natron

8 exploits Active since Dec 2008
CVE-2009-0658 METASPLOIT HIGH ruby WORKING POC
Adobe Reader <9.0 - Buffer Overflow
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.
CVSS 7.8
CVE-2010-1885 METASPLOIT ruby WORKING POC
Microsoft Windows 2003 Server - OS Command Injection
The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist (fromHCP option) and execute arbitrary commands via a crafted hcp:// URL, aka "Help Center URL Validation Vulnerability."
CVE-2009-0658 METASPLOIT HIGH ruby WORKING POC
Adobe Reader <9.0 - Buffer Overflow
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.
CVSS 7.8
EIP-2026-118806 EXPLOITDB ruby WORKING POC
Microsoft Internet Explorer - Unsafe Scripting Misconfiguration (Metasploit)
CVE-2010-1885 EXPLOITDB ruby WORKING POC
Microsoft Windows 2003 Server - OS Command Injection
The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist (fromHCP option) and execute arbitrary commands via a crafted hcp:// URL, aka "Help Center URL Validation Vulnerability."
CVE-2009-0658 EXPLOITDB HIGH ruby WORKING POC
Adobe Reader <9.0 - Buffer Overflow
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.
CVSS 7.8
CVE-2009-0658 EXPLOITDB HIGH ruby WORKING POC
Adobe Reader <9.0 - Buffer Overflow
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.
CVSS 7.8
CVE-2008-5353 EXPLOITDB ruby WORKING POC
Sun Java Calendar Deserialization Privilege Escalation
The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not properly enforce context of ZoneInfo objects during deserialization, which allows remote attackers to run untrusted applets and applications in a privileged context, as demonstrated by "deserializing Calendar objects".