Exploitdb Exploits
2,689 exploits tracked across all sources.
RealNetworks RealPlayer <6.0.12.1056 - Buffer Overflow
Stack-based buffer overflow in the CSmil1Parser::testAttributeFailed function in smlparse.cpp for RealNetworks RealPlayer 10.5 (6.0.12.1056 and earlier), 10, 8, and RealOne Player V2 and V1 allows remote attackers to execute arbitrary code via a .SMIL file with a large system-screen-size value.
by Metasploit
Persits XUpload 3.0.0.4 - Stack-based Buffer Overflow via AddFile Method
Stack-based buffer overflow in the Persits.XUpload.2 ActiveX control in XUpload.ocx 3.0.0.4 and earlier in Persits XUpload 3.0 allows remote attackers to execute arbitrary code via a long argument to the AddFile method. NOTE: some of these details are obtained from third party information.
by Metasploit
Orbit Downloader <2.8.5 - Buffer Overflow
Stack-based buffer overflow in Orbit Downloader 2.8.2 and 2.8.3, and possibly other versions before 2.8.5, allows remote attackers to execute arbitrary code via a crafted HTTP URL with a long host name, which is not properly handled when constructing a "Connecting" log message.
by Metasploit
Oracle Secure Backup <10.2.0.2 - Info Disclosure
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5448 and CVE-2008-5449.
by Metasploit
Quiksoft EasyMail SMTP Object <6.0.1 - Buffer Overflow
Buffer overflow in the EasyMailSMTPObj ActiveX control in emsmtp.dll 6.0.1 in the Quiksoft EasyMail SMTP Object, as used in Postcast Server Pro 3.0.61 and other products, allows remote attackers to execute arbitrary code via a long argument to the SubmitToExpress method, a different vulnerability than CVE-2007-1029. NOTE: this may have been fixed in version 6.0.3.15.
by Metasploit
Now SMS/MMS Gateway < 2007.06.27 - Stack-Based Buffer Overflow via HTTP Authorization Header or SMPP Packet
Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a (1) long password in an Authorization header to the HTTP service or a (2) large packet to the SMPP service.
by Metasploit
Novell NetMail < 3.52e FTF2 - Remote Code Execution via IMAP Command Continuation or NMAP STOR Command
Multiple buffer overflows in Novell NetMail before 3.52e FTF2 allow remote attackers to execute arbitrary code (1) by appending literals to certain IMAP verbs when specifying command continuation requests to IMAPD, resulting in a heap overflow; and (2) via crafted arguments to the STOR command to the Network Messaging Application Protocol (NMAP) daemon, resulting in a stack overflow.
by Metasploit
Novell NetMail - Authenticated Stack-Based Buffer Overflow via IMAP SUBSCRIBE Command
Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via a long argument to the SUBSCRIBE command.
by Metasploit
Novell Netmail 3.5.2 - Remote Code Execution via IMAP Daemon Long Verb Arguments
Stack-based buffer overflow in the IMAP daemon in Novell Netmail 3.5.2 allows remote attackers to execute arbitrary code via "long verb arguments."
by Metasploit
Novell NetMail < 3.52e FTF2 - Authenticated Stack-Based Buffer Overflow via IMAP APPEND Command
Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command.
by Metasploit
Novell NetMail 3.52d - IMAP (Authenticated) Buffer Overflow (Metasploit)
by Metasploit
Novell iPrint Client 5.30 - Stack-based Buffer Overflow via Long Target-Frame Parameter
Stack-based buffer overflow in ienipp.ocx in Novell iPrint Client 5.30, and possibly other versions before 5.32, allows remote attackers to execute arbitrary code via a long target-frame parameter.
by Metasploit
Novell iPrint Client 4.38, 5.30 - Stack-Based Buffer Overflow via Date and Time Handling
Multiple stack-based buffer overflows in Novell iPrint Client 4.38, 5.30, and possibly other versions before 5.32 allow remote attackers to execute arbitrary code via vectors related to (1) Date and (2) Time.
by Metasploit
Novell eDirectory 8.x-8.8.x - Remote Code Execution via Long HTTP Host Header or Dot in Username
Multiple stack-based buffer overflows in Novell eDirectory 8.8.x before 8.8.1 FTF1, and 8.x up to 8.7.3.8, and Novell NetMail before 3.52e FTF2, allow remote attackers to execute arbitrary code via (1) a long HTTP Host header, which triggers an overflow in the BuildRedirectURL function; or vectors related to a username containing a . (dot) character in the (2) SMTP, (3) POP, (4) IMAP, (5) HTTP, or (6) Networked Messaging Application Protocol (NMAP) Netmail services.
by Metasploit
Norton AntiSpam 2004 - Buffer Overflow
Stack-based buffer overflow in the SymSpamHelper ActiveX component (symspam.dll) in Norton AntiSpam 2004, as used in Norton Internet Security 2004, allows remote attackers to execute arbitrary code via a long parameter to the LaunchCustomRuleWizard method.
by Metasploit
Oracle Mysql < 1.7.5 - Memory Corruption
Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in handshake.cpp or (2) "input_buffer& operator>>" in yassl_imp.cpp.
by Metasploit
mIRC < 6.11 - Remote Code Execution via Long irc:// URL
Buffer overflow in mIRC before 6.11 allows remote attackers to execute arbitrary code via a long irc:// URL.
by Metasploit
MiniShare < 1.4.1 - Remote Code Execution via Long HTTP GET Request
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
by Metasploit
Windows Workstation Service - Buffer Overflow
Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated using the NetAddAlternateComputerName API.
by Metasploit
Windows Media Encoder - Stack-based Buffer Overflow via GetDetailsString Method
Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka "Windows Media Encoder Buffer Overrun Vulnerability."
by Metasploit
Microsoft Intelligent Application Gateway 2007 - Remote Code Execution via Whale Client Components ActiveX Control
Multiple stack-based buffer overflows in the Whale Client Components ActiveX control (WhlMgr.dll), as used in Microsoft Intelligent Application Gateway (IAG) before 3.7 SP2, allow remote attackers to execute arbitrary code via long arguments to the (1) CheckForUpdates or (2) UpdateComponents methods.
by Metasploit
Microsoft Windows <SP1 - Buffer Overflow
Buffer overflow in Client Service for NetWare (CSNW) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via crafted messages, aka "Client Service for NetWare Memory Corruption Vulnerability."
by Metasploit
Windows 2000 and 2003 Server - Remote Code Execution via RRAS RPC Request
Buffer overflow in the Routing and Remote Access service (RRAS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote unauthenticated or authenticated attackers to execute arbitrary code via certain crafted "RPC related requests," aka the "RRAS Memory Corruption Vulnerability."
by Metasploit
Microsoft Outlook Express <6 SP1 - Buffer Overflow
Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field.
by Metasploit
Microsoft Windows 2000 and XP SP1 - Remote Code Execution via Message Queuing Buffer Overflow
Buffer overflow in the Message Queuing component of Microsoft Windows 2000 and Windows XP SP1 allows remote attackers to execute arbitrary code via a crafted message.
by Metasploit
By Source