A mirror of the Gitlab repo: https://gitlab.com/exploit-database/exploitdb
68825c6583
2 new exploits Apache < 1.3.37/2.0.59/2.2.3 mod_rewrite - Remote Overflow (PoC) Anti-Trojan Elite 4.2.1 - 'Atepmon.sys' IOCTL Request Local Overflow Sun SUNWlldap Library Hostname - Buffer Overflow Sun SUNWlldap Library Hostname - Local Buffer Overflow Microsoft Windows XP - 'explorer.exe' Buffer Overflow Microsoft Windows XP - 'explorer.exe' Local Buffer Overflow Solaris Runtime Linker (SPARC) - 'ld.so.1' Buffer Overflow Solaris Runtime Linker (SPARC) - 'ld.so.1' Local Buffer Overflow FirstClass Desktop 7.1 - Buffer Overflow FirstClass Desktop 7.1 - Local Buffer Overflow xsplumber - 'strcpy()' Buffer Overflow xsplumber - 'strcpy()' Local Buffer Overflow BSDi 3.0 inc - Buffer Overflow Privilege Escalation BSDi 3.0 inc - Local Buffer OverflowPrivilege Escalation expect (/usr/bin/expect) - Buffer Overflow expect (/usr/bin/expect) - Local Buffer Overflow xsoldier 0.96 (RedHat 6.2) - Buffer Overflow xsoldier 0.96 (RedHat 6.2) - Local Buffer Overflow Seyon 2.1 rev. 4b i586-Linux (RedHat 4.0/5.1) - Overflow Seyon 2.1 rev. 4b i586-Linux (RedHat 4.0/5.1) - Local Overflow splitvt < 1.6.5 - Overflow splitvt < 1.6.5 - Local Overflow SquirrelMail - 'chpasswd' Buffer Overflow SquirrelMail - 'chpasswd' Local Buffer Overflow AIX lquerylv - Buffer Overflow Privilege Escalation AIX lquerylv - Local Buffer OverflowPrivilege Escalation IRIX 5.3 - '/usr/sbin/iwsh' Buffer Overflow Privilege Escalation IRIX 5.3 - '/usr/sbin/iwsh' Local Buffer Overflow Privilege Escalation zgv - '$HOME' Buffer Overflow Solaris 2.4 passwd / yppasswd / nispasswd - Overflows zgv - '$HOME' Local Buffer Overflow Solaris 2.4 passwd / yppasswd / nispasswd - Local Overflows htpasswd Apache 1.3.31 - Overflow htpasswd Apache 1.3.31 - Local Overflow Apple Mac OSX 10.3.8 - 'CF_CHARSET_PATH' Buffer Overflow Privilege Escalation Apple Mac OSX 10.3.8 - 'CF_CHARSET_PATH' Local Buffer Overflow Privilege Escalation Oracle Database Server 10.1.0.2 - Buffer Overflow Oracle Database Server 10.1.0.2 - Local Buffer Overflow WinRAR 3.30 - 'Filename' Buffer Overflow (1) WinRAR 3.30 - 'Filename' Buffer Overflow (2) WinRAR 3.30 - 'Filename' Local Buffer Overflow (1) WinRAR 3.30 - 'Filename' Local Buffer Overflow (2) Oracle Database Server 9i/10g - 'XML' Buffer Overflow Oracle Database Server 9i/10g - 'XML' Local Buffer Overflow Microsoft HTML Help Workshop - '.hhp' Buffer Overflow (1) Microsoft HTML Help Workshop - '.hhp' Local Buffer Overflow (1) Microsoft HTML Help Workshop - '.hhp' Buffer Overflow (2) Microsoft HTML Help Workshop - '.hhp' Buffer Overflow (3) Microsoft HTML Help Workshop - '.hhp' Local