C Exploits
3,628 exploits tracked across all sources.
freeFTPd 1.0.10 - Authenticated Denial of Service via PORT Command
freeFTPd 1.0.10 allows remote authenticated users to cause a denial of service (null dereference and crash) via a PORT command with missing arguments.
by Stefan Lochbihler
Macromedia Flash Player - Remote Code Execution via ActionDefineFunction ActionScript Call
Macromedia Flash plugin (1) Flash.ocx 7.0.19.0 (Windows) and earlier and (2) libflashplayer.so before 7.0.25.0 (Unix) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via parameters to the ActionDefineFunction ActionScript call in a SWF file, which causes an improper memory access condition, a different vulnerability than CVE-2005-2628.
by BassReFLeX
freeFTPd 1.0.8 - Authenticated Buffer Overflow via MKD or DELE Command
Multiple buffer overflows in freeFTPd 1.0.8, without logging enabled, allow remote authenticated attackers to cause a denial of service (application crash), and possibly execute arbitrary code, via long (1) MKD and (2) DELE commands.
by Expanders
Windows 2000 SP4 and earlier - Denial of Service via UPnP DCE RPC Request
PNP_GetDeviceList (upnp_getdevicelist) in UPnP for Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via a DCE RPC request that specifies a large output buffer size, a variant of CVE-2006-6296, and a different vulnerability than CVE-2005-2120.
by Winny Thomas
Snort - Stack-based Buffer Overflow via Back Orifice Preprocessor
Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.
by xort
RealNetworks RealPlayer <10.5 - RCE
Integer overflow in RealNetworks RealPlayer 8, 10, and 10.5, RealOne Player 1 and 2, and Helix Player 10.0.0 allows remote attackers to execute arbitrary code via an .rm movie file with a large value in the length field of the first data packet, which leads to a stack-based buffer overflow, a different vulnerability than CVE-2004-1481.
by nolimit
Linux Kernel < 2.6.14 - Denial of Service via sysctl Interface File Handling
The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function pointers in memory that was used for the ctl_table.
by Rémi Denis-Courmont
linux-ftpd-ssl 0.17 - Remote Code Execution via Long Directory Name XPWD Command
Buffer overflow in the SSL-ready version of linux-ftpd (linux-ftpd-ssl) 0.17 allows remote attackers to execute arbitrary code by creating a long directory name, then executing the XPWD command.
by kingcope
Asus Video Security Online < 3.5.0.0 - Buffer Overflow via Long Username/Password
Buffer overflow in Asus Video Security 3.5.0.0 and earlier, when using authorization, allows remote attackers to execute arbitrary code via a long username/password string.
by Luigi Auriemma
Scorched 3D 39.1 (bf) and earlier - Denial of Service via Negative numplayers Value
Scorched 3D 39.1 (bf) and earlier allows remote attackers to cause a denial of service (long loop and server hang) via a negative numplayers value that bypasses a signed check in ServerConnectHandler.cpp.
by Luigi Auriemma
GO-Global Windows Server 3.1.0.3270 - Buffer Overflow (PoC)
by Luigi Auriemma
GO-Global for Windows <= 3.1.0.3270 - Remote Code Execution via Oversized Data Block
Buffer overflow in GO-Global for Windows 3.1.0.3270 and earlier allows remote attackers to execute arbitrary code via a data block that is longer than the specified data block size.
by Luigi Auriemma
Glider Collect'n kill 1.0.0.0 - Remote Code Execution via Long Player Name in gl_playerEnter Command
Buffer overflow in Glider Collect'n kill 1.0.0.0 allows remote attackers to execute arbitrary code via a gl_playerEnter command with a long player name.
by Luigi Auriemma
FlatFrag <= 0.3 - Denial of Service via NT_CONN_OK Command
FlatFrag 0.3 and earlier allows remote attackers to cause a denial of service (crash) by sending an NT_CONN_OK command from a client that is not connected, which triggers a null dereference.
by Luigi Auriemma
Blitzkrieg 2 < 1.21 - 'Server/Client' Denial of Service
by Luigi Auriemma
Battle Carry <= .005 - Denial of Service via Large UDP Packet
Battle Carry .005 and earlier allows remote attackers to cause a denial of service (inaccessible port) via a large packet, which triggers a socket error and terminates the socket that is listening on the server's UDP port.
by Luigi Auriemma
Mirabilis ICQ 2003a - Remote Buffer Overflow Download Shellcode
by ATmaCA
Hasbani Web Server 2.0 - Denial of Service via Crafted HTTP GET Request
Hasbani Web Server (WindWeb) 2.0 allows remote attackers to cause a denial of service (infinite loop) via HTTP crafted GET requests.
by Expanders
Affix Bluetooth Protocol Stack - Privilege Escalation
The affix_sock_register in the Affix Bluetooth Protocol Stack for Linux might allow local users to gain privileges via a socket call with a negative protocol value, which is used as an array index.
by qobaiashi
Snort - Stack-based Buffer Overflow via Back Orifice Preprocessor
Stack-based buffer overflow in the Back Orifice (BO) preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet.
by rd
Microsoft Windows 2000 SP4 and XP SP1-SP2 - Stack-Based Buffer Overflow in Plug and Play Service via Registry Key Name
Stack-based buffer overflow in the Plug and Play (PnP) service (UMPNPMGR.DLL) in Microsoft Windows 2000 SP4, and XP SP1 and SP2, allows remote or local authenticated attackers to execute arbitrary code via a large number of "\" (backslash) characters in a registry key name, which triggers the overflow in a wsprintfW function call.
by Winny Thomas
Microsoft Windows 2000 SP4 and XP SP1-SP2 - Stack-Based Buffer Overflow in Plug and Play Service via Registry Key Name
Stack-based buffer overflow in the Plug and Play (PnP) service (UMPNPMGR.DLL) in Microsoft Windows 2000 SP4, and XP SP1 and SP2, allows remote or local authenticated attackers to execute arbitrary code via a large number of "\" (backslash) characters in a registry key name, which triggers the overflow in a wsprintfW function call.
by anonymous
XMail - Stack-based Buffer Overflow via Long -t Command Line Option
Stack-based buffer overflow in sendmail in XMail before 1.22 allows remote attackers to execute arbitrary code via a long -t command line option.
by qaaz
Linux Kernel < 2.6.14-rc5 - Denial of Service via UDPv6 Port Handling
The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash).
by Rémi Denis-Courmont
By Source