COMODO Backup before 4.4.1.23 allows remote attackers to gain privileges via a crafted device handle, which triggers a NULL pointer dereference.
CVE-2014-9642 EXPLOITDB c WORKING POC
BullGuard Antivirus <15.0.288 - Privilege Escalation
bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x0022405c IOCTL call.
CVE-2008-5431 EXPLOITDB c WORKING POC
Teamtek Universal FTP Server 1.0.44 - DoS
Teamtek Universal FTP Server 1.0.44 allows remote attackers to cause a denial of service via (1) a certain CWD command, (2) a long LIST command, or (3) a certain PORT command.
CVE-2011-2595 EXPLOITDB ruby WORKING POC
ACDSee FotoSlate 4.0 Build 146 - Stack-Based Buffer Overflow via PLP File Tag
Multiple stack-based buffer overflows in ACDSee FotoSlate 4.0 Build 146 allow remote attackers to execute arbitrary code via a long id parameter in a (1) String or (2) Int tag in a FotoSlate Project (aka PLP) file.