prdelka

35 exploits Active since Jan 2003
CVE-2006-3890 EXPLOITDB c WORKING POC
SKY Software Fileview Activex Control < 10.0 - Buffer Overflow
Stack-based buffer overflow in the Sky Software FileView ActiveX control, as used in WinZip 10 before build 7245 and in certain other applications, allows remote attackers to execute arbitrary code via a long FilePattern attribute in a WZFILEVIEW object, a different vulnerability than CVE-2006-5198.
CVE-2006-5596 EXPLOITDB c WORKING POC
AEP Networks Smartgate SSL Server - Path Traversal
Directory traversal vulnerability in the SSL server in AEP Smartgate 4.3b allows remote attackers to download arbitrary files via ..\ (dot dot backslash) sequences in an HTTP GET request.
CVE-2006-6884 EXPLOITDB c WORKING POC
WinZip 10.0 Build 6667 - Buffer Overflow
Buffer overflow in the WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka Sky Software "FileView" ActiveX control) for WinZip 10.0 Build 6667 allows remote attackers to execute arbitrary code via a long argument to the CreateNewFolderFromName method, a different vulnerability than CVE-2006-5198.
CVE-2006-3890 EXPLOITDB html WORKING POC
SKY Software Fileview Activex Control < 10.0 - Buffer Overflow
Stack-based buffer overflow in the Sky Software FileView ActiveX control, as used in WinZip 10 before build 7245 and in certain other applications, allows remote attackers to execute arbitrary code via a long FilePattern attribute in a WZFILEVIEW object, a different vulnerability than CVE-2006-5198.
CVE-2007-1675 EXPLOITDB python WORKING POC
IBM Lotus Domino - Buffer Overflow
Buffer overflow in the CRAM-MD5 authentication mechanism in the IMAP server (nimap.exe) in IBM Lotus Domino before 6.5.6 and 7.x before 7.0.2 FP1 allows remote attackers to cause a denial of service via a long username.
EIP-2026-118886 EXPLOITDB text WORKING POC
Microsoft Windows RSH daemon 1.8 - Remote Buffer Overflow
CVE-2008-0394 EXPLOITDB text WORKING POC
Citadel SMTP < 7.10 - Memory Corruption
Buffer overflow in Citadel SMTP server 7.10 and earlier allows remote attackers to execute arbitrary code via a long RCPT TO command, which is not properly handled by the makeuserkey function. NOTE: some of these details were obtained from third party information.
CVE-2006-5725 EXPLOITDB c WORKING POC
AEP Networks Smartgate SSL Server - Information Disclosure
The SSL server in AEP Smartgate 4.3b allows remote attackers to determine existence of directories via a direct request for a directory URI, which returns different HTTP status codes for existing and non-existing directories.
CVE-2006-6884 EXPLOITDB html WORKING POC
WinZip 10.0 Build 6667 - Buffer Overflow
Buffer overflow in the WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka Sky Software "FileView" ActiveX control) for WinZip 10.0 Build 6667 allows remote attackers to execute arbitrary code via a long argument to the CreateNewFolderFromName method, a different vulnerability than CVE-2006-5198.
CVE-2011-2013 EXPLOITDB CRITICAL c WORKING POC
Microsoft Windows - Buffer Overflow
Integer overflow in the TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code by sending a sequence of crafted UDP packets to a closed port, aka "Reference Counter Overflow Vulnerability."
CVSS 9.8
CVE-2005-2934 EXPLOITDB c WORKING POC
SCO UnixWare <7.1.4 - Privilege Escalation
Unspecified vulnerability in ptrace in SCO UnixWare 7.1.3 and 7.1.4 allows local users to gain privileges via unspecified vectors.
CVE-2006-3824 EXPLOITDB c WORKING POC
Sun Solaris - Info Disclosure
systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo system call, which causes a -1 argument to be used by the copyout function. NOTE: this issue has been referred to as an integer overflow, but it is probably more like a signedness error or integer underflow.
CVE-2010-3503 EXPLOITDB text WORKING POC
Oracle Solaris 10/OpenSolaris - Info Disclosure
Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect confidentiality and integrity via unknown vectors related to su.
CVE-2006-0072 EXPLOITDB c WORKING POC
termsh <5.0.7 - Buffer Overflow
Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector.
EIP-2026-104558 EXPLOITDB c WORKING POC
Apple Mac OSX 10.5.6/10.5.7 - ptrace mutex Denial of Service
EIP-2026-104559 EXPLOITDB c WORKING POC
Apple Mac OSX 10.5.x - 'ptrace' Mutex Handling Local Denial of Service
EIP-2026-104425 EXPLOITDB text WRITEUP
SedSystems D3 Decimator - Multiple Vulnerabilities
CVE-2014-0346 EXPLOITDB c WORKING POC
Rejected
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-0160. Reason: This candidate is a reservation duplicate of CVE-2014-0160. Notes: All CVE users should reference CVE-2014-0160 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
CVE-2009-3692 EXPLOITDB bash WORKING POC
VirtualBox <3.0.8 - Privilege Escalation
Unspecified vulnerability in the VBoxNetAdpCtl configuration tool in Sun VirtualBox 3.0.x before 3.0.8 on Solaris x86, Linux, and Mac OS X allows local users to gain privileges via unknown vectors.
EIP-2026-103190 EXPLOITDB c WORKING POC
PeerCast 0.1216 - 'nextCGIarg' Remote Buffer Overflow (1)
EIP-2026-102905 EXPLOITDB c WORKING POC
Linux Kernel 2.6.29 - 'ptrace_attach()' Race Condition Privilege Escalation
EIP-2026-102895 EXPLOITDB c WORKING POC
Linux Kernel (PonyOS 3.0) - VFS Permissions Local Privilege Escalation
EIP-2026-102894 EXPLOITDB c WORKING POC
Linux Kernel (PonyOS 3.0) - TTY 'ioctl()' Local Privilege Escalation
EIP-2026-102977 EXPLOITDB text WORKING POC
RedStar 2.0 Desktop - 'World-writeable rc.sysinit' Local Privilege Escalation
CVE-2007-0368 EXPLOITDB c WORKING POC
Michiel Broek Mbse-bbs - Buffer Overflow
Stack-based buffer overflow in mbse-bbs 0.70 and earlier allows local users to execute arbitrary code via a long string in the MBSE_ROOT environment variable.