C Exploits
3,626 exploits tracked across all sources.
NewsBin Pro 5.33-4.x - Buffer Overflow
Multiple buffer overflows in NewsBin Pro 5.33 and NewsBin Pro 4.x allow user-assisted remote attackers to execute arbitrary code via a long (1) DataPath or (2) DownloadPath attributed in a (a) NBI file, or (3) a long group field in a (b) NZB file.
by Marsu
S&H Computer Systems News Rover 12.1 Rev 1 - Buffer Overflow
Multiple stack-based buffer overflows in S&H Computer Systems News Rover 12.1 Rev 1 allow remote attackers to execute arbitrary code via a .nzb file with a long (1) group or (2) subject string.
by Marsu
News File Grabber <4.1.0.1 - Buffer Overflow
Stack-based buffer overflow in News File Grabber 4.1.0.1 and earlier allows remote attackers to execute arbitrary code via a .nzb file with a long subject field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
by Marsu
VicFTPS - Stack-Based Buffer Overflow via CWD Command
Stack-based buffer overflow in VicFTPS before 5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long CWD command.
by r0ut3r
Axigen eMail Server 2.0.0b2 - 'pop3' Remote Format String
by fuGich
uTorrent 1.6 - Remote Code Execution via Crafted Torrent Announce Header
Heap-based buffer overflow in uTorrent 1.6 allows remote attackers to execute arbitrary code via a torrent file with a crafted announce header.
by defsec
Axigen Mail Server 1.2.6-2.0.0b1 - Denial of Service via Malformed IMAP Login Credentials
axigen 1.2.6 through 2.0.0b1 does not properly parse login credentials, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a base64-encoded "*\x00" sequence on the imap port (143/tcp).
by mu-b
Axigen Mail Server 1.2.6-2.0.0b1 - Heap-Based Buffer Underflow via Base64-Encoded POP3 Data
Heap-based buffer underflow in axigen 1.2.6 through 2.0.0b1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via certain base64-encoded data on the pop3 port (110/tcp), which triggers an integer overflow.
by mu-b
Comodo Firewall Pro <2.4.16.174 - DoS
cmdmon.sys in Comodo Firewall Pro (formerly Comodo Personal Firewall) before 2.4.16.174 does not validate arguments that originate in user mode for the (1) NtConnectPort and (2) NtCreatePort hooked SSDT functions, which allows local users to cause a denial of service (system crash) and possibly gain privileges via invalid arguments.
by Matousec Transparent security
Solaris 10 - Denial of Service via ICMP Packets
Unspecified vulnerability in Sun Solaris 10 before 20070130 allows remote attackers to cause a denial of service (system crash) via certain ICMP packets.
by kcope
Shaffer Solutions Corp dapcnfsd.dll 0.6.4.0 - Buffer Overflow in EnumPrintersA Function
Buffer overflow in the EnumPrintersA function in dapcnfsd.dll 0.6.4.0 in Shaffer Solutions (SSC) DiskAccess NFS Client allows remote attackers to execute arbitrary code via a long argument, an issue similar to CVE-2006-5854 and CVE-2007-0444.
by Andres Tarasco Acuna
Novell Netware Client 4.91-4.91 SP2 - Remote Code Execution via Spooler Service Buffer Overflow
Multiple buffer overflows in the Spooler service (nwspool.dll) in Novell Netware Client 4.91 through 4.91 SP2 allow remote attackers to execute arbitrary code via a long argument to the (1) EnumPrinters and (2) OpenPrinter functions.
by Andres Tarasco
Intel 2200BG PROSet Wireless 9.0.3.9 - Denial of Service via Crafted Disassociation Packets
The Intel 2200BG 802.11 Wireless Mini-PCI driver 9.0.3.9 (w29n51.sys) allows remote attackers to cause a denial of service (system crash) via crafted disassociation packets, which triggers memory corruption of "internal kernel structures," a different vulnerability than CVE-2006-6651. NOTE: this issue might overlap CVE-2006-3992.
by Breno Silva Pinto
Trend Micro VirusWall 3.81 - Local Privilege Escalation via Long Command Line Argument
Buffer overflow in libvsapi.so in the VSAPI library in Trend Micro VirusWall 3.81 for Linux, as used by IScan.BASE/vscan, allows local users to gain privileges via a long command line argument, a different vulnerability than CVE-2005-0533.
by Sebastian Wolfgarten
Citrix MetaFrame - Stack-based Buffer Overflow in Print Provider Library via Long Arguments
Stack-based buffer overflow in the print provider library (cpprov.dll) in Citrix Presentation Server 4.0, MetaFrame Presentation Server 3.0, and MetaFrame XP 1.0 allows local users and remote attackers to execute arbitrary code via long arguments to the (1) EnumPrintersW and (2) OpenPrinter functions.
by Andres Tarasco
Apple Mac OS X < 10.4.8 - Denial of Service via Large mappingCount Value
The shared_region_map_file_np function in Apple Mac OS X 10.4.8 and earlier kernel allows local users to cause a denial of service (memory corruption) via a large mappingCount value.
by Adriano Lima
Intel Centrino ipw2200BG - Wireless Driver Remote Overflow
by oveRet
mbse-bbs <= 0.70 - Local Stack-Based Buffer Overflow via MBSE_ROOT Environment Variable
Stack-based buffer overflow in mbse-bbs 0.70 and earlier allows local users to execute arbitrary code via a long string in the MBSE_ROOT environment variable.
by prdelka
Kaspersky Anti-Virus <6.0.2.614 - Privilege Escalation
Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows local users to gain Ring-0 privileges via unspecified vectors.
by MaD
Ipswitch WS_FTP 2007 Professional - 'WSFTPURL.exe' Local Memory Corruption
by LMH
Rixstep Undercover - Local Privilege Escalation
by Rixstep Pwned
Texas Imperial Software WFTPD and WFTPD Pro Server < 3.25 - Denial of Service via Long SITE ADMIN Command
Texas Imperial Software WFTPD and WFTPD Pro Server 3.25 and earlier allow remote attackers to cause a denial of service (application crash) via a long SITE ADMIN command.
by Marsu
Sami FTP Server 2.0.1 - Stack-Based Buffer Overflow via Long USER Command
Stack-based buffer overflow in Sami FTP Server 2.0.1 allows remote attackers to execute arbitrary code via a long USER command, which triggers the overflow when the log is viewed.
by Marsu
Dream FTP Server - Remote Code Execution via USER Command Format String Overflow
Heap-based buffer overflow in Dream FTP Server allows remote attackers to execute arbitrary code via a USER command with a large number of format string specifiers, which triggers the overflow during processing of the Server Log.
by Marsu
JV2 Folder Gallery - Unauthenticated Arbitrary File Read via download.php file Parameter
download.php in Joonas Viljanen JV2 Folder Gallery allows remote attackers to read sensitive files via a relative pathname in the file parameter, as demonstrated by config/gallerysetup.php. NOTE: this issue might be resultant from a directory traversal vulnerability.
by PeTrO
By Source