Exploitdb Exploits
3,138 exploits tracked across all sources.
SAP DB - Remote Code Execution via Stack-Based Buffer Overflow in waHTTP.exe
Multiple stack-based buffer overflows in waHTTP.exe (aka the SAP DB Web Server) in SAP DB, possibly 7.3 through 7.5, allow remote attackers to execute arbitrary code via (1) a certain cookie value; (2) a certain additional parameter, related to sapdbwa_GetQueryString; and other unspecified vectors related to "numerous other fields."
by Mark Litchfield
W3Filer 2.1.3 - Stack-Based Buffer Overflow via FTP Banner
Stack-based buffer overflow in W3Filer 2.1.3 allows remote FTP servers to cause a denial of service (application hang or crash) and possibly execute arbitrary code by sending a large banner to a client that is sending a file.
by r0ut3r
libgd < 2.0.35_rc5 - Denial of Service via gdImageCreateXbm Function
The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure.
by anonymous
BitchX 1.1-final - Command Injection
hook.c in BitchX 1.1-final allows remote IRC servers to execute arbitrary commands by sending a client certain data containing NICK and EXEC strings, which exceeds the bounds of a hash table, and injects an EXEC hook function that receives and executes shell commands.
by clarity_
Yahoo! Messenger - Buffer Overflow via Webcam Viewer ActiveX Control
Buffer overflow in the Yahoo! Webcam Viewer ActiveX control in ywcvwr.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the receive method.
by Excepti0n
Yahoo! Messenger - Buffer Overflow in Webcam Upload ActiveX Control
Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ywcupl.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the send method. NOTE: some of these details are obtained from third party information.
by Excepti0n
SafeNET High Assurance Remote and SoftRemote - Denial of Service via Invalid IPv6 IPSec Packet
IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote attackers to cause a denial of service (infinite loop and system hang) via an invalid packet with certain bytes in an option header, possibly related to the IPv6 support for IPSec.
by mu-b
Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier - Denial of Service via outpost_ipc_hdr Mutex Capture
Unrestricted critical resource lock in Agnitum Outpost Firewall PRO 4.0 1007.591.145 and earlier allows local users to cause a denial of service (system hang) by capturing the outpost_ipc_hdr mutex.
by Matousec Transparent security
Bochs 2.3 - Denial of Service via Floppy Disk Controller
The emulated floppy disk controller in Bochs 2.3 allows local users of the guest operating system to cause a denial of service (virtual machine crash) via unspecified vectors, resulting in a divide-by-zero error.
by Tavis Ormandy
Apache HTTP Server 1.3.28-1.3.36 & 2.0.46-2.0.58 - DoS & RCE via mod_rewrite LDAP Handling
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules.
by fabio/b0x
Linux Kernel < 2.6.21.2 - Denial of Service via VFAT Compat Ioctls
The VFAT compat ioctls in the Linux kernel before 2.6.21.2, when run on a 64-bit system, allow local users to corrupt a kernel_dirent struct and cause a denial of service (system crash) via unknown vectors.
by Bart Oldeman
MagicISO <5.4.239 - Buffer Overflow
Stack-based buffer overflow in MagicISO 5.4 build 239 and earlier allows remote attackers to execute arbitrary code via a long filename in a .cue file.
by vade79
webdesproxy 0.0.1 - Remote Code Execution via Long URL
Buffer overflow in webdesproxy 0.0.1 allows remote attackers to execute arbitrary code via a long URL, possibly involving the process_connection_request function in webdesproxy.c.
by Xpl017Elz
Notepad++ < 4.1.1 - Stack-based Buffer Overflow in LexRuby.cxx
Stack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla 1.73, as used by notepad++ 4.1.1 and earlier, allows user-assisted remote attackers to execute arbitrary code via certain Ruby (.rb) files with long lines. NOTE: this was originally reported as a vulnerability in notepad++.
by vade79
webdesproxy 0.0.1 - Remote Code Execution via Long URL
Buffer overflow in webdesproxy 0.0.1 allows remote attackers to execute arbitrary code via a long URL, possibly involving the process_connection_request function in webdesproxy.c.
by vade79
eTrust AntiVirus Agent r8 - Local Privilege Escalation
by binagres
McAfee SecurityCenter <6.0.25, <7.2.147 - Buffer Overflow
Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows remote attackers to execute arbitrary code via a crafted argument.
by Jambalaya
Gimp 2.2.14 - Stack-Based Buffer Overflow in SUNRAS Plugin via RAS File
Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file.
by Kristian Hermansen
CA Anti-Virus for the Enterprise r8 and Threat Manager r8 - Privilege Escalation via Task Service File Mapping
CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before 20070510 use weak permissions (NULL security descriptor) for the Task Service shared file mapping, which allows local users to modify this mapping and gain privileges by triggering a stack-based buffer overflow in InoCore.dll before 8.0.448.0.
by binagres
PicoZip - Denial of Service via ZOO Archive Direntry Structure
PicoZip allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
by Jean-Sébastien
AMaViS < 2.4.1 - Denial of Service via ZOO Archive Direntry Structure
zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
by Jean-Sébastien
AtomixMP3 - Stack-Based Buffer Overflow via Long MP3 Filename
Stack-based buffer overflow in AtomixMP3 allows remote attackers to execute arbitrary code via a long filename in an MP3 file, a different vector than CVE-2006-6287.
by preth00nker
3proxy 0.5-0.5.3g - Remote Code Execution via Transparent Request Buffer Overflow
Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel before 20070413, might allow remote attackers to execute arbitrary code via crafted transparent requests.
by Xpl017Elz
3proxy 0.5-0.5.3g - Remote Code Execution via Transparent Request Buffer Overflow
Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel before 20070413, might allow remote attackers to execute arbitrary code via crafted transparent requests.
by vade79
Winamp 5.02-5.34 - Remote Code Execution via MP4 File
libmp4v2.dll in Winamp 5.02 through 5.34 allows user-assisted remote attackers to execute arbitrary code via a certain .MP4 file. NOTE: some of these details are obtained from third party information.
by Marsu
By Source