C Exploits

3,631 exploits tracked across all sources.

Sort: Activity Stars
CVE-2004-2501 EXPLOITDB c VERIFIED
MailEnable Professional and Enterprise - Buffer Overflow via IMAP Service Long Command String
Buffer overflow in the IMAP service of MailEnable Professional Edition 1.52 and Enterprise Edition 1.01 allows remote attackers to execute arbitrary code via (1) a long command string or (2) a long string to the MEIMAP service and then terminating the connection.
by class101
EIP-2026-102783 EXPLOITDB c VERIFIED
atari800 - Local Privilege Escalation
by pi3
CVE-2004-1119 EXPLOITDB c VERIFIED
Winamp 5.05 - Stack-based Buffer Overflow via .m3u Playlist File
Stack-based buffer overflow in IN_CDDA.dll in Winamp 5.05, and possibly other versions including 5.06, allows remote attackers to execute arbitrary code via a certain .m3u playlist file.
by k-otik
CVE-2004-1195 EXPLOITDB c VERIFIED
Star Wars Battlefront 1.11 - Denial of Service via Join Request Memory Address
Star Wars Battlefront 1.11 and earlier allows remote attackers to cause a denial of service (application crash) via a join request that contains a memory address that causes the server to read arbitrary memory.
by Luigi Auriemma
CVE-2004-1542 EXPLOITDB c VERIFIED
Soldier of Fortune II <= 1.03 Gold - Denial of Service via Long Query or Reply
Buffer overflow in Soldier of Fortune II 1.03 Gold and earlier allows remote attackers to cause a denial of service (server or client crash) via a long (1) query or (2) reply.
by Luigi Auriemma
CVE-2004-1120 EXPLOITDB c VERIFIED
ProZilla Download Accelerator <= 1.3.6-r2 - Remote Code Execution via Long Location Header
Multiple buffer overflows in (1) http.c, (2) http-retr.c, (3) main.c and other code that handles network protocols in ProZilla 1.3.6-r2 and earlier allow remote servers to execute arbitrary code via a long Location header.
by Serkan Akpolat
CVE-2004-1118 EXPLOITDB c VERIFIED
WodFtpDLX ActiveX Component < 2.3.2.97 - Buffer Overflow via Long Filename
Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component before 2.3.2.97, as used by CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10, and possibly other applications, allows remote attackers to execute arbitrary code via a long filename.
by Komrade
CVE-2004-1118 EXPLOITDB c VERIFIED
WodFtpDLX ActiveX Component < 2.3.2.97 - Buffer Overflow via Long Filename
Buffer overflow in the WodFtpDLX.ocx (WeOnlyDo!) ActiveX component before 2.3.2.97, as used by CoffeeCup Direct FTP 6.2.0.62 and CoffeeCup Free FTP 3.0.0.10, and possibly other applications, allows remote attackers to execute arbitrary code via a long filename.
by Komrade
CVE-2004-1539 EXPLOITDB c VERIFIED
Halo: Combat Evolved <= 1.05 - Denial of Service via Long Game Server Reply
Halo: Combat Evolved 1.05 and earlier allows remote game servers to cause a denial of service (client crash) via a long value in a game server reply, which triggers a NULL dereference.
by Luigi Auriemma
CVE-2004-0816 EXPLOITDB HIGH c VERIFIED
Linux Kernel < 2.6.8 - Denial of Service via Firewall Logging Integer Underflow
Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet.
by Richard Hart
CVSS 7.5
CVE-2004-0575 EXPLOITDB c VERIFIED
Windows XP and Windows Server 2003 - Remote Code Execution via Compressed Folder Integer Overflow
Integer overflow in DUNZIP32.DLL for Microsoft Windows XP, Windows XP 64-bit Edition, Windows Server 2003, and Windows Server 2003 64-bit Edition allows remote attackers to execute arbitrary code via compressed (zipped) folders that involve an "unchecked buffer" and improper length validation.
