xsploitedsec

8 exploits Active since Jan 2011
CVE-2011-0499 EXPLOITDB python WORKING POC
VideoSpirit Pro < 1.6.8.1 and VideoSpirit Lite < 1.4.0.1 - Buffer Overflow via Long Name Attribute in .visprj File
Buffer overflow in VideoSpirit Pro 1.6.8.1 and possibly earlier versions, and VideoSpirit Lite 1.4.0.1 and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a VideoSpirit project (.visprj) file containing a valitem element with a long "name" attribute. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2011-10022 EXPLOITDB HIGH ruby WORKING POC
SPlayer < 3.7 (Build 2055) - Stack-Based Buffer Overflow via HTTP Content-Type Header
SPlayer version 3.7 and earlier is vulnerable to a stack-based buffer overflow when processing HTTP responses containing an overly long Content-Type header. The vulnerability occurs due to improper bounds checking on the header value, allowing an attacker to overwrite the Structured Exception Handler (SEH) and execute arbitrary code. Exploitation requires the victim to open a media file that triggers an HTTP request to a malicious server, which responds with a crafted Content-Type header.
CVE-2011-10022 EXPLOITDB HIGH python WORKING POC
SPlayer < 3.7 (Build 2055) - Stack-Based Buffer Overflow via HTTP Content-Type Header
SPlayer version 3.7 and earlier is vulnerable to a stack-based buffer overflow when processing HTTP responses containing an overly long Content-Type header. The vulnerability occurs due to improper bounds checking on the header value, allowing an attacker to overwrite the Structured Exception Handler (SEH) and execute arbitrary code. Exploitation requires the victim to open a media file that triggers an HTTP request to a malicious server, which responds with a crafted Content-Type header.
CVE-2011-10022 METASPLOIT HIGH ruby WORKING POC
SPlayer < 3.7 (Build 2055) - Stack-Based Buffer Overflow via HTTP Content-Type Header
SPlayer version 3.7 and earlier is vulnerable to a stack-based buffer overflow when processing HTTP responses containing an overly long Content-Type header. The vulnerability occurs due to improper bounds checking on the header value, allowing an attacker to overwrite the Structured Exception Handler (SEH) and execute arbitrary code. Exploitation requires the victim to open a media file that triggers an HTTP request to a malicious server, which responds with a crafted Content-Type header.
EIP-2026-118053 EXPLOITDB python WORKING POC
Video Charge Studio 2.9.5.643 - '.vsc' Local Buffer Overflow (SEH)
CVE-2011-0500 EXPLOITDB python WORKING POC
VideoSpirit Lite and Pro <= 1.68 - Buffer Overflow via Project File valitem Attribute
Buffer overflow in VideoSpirit Pro 1.6.8.1, 1.68, and earlier; and VideoSpirit Lite 1.4.0.1 and possibly other versions; allows user-assisted remote attackers to execute arbitrary code via a VideoSpirit project (.visprj) file containing a valitem element with a long "value" attribute, as demonstrated using a valitem with the mp3 name.
EIP-2026-118007 EXPLOITDB python WORKING POC
The KMPlayer 3.0.0.1440 (Windows 7) - '.mp3' Local Buffer Overflow (ASLR Bypass)
EIP-2026-116742 EXPLOITDB python WORKING POC
Aesop GIF Creator 2.1 - '.aep' Local Buffer Overflow