jduck

346 exploits Active since Mar 1998
CVE-2009-4179 EXPLOITDB ruby WORKING POC
HP OpenView Network Node Manager <7.53 - Buffer Overflow
Stack-based buffer overflow in ovalarm.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Accept-Language header in an OVABverbose action.
CVE-2007-2280 EXPLOITDB ruby WORKING POC
HP OpenView Storage Data Protector 5.50 and 6.0 - Remote Code Execution via MSG_PROTOCOL Command
Stack-based buffer overflow in OmniInet.exe (aka the backup client service daemon) in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via an MSG_PROTOCOL command with long arguments, a different vulnerability than CVE-2009-3844.
CVE-2009-3844 EXPLOITDB ruby WORKING POC
HP OpenView Data Protector 5.50/6.0 - Remote Code Execution via MSG_PROTOCOL Packet
Stack-based buffer overflow in the OmniInet process in HP OpenView Data Protector Application Recovery Manager 5.50 and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted MSG_PROTOCOL packet.
CVE-2009-3837 EXPLOITDB ruby WORKING POC
Eureka Email 2.2q - Remote Code Execution via Long POP3 Error Message
Stack-based buffer overflow in Eureka Email 2.2q allows remote POP3 servers to execute arbitrary code via a long error message.
CVE-2008-5002 EXPLOITDB ruby WORKING POC
Chilkat Crypt ActiveX Control - Arbitrary File Write via WriteFile Method
Insecure method vulnerability in the ChilkatCrypt2.ChilkatCrypt2.1 ActiveX control (ChilkatCrypt2.dll 4.3.2.1) in Chilkat Crypt ActiveX Component allows remote attackers to create and overwrite arbitrary files via the WriteFile method. NOTE: this could be leveraged for code execution by creating executable files in Startup folders or by accessing files using hcp:// URLs. NOTE: some of these details are obtained from third party information.
CVE-2005-4267 EXPLOITDB ruby WORKING POC
Qualcomm WorldMail 3.0 - Remote Code Execution via Long IMAP Command
Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTHENTICATE, (6) FETCH, (7) SELECT, and (8) COPY commands.
EIP-2026-118488 EXPLOITDB ruby WORKING POC
EasyFTP Server 1.7.0.11 - list.html path Stack Buffer Overflow (Metasploit)
EIP-2026-118486 EXPLOITDB ruby WORKING POC
EasyFTP Server 1.7.0.11 - 'MKD' Stack Buffer Overflow (Metasploit)
EIP-2026-118484 EXPLOITDB ruby WORKING POC
EasyFTP Server 1.7.0.11 - 'LIST' Stack Buffer Overflow (Metasploit)
CVE-2007-2888 EXPLOITDB ruby WORKING POC
UltraISO <8.6.2.2011 - Buffer Overflow
Stack-based buffer overflow in UltraISO 8.6.2.2011 and earlier allows user-assisted remote attackers to execute arbitrary code via a long FILE string (filename) in a .cue file, a related issue to CVE-2007-2761. NOTE: some details are obtained from third party information.
EIP-2026-118318 EXPLOITDB ruby WORKING POC
BigAnt Server 2.52 - USV Buffer Overflow (Metasploit)
CVE-2009-1612 EXPLOITDB ruby WORKING POC
Baofeng Storm - Stack-based Buffer Overflow via OnBeforeVideoDownload Method
Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control in mps.dll 3.9.4.27 in Baofeng Storm allows remote attackers to execute arbitrary code via a long argument to the OnBeforeVideoDownload method, as exploited in the wild in April and May 2009. NOTE: some of these details are obtained from third party information. NOTE: it was later reported that 3.09.04.17 and earlier are also affected.
CVE-2009-4850 EXPLOITDB ruby WORKING POC
Awingsoft Awakening Winds3D Viewer Plugin 3.5.0.9 - Remote Code Execution via SceneURL Property
The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file.
CVE-2009-4588 EXPLOITDB ruby WORKING POC
WindsPlayerIE.View.1 - Buffer Overflow
Heap-based buffer overflow in the WindsPlayerIE.View.1 ActiveX control in WindsPly.ocx 3.5.0.0 Beta, 3.0.0.5, and earlier in AwingSoft Awakening Web3D Player and Winds3D Viewer allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long SceneUrl property value, a different vulnerability than CVE-2009-2386. NOTE: some of these details are obtained from third party information.
CVE-2010-1799 EXPLOITDB ruby WORKING POC
Apple QuickTime - Stack-based Buffer Overflow via Crafted Movie File
Stack-based buffer overflow in the error-logging functionality in Apple QuickTime before 7.6.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
CVE-2008-4193 EXPLOITDB ruby WORKING POC
Alt-N SecurityGateway 1.0.1 - Stack-Based Buffer Overflow via Long Username Parameter
Stack-based buffer overflow in SecurityGateway.dll in Alt-N Technologies SecurityGateway 1.0.1 allows remote attackers to execute arbitrary code via a long username parameter.
CVE-2010-1318 EXPLOITDB ruby WORKING POC
RealNetworks Helix Server < 13.1.1 - Remote Code Execution via Buffer Overflow
Stack-based buffer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Server and Helix Mobile Server 11.x through 13.x and other products, allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2010-2883 EXPLOITDB HIGH ruby WORKING POC
Adobe Reader/Acrobat <9.4-8.2.5 - Buffer Overflow
Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information.
CVSS 7.3
EIP-2026-118045 EXPLOITDB ruby WORKING POC
VariCAD 2010-2.05 EN - '.DWB' Local Stack Buffer Overflow (Metasploit)
CVE-2009-1260 EXPLOITDB ruby WORKING POC
UltraISO < 9.3.3 - Stack-Based Buffer Overflow via Crafted CCD or IMG File
Multiple stack-based buffer overflows in UltraISO 9.3.3.2685 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted (1) CCD or (2) IMG file.
CVE-2010-1423 EXPLOITDB ruby WORKING POC
Java NPAPI/Deployment Toolkit <6-19 - Command Injection
Argument injection vulnerability in the URI handler in (a) Java NPAPI plugin and (b) Java Deployment Toolkit in Java 6 Update 10, 19, and other versions, when running on Windows and possibly on Linux, allows remote attackers to execute arbitrary code via the (1) -J or (2) -XXaltjvm argument to javaws.exe, which is processed by the launch method. NOTE: some of these details are obtained from third party information.
CVE-2009-3129 EXPLOITDB HIGH ruby WORKING POC
Microsoft Excel 2002 SP3-2007 SP2 - Remote Code Execution via FEATHEADER Record
Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset, aka "Excel Featheader Record Memory Corruption Vulnerability."
CVSS 7.8
CVE-2009-3214 EXPLOITDB ruby WORKING POC
Photodex ProShow Gold 4.0.2549 - Stack-Based Buffer Overflow via Crafted Slideshow Project File
Multiple stack-based buffer overflows in Photodex ProShow Gold 4.0.2549 allow remote attackers to execute arbitrary code via a crafted Slideshow project (.psh) file, related to the (1) cell[n].images[m].image and (2) cell[n].sound.file fields.
CVE-2010-0688 EXPLOITDB ruby WORKING POC
Orbital Viewer 1.04 - Buffer Overflow
Stack-based buffer overflow in Orbital Viewer 1.04 allows user-assisted remote attackers to execute arbitrary code via a crafted (1) .orb or (2) .ov file.
EIP-2026-117599 EXPLOITDB ruby WORKING POC
Millenium MP3 Studio 2.0 - '.pls' Local Stack Buffer Overflow (Metasploit)