hack4love

47 exploits Active since Dec 2006
CVE-2008-1914 EXPLOITDB python WORKING POC
BigAnt IM Server <2.2 - Buffer Overflow
Stack-based buffer overflow in the AntServer module (AntServer.exe) in BigAnt IM Server in BigAnt Messenger 2.2 allows remote attackers to execute arbitrary code via a long URI in a request to TCP port 6080. NOTE: some of these details are obtained from third party information.
CVE-2009-2362 EXPLOITDB perl WORKING POC
KUDRSOFT AudioPLUS 2.0.0.215 - Buffer Overflow
Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.0.0.215 allows remote attackers to execute arbitrary code via a long string in a (1) .lst or (2) .m3u playlist file.
CVE-2009-2362 EXPLOITDB perl WORKING POC
KUDRSOFT AudioPLUS 2.0.0.215 - Buffer Overflow
Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.0.0.215 allows remote attackers to execute arbitrary code via a long string in a (1) .lst or (2) .m3u playlist file.
CVE-2009-20003 EXPLOITDB HIGH ruby WORKING POC
Xenorate <2.50 - Buffer Overflow
Xenorate versions up to and including 2.50, a Windows-based multimedia player, is vulnerable to a stack-based buffer overflow when processing .xpl playlist files. The application fails to properly validate the length of input data, allowing an attacker to craft a malicious .xpl file that overwrites the Structured Exception Handler (SEH) and enables arbitrary code execution. Exploitation requires local interaction, typically by convincing a user to open the crafted file.
CVE-2009-20002 EXPLOITDB HIGH python WORKING POC
Millenium MP3 Studio <=2.0 - Buffer Overflow
Millenium MP3 Studio versions up to and including 2.0 is vulnerable to a stack-based buffer overflow when parsing .pls playlist files. The application fails to properly validate the length of the File1 field within the playlist, allowing an attacker to craft a malicious .pls file that overwrites the Structured Exception Handler (SEH) and executes arbitrary code. Exploitation requires the victim to open the file locally, though remote execution may be possible if the .pls extension is registered to the application and opened via a browser.
CVE-2009-2485 METASPLOIT ruby WORKING POC
HT-MP3Player 1.0 - Buffer Overflow
Stack-based buffer overflow in HT-MP3Player 1.0 allows remote attackers to execute arbitrary code via a long string in a .ht3 file.
CVE-2009-20003 METASPLOIT HIGH ruby WORKING POC
Xenorate <2.50 - Buffer Overflow
Xenorate versions up to and including 2.50, a Windows-based multimedia player, is vulnerable to a stack-based buffer overflow when processing .xpl playlist files. The application fails to properly validate the length of input data, allowing an attacker to craft a malicious .xpl file that overwrites the Structured Exception Handler (SEH) and enables arbitrary code execution. Exploitation requires local interaction, typically by convincing a user to open the crafted file.
EIP-2026-118179 EXPLOITDB perl WORKING POC
Xenorate Media Player 2.6.0.0 - '.xpl' Universal Local Buffer (SEH)
EIP-2026-118123 EXPLOITDB perl WORKING POC
WINMOD 1.4 - '.lst' Local Buffer Overflow (SEH)
CVE-2009-3254 EXPLOITDB perl WORKING POC
Ultimatevideosite Ultimate Player - Memory Corruption
Multiple stack-based buffer overflows in Ultimate Player 1.56 beta allow remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .upl playlist file.
CVE-2009-1643 EXPLOITDB python WORKING POC
Sorinara Soritong Mp3 Player - Memory Corruption
Stack-based buffer overflow in Sorinara Soritong MP3 Player 1.0 allows remote attackers to execute arbitrary code via a crafted .m3u file.
CVE-2009-4660 EXPLOITDB python WORKING POC
BigAnt IM Server 2.50 - Buffer Overflow
Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660.
CVE-2007-4734 EXPLOITDB perl WORKING POC
OTS Labs Otsturntables - Memory Corruption
Buffer overflow in Ots Labs OTSTurntables 1.00 allows user-assisted remote attackers to execute arbitrary code via a long file path in an m3u file.
CVE-2009-2934 EXPLOITDB perl WORKING POC
Programmedintegration Pipl - Memory Corruption
Multiple stack-based buffer overflows in xaudio.dll in Programmed Integration PIPL 2.5.0 and 2.5.0D allow remote attackers to execute arbitrary code via a long string in a (1) .pls or (2) .pl playlist file.
CVE-2009-3214 EXPLOITDB perl WORKING POC
Photodex Proshow Gold - Memory Corruption
Multiple stack-based buffer overflows in Photodex ProShow Gold 4.0.2549 allow remote attackers to execute arbitrary code via a crafted Slideshow project (.psh) file, related to the (1) cell[n].images[m].image and (2) cell[n].sound.file fields.
EIP-2026-117457 EXPLOITDB perl WORKING POC
Mediacoder 0.7.1.4490 - '.lst' / '.m3u' Universal Buffer Overflow (SEH)
EIP-2026-117449 EXPLOITDB perl WORKING POC
Media Jukebox 8 - '.m3u' Universal Local Buffer (SEH)
CVE-2009-3670 EXPLOITDB python WORKING POC
Ksplayer Ksp Sound Player - Memory Corruption
Stack-based buffer overflow in KSP Sound Player 2009 R2 and R2.1 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file.
CVE-2009-4964 EXPLOITDB perl WORKING POC
Ksplayer Ksp Sound Player - Memory Corruption
Stack-based buffer overflow in KSP 2006 FINAL allows remote attackers to execute arbitrary code via a long string in a .M3U playlist file.
EIP-2026-117597 EXPLOITDB perl WORKING POC
Millenium MP3 Studio 1.x - '.m3u' Local Stack Overflow
CVE-2009-2485 EXPLOITDB python WORKING POC
HT-MP3Player 1.0 - Buffer Overflow
Stack-based buffer overflow in HT-MP3Player 1.0 allows remote attackers to execute arbitrary code via a long string in a .ht3 file.
CVE-2009-1815 EXPLOITDB perl WORKING POC
Sonicspot Audioactive Player - Memory Corruption
Stack-based buffer overflow in Sonic Spot Audioactive Player 1.93b allows remote attackers to execute arbitrary code via a long string in a playlist file, as demonstrated by a long .mp3 URL in a .m3u file.
CVE-2009-1815 EXPLOITDB python WORKING POC
Sonicspot Audioactive Player - Memory Corruption
Stack-based buffer overflow in Sonic Spot Audioactive Player 1.93b allows remote attackers to execute arbitrary code via a long string in a playlist file, as demonstrated by a long .mp3 URL in a .m3u file.
CVE-2009-2363 EXPLOITDB perl WORKING POC
KUDRSOFT AudioPLUS 2.00.215 - Buffer Overflow
Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.00.215 allows remote attackers to execute arbitrary code via a .pls playlist file with a playlist entry containing a long File1 argument.
CVE-2009-2363 EXPLOITDB perl WORKING POC
KUDRSOFT AudioPLUS 2.00.215 - Buffer Overflow
Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.00.215 allows remote attackers to execute arbitrary code via a .pls playlist file with a playlist entry containing a long File1 argument.