Shane Hird

11 exploits Active since Sep 1999
CVE-1999-1575 EXPLOITDB WORKING POC
Kodak/Wang Image Edit - RCE
The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.
CVE-1999-1575 EXPLOITDB WORKING POC
Kodak/Wang Image Edit - RCE
The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.
CVE-1999-0669 EXPLOITDB text WORKING POC
Eyedog ActiveX - RCE
The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy.
CVE-1999-1575 EXPLOITDB text WORKING POC
Kodak/Wang Image Edit - RCE
The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.
CVE-1999-1577 EXPLOITDB text WORKING POC
Microsoft Internet Explorer - Buffer Overflow
Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method.
EIP-2026-118852 EXPLOITDB text WORKING POC
Microsoft Log Sink Class - ActiveX Control Arbitrary File Creation
CVE-2002-0974 EXPLOITDB text WORKING POC
Help and Support Center for Windows XP - Path Traversal
Help and Support Center for Windows XP allows remote attackers to delete arbitrary files via a link to the hcp: protocol that accesses uplddrvinfo.htm.
CVE-1999-1576 EXPLOITDB text WORKING POC
Adobe Acrobat Reader - Buffer Overflow
Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx, PDF.PdfCtrl.1) 1.3.188 for Acrobat Reader 4.0 allows remote attackers to execute arbitrary code via the pdf.setview method.
CVE-1999-1484 EXPLOITDB text WORKING POC
Microsoft Msn Setup Bulletin Board Services - Buffer Overflow
Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.ocx) allows a remote attacker to execute arbitrary commands via the methods (1) vAddNewsServer or (2) bIsNewsServerConfigured.
CVE-1999-1578 EXPLOITDB text WORKING POC
Microsoft Internet Explorer - Buffer Overflow
Buffer overflow in Registration Wizard ActiveX control (regwizc.dll, InvokeRegWizard) 3.0.0.0 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands.
CVE-2001-0095 EXPLOITDB perl WORKING POC
Solaris 2.7-2.8 - Local Privilege Escalation
catman in Solaris 2.7 and 2.8 allows local users to overwrite arbitrary files via a symlink attack on the sman_PID temporary file.