Buffer Overflow (2) Microsoft HTML Help Workshop - '.hhp' Local Buffer Overflow (3) Microsoft Visual Studio 6.0 sp6 - '.dbp' Buffer Overflow Microsoft Visual Studio 6.0 sp6 - '.dbp' Local Buffer Overflow Pico Zip 4.01 - 'Filename' Buffer Overflow Pico Zip 4.01 - 'Filename' Local Buffer Overflow PowerZip 7.06.38950 - 'Filename Handling' Buffer Overflow PowerZip 7.06.38950 - 'Filename Handling' Local Buffer Overflow AtomixMP3 < 2.3 - '.m3u' Buffer Overflow BlazeVideo HDTV Player 2.1 - '.PLF' Buffer Overflow (PoC) AtomixMP3 < 2.3 - '.m3u' Local Buffer Overflow BlazeVideo HDTV Player 2.1 - '.PLF' Local Buffer Overflow (PoC) Microsoft Help Workshop 4.03.0002 - '.cnt' Buffer Overflow Microsoft Help Workshop 4.03.0002 - '.cnt' Local Buffer Overflow Microsoft Help Workshop 4.03.0002 - '.HPJ' Buffer Overflow Microsoft Help Workshop 4.03.0002 - '.HPJ' Local Buffer Overflow FreeBSD mcweject 0.9 'Eject' - Buffer Overflow Privilege Escalation FreeBSD mcweject 0.9 'Eject' - Local Buffer OverflowPrivilege Escalation Corel Paint Shop Pro Photo 11.20 - '.clp' Buffer Overflow Adobe Photoshop CS2 / CS3 - '.bmp' Buffer Overflow ABC-View Manager 1.42 - '.psp' Buffer Overflow FreshView 7.15 - '.psp' Buffer Overflow Corel Paint Shop Pro Photo 11.20 - '.clp' Local Buffer Overflow Adobe Photoshop CS2 / CS3 - '.bmp' Local Buffer Overflow ABC-View Manager 1.42 - '.psp' Local Buffer Overflow FreshView 7.15 - '.psp' Local Buffer Overflow IrfanView 4.00 - '.iff' Buffer Overflow Photoshop CS2/CS3 / Paint Shop Pro 11.20 - '.png' Buffer Overflow IrfanView 4.00 - '.iff' Local Buffer Overflow Photoshop CS2/CS3 / Paint Shop Pro 11.20 - '.png' Local Buffer Overflow Live for Speed S1/S2/Demo - '.mpr replay' Buffer Overflow Live for Speed S1/S2/Demo - '.mpr replay' Local Buffer Overflow Live for Speed S1/S2/Demo - '.ply' Buffer Overflow Live for Speed S1/S2/Demo - '.spr' Buffer Overflow Live for Speed S1/S2/Demo - '.ply' Local Buffer Overflow Live for Speed S1/S2/Demo - '.spr' Local Buffer Overflow VideoLAN VLC Media Player 0.9.4 - '.ty' Buffer Overflow (SEH) VideoLAN VLC Media Player 0.9.4 - '.ty' Local Buffer Overflow (SEH) Cain & Abel 4.9.23 - '.rdp' Buffer Overflow Cain & Abel 4.9.23 - '.rdp' Local Buffer Overflow CoolPlayer 2.19 - 'PlaylistSkin' Buffer Overflow CoolPlayer 2.19 - 'PlaylistSkin' Local Buffer Overflow Free Download Manager 3.0 Build 844 - '.torrent' Buffer Overflow Free Download Manager 3.0 Build 844 - '.torrent' Local Buffer Overflow BulletProof FTP Client 2009 - '.bps' Buffer Overflow (SEH) BulletProof FTP Client 2009 - '.bps' Local Buffer Overflow (SEH) cTorrent/DTorrent - '.torrent' Buffer Overflow cTorrent/DTorrent - '.torrent' Local