Rodrigo Rubira Branco

7 exploits Active since May 2010
CVE-2011-0104 EXPLOITDB text WRITEUP
Microsoft Excel <2004 - Memory Corruption
Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HLink record in an Excel file, aka "Excel Buffer Overwrite Vulnerability."
CVE-2010-4275 EXPLOITDB text WORKING POC
Radius Manager 3.8.0 - Authenticated Cross-Site Scripting via Name or Descr Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Radius Manager 3.8.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) name or (2) descr parameter in an (a) update_usergroup or a (b) store_nas action to admin.php.
CVE-2010-4275 EXPLOITDB text WRITEUP
Radius Manager 3.8.0 - Authenticated Cross-Site Scripting via Name or Descr Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Radius Manager 3.8.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) name or (2) descr parameter in an (a) update_usergroup or a (b) store_nas action to admin.php.
CVE-2010-1840 EXPLOITDB text WORKING POC
Apple Mac OS X 10.5.8 and 10.6.x < 10.6.5 - Remote Code Execution via Directory Services Password Validation
Stack-based buffer overflow in the password-validation functionality in Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
CVE-2010-4435 EXPLOITDB c WORKING POC
Sunos - Buffer Overflow
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CDE Calendar Manager Service Daemon and RPC. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from other software vendors that this affects other operating systems, such as HP-UX, or claims from a reliable third party that this is a buffer overflow in rpc.cmsd via long XDR-encoded ASCII strings in RPC call 10.
CVE-2010-1869 EXPLOITDB perl WORKING POC
GPL GhostScript 8.64 and 8.70 - Stack-Based Buffer Overflow in PostScript Parser
Stack-based buffer overflow in the parser function in GhostScript 8.70 and 8.64 allows context-dependent attackers to execute arbitrary code via a crafted PostScript file.
CVE-2010-1039 EXPLOITDB c WORKING POC
NFS/ONCplus < b.11.31_09 - Remote Code Execution via Format String in RPC Request
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.