Umesh Wanve

22 exploits Active since Jan 2006
CVE-2007-1567 EXPLOITDB perl WORKING POC
War FTP Daemon < 1.65 - Stack-Based Buffer Overflow
Stack-based buffer overflow in War FTP Daemon 1.65, and possibly earlier, allows remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors, as demonstrated by warftp_165.tar by Immunity. NOTE: this might be the same issue as CVE-1999-0256, CVE-2000-0131, or CVE-2006-2171, but due to Immunity's lack of details, this cannot be certain.
CVE-2006-0476 EXPLOITDB perl WORKING POC
Nullsoft Winamp 5.12 - Buffer Overflow via Playlist File1 Field
Buffer overflow in Nullsoft Winamp 5.12 allows remote attackers to execute arbitrary code via a playlist (pls) file with a long file name (File1 field).
CVE-2007-2566 EXPLOITDB html WORKING POC
Taltech Tal Bar Code ActiveX Control - Denial of Service via SaveBarCode Function
The SaveBarCode function in the Taltech Tal Bar Code ActiveX control allows remote attackers to cause a denial of service (disk consumption) by uploading multiple bar codes, as demonstrated by a WSF package.
CVE-2007-1687 EXPLOITDB html WORKING POC
Internet Pictures Corporation iPIX Image Well ActiveX Control - Remote Code Execution via Buffer Overflow
Multiple buffer overflows in the Internet Pictures Corporation iPIX Image Well ActiveX control (iPIX-ImageWell-ipix.dll) allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2007-1645 EXPLOITDB perl WORKING POC
FutureSoft TFTP Server 2000 - Remote Code Execution via Long UDP Request
Buffer overflow in FutureSoft TFTP Server 2000 on Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via a long request on UDP port 69. NOTE: this issue might overlap CVE-2006-4781 or CVE-2005-1812.
EIP-2026-118543 EXPLOITDB ruby WORKING POC
FileCOPA FTP Server 1.01 - 'LIST' Remote Buffer Overflow (2)
CVE-2007-1683 EXPLOITDB html WORKING POC
IncrediMail IMMenuShellExt ActiveX Control - Stack-based Buffer Overflow in DoWebMenuAction
Stack-based buffer overflow in the DoWebMenuAction function in the IncrediMail IMMenuShellExt ActiveX control (ImShExt.dll) allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2006-6183 EXPLOITDB perl WORKING POC
3Com 3CTftpSvc < 2.0.1 - Stack-Based Buffer Overflow via Long Mode Field in GET or PUT Command
Multiple stack-based buffer overflows in 3Com 3CTftpSvc 2.0.1, and possibly earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a long mode field (aka transporting mode) in a (1) GET or (2) PUT command.
CVE-2007-0976 EXPLOITDB html WORKING POC
ActSoft DVD-Tools - Buffer Overflow
Buffer overflow in the ActSoft DVD-Tools ActiveX control (dvdtools.ocx) allows remote attackers to execute arbitrary code via a long DVD_TOOLS.OpenDVD property value.
CVE-2007-1041 EXPLOITDB perl WORKING POC
S&H Computer Systems News Rover 12.1 Rev 1 - Buffer Overflow
Multiple stack-based buffer overflows in S&H Computer Systems News Rover 12.1 Rev 1 allow remote attackers to execute arbitrary code via a .nzb file with a long (1) group or (2) subject string.
CVE-2007-1195 EXPLOITDB perl WORKING POC
XM Easy Personal FTP Server 5.3.0 - Buffer Overflow
Multiple buffer overflows in XM Easy Personal FTP Server 5.3.0 allow remote attackers to execute arbitrary code via unspecified vectors. NOTE: this issue might overlap CVE-2006-2225, CVE-2006-2226, or CVE-2006-5728.
CVE-2007-1402 EXPLOITDB html WORKING POC
Rediff Toolbar 2.0 - Denial of Service via ActiveX Control Manipulation
The Rediff Toolbar 2.0 ActiveX control in redifftoolbar.dll allows remote attackers to cause a denial of service via unspecified manipulations, possibly involving improper initialization or blank arguments.
CVE-2007-1690 EXPLOITDB html WORKING POC
Second Sight Software ActiveGS - Stack-Based Buffer Overflow
Multiple stack-based buffer overflows in Second Sight Software ActiveGS ActiveX control (ActiveGS.ocx) allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2007-1691 EXPLOITDB html WORKING POC
Second Sight Software ActiveMod - Stack-Based Buffer Overflow
Stack-based buffer overflow in Second Sight Software ActiveMod ActiveX control (ActiveMod.ocx) allows remote attackers to execute arbitrary code via unspecified vectors.
EIP-2026-116401 EXPLOITDB perl WORKING POC
TFTP Server 1.3 - Remote Buffer Overflow (Denial of Service) (PoC)
CVE-2007-0264 EXPLOITDB text STUB
WinZip 9.0 - Buffer Overflow via Long Command Line Argument
Buffer overflow in Winzip32.exe in WinZip 9.0 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long command line argument. NOTE: this issue may cross privilege boundaries if an application automatically invokes Winzip32.exe for untrusted input filenames, as in the case of a file upload application. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2007-1404 EXPLOITDB perl WORKING POC
ProSysInfo TFTP Server TFTPDWIN 0.4.2 - Denial of Service via Long UDP Packet
tftpd.exe in ProSysInfo TFTP Server TFTPDWIN 0.4.2 allows remote attackers to cause a denial of service via a long UDP packet that is not properly handled in a recv_from call. NOTE: this issue might be related to CVE-2006-4948.
CVE-2007-2678 EXPLOITDB html WORKING POC
Netsprint Toolbar 1.1 - Buffer Overflow in isChecked Function
Buffer overflow in the isChecked function in toolbar.dll in Netsprint Toolbar 1.1 might allow remote attackers to execute arbitrary code via unspecified vectors.
EIP-2026-104035 EXPLOITDB html WORKING POC
Oracle ORADC - ActiveX Control Remote Code Execution
EIP-2026-103724 EXPLOITDB text WRITEUP
WikiReader 1.12 - URL Field Local Buffer Overflow
CVE-2006-6752 EXPLOITDB text WORKING POC
FTPRush 1.0.0.610 - Buffer Overflow
Buffer overflow in FTPRush 1.0.0.610 might allow attackers to gain privileges via a long Host field. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. Also, it is not clear whether this issue crosses security boundaries.
EIP-2026-100865 EXPLOITDB text WRITEUP
Netwin SurgeFTP 2.3a1 - 'SurgeFTPMGR.cgi' Multiple Input Validation Vulnerabilities