infamous42md

13 exploits Active since Oct 2002
CVE-2004-1636 EXPLOITDB c WORKING POC
WvTftp 0.9 - Remote Code Execution via Long TFTP Option String
Heap-based buffer overflow in the WvTFTPServer::new_connection function in wvtftpserver.cc for WvTftp 0.9 allows remote attackers to execute arbitrary code via a long option string in a TFTP packet.
CVE-2004-0691 EXPLOITDB c WORKING POC
QT <3.3.3 - Buffer Overflow
Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code.
CVE-2005-0892 EXPLOITDB c WORKING POC
smail 3.2.0.120 - Buffer Overflow via SMTP MAIL FROM Command
Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code via a long string in the MAIL FROM command and possibly other SMTP commands.
CVE-2005-0892 EXPLOITDB c WORKING POC
smail 3.2.0.120 - Buffer Overflow via SMTP MAIL FROM Command
Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code via a long string in the MAIL FROM command and possibly other SMTP commands.
CVE-2004-1717 EXPLOITDB c WORKING POC
gv - Buffer Overflow via Long Postscript File Values
Multiple buffer overflows in the psscan function in ps.c for gv (ghostview) allow remote attackers to execute arbitrary code via a Postscript file with a long (1) BoundingBox, (2) comment, (3) Orientation, (4) PageOrder, or (5) Pages value.
CVE-2004-1717 EXPLOITDB c WORKING POC
gv - Buffer Overflow via Long Postscript File Values
Multiple buffer overflows in the psscan function in ps.c for gv (ghostview) allow remote attackers to execute arbitrary code via a Postscript file with a long (1) BoundingBox, (2) comment, (3) Orientation, (4) PageOrder, or (5) Pages value.
CVE-2004-0597 EXPLOITDB c WORKING POC
libpng < 1.2.5 - Remote Code Execution via Malformed PNG Image
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
CVE-2004-0989 EXPLOITDB c WORKING POC
libXML 2.6.12-2.6.13 - Buffer Overflow
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy function, and other overflows related to manipulation of DNS length values, including (3) xmlNanoFTPConnect, (4) xmlNanoHTTPConnectHost, and (5) xmlNanoHTTPConnectHost.
CVE-2004-2523 EXPLOITDB c WORKING POC
OpenFTPD < 0.30.2 - Authenticated Remote Code Execution via Format String in Message Argument
Format string vulnerability in the msg command (cat_message function in msg.c) in OpenFTPD 0.30.2 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in the message argument.
CVE-2004-1437 EXPLOITDB c WORKING POC
pavuk - Remote Code Execution via Digest Authentication Buffer Overflow
Multiple buffer overflows in the digest authentication functionality in Pavuk 0.9.28-r2 and earlier allow remote attackers to execute arbitrary code.
CVE-2004-0110 EXPLOITDB c WORKING POC
SGI Propack - Buffer Overflow
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
EIP-2026-103049 EXPLOITDB c WORKING POC
XV 3.x - '.BMP' Parsing Local Buffer Overflow
CVE-2002-0838 EXPLOITDB c WORKING POC
gv 3.5.8 - Buffer Overflow via Malformed PDF or PostScript File
Buffer overflow in (1) gv 3.5.8 and earlier, (2) gvv 1.0.2 and earlier, (3) ggv 1.99.90 and earlier, (4) gnome-gv, and (5) kghostview in kdegraphics 2.2.2 and earlier, allows attackers to execute arbitrary code via a malformed (a) PDF or (b) PostScript file, which is processed by an unsafe call to sscanf.