Exploitdb Exploits
4,759 exploits tracked across all sources.
Chasys Media Player 1.1 - '.m3u' Local Stack Overflow
by Encrypt3d.M!nd
Chasys Media Player 1.1 - '.pls' Local Buffer Overflow (PoC) (SEH)
by zAx
gomlab gom_encoder < 1.0.0.11 - Heap-Based Buffer Overflow via Long Text Field in Subtitle File
Heap-based buffer overflow in the Preview/ Set Segment function in Gretech GOMlab GOM Encoder 1.0.0.11 and earlier allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a long text field in a subtitle (.srt) file.
by Encrypt3d.M!nd
RainbowPlayer 0.91 - Playlist Universal Overwrite (SEH)
by His0k4
Realtek Sound Manager 1.15.0.0 - Playlist Overwrite (SEH)
by His0k4
Nokia MultiMedia Player 1.0 - Playlist Universal Overwrite (SEH)
by His0k4
EO Video 1.36 - Stack-Based Buffer Overflow via Long Name Element in ProjectElement
Stack-based buffer overflow in EO Video (eo-video) 1.36 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .eop (aka playlist) file with a ProjectElement element that contains a long Name element.
by His0k4
Media Commands - '.m3u' Universal Overwrite (SEH)
by His0k4
Microsoft Internet Explorer 7 - RCE
Microsoft Internet Explorer 7, when XHTML strict mode is used, allows remote attackers to execute arbitrary code via the zoom style directive in conjunction with unspecified other directives in a malformed Cascading Style Sheets (CSS) stylesheet in a crafted HTML document, aka "CSS Memory Corruption Vulnerability."
by Ahmed Obied
EFS Easy Chat Server 2.2 - Authentication Request Buffer Overflow (SEH)
by His0k4
NovaStor NovaNET 12 - Stack-Based Buffer Overflow via Long Username Field
Stack-based buffer overflow in the DtbClsLogin function in NovaStor NovaNET 12 allows remote attackers to (1) execute arbitrary code on Linux platforms via a long username field during backup domain authentication, related to libnnlindtb.so; or (2) cause a denial of service (daemon crash) on Windows platforms via a long username field during backup domain authentication, related to nnwindtb.dll. NOTE: some of these details are obtained from third party information.
by AbdulAziz Hariri
Merak Media Player 3.2 - Buffer Overflow
Stack-based buffer overflow in Merak Media Player 3.2 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file, related to the status bar icon's tooltip. NOTE: some of these details are obtained from third party information.
by Encrypt3d.M!nd
Media Commands 1.0 - Remote Code Execution via Long String in Playlist File
Multiple heap-based buffer overflows in Media Commands 1.0 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in a (1) M3U, (2) M3l, (3) TXT, and (4) LRC playlist file.
by His0k4
HTC Touch Pro and Touch Cruise - Denial of Service via vCard Flood to UDP Port 9204
HTC Touch Pro and HTC Touch Cruise vCard allows remote attackers to cause denial of service (CPU consumption, SMS consumption, and connectivity loss) via a flood of vCards to UDP port 9204.
by Mobile Security Lab
Wesnoth 1.4.x and 1.5 < 1.5.11 - Remote Code Execution via Python AI Module Sandbox Escape
The Python AI module in Wesnoth 1.4.x and 1.5 before 1.5.11 allows remote attackers to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the whitelisted module.
by Wesnoth
Microsoft Internet Explorer 7 - Uninitialized Memory Corruption
Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to CFunctionPointer and the appending of document objects, aka "Uninitialized Memory Corruption Vulnerability."
by David Kennedy (ReL1K)
Microsoft Internet Explorer 7 - RCE
Microsoft Internet Explorer 7, when XHTML strict mode is used, allows remote attackers to execute arbitrary code via the zoom style directive in conjunction with unspecified other directives in a malformed Cascading Style Sheets (CSS) stylesheet in a crafted HTML document, aka "CSS Memory Corruption Vulnerability."
by David Kennedy (ReL1K)
TYPO3 <4.0.12-4.3alpha1 - Info Disclosure
The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which allows remote attackers to read arbitrary files by including the hash in a request.
by Lolek
UltraVNC 1.0.2-1.0.5 & TightVnc 1.3.9 - DoS/Code Injection
Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and (2) TightVnc 1.3.9 allow remote VNC servers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code via a large length value in a message, related to the (a) ClientConnection::CheckBufferSize and (b) ClientConnection::CheckFileZipBufferSize functions in ClientConnection.cpp.
by desi
PyCrypto ARC2 2.0.1 - Buffer Overflow
Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length.
by Mike Wiacek
BlazeVideo HDTV Player <3.5 - Buffer Overflow
Stack-based buffer overflow in BlazeVideo HDTV Player 3.5 and earlier allows remote attackers to execute arbitrary code via a long string in a playlist (aka .plf) file.
by LiquidWorm
UltraVNC 1.0.2-1.0.5 & TightVnc 1.3.9 - DoS/Code Injection
Multiple integer signedness errors in (1) UltraVNC 1.0.2 and 1.0.5 and (2) TightVnc 1.3.9 allow remote VNC servers to cause a denial of service (heap corruption and application crash) or possibly execute arbitrary code via a large length value in a message, related to the (a) ClientConnection::CheckBufferSize and (b) ClientConnection::CheckFileZipBufferSize functions in ClientConnection.cpp.
by Andres Luksenberg
Nokia PC Suite <6.86.9.3 - Buffer Overflow
Heap-based buffer overflow in MultimediaPlayer.exe 6.86.240.7 in Nokia PC Suite 6.86.9.3 allows remote attackers to execute arbitrary code via a long string in a .m3u playlist file.
by zer0in
By Source