Exploitdb Exploits
3,149 exploits tracked across all sources.
Mercur Messaging 5.0 SP3 - Buffer Overflow
Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string to the (1) LOGIN or (2) SELECT command, a different set of attack vectors and possibly a different vulnerability than CVE-2003-1177.
by pLL
ENet < Jul 2005 - DoS
Integer signedness error in the enet_protocol_handle_incoming_commands function in protocol.c for ENet library CVS version Jul 2005 and earlier, as used in products including (1) Cube, (2) Sauerbraten, and (3) Duke3d_w32, allows remote attackers to cause a denial of service (application crash) via a packet with a large command length value, which leads to an invalid memory access.
by Luigi Auriemma
CrossFire 1.9.0 - RCE
Buffer overflow in the SetUp function in socket/request.c in CrossFire 1.9.0 allows remote attackers to execute arbitrary code via a long setup sound command, a different vulnerability than CVE-2006-1010.
by landser
PeerCast 0.1216 - 'nextCGIarg' Remote Buffer Overflow (2)
by darkeagle
PeerCast 0.1216 - 'nextCGIarg' Remote Buffer Overflow (1)
by prdelka
Alien Arena 2006 Gold Edition 5.00 - DoS
The Com_sprintf function in q_shared.c in Alien Arena 2006 Gold Edition 5.00 does not properly NULL terminate certain long strings, which allows remote attackers (possibly authenticated) to cause a denial of service (application crash) via a long skin, weapon, or model name.
by Luigi Auriemma
Sauerbraten Cube - Denial of Service
engine/server.cpp in Sauerbraten 2006_02_28, as derived from the Cube engine, allows remote attackers to cause a denial of service (segmentation fault) via a client that does not completely join the game and times out, which results in a null pointer dereference.
by Luigi Auriemma
LieroX 0.62b - Remote Server/Client Denial of Service
by Luigi Auriemma
Freeciv <2.0.8 - DoS
packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values.
by Luigi Auriemma
Sauerbraten Cube - Denial of Service
The (1) sgetstr and (2) getint functions in Sauerbraten 2006_02_28, as derived from the Cube engine, allow remote attackers to cause a denial of service (segmentation fault) via long streams of input data that trigger an out-of-bounds read, as demonstrated using SV_EXT tag data in the Cube engine, which is not properly handled by getint.
by Luigi Auriemma
Microsoft Visual Interdev - Memory Corruption
Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 allows user-assisted attackers to execute arbitrary code via a long DataProject field in a (1) Visual Studio Database Project File (.dbp) or (2) Visual Studio Solution (.sln).
by Kozan
libTIFF <3.7.2 - Buffer Overflow
Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to execute arbitrary code via a TIFF file with a malformed BitsPerSample tag.
by Agustin Gianni
Crossfire - Buffer Overflow
Buffer overflow in socket/request.c in CrossFire before 1.9.0, when oldsocketmode is enabled, allows remote attackers to cause a denial of service (segmentation fault) and possibly execute code by sending the server a large request.
by Luigi Auriemma
SCO UnixWare <7.1.4 - Privilege Escalation
Unspecified vulnerability in ptrace in SCO UnixWare 7.1.3 and 7.1.4 allows local users to gain privileges via unspecified vectors.
by prdelka
Punbb - Denial of Service
register.php in PunBB 1.2.10 allows remote attackers to cause an unspecified denial of service via a flood of new user registrations.
by K4P0
MySQL 4.x/5.0 (Linux) - User-Defined Function (UDF) Dynamic Library (2)
by Marco Ivaldi
Microsoft Color Management Module - RCE
Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags.
by darkeagle
D-link Dwl-g700ap - Denial of Service
D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote attackers to cause a denial of service (CAMEO HTTP service crash) via a request composed of "GET" followed by a space and two newlines, possibly triggering the crash due to missing arguments.
by l0om
D-Link DI-524/624/784 - DoS
D-Link DI-524 Wireless Router, DI-624 Wireless Router, and DI-784 allow remote attackers to cause a denial of service (device reboot) via a series of crafted fragmented UDP packets, possibly involving a missing fragment.
by Aaron Portnoy
Microsoft Windows - ACLs Privilege Escalation (2)
by Andres Tarasco
Microsoft HTML Help Workshop <4.74 - Buffer Overflow
Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier allows context-dependent attackers to execute arbitrary code via a .hhp file with a long "Index file" field, possibly a related issue to CVE-2006-0564.
by k3xji
Power Daemon <2.0.2 - RCE
Format string vulnerability in powerd.c in Power Daemon (powerd) 2.0.2 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the WHATIDO variable.
by Gotfault Security
OpenVMPS 1.3 - RCE
Format string vulnerability in the vmps_log function in OpenVMPS (VLAN Management Policy Server) 1.3 allows remote attackers to execute arbitrary code via unknown vectors.
by Gotfault Security
Microsoft HTML Help Workshop <4.74 - Buffer Overflow
Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier allows context-dependent attackers to execute arbitrary code via a .hhp file with a long "Index file" field, possibly a related issue to CVE-2006-0564.
by bratax
By Source