Adobe Reader 9.3.2 (CoolType.dll) Remote Memory Corruption / DoS Vulnerability

Summary Adobe Reader software is the global standard for electronic document sharing. It is the only PDF file viewer that can open and interact with all PDF documents. Use Adobe Reader to view, search, digitally sign, verify, print, and collaborate on Adobe PDF files. Description Adobe Reader...

UK One Media CMS (id) Error Based SQL Injection Vulnerability

Summary Content Management System PHP+MySQL. Description UK One Media CMS suffers from an sql injection vulnerability when parsing query from the id param which results in compromising the entire database structure and executing system commands. O / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ /...

Adobe InDesign CS3 INDD File Handling Buffer Overflow Vulnerability

Summary Adobe® InDesign® CS3 software provides precise control over typography and built-in creative tools for designing, preflighting, and publishing documents for print, online, or to mobile devices. Include interactivity, animation, video, and sound in page layouts to fully engage readers...

Adobe Photoshop CS4 Extended 11.0 ASL File Handling Remote Buffer Overflow PoC

Summary The Adobe® Photoshop® family of products is the ultimate playground for bringing out the best in your digital images, transforming them into anything you can imagine and showcasing them in extraordinary ways. Description Adobe Photoshop CS4 Extended suffers from a buffer overflow...

Adobe Photoshop CS4 Extended 11.0 ABR File Handling Remote Buffer Overflow PoC

Summary The Adobe® Photoshop® family of products is the ultimate playground for bringing out the best in your digital images, transforming them into anything you can imagine and showcasing them in extraordinary ways. Description Adobe Photoshop CS4 Extended suffers from a buffer overflow...

Adobe Photoshop CS4 Extended 11.0 GRD File Handling Remote Buffer Overflow PoC

Summary The Adobe® Photoshop® family of products is the ultimate playground for bringing out the best in your digital images, transforming them into anything you can imagine and showcasing them in extraordinary ways. Description Adobe Photoshop CS4 Extended suffers from a buffer overflow...

Adobe Shockwave Player 11.5.6.606 (DIR) Multiple Memory Vulnerabilities

Summary Over 450 million Internet-enabled desktops have installed Adobe Shockwave Player. These people now have access to some of the best the Web has to offer - including dazzling 3D games and entertainment, interactive product demonstrations, and online learning applications. Shockwave Player...

EDraw Flowchart ActiveX Control 2.3 (.edd parsing) Remote Buffer Overflow PoC

Summary Do you want to learn how to draw? Now you can online! Learn how to draw like a local application with Edraw Flowchart ActiveX Control that lets you quickly build basic flowcharts, organizational charts, business charts, hr diagram, work flow, programming flowchart and network diagrams...

EDraw Flowchart ActiveX Control 2.3 (EDImage.ocx) Remote DoS Exploit (IE)

Summary Do you want to learn how to draw? Now you can online! Learn how to draw like a local application with Edraw Flowchart ActiveX Control that lets you quickly build basic flowcharts, organizational charts, business charts, hr diagram, work flow, programming flowchart and network diagrams...

AVTECH Software (AVC781Viewer.dll) ActiveX Multiple Remote Vulnerabilities

Summary AVTECH Software, a private corporation founded in 1988, is a computer software and hardware manufacturer specializing in providing Windows NT/2K/XP/2K3 products to monitor multi-OS computers and network issues throughout a department or an entire enterprise. Once issues or events occur,...

Aladdin eToken PKI Client v4.5 Virtual File Handling Unspecified Memory Corruption PoC

Summary The eToken PKI Client is the software that enables eToken USB operation and the implementation of eToken PKI-based solutions. These solutions include certificate-based strong two-factor authentication, encryption and digital signing. With the PKI Client your PKI solutions become highly...

VLC media player 1.0.5 Goldeneye (bookmarks) Remote Buffer Overflow PoC

Summary VLC media player is a highly portable multimedia player and multimedia framework capable of reading most audio and video formats MPEG-2, MPEG-4, H.264, DivX, MPEG-1, mp3, ogg, aac ... as well as DVDs, Audio CDs VCDs, and various streaming protocols. Description VLC media player is...

