corelanc0d3r

89 exploits Active since Oct 2008
CVE-2011-1567 METASPLOIT ruby WORKING POC
IGSSdataServer.exe <9.00.00.11063 - Buffer Overflow
Multiple stack-based buffer overflows in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted (1) ListAll, (2) Write File, (3) ReadFile, (4) Delete, (5) RenameFile, and (6) FileInfo commands in an 0xd opcode; (7) the Add, (8) ReadFile, (9) Write File, (10) Rename, (11) Delete, and (12) Add commands in an RMS report templates (0x7) opcode; and (13) 0x4 command in an STDREP request (0x8) opcode to TCP port 12401.
EIP-2026-119564 EXPLOITDB ruby WORKING POC
AASync 2.2.1.0 (Windows x86) - Remote Stack Buffer Overflow 'LIST' (Metasploit)
CVE-2011-1591 EXPLOITDB ruby WORKING POC
Wireshark <1.4.5 - Buffer Overflow
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.
EIP-2026-119320 EXPLOITDB perl WORKING POC
Xion Audio Player 1.0 121 - '.m3u' Remote Buffer Overflow (1)
EIP-2026-119562 EXPLOITDB ruby WORKING POC
32bit FTP Client - Remote Stack Buffer Overflow (Metasploit)
CVE-2011-3658 EXPLOITDB ruby WORKING POC
Mozilla Firefox <8.0, Thunderbird <8.0, SeaMonkey <2.5 - DoS
The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements.
CVE-2011-3659 EXPLOITDB ruby WORKING POC
Mozilla Firefox <4.10 - Use After Free
Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes.
EIP-2026-119075 EXPLOITDB ruby WORKING POC
Race River Integard Home/Pro - LoginAdmin Password Stack Buffer Overflow (Metasploit)
EIP-2026-119239 EXPLOITDB python WORKING POC
UPlusFTP Server 1.7.1.01 - (Authenticated) HTTP Remote Buffer Overflow
CVE-2013-3205 EXPLOITDB ruby WORKING POC
Microsoft Internet Explorer <9 - Code Injection
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
CVE-2013-3184 EXPLOITDB ruby WORKING POC
Microsoft Internet Explorer <10 - Code Injection
Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
EIP-2026-118596 EXPLOITDB ruby WORKING POC
FTPGetter Standard 3.55.0.05 - Remote Stack Buffer Overflow (PWD) (Metasploit)
EIP-2026-118672 EXPLOITDB ruby WORKING POC
Iconics GENESIS32 9.21.201.01 - Integer Overflow (Metasploit)
CVE-2011-1865 EXPLOITDB ruby WORKING POC
HP OpenView Storage Data Protector <6.20 - Buffer Overflow
Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters.
EIP-2026-118598 EXPLOITDB ruby WORKING POC
FTPShell 5.1 - Remote Stack Buffer Overflow (Metasploit)
EIP-2026-118499 EXPLOITDB perl WORKING POC
eDisplay Personal FTP Server 1.0.0 - (Authenticated) Multiple Stack Buffer Overflows (1)
CVE-2008-4779 EXPLOITDB perl WORKING POC
Tguzip - Memory Corruption
Stack-based buffer overflow in TUGzip 3.5.0.0 allows remote attackers to denial of service (crash) or execute arbitrary code via a long filename in a .zip file.
CVE-2011-0500 EXPLOITDB ruby WORKING POC
Verytools Videospirit Lite < 1.68 - Memory Corruption
Buffer overflow in VideoSpirit Pro 1.6.8.1, 1.68, and earlier; and VideoSpirit Lite 1.4.0.1 and possibly other versions; allows user-assisted remote attackers to execute arbitrary code via a VideoSpirit project (.visprj) file containing a valitem element with a long "value" attribute, as demonstrated using a valitem with the mp3 name.
EIP-2026-118122 EXPLOITDB perl WORKING POC
WINMOD 1.4 - '.lst' File Local Stack Overflow XP SP3 (RET + SEH) (3)
CVE-2011-1591 EXPLOITDB ruby WORKING POC
Wireshark <1.4.5 - Buffer Overflow
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.
CVE-2010-1597 EXPLOITDB python WORKING POC
Zipgenius - Memory Corruption
Stack-based buffer overflow in zgtips.dll in ZipGenius 6.3.1.2552 allows user-assisted remote attackers to execute arbitrary code via a ZIP file containing an entry with a long filename.
EIP-2026-118229 EXPLOITDB ruby WORKING POC
ActFax 5.01 - RAW Server Buffer Overflow (Metasploit)
CVE-2011-1567 EXPLOITDB ruby WORKING POC
IGSSdataServer.exe <9.00.00.11063 - Buffer Overflow
Multiple stack-based buffer overflows in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted (1) ListAll, (2) Write File, (3) ReadFile, (4) Delete, (5) RenameFile, and (6) FileInfo commands in an 0xd opcode; (7) the Add, (8) ReadFile, (9) Write File, (10) Rename, (11) Delete, and (12) Add commands in an RMS report templates (0x7) opcode; and (13) 0x4 command in an STDREP request (0x8) opcode to TCP port 12401.
EIP-2026-118204 EXPLOITDB perl WORKING POC
ZipScan 2.2c - Local Overflow (SEH)
CVE-2010-1458 EXPLOITDB python WORKING POC
TweakFS Zip Utility <1.0 - RCE
Stack-based buffer overflow in Create and Extract Zips TweakFS Zip Utility 1.0 for Flight Simulator X (FSX) allows remote attackers to execute arbitrary code via a long filename in a ZIP archive.