C Exploits
3,628 exploits tracked across all sources.
Knox Arkeia Server Backup 5.3.x - Remote Code Execution via Type 77 Request
Stack-based buffer overflow in Knox Arkeia Server Backup 5.3.x allows remote attackers to execute arbitrary code via a long type 77 request.
by John Doe
Medal of Honor Allied Assault - Buffer Overflow via LAN Query and Connect Packet
Buffer overflow in Medal of Honor (1) Allied Assault 1.11v9 and earlier, (2) Breakthrough 2.40b and earlier, and (3) Spearhead 2.15 and earlier, when playing on a Local Area Network (LAN), allows remote attackers to execute arbitrary code via vectors such as (1) the getinfo query, (2) the connect packet, and other unknown vectors.
by millhouse
3Com 3CDaemon 2.0 revision 10 - Buffer Overflow via Long FTP Command Argument
Buffer overflow in the FTP service in 3Com 3CDaemon 2.0 revision 10 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via (1) a long username in the USER command or (2) an FTP command that contains a long argument, such as cd, send, or ls.
by c0d3r
Typespeed <0.4.1 - Privilege Escalation
Unknown vulnerability in typespeed 0.4.1 and earlier allows local users to gain privileges.
by Ulf Harnhammar
GNU a2ps - Anything to PostScript Not SUID Local Overflow
by lizard
Quake 3 Engine - Denial of Service via Long Infostring
The Quake 3 engine, as used in multiple game packages, allows remote attackers to cause a denial of service (shutdown game server) and possibly crash the server via a long infostring, possibly triggering a buffer overflow.
by Luigi Auriemma
BrightStor ARCserve Backup 9.0-11.1 - Remote Code Execution via Discovery Service Buffer Overflow
Buffer overflow in the Discovery Service in BrightStor ARCserve Backup 9.0 through 11.1 allows remote attackers to execute arbitrary commands via a large packet to TCP port 41523, a different vulnerability than CVE-2005-0260.
by cybertronic
Armagetron < 0.2.6.0 and Armagetron Advanced < 0.2.7.0 - Denial of Service via Empty UDP Packet
Armagetron 0.2.6.0 and earlier and Armagetron Advanced 0.2.7.0 and earlier allow remote attackers to cause a denial of service (network disconnection) via an empty UDP packet, which is not properly distinguished from the "no new packets" state of the associated socket.
by Luigi Auriemma
DelphiTurk FTP 1.0 - Privilege Escalation
DelphiTurk FTP 1.0 stores usernames and passwords in the profile.dat file, which allows local users to gain privileges.
by Kozan
ELOG - Buffer Overflow via Long Attachment Filename
Buffer overflow in the decode_post function in ELOG before 2.5.7 allows remote attackers to execute arbitrary code via attachments with long file names.
by n4rk0tix
ProZilla Download Accelerator 1.3.7.3 - Remote Code Execution via Format String in Location Header
Format string vulnerability in ProZilla 1.3.7.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the Location header.
by Serkan Akpolat
libpng < 1.2.5 - Remote Code Execution via Malformed PNG Image
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking.
by ATmaCA
DelphiTurk CodeBank <3.1 - Privilege Escalation
DelphiTurk CodeBank (aka KodBank) 3.1 and earlier stores usernames and passwords in the Codebank registry key, which allows local users to gain privileges.
by Kozan
Apple AFP Server - Denial of Service via Negative UAM String Length in FPLoginExt Packet
Integer signedness error in Apple File Service (AFP Server) allows remote attackers to cause a denial of service (application crash) via a negative UAM string length in a FPLoginExt packet.
by nemo
3Com 3CServer - Authenticated Remote Code Execution via Long FTP Command
Multiple heap-based buffer overflows in 3Com 3CServer allow remote authenticated users to execute arbitrary code via long FTP commands, as demonstrated using the STAT command.
by mandragore
Perl 5.8.0 - Arbitrary File Creation via PERLIO_DEBUG Variable
The PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to create arbitrary files via the PERLIO_DEBUG variable.
by Kevin Finisterre
Perl 5.8.0 - Local Buffer Overflow via PERLIO_DEBUG Environment Variable
Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.
by Kevin Finisterre
ngIRCd 0.8.2 - Remote Code Execution via Format String in Log_Resolver
Format string vulnerability in the Log_Resolver function in log.c for ngIRCd 0.8.2 and earlier, when compiled with IDENT, logging to SYSLOG, and with DEBUG enabled, allows remote attackers to execute arbitrary code.
by CoKi
Newspost < 2.1.1 - Remote Code Execution via Long NNTP Response String
Buffer overflow in the socket_getline function in Newspost 2.1.1 and earlier allows remote malicious NNTP servers to execute arbitrary code via a long string without a newline character.
by cybertronic
Windows 2000 - Buffer Overflow in Internet Printing ISAPI Extension
Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0.
by styx
By Source