Buffer Overflow CoolPlayer Portable 2.19.1 - '.m3u' Buffer Overflow (1) CoolPlayer Portable 2.19.1 - '.m3u' Buffer Overflow (2) CoolPlayer Portable 2.19.1 - 'Skin' Buffer Overflow CoolPlayer Portable 2.19.1 - '.m3u' Local Buffer Overflow (1) CoolPlayer Portable 2.19.1 - '.m3u' Local Buffer Overflow (2) CoolPlayer Portable 2.19.1 - 'Skin' Local Buffer Overflow Zoom Player Pro 3.30 - '.m3u' Buffer Overflow (SEH) Zoom Player Pro 3.30 - '.m3u' Local Buffer Overflow (SEH) Mini-stream ASX to MP3 Converter 3.0.0.7 - '.RAM' Buffer Overflow Mini-stream ASX to MP3 Converter 3.0.0.7 - '.RAM' Local Buffer Overflow Live For Speed 2 Version Z - '.mpr' Buffer Overflow (SEH) Live For Speed 2 Version Z - '.mpr' Local Buffer Overflow (SEH) NScan 0.9.1 - 'Target' Buffer Overflow NScan 0.9.1 - 'Target' Local Buffer Overflow Audio Lib Player - '.m3u' Buffer Overflow (SEH) Audio Lib Player - '.m3u' Local Buffer Overflow (SEH) Alleycode HTML Editor 2.2.1 - Buffer Overflow Alleycode HTML Editor 2.2.1 - Local Buffer Overflow Millenium MP3 Studio 2.0 - '.m3u' Buffer Overflow Millenium MP3 Studio 2.0 - 'mpf' Buffer Overflow Millenium MP3 Studio 2.0 - '.m3u' Local Buffer Overflow Millenium MP3 Studio 2.0 - 'mpf' Local Buffer Overflow Xion Audio Player 1.0 121 - '.m3u' Buffer Overflow (2) Xion Audio Player 1.0 121 - '.m3u' Local Buffer Overflow (2) Alleycode 2.21 - Overflow (SEH) (PoC) Alleycode 2.21 - Local Overflow (SEH) (PoC) Serenity Audio Player Playlist - '.m3u' Buffer Overflow Millenium MP3 Studio 2.0 - 'pls' Buffer Overflow Serenity Audio Player Playlist - '.m3u' Local Buffer Overflow Millenium MP3 Studio 2.0 - 'pls' Local Buffer Overflow Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript '.eps' Buffer Overflow Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript '.eps' Local Buffer Overflow M3U To ASX-WPL 1.1 - '.m3u' Buffer Overflow Microsoft HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (1) Audacity 1.2.6 - '.gro' Buffer Overflow M3U To ASX-WPL 1.1 - '.m3u' Local Buffer Overflow Microsoft HTML Help Workshop 4.74 - '.hhp' Local Buffer Overflow (1) Audacity 1.2.6 - '.gro' Local Buffer Overflow Ghostscript < 8.64 - 'gdevpdtb.c' Buffer Overflow PointDev IDEAL Administration 2009 9.7 - Buffer Overflow (Metasploit) HTML Help Workshop 4.74 - '.hhp' Buffer Overflow (Metasploit) gAlan 0.2.1 - Buffer Overflow (1) Ghostscript < 8.64 - 'gdevpdtb.c' Local Buffer Overflow PointDev IDEAL Administration 2009 9.7 - Local Buffer Overflow (Metasploit) HTML Help Workshop 4.74 - '.hhp' Local Buffer Overflow (Metasploit) gAlan 0.2.1 - Local Buffer Overflow (1) Audio Workstation 6.4.2.4.3 - '.pls' Buffer Overflow (Metasploit) Audio Workstation 6.4.2.4.3 - '.pls' Local Buffer Overflow (Metasploit) Easy RM to MP3 Converter 2.7.3.700 - Buffer Overflow Easy RM to MP3 Converter 2.7.3.700 - Local Buffer Overflow Easy RM to MP3 27.3.700 (Windows XP SP3) - Overflow Easy RM to MP3 27.3.700 (Windows XP SP3) - Local Overflow Easy RM to MP3 2.7.3.700 - Buffer Overflow Easy RM to MP3 2.7.3.700 - Local Buffer Overflow Mini-stream RM-MP3 Converter 3.1.2.1 - '.m3u' Buffer Overflow Media Jukebox 8.0.400 - Buffer Overflow (SEH) (Metasploit) Mini-stream RM-MP3 Converter 3.1.2.1 - '.m3u' Local Buffer Overflow Media Jukebox 8.0.400 - Local Buffer Overflow (SEH) (Metasploit) Mini-stream 3.0.1.1 - Buffer Overflow (Metasploit) Mini-stream 3.0.1.1 - Local Buffer Overflow (Metasploit) DJ Studio Pro 5.1.6.5.2 - Overflow (SEH) DJ Studio Pro 5.1.6.5.2 - Local Overflow (SEH) PlayMeNow 7.3/7.4 - Buffer Overflow (Metasploit) PlayMeNow 7.3/7.4 - Local Buffer Overflow (Metasploit) Audiotran 1.4.1 (Windows XP SP2/SP3 English) - Buffer Overflow Audiotran 1.4.1 (Windows XP SP2/SP3 English) - Local Buffer Overflow Rosoft Media Player 4.4.4 - Buffer Overflow (SEH) (1) Rosoft Media Player 4.4.4 - Local Buffer Overflow (SEH) (1) VideoLAN VLC Media Player 0.8.6 a/b/c/d (Win32 Universal) - '.ass' Buffer Overflow VideoLAN VLC Media Player 0.8.6 a/b/c/d (Win32 Universal) - '.ass' Local Buffer Overflow RM Downloader - '.m3u' Buffer Overflow (SEH) RM Downloader - '.m3u' Local Buffer Overflow (SEH) SOMPL Player 1.0 - Buffer Overflow SOMPL Player 1.0 - Local Buffer Overflow Winamp 5.572 - Overflow (SEH) Winamp 5.572 - Local Overflow (SEH) Yahoo Player 1.0 - '.m3u' / '.pls' / '.ypl' Buffer Overflow (SEH) Yahoo Player 1.0 - '.m3u' / '.pls' / '.ypl' Local Buffer Overflow (SEH) Yahoo Player 1.0 - '.m3u' Buffer Overflow Yahoo Player 1.0 - '.m3u' Local Buffer Overflow KenWard's Zipper 1.400 - Buffer Overflow (2) KenWard's Zipper 1.400 - Local Buffer Overflow (2) ZipScan 2.2c - Overflow (SEH) PHP 6.0 Dev - 'str_transliterate()' Buffer Overflow ZipScan 2.2c - Local Overflow (SEH) PHP 6.0 Dev - 'str_transliterate()' Local Buffer Overflow PHP 6.0 Dev - 'str_transliterate()' Buffer Overflow (NX + ASLR Bypass) PHP 6.0 Dev - 'str_transliterate()' Local Buffer Overflow (NX + ASLR Bypass) WM Downloader 3.0.0.9 - Buffer Overflow (Metasploit) WM Downloader 3.0.0.9 - Local Buffer Overflow (Metasploit) AVCON H323Call - Buffer Overflow IDEAL Migration 4.5.1 - Buffer Overflow (Metasploit) AVCON H323Call - Local Buffer Overflow IDEAL Migration 4.5.1 - Local Buffer Overflow (Metasploit) SyncBack Freeware 3.2.20.0 - Overflow (SEH) SyncBack Freeware 3.2.20.0 - Local Overflow (SEH) Rumba FTP Client 'FTPSFtp.dll' 4.2.0.0 - 'OpenSession()' Buffer Overflow Rumba FTP Client 'FTPSFtp.dll' 4.2.0.0 - 'OpenSession()' Local Buffer Overflow IP2location.dll 1.0.0.1 - Function 'Initialize()' Buffer Overflow Mediacoder 0.7.3.4672 - Overflow (SEH) IP2location.dll 1.0.0.1 - Function 'Initialize()' Local Buffer Overflow Mediacoder 0.7.3.4672 - Local Overflow (SEH) Free WMA MP3 Converter 1.1 - Buffer Overflow (SEH) Free WMA MP3 Converter 1.1 - Local Buffer Overflow (SEH) Easy CD-DA Recorder 2007 - Buffer Overflow (SEH) Easy CD-DA Recorder 2007 - Local Buffer Overflow (SEH) ActivePerl 5.8.8.817 - Buffer Overflow Power Tab Editor 1.7 (Build 80) - Buffer Overflow Rosoft Audio Converter 4.4.4 - Buffer Overflow ActivePerl 5.8.8.817 - Local Buffer Overflow Power Tab Editor 1.7 (Build 80) - Local Buffer Overflow Rosoft Audio Converter 4.4.4 - Local Buffer Overflow FieldNotes 32 5.0 - Buffer Overflow (SEH) FieldNotes 32 5.0 - Local Buffer Overflow (SEH) BlazeDVD 6.0 - Buffer Overflow (Metasploit) RM Downloader 3.1.3 - Buffer Overflow (SEH) BlazeDVD 6.0 - Local Buffer Overflow (Metasploit) RM Downloader 3.1.3 - Local Buffer Overflow (SEH) HP OpenView Network Node Manager (OV NNM) 7.53 - 'ovwebsnmpsrv.exe' Buffer Overflow (SEH) HP OpenView Network Node Manager (OV NNM) 7.53 - 'ovwebsnmpsrv.exe' Local Buffer Overflow (SEH) MoreAmp - Buffer Overflow (SEH) (Metasploit) MoreAmp - Local Buffer Overflow (SEH) (Metasploit) ZipCentral - '.zip' Buffer Overflow (SEH) ZipCentral - '.zip' Local Buffer Overflow (SEH) WM Downloader 3.1.2.2 2010.04.15 - Buffer Overflow (SEH) HTML Email Creator 2.42 build 718 - Buffer Overflow (SEH) WM Downloader 3.1.2.2 - Buffer Overflow (1) WM Downloader 3.1.2.2 2010.04.15 - Local Buffer Overflow (SEH) HTML Email Creator 2.42 build 718 - Local Buffer Overflow (SEH) WM Downloader 3.1.2.2 - Local Buffer Overflow (1) Microsoft Windows - 'win32k.sys' Driver 'CreateDIBPalette()' Buffer Overflow Mini-stream Ripper 3.1.2.1 - Buffer Overflow (DEP Bypass) myMP3-Player 3.0 - Buffer Overflow Microsoft Windows - 'win32k.sys' Driver 'CreateDIBPalette()' Local Buffer Overflow Mini-stream Ripper 3.1.2.1 - Local Buffer Overflow (DEP Bypass) myMP3-Player 3.0 - Local Buffer Overflow Mediacoder 0.7.5.4710 - Buffer Overflow Mediacoder 0.7.5.4710 - 'Universal' Buffer Overflow (SEH) Mediacoder 0.7.5.4710 - Local Buffer Overflow Mediacoder 0.7.5.4710 - 'Universal' Local Buffer Overflow (SEH) Rosoft Media Player 4.4.4 - Buffer Overflow (SEH) (2) Rosoft Media Player 4.4.4 - Local Buffer Overflow (SEH) (2) MicroP 0.1.1.1600 - 'mppl' Buffer Overflow MicroP 0.1.1.1600 - 'mppl' Local Buffer Overflow Audiotran 1.4.2.4 - Overflow (SEH) Audiotran 1.4.2.4 - Local Overflow (SEH) MP3 Workstation 9.2.1.1.2 - Overflow (SEH) MP3 Workstation 9.2.1.1.2 - Local Overflow (SEH) BACnet OPC Client - Buffer Overflow (1) DJ Studio Pro 8.1.3.2.1 - Overflow (SEH) BACnet OPC Client - Local Buffer Overflow (1) DJ Studio Pro 8.1.3.2.1 - Local Overflow (SEH) Audiotran 1.4.2.4 - Overflow (SEH) (DEP Bypass) Audiotran 1.4.2.4 - Local Overflow (SEH) (DEP Bypass) MP3 Workstation 9.2.1.1.2 - Overflow (SEH) (Metasploit) MP3 Workstation 9.2.1.1.2 - Local Overflow (SEH) (Metasploit) iworkstation 9.3.2.1.4 - Overflow (SEH) Digital Music Pad 8.2.3.3.4 - Overflow (SEH) (Metasploit) iworkstation 9.3.2.1.4 - Local Overflow (SEH) Digital Music Pad 8.2.3.3.4 - Local Overflow (SEH) (Metasploit) Xion Audio Player 1.0.127 - '.m3u' Buffer Overflow Xion Audio Player 1.0.127 - '.m3u' Local Buffer Overflow Fat Player 0.6b - '.wav' Buffer Overflow (SEH) Fat Player 0.6b - '.wav' Local Buffer Overflow (SEH) MiniShare 1.4.0 < 1.5.5 - 'users.txt' Buffer Overflow MiniShare 1.5.5 - Buffer Overflow (SEH) GSPlayer 1.83a Win32 Release - Buffer Overflow MiniShare 1.4.0 < 1.5.5 - 'users.txt' Local Buffer Overflow MiniShare 1.5.5 - Local Buffer Overflow (SEH) GSPlayer 1.83a Win32 Release - Local Buffer Overflow Free CD to MP3 Converter 3.1 - Buffer Overflow Free CD to MP3 Converter 3.1 - Local Buffer Overflow Free CD to MP3 Converter 3.1 - Buffer Overflow (SEH) MP3-Nator 2.0 - Buffer Overflow (SEH) Free CD to MP3 Converter 3.1 - Local Buffer Overflow (SEH) MP3-Nator 2.0 - Local Buffer Overflow (SEH) Realtek Audio Control Panel 1.0.1.65 - Buffer Overflow Realtek Audio Microphone Calibration 1.1.1.6 - Buffer Overflow Realtek HD Audio Control Panel 2.1.3.2 - Buffer Overflow Realtek Audio Control Panel 1.0.1.65 - Local Buffer Overflow Realtek Audio Microphone Calibration 1.1.1.6 - Local Buffer Overflow Realtek HD Audio Control Panel 2.1.3.2 - Local Buffer Overflow MP3-Nator - Buffer Overflow (SEH) (DEP Bypass) MiniShare 1.5.5 - 'users.txt' Buffer Overflow (Egghunter) MP3-Nator - Local Buffer Overflow (SEH) (DEP Bypass) MiniShare 1.5.5 - 'users.txt' Local Buffer Overflow (Egghunter) Mediacoder 0.7.5.4792 - Buffer Overflow (SEH) Mediacoder 0.7.5.4797 - '.m3u' Buffer Overflow (SEH) Video Charge Studio 2.9.5.643 - '.vsc' Buffer Overflow (SEH) Mediacoder 0.7.5.4792 - Local Buffer Overflow (SEH) Mediacoder 0.7.5.4797 - '.m3u' Local Buffer Overflow (SEH) Video Charge Studio 2.9.5.643 - '.vsc' Local Buffer Overflow (SEH) FreeAmp 2.0.7 - '.m3u' Buffer Overflow PowerShell XP 3.0.1 - Buffer Overflow FreeAmp 2.0.7 - '.m3u' Local Buffer Overflow PowerShell XP 3.0.1 - Local Buffer Overflow Aesop GIF Creator 2.1 - '.aep' Buffer Overflow Altarsoft Audio Converter 1.1 - Buffer Overflow (SEH) Aesop GIF Creator 2.1 - '.aep' Local Buffer Overflow Altarsoft Audio Converter 1.1 - Local Buffer Overflow (SEH) Word Splash Pro 9.5 - Buffer Overflow MP3 CD Converter Professional - Buffer Overflow (SEH) Word Splash Pro 9.5 - Local Buffer Overflow MP3 CD Converter Professional - Local Buffer Overflow (SEH) Music Animation Machine MIDI Player - Buffer Overflow (SEH) Music Animation Machine MIDI Player - Local Buffer Overflow (SEH) Enzip 3.00 - Buffer Overflow BS.Player 2.57 - Buffer Overflow (SEH Unicode) Enzip 3.00 - Local Buffer Overflow BS.Player 2.57 - Local Buffer Overflow (SEH Unicode) Magic Music Editor - Buffer Overflow Nokia MultiMedia Player 1.0 - Overflow (SEH Unicode) Magic Music Editor - Local Buffer Overflow Nokia MultiMedia Player 1.0 - Local Overflow (SEH Unicode) eXtremeMP3 Player - Buffer Overflow (SEH) A-PDF All to MP3 Converter 2.0.0 - '.wav' Buffer Overflow eXtremeMP3 Player - Local Buffer Overflow (SEH) A-PDF All to MP3 Converter 2.0.0 - '.wav' Local Buffer Overflow A-PDF All to MP3 Converter 2.0.0 - '.wav' Buffer Overflow (SEH) A-PDF All to MP3 Converter 2.0.0 - '.wav' Local Buffer Overflow (SEH) CodeBlocks 8.02 - 'cbp' Buffer Overflow CodeBlocks 8.02 - 'cbp' Local Buffer Overflow AOL Desktop 9.6 - '.rtx' Buffer Overflow AOL Desktop 9.6 - '.rtx' Local Buffer Overflow MoviePlay 4.82 - '.lst' Buffer Overflow CuteZip 2.1 - Buffer Overflow MoviePlay 4.82 - '.lst' Local Buffer Overflow CuteZip 2.1 - Local Buffer Overflow Elecard AVC_HD/MPEG Player 5.7 - Buffer Overflow Elecard AVC_HD/MPEG Player 5.7 - Local Buffer Overflow Adobe - 'util.printf()' Buffer Overflow (Metasploit) (1) Adobe - 'util.printf()' Local Buffer Overflow (Metasploit) (1) Adobe - 'Collab.getIcon()' Buffer Overflow (Metasploit) (1) Adobe - 'Collab.getIcon()' Local Buffer Overflow (Metasploit) (1) VUPlayer - '.m3u' Buffer Overflow (Metasploit) VUPlayer - '.m3u' Local Buffer Overflow (Metasploit) Adobe - 'util.printf()' Buffer Overflow (Metasploit) (2) Adobe - 'util.printf()' Local Buffer Overflow (Metasploit) (2) Fat Player Media Player 0.6b0 - Buffer Overflow (Metasploit) Fat Player Media Player 0.6b0 - Local Buffer Overflow (Metasploit) Steinberg MyMP3Player 3.0 - Buffer Overflow (Metasploit) Steinberg MyMP3Player 3.0 - Local Buffer Overflow (Metasploit) WM Downloader 3.1.2.2 - Buffer Overflow (Metasploit) (2) WM Downloader 3.1.2.2 - Local Buffer Overflow (Metasploit) (2) Altap Salamander 2.5 PE Viewer - Buffer Overflow (Metasploit) VUPlayer - '.cue' Buffer Overflow (Metasploit) Altap Salamander 2.5 PE Viewer - Local Buffer Overflow (Metasploit) VUPlayer - '.cue' Local Buffer Overflow (Metasploit