Exploitdb Exploits
2,689 exploits tracked across all sources.
Samba <3.3.11, <3.4.6, <3.5.0rc3 - Path Traversal
The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create a symlink containing .. (dot dot) sequences, related to the combination of the unix extensions and wide links options.
by kingcope
MultiMedia Soft AdjMmsEng.dll <7.11.2.7 - Buffer Overflow
Stack-based buffer overflow in MultiMedia Soft AdjMmsEng.dll 7.11.1.0 and 7.11.2.7, as distributed in multiple MultiMedia Soft audio components for .NET, allows remote attackers to execute arbitrary code via a long string in a playlist (.pls) file, as originally reported for Euphonics Audio Player 1.0. NOTE: some of these details are obtained from third party information.
by Metasploit
Geo++ GNCASTER <= 1.4.0.7 - DoS and Possible RCE via Long NMEA Data
Geo++ GNCASTER 1.4.0.7 and earlier allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a long NMEA data sentence.
by RedTeam Pentesting GmbH
WebDrive 9.02 build 2232 - Unauthenticated Command Execution via Service Config
South River Technologies WebDrive 9.02 build 2232 installs the WebDrive Service without a security descriptor, which allows local users to (1) stop the service via the stop command, (2) execute arbitrary commands as SYSTEM by using the config command to modify the binPath variable, or (3) restart the service via the start command.
by Trancer
AOL 9.5 - Phobos.Playlist 'Import()' Remote Buffer Overflow (Metasploit)
by Trancer
EFS Easy Chat Server - Universal Buffer Overflow (SEH) (Metasploit)
by fb1h2s
EFS Software Easy Chat Server 2.2 - Remote Buffer Overflow
by John Babio
Audiotran 1.4.1 - '.pls' Local Stack Overflow (Metasploit)
by dookie
Soritong 1.0 - Universal Buffer Overflow (SEH) (Metasploit)
by fb1h2s
MultiMedia Soft AdjMmsEng.dll <7.11.2.7 - Buffer Overflow
Stack-based buffer overflow in MultiMedia Soft AdjMmsEng.dll 7.11.1.0 and 7.11.2.7, as distributed in multiple MultiMedia Soft audio components for .NET, allows remote attackers to execute arbitrary code via a long string in a playlist (.pls) file, as originally reported for Euphonics Audio Player 1.0. NOTE: some of these details are obtained from third party information.
by Sébastien Duquette
PlayMeNow 7.3/7.4 - Local Buffer Overflow (Metasploit)
by blake
E-Soft DJ Studio Pro <5.1.4.3.1 - Buffer Overflow
Stack-based buffer overflow in E-Soft DJ Studio Pro 4.2 including 4.2.2.7.5, and 5.x including 5.1.4.3.1, allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a playlist file (.pls) containing a long string. NOTE: some of these details are obtained from third party information.
by Sébastien Duquette
Mini-stream 3.0.1.1 - Local Buffer Overflow (Metasploit)
by dijital1
Sorcerer Software MultiMedia Jukebox 4.0 - Buffer Overflow
Heap-based buffer overflow in Sorcerer Software MultiMedia Jukebox 4.0 Build 020124 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .m3u or possibly (2) .pst file.
by dijital1
HP OpenView Data Protector 5.50/6.0 - Remote Code Execution via MSG_PROTOCOL Packet
Stack-based buffer overflow in the OmniInet process in HP OpenView Data Protector Application Recovery Manager 5.50 and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted MSG_PROTOCOL packet.
by EgiX
awstats < 6.3 - Remote Code Execution via configdir Parameter
AWStats 6.1, and other versions before 6.3, allows remote attackers to execute arbitrary commands via shell metacharacters in the configdir parameter to aswtats.pl.
by Metasploit
CoreHTTP 0.5.3.1 - 'CGI' Arbitrary Command Execution
by Aaron Conole
3Com OfficeConnect Routers - 'Content-Type' Denial of Service
by Alberto Ortega
Flash Messaging 5.2.0g - Denial of Service via Wide Character Handling
Flash Messaging 5.2.0g (rev 1.1.2) and earlier allows remote attackers to cause a denial of service (application crash) via certain wide characters.
by Alberto Ortega Llamas
Millenium MP3 Studio 2.0 - '.pls' Universal Stack Overflow (Metasploit)
by dookie
Xenorate <= 2.50 - Stack-based Buffer Overflow via .xpl Playlist File
Xenorate versions up to and including 2.50, a Windows-based multimedia player, is vulnerable to a stack-based buffer overflow when processing .xpl playlist files. The application fails to properly validate the length of input data, allowing an attacker to craft a malicious .xpl file that overwrites the Structured Exception Handler (SEH) and enables arbitrary code execution. Exploitation requires local interaction, typically by convincing a user to open the crafted file.
by loneferret germaya_x
Eureka Email 2.2q - ERR Remote Buffer Overflow (Metasploit) (1)
by dookie
Audio Workstation 6.4.2.4.3 - '.pls' Local Buffer Overflow (Metasploit)
by dookie
HTML Help Workshop 4.74 - '.hhp' Local Buffer Overflow (Metasploit)
by loneferret
By Source