Sean de Regge

5 exploits Active since Oct 2010
CVE-2011-2950 METASPLOIT ruby WORKING POC
RealPlayer 11.0-11.1 and 14.0.0-14.0.5 and RealPlayer SP 1.0-1.1.5 - Remote Code Execution via Crafted QCP File
Heap-based buffer overflow in qcpfformat.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted QCP file.
CVE-2012-2174 METASPLOIT ruby WORKING POC
IBM Lotus Notes 8.x - Remote Code Execution via Crafted notes:// URL
The URL handler in IBM Lotus Notes 8.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a crafted notes:// URL.
CVE-2010-3749 EXPLOITDB html WORKING POC
RealPlayer 11.0-11.1 and RealPlayer SP 1.0-1.1 - Remote Code Execution via RecordClip Method Parameter Injection
The browser-plugin implementation in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1 allows remote attackers to arguments to the RecordClip method, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a " (double quote) in an argument to the RecordClip method, aka "parameter injection."
CVE-2011-2950 EXPLOITDB ruby WORKING POC
RealPlayer 11.0-11.1 and 14.0.0-14.0.5 and RealPlayer SP 1.0-1.1.5 - Remote Code Execution via Crafted QCP File
Heap-based buffer overflow in qcpfformat.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted QCP file.
CVE-2012-2174 EXPLOITDB ruby WORKING POC
IBM Lotus Notes 8.x - Remote Code Execution via Crafted notes:// URL
The URL handler in IBM Lotus Notes 8.x before 8.5.3 FP2 allows remote attackers to execute arbitrary code via a crafted notes:// URL.