by tarako
CVE-2004-0996 EXPLOITDB c VERIFIED
cscope <15-5 - Local Privilege Escalation
main.c in cscope 15-4 and 15-5 creates temporary files with predictable filenames, which allows local users to overwrite arbitrary files via a symlink attack.
by Gangstuck
CVE-2004-1638 EXPLOITDB c VERIFIED
MailCarrier 2.51 - Buffer Overflow via EHLO Command
Buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long (1) EHLO and possibly (2) HELO command.
by NoPh0BiA
CVE-2004-2271 EXPLOITDB c VERIFIED
MiniShare < 1.4.1 - Remote Code Execution via Long HTTP GET Request
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
by NoPh0BiA
CVE-2004-2442 EXPLOITDB c VERIFIED
F-Secure Anti-Virus <5.43 - Auth Bypass
Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system.
by oc192
EIP-2026-115920 EXPLOITDB c VERIFIED
NetNote Server 2.2 build 230 - Crafted String Denial of Service
by class101
EIP-2026-114891 EXPLOITDB c VERIFIED
AlShare Software NetNote Server 2.2 - Remote Denial of Service
by class101
CVE-2004-1109 EXPLOITDB c VERIFIED
Kerio Personal Firewall <= 4.1.1 - Denial of Service via Zero-Length IP Option Field
The FWDRV.SYS driver in Kerio Personal Firewall 4.1.1 and earlier allows remote attackers to cause a denial of service (CPU consumption and system freeze from infinite loop) via a (1) TCP, (2) UDP, or (3) ICMP packet with a zero length IP Option field.
by houseofdabus
CVE-2004-2418 EXPLOITDB c VERIFIED
SlimFTPd 3.15 - Buffer Overflow via Long Command
Buffer overflow in SlimFTPd 3.15 and earlier allows local users to execute arbitrary code via a long command, such as (1) CWD, (2) STOR, (3) MKD, and (4) STAT.
by class101
CVE-2004-0083 EXPLOITDB c VERIFIED
XFree86 4.1.0-4.3.0 - Buffer Overflow in ReadFontAlias via Long Token
Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106.
CVE-2004-1073 EXPLOITDB c VERIFIED
Linux kernel <2.6.8 - Code Injection
The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.
by Paul Starzetz
CVE-2004-2416 EXPLOITDB c VERIFIED
CCProxy - Buffer Overflow via Long HTTP GET Request
Buffer overflow in the logging component of CCProxy allows remote attackers to execute arbitrary code via a long HTTP GET request.
by Ruder
CVE-2004-2677 EXPLOITDB c VERIFIED
qwikmail_smtp <= 0.3 - Remote Code Execution via Format String in SMTP Client Input
Format string vulnerability in qwik-smtpd.c in QwikMail SMTP (qwik-smtpd) 0.3 and earlier allows remote attackers to execute arbitrary code via format specifiers in the (1) clientRcptTo array, and the (2) Received and (3) messageID variables, possibly involving HELO and hostname arguments.
by Carlos Barros
CVE-2004-2271 EXPLOITDB c VERIFIED
MiniShare < 1.4.1 - Remote Code Execution via Long HTTP GET Request
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
by class101
CVE-2004-1626 EXPLOITDB c VERIFIED
Ability Server 2.34 - Remote Code Execution via Long STOR Command
Buffer overflow in Ability Server 2.34, and possibly other versions, allows remote attackers to execute arbitrary code via a long STOR command.
by NoPh0BiA
By Source
All 3,631 Writeup 62,466 Exploitdb 50,076 Nomisec 22,446 Github 3,667 Metasploit 3,315 Vulncheck_xdb 930 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,592 ruby 6,006 c 3,631 perl 2,849 html 2,076 php 1,333 bash 462 java 371 c++ 261 javascript 231 shell 133 go 73 postscript 25 typescript 25