Trancek

14 exploits Active since Feb 2005
CVE-2007-4370 METASPLOIT ruby WORKING POC
Racer 0.5.3 beta 5 - Buffer Overflow
Multiple buffer overflows in the (1) client and (2) server in Racer 0.5.3 beta 5 allow remote attackers to execute arbitrary code via a long string to UDP port 26000.
CVE-2007-3435 METASPLOIT ruby WORKING POC
RKD Software BarCodeAx.dll 4.9 - Stack-Based Buffer Overflow via BeginPrint Method
Stack-based buffer overflow in the BeginPrint method in a certain ActiveX control in RKD Software (barcodetools.com) BarCodeAx.dll 4.9 allows remote attackers to execute arbitrary code via a long argument.
CVE-2008-5405 METASPLOIT ruby WORKING POC
Cain & Abel <4.9.24 - Buffer Overflow
Stack-based buffer overflow in the RDP protocol password decoder in Cain & Abel 4.9.23 and 4.9.24, and possibly earlier, allows remote attackers to execute arbitrary code via an RDP file containing a long string.
CVE-2009-3429 METASPLOIT ruby WORKING POC
Pirate Radio Destiny Media Player 1.61 - Stack-Based Buffer Overflow via .pls Playlist File
Stack-based buffer overflow in Pirate Radio Destiny Media Player 1.61 allows remote attackers to execute arbitrary code via a long string in a .pls playlist file.
CVE-2004-0964 METASPLOIT ruby WORKING POC
Zinf <2.2.1 - Remote Code Execution
Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file.
CVE-2007-4370 EXPLOITDB ruby WORKING POC
Racer 0.5.3 beta 5 - Buffer Overflow
Multiple buffer overflows in the (1) client and (2) server in Racer 0.5.3 beta 5 allow remote attackers to execute arbitrary code via a long string to UDP port 26000.
CVE-2007-3435 EXPLOITDB ruby WORKING POC
RKD Software BarCodeAx.dll 4.9 - Stack-Based Buffer Overflow via BeginPrint Method
Stack-based buffer overflow in the BeginPrint method in a certain ActiveX control in RKD Software (barcodetools.com) BarCodeAx.dll 4.9 allows remote attackers to execute arbitrary code via a long argument.
CVE-2004-0964 EXPLOITDB ruby WORKING POC
Zinf <2.2.1 - Remote Code Execution
Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file.
CVE-2009-3429 EXPLOITDB ruby WORKING POC
Pirate Radio Destiny Media Player 1.61 - Stack-Based Buffer Overflow via .pls Playlist File
Stack-based buffer overflow in Pirate Radio Destiny Media Player 1.61 allows remote attackers to execute arbitrary code via a long string in a .pls playlist file.
CVE-2006-6288 EXPLOITDB perl WORKING POC
Niek Albers CoolPlayer <216 - Buffer Overflow
Multiple buffer overflows in Niek Albers CoolPlayer 216 and earlier allow remote attackers to execute arbitrary code via (1) a playlist file with long song names, because of an overflow in the CPL_AddPrefixedFile function in CPI_Playlist.c; (2) a skin file with long button names, because of an overflow in the main_skin_check_ini_value function in skin.c; and (3) a skin file with long bitmap filenames, because of an overflow in the main_skin_open function in skin.c.
CVE-2008-0748 EXPLOITDB html WORKING POC
Sony AxRUploadServer ActiveX Control 1.0.0.38 - Buffer Overflow via SetLogging Method
Buffer overflow in the Sony AxRUploadServer.AxRUploadControl.1 ActiveX control in AxRUploadServer.dll 1.0.0.38 in SonyISUpload.cab 1.0.0.38 for Sony ImageStation allows remote attackers to execute arbitrary code via a long argument to the SetLogging method. NOTE: some of these details are obtained from third party information.
CVE-2008-0648 EXPLOITDB text WORKING POC
OpenSiteAdmin < 0.9.1.1 - Remote Code Execution via Path Parameter in Multiple Scripts
Multiple PHP remote file inclusion vulnerabilities in OpenSiteAdmin 0.9.1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) indexFooter.php; and (2) DatabaseManager.php, (3) FieldManager.php, (4) Filter.php, (5) Form.php, (6) FormManager.php, (7) LoginManager.php, and (8) Filters/SingleFilter.php in scripts/classes/.
CVE-2008-0602 EXPLOITDB text WORKING POC
All Club CMS < 0.0.1f - Path Traversal and Arbitrary File Execution via class_name Parameter
Directory traversal vulnerability in index.php in All Club CMS (ACCMS) 0.0.1f and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the class_name parameter.
CVE-2008-5405 EXPLOITDB ruby WORKING POC
Cain & Abel <4.9.24 - Buffer Overflow
Stack-based buffer overflow in the RDP protocol password decoder in Cain & Abel 4.9.23 and 4.9.24, and possibly earlier, allows remote attackers to execute arbitrary code via an RDP file containing a long string.