Vitaliy Toropov

6 exploits Active since Mar 2012
CVE-2012-0016 EXPLOITDB ruby WORKING POC
Microsoft Expression Design - Privilege Escalation
Untrusted search path vulnerability in Microsoft Expression Design; Expression Design SP1; and Expression Design 2, 3, and 4 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .xpr or .DESIGN file, aka "Expression Design Insecure Library Loading Vulnerability."
CVE-2013-3896 EXPLOITDB MEDIUM ruby WORKING POC
Microsoft Silverlight <5.1.20913.0 - Info Disclosure
Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application, aka "Silverlight Vulnerability."
CVSS 5.5
CVE-2013-0074 METASPLOIT HIGH ruby WORKING POC
Microsoft Silverlight <5.1.20125.0 - RCE
Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Double Dereference Vulnerability."
CVSS 7.8
CVE-2013-0074 EXPLOITDB HIGH ruby WORKING POC
Microsoft Silverlight <5.1.20125.0 - RCE
Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Double Dereference Vulnerability."
CVSS 7.8
CVE-2013-0074 EXPLOITDB HIGH ruby WORKING POC
Microsoft Silverlight <5.1.20125.0 - RCE
Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Double Dereference Vulnerability."
CVSS 7.8
CVE-2012-3748 EXPLOITDB text WRITEUP
Apple Safari < 6.0.1 - Race Condition
Race condition in WebKit in Apple iOS before 6.0.1 and Safari before 6.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving JavaScript arrays.