BS.Player v2.51 build 1022 (Media Library) Remote Buffer Overflow Vulnerability

Summary Ever since the very beginning in the year 2000, the BS.Player™ has been one of the world's most popular video players. It is popular for many reasons. One however should be pointed out: BS.Player™ is the first software movie player ever to enable its users to focus on watching the movie...

J. River Media Jukebox 12 MP3 File Handling Remote Heap Overflow PoC

Summary Media Jukebox 12 is a media player application for playing various media files on a Windows machine. Description Media Jukebox 12 suffers from a heap overflow vulnerability when processing .mp3 files and its metadata ID3 tags. When a malicious .mp3 file is played the application pops out ...

Deimos Kasa <= 2.58 (table) Local Integer Overflow Vulnerability

Summary Deimos Kasa is a Windows restaurant management software. Description Deimos Kasa is prone to an integer overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input in the table field. Successfully exploiting these issues may allow local attackers to...

ExtCalendar 2.0 Beta 2 (upgrade.php) Remote XSS Vulnerability

Summary ExtCalendar is a powerful multi-user web-based calendar application. Features include Multi-Languages, Themes, Recurrent Events, Categories, Users and Groups management, Environment and General Settings, Template Configuration, Product Updates. Description ExtCalendar is prone to a...

WampServer 2.0i (index.php) Remote Cross Site Scripting Vulnerability

Summary WampServer - Apache, PHP, MySQL on Windows. Description WampServer is susceptible to cross-site scripting vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input. An attacker may leverage any of the cross-site scripting issues to have arbitra...

CableTEL's Triple Play v1.0 (login.php) Remote Login Bypass SQL Injection Vuln

Summary Triple Play is a PHP script that CableTEL offers its clients to check their internet traffic status. Description Triple Play suffers from a security bypass vulnerability login.php with sql injection attack. The login page can be accessed only by CableTEL's users. The script fails to...

Nero Burning ROM 9 (iso compilation) Local Buffer Invasion Proof Of Concept

Summary Nero Burning ROM is the professional solution for burning your audio, data, and video discs, backing up entire discs, and much more. Features many advanced settings and options and supports a wide range of formats. Description Nero Burning ROM suffers from a buffer overflow vulnerability...

Google SketchUp Pro 7.0 (.skp file) Remote Stack Overflow PoC

Summary Google SketchUp Pro 7 is a suite of powerful features and applications for streamlining your professional 3D workflow. Description Google SketchUp Pro 7.0 suffers from a stack overflow vulnerability. It fails to handle the .skp file format resulting in crash overflowing the memory stack,...

Epiri Professional Web Browser 3.0 Remote Crash Exploit

Summary Epiri Professional 3.0 next generation alternative internet Epiri Professional features with faster internet, digital clarity, the latest technological design and user-focused, impressive, next generation alternative internet program. Microsoft Silverlight needed. Description Epiri...

Music Tag Editor 1.61 build 212 Remote Buffer Overflow PoC

Summary Simple-to-use WMA / MP3 tag editor that allows you to change tagged information about your MP3/WMA music files. Quickly change music filenames, create PLS/M3U playlists and even add lyrics to your music files, with full UNICODE support. Music filenames and tags are never what they should,...

Zortam ID3 Tag Editor 5.0 Remote Stack Overflow Vulnerability

Summary Zortam ID3 Tag Editor is all-in-one MP3 organizer application for editing ID3 tags Mp3 ID3 Tag Editor with support for ID3v1 and ID3v2 tags, managing M3u playlists Playlist manager, renaming files Mp3 Renamer using ID3 tags, searching for duplicate Mp3 files, searching and cataloguing Mp3...

Audio Editor Pro 2.91 Remote Memory Corruption PoC

Summary Audio Editor Pro is a visual multifunctional audio files editor for Microsoft Windows. Description MightSOFT Audio Editor Pro is prone to an unspecified memory-corruption vulnerability. An attacker can exploit this issue by tricking a victim into opening a malicious MP3 file to execute...

Zortam MP3 Media Studio 9.40 Multiple Memory Corruption Vulnerabilities

Summary Zortam Mp3 Media Studio is all-in-one Mp3 application that contains Mp3 ID3 Tag Organizer for searching and cataloguing Mp3 files into Mp3 library, editing ID3v1 and ID3v2.4 tags ID3 Tag Editor-Mp3 Tag Editor, CD Ripper with album cover art/lyric support that uses CDDB Internet Compact Di...

Zortam MP3 Player 1.50 (m3u) Integer Division by Zero Exploit

Summary Zortam Mp3 Player will enable you to listen all your favorite tracks and at the same time enjoy a show of lights and images visualizing the covers of your albums and song lyrics. Description Zortam Mp3 Player suffers from a division by zero attack when handling .m3u files, resulting in...

eEye Retina WiFi Security Scanner 1.0 (.rws Parsing) Buffer Overflow PoC

Summary Retina WiFi Scanner is a tool to be used to detect IEEE 802.11 WiFi based devices. Note: The tool is implemented as part of the eEye's Retina Network Security Scanner package. Description A vulnerability has been identified in eEye Retina WiFi Scanner, which could be exploited by attacker...

Carom3D 5.06 Unicode Buffer Overrun/DoS Vulnerability

Summary Carom 3D is an online multi-user billiard game created with special 3D graphic effects bringing every aspect such as 6 ball, 9 ball, 8 ball and other Billiard games to life. Description The world famous korean game Carom3D suffers from a buffer overflow and a denial of service...

Mp3 Tag Assistant Pro 2.92 (tag metadata) Remote Stack Overflow PoC

Summary MP3 Tag Assistant Professional 2.92 is a professional-level audio tag editor with UNICODE support. Description MP3 Tag Assistant Professional 2.92 is vulnerable to a stack buffer overflow attack when loading a malicious mp3 file or file that supports tags filled with overly long A's in it...

AIMP 2.51 build 330 (ID3v1/ID3v2 Tag) Remote Stack Buffer Overflow PoC (SEH)

Summary Freeware audio player. Description AIMP version 2.51 build 330 suffers from a stack based buffer overflow vulnerability that can be exploited via malicious media file that supports ID3 tags mp3. EIP and ECX registers gets overwritten, including the SE handler and the pointer to the next S...

ViPlay3 <= 3.00 (.vpl) Local Stack Overflow PoC

Summary ViPlay3 is a freeware movie player designed to play the most popular movie types using overlaying technology for a faster and more efficient way of video playback. Description URUWorks ViPlay3 is prone to a remote buffer-overflow vulnerability because the application fails to perform...

Unsniff Network Analyzer 1.0 (usnf) Local Heap Overflow PoC

Summary Dont just look at hex dumps and protocol trees. With Unsniff Network Analyzer, you can view network traffic at various levels of detail. View high level objects like images, video, HTML pages, VOIP calls, drill down to individual TCP sessions, then onto reassembled PDUs, then finally to...

QtWeb Internet Browser 2.0 (build 043) Remote Denial of Service Exploit (smile)

Summary QtWeb is compact, portable and secure web browser having some unique UI and privacy features. QtWeb is an open source project based on Nokia's Qt framework former Trolltech and Apple's WebKit rendering engine the same as being used in Apple Safari and Google Chrome. Description QtWeb...

PowerCHM 5.7 (hhp) Local Buffer Overflow Exploit

Summary With PowerCHM you can create your CHM files automatically from Html Files including .htm, .html and .mht, Text Files .txt, Microsoft Word Documents .doc and Adobe Acrobat Document .pdf. Description The vulnerability is caused due to a boundary error when processing overly long filenames...

Talkative IRC 0.4.4.16 Remote Stack Overflow Exploit (SEH)

Summary The easiest and fastest way to meet people online. With Talkative IRC you can chat with thousands of people at the same time. Find people with the same interests as you. Join channels where you can meet people speaking your language, or start your own. No monthly fees or other hassle, jus...

JDKChat v1.5 Remote Integer Overflow PoC

Summary JDKChat is a simple C++ chat server for GNU/Linux systems. Users can connect to it through a simple tcp client like telnet. Description JDKChat is prone to a remote integer-overflow vulnerability. A remote attacker may exploit this issue to execute arbitrary code within the context of the...

Got All Media 7.0.0.3 (t00t) Remote Denial of Service Exploit

Summary Got All Media is a Home theater PC application for Microsoft Windows platforms. Description Got All Media is exposed to a remote denial of service issue when processing URI requests. This issue occurs when the application handles an HTTP GET request over TCP port 5550. !/usr/local/bin/per...

BlazeVideo HDTV Player <= 3.5 PLF Playlist File Remote Buffer Overflow Exploit

Summary BlazeVideo HDTV Player BlazeDTV is a full-featured and easy-to-use HDTV Player software, combining HDTV playback, FM receiving, video record and DVD playback functions. You can make advantage of PC monitor's high resolution, watch, record, playback high definition HDTV program or teletext...

Amaya Web Editor 11 Remote SEH Overwrite Exploit

Summary Amaya is a Web editor, i.e. a tool used to create and update documents directly on the Web. Description Amaya Web Editor is prone to a buffer overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. Attackers may leverage these issue...

WFTPD Pro Server 3.30.0.1 (pre auth) Multiple Remote Denial of Service Vulnerabilities

Summary Professional FTP server for Windows NT / 2000 / XP / 2003. Description WFTPD Pro Server 3.30.0.1 suffers from multiple remote vulnerabilities which resolves in denial of service. Several commands are vulnerable including: LIST, MLST, NLST, NLST -al, STAT and maybe more. This issue is...

FTPShell Server 4.3 (licence key) Remote Buffer Overflow PoC

Summary FTPShell server is a windows FTP service that enables remote file downloads and uploads. It supports regular and secure FTP based on both SSL/TLS and SSH2. It is also extremely easy to configure and use. Description FTPShell Server 4.3 suffers from buffer overflow vulnerability that can b...

Nero ShowTime 5.0.15.0 m3u Playlist File Remote Buffer Overflow PoC

Summary Nero ShowTime provides you with a high-performance software DVD player that takes you to a new dimension in DVD's. Its cinema-like sound and excellent image quality for all digital pictures make an adventure of every film! What is more, Nero ShowTime supports all DVD-Video formats and can...

KVIrc 3.4.0 Virgo Remote Format String Exploit PoC

Summary KVIrc is a free portable IRC client based on the excellent Qt GUI toolkit. KVirc is being written by Szymon Stefanek and the KVIrc Development Team with the contribution of many IRC addicted developers around the world. Description KVIrc is prone to a remote format-string vulnerability...

Eserv 3.x FTP Server (ABOR) Remote Stack Overflow PoC

Summary Eserv/3.x - Mail, News, Web and Proxy Servers - Mail Server SMTP, IMAP4 and POP3 - News Server NNTP - Web Server HTTP - FTP Server - Proxy Servers HTTP, FTP, Socks, etc - Finger Server - Built-in scheduler and dialer. Description Stack-based buffer overflow in the FTP server in Etype Eser...

VBA32 Personal Antivirus 3.12.8.x (malformed archive) DoS Exploit

Summary Antivirus program for personal computers running Windows which is a reliable and, it is crucial, quick tool to detect and neutralize computer viruses, mail worms, trojan programs and other malware backdoors, adware, spyware, etc in real time and by request. Description Vba32 Personal...

Femitter FTP Server 1.03 (RETR) Remote Denial of Service Exploit PoC

Summary Femitter Server is an easy-to use HTTP and FTP server application for Windows which allows you to use your own computer for sharing gigabytes of files with your friends and colleagues. Description Femitter HTTP/FTP 1.03 suffers from an information disclosure and denial of service...

Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC

Summary Maxthon Browser is a powerful tabbed browser built for all users. Besides basic browsing functionality, Maxthon Browser provides a rich set of features to improve your surfing experience. Description Maxthon Browser is prone to a denial-of-service vulnerability. An attacker may exploit th...

SeaMonkey 1.1.11 Remote Denial of Service Exploit PoC

Summary Web-browser, advanced e-mail and newsgroup client, IRC chat client, and HTML editing made simple - all your Internet needs in one application. Description SeaMonkey suffers from a remote denial of service vulnerability DoS, using a special html file with the tag multiple times 24...

Flock Social Web Browser 1.2.5 (loop) Remote Denial of Service Exploit

Summary Flock is a browser. The people here at Flock are committed to building a browser unlike anything you’ve ever experienced before - because we start by focusing on user needs. We take pride in solving for common behaviors on the Web that seem clunky today, and will seem ridiculous tomorrow...

Google Chrome Browser 0.2.149.27 Denial of Service Exploit

Summary Google Chrome is a web browser that runs web pages and applications with lightning speed. Description An issue exists in how chrome behaves with undefined-handlers in chrome.dll version 0.2.149.27. A crash can result without user interaction. When a user is made to visit a malicious link,...