Will Dormann

7 exploits Active since Jun 2006
CVE-2014-1943 WRITEUP WRITEUP
Fine Free file < 5.17 - Denial of Service via Crafted Indirect Offset in File Magic
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.
CVE-2022-50238 WRITEUP HIGH WORKING POC
Windows < Server 2025 - Incomplete Driver Blocklist Synchronization
The on-endpoint Microsoft vulnerable driver blocklist is not fully synchronized with the online Microsoft recommended driver block rules. Some entries present on the online list have been excluded from the on-endpoint blocklist longer than the expected periodic monthly Windows updates. It is possible to fully synchronize the driver blocklist using WDAC policies. NOTE: The vendor explains that Windows Update provides a smaller, compatibility-focused driver blocklist for general users, while the full XML list is available for advanced users and organizations to customize at the risk of usability issues.
CVSS 7.4
CVE-2007-5815 EXPLOITDB text WORKING POC
SonicWall SSL-VPN <2.1-2.5 - Path Traversal
Absolute path traversal vulnerability in the WebCacheCleaner ActiveX control 1.3.0.3 in SonicWall SSL-VPN 200 before 2.1, and SSL-VPN 2000/4000 before 2.5, allows remote attackers to delete arbitrary files via a full pathname in the argument to the FileDelete method.
CVE-2006-2383 EXPLOITDB text WORKING POC
Microsoft Internet Explorer <6 - RCE
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX control, which causes Internet Explorer to crash in a way that enables the code execution.
EIP-2026-118496 EXPLOITDB html WORKING POC
EasyMail Objects 'EMSMTP.DLL 6.0.1' - ActiveX Control Remote Buffer Overflow
CVE-2007-2983 EXPLOITDB html WORKING POC
BT Consumer WebHelper < 2.0.0.7 - Remote Code Execution via Buffer Overflow in btwebcontrol.dll
Multiple buffer overflows in the British Telecommunications Consumer webhelper ActiveX control before 2.0.0.8 in btwebcontrol.dll allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2009-4637 EXPLOITDB text WRITEUP
FFmpeg 0.5 - Stack-based Buffer Overflow
FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a stack-based buffer overflow.