Exploitdb Exploits
3,149 exploits tracked across all sources.
Linux Kernel < 2.6.36.2 - Improper Privilege Management
The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNEL_DS get_fs value, which allows local users to bypass intended access_ok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a (1) BUG, (2) NULL pointer dereference, or (3) page fault, as demonstrated by vectors involving the clear_child_tid feature and the splice system call.
by Dan Rosenberg
GNU Glibc - Resource Management Error
Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service (resource exhaustion) via a regular expression containing adjacent repetition operators, as demonstrated by a {10,}{10,}{10,}{10,} sequence in the proftpd.gnu.c exploit for ProFTPD.
by Maksymilian Arciemowicz
Linux Kernel < 2.6.37 - Denial of Service
The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets.
by Key Night
Linux Kernel < 2.6.36 - Denial of Service
The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240.
by Roland McGrath
Linux Kernel < 2.6.37 - Denial of Service
fs/exec.c in the Linux kernel before 2.6.37 does not enable the OOM Killer to assess use of stack memory by arrays representing the (1) arguments and (2) environment, which allows local users to cause a denial of service (memory consumption) via a crafted exec system call, aka an "OOM dodging issue," a related issue to CVE-2010-3858.
by Roland McGrath
Linux Kernel < 2.6.36.4 - Resource Management Error
Memory leak in the inotify_init1 function in fs/notify/inotify/inotify_user.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory consumption) via vectors involving failed attempts to create files.
by Vegard Nossum
Native Instruments (Multiple Products) - DLL Loading Arbitrary Code Execution
by Gjoko Krstic
Linux Kernel < 2.6.36.2 - Information Disclosure
The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter.
by Dan Rosenberg
Silo 2.1.1 - 'wintab32.dll' DLL Loading Arbitrary Code Execution
by Gjoko Krstic
Avast! Internet Security - aswtdi.sys Local Denial of Service (PoC)
by Nikita Tarakanov
AVG Internet Security 9.0.851 - Local Denial of Service
by Nikita Tarakanov
Trend Micro Titanium Maximum Security 2011 - Local Kernel
by Nikita Tarakanov
Platinum SDK Library - POST UPnP 'sscanf' Buffer Overflow (PoC)
by n00b
Linux Kernel <2.6.36 - Privilege Escalation
drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device.
by Kees Cook
Microsoft Windows Vista - 'lpksetup.exe oci.dll' DLL Loading Arbitrary Code Execution
by Tyler Borland
PowerDVD 5.0.1107 - 'trigger.dll' DLL Loading Arbitrary Code Execution
by Inj3cti0n P4ck3t
Phoenix Project Manager 2.1.0.8 - DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
Cool iPhone Ringtone Maker 2.2.3 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
Reliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.
by Dan Rosenberg
CVSS 7.8
STDU Explorer 1.0.201 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
1CLICK DVD Converter 2.1.7.1 - Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
by anT!-Tr0J4n
Torrent DVD Creator - 'quserex.dll' DLL Loading Arbitrary Code Execution
by anT!-Tr0J4n
By Source