Python Exploits
6,700 exploits tracked across all sources.
Adobe Acrobat and Reader 9.x < 9.3.3 and 8.x < 8.2.3 - Remote Code Execution via Crafted Flash Content in PDF
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content, involving the newfunction (0x44) operator and an "invalid pointer vulnerability" that triggers memory corruption, a different vulnerability than CVE-2010-1285 and CVE-2010-2201.
by Abysssec
Adobe Shockwave Player <11.5.8.612 - Memory Corruption
Integer signedness error in the DIRAPI module in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a count value associated with an "undocumented structure" and the tSAC chunk in a Director movie.
by Abysssec
Acoustica Audio Converter Pro 1.1 (build 25) - '.mp3 / .wav / .ogg / .wma' Local Heap Overflow
by Carlos Mario Penagos Hollmann
Oracle Java SE/Jav for Bus <23 - Info Disclosure
Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow using an untrusted size value in the readMabCurveData function in the CMM module in the JVM.
by Abysssec
Novell iPrint Client <5.44 - Buffer Overflow
Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute arbitrary code via a long call-back-url parameter in an op-client-interface-version action.
by Abysssec
Basic Web Server 1.0 - Directory Traversal / Denial of Service
by John Leitch
Mac OS X - Heap-Based Buffer Overflow in QuickTimeAuthoring.qtx via Crafted FLC File
Heap-based buffer overflow in QuickTimeAuthoring.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC file, related to crafted DELTA_FLI chunks and untrusted length values in a .fli file, which are not properly handled during decompression.
by Abysssec
DJ Studio Pro 8.1.3.2.1 - Local Overflow (SEH)
by Abhishek Lyall
A-PDF All to MP3 Converter 1.1.0 - Universal Local (SEH)
by modpr0be
Mozilla Firefox <3.5.11 & SeaMonkey <2.0.6 - RCE
Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via plugin content with many parameter elements.
by Abysssec
MediaHuman Music Converter 1.0.1 - '.wav' / '.mp3' Denial of Service
by modpr0be
Honestech VHS to DVD 3.0.30 Deluxe - Local Buffer Overflow (SEH)
by Brennon Thomas
SCADA Engine BACnet OPC Client <1.0.25 - Buffer Overflow
Stack-based buffer overflow in WTclient.dll in SCADA Engine BACnet OPC Client before 1.0.25 allows user-assisted remote attackers to execute arbitrary code via a crafted .csv file, related to a status log message.
by Jeremy Brown
Chalk Creek Media Player 1.0.7 - '.mp3' / '.wma' Denial of Service
by Carlos Mario Penagos Hollmann
Ipswitch Imail Server - List Mailer Reply-To Address Memory Corruption
by Abysssec
RealNetworks RealPlayer <11.1 - RCE
Multiple integer overflows in the ParseKnownType function in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allow remote attackers to execute arbitrary code via crafted (1) HX_FLV_META_AMF_TYPE_MIXEDARRAY or (2) HX_FLV_META_AMF_TYPE_ARRAY data in an FLV file.
by Abysssec
Kingsoft Antivirus <2010.04.26.648 - Buffer Overflow
Buffer overflow in kavfm.sys in Kingsoft Antivirus 2010.04.26.648 and earlier allows local users to execute arbitrary code via a long argument to IOCTL 0x80030004. NOTE: some of these details are obtained from third party information.
by Lufeng Li
Adobe Acrobat and Reader 9.x < 9.3.3 and 8.x < 8.2.3 - Remote Code Execution via Crafted Flash Content in PDF
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content involving the (1) pushstring (0x2C) operator, (2) debugfile (0xF1) operator, and an "invalid pointer vulnerability" that triggers memory corruption, a different vulnerability than CVE-2010-1285 and CVE-2010-2168.
by Abysssec
Microsoft Works 9 - Remote Code Execution via Malformed Word File Record
Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Works 9 do not properly handle malformed records in a Word file, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, aka "Word Record Parsing Vulnerability."
by Abysssec
Microsoft Office Excel 2002 SP3 - RCE
Unspecified vulnerability in Microsoft Office Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel file with a malformed RTD (0x813) record that triggers heap corruption, aka "Excel Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0823 and CVE-2010-1249.
by Abysssec
Audiotran 1.4.2.4 - Local Overflow (SEH)
by Abhishek Lyall
Acoustica MP3 Audio Mixer 2.471 - Extended .M3U Directives (SEH)
by Carlos Mario Penagos Hollmann
Firefox 3.5.x-3.5.9 and 3.6.x-3.6.3 - Remote Code Execution via XSLT Node Sorting Integer Overflow
Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node.
by Abysssec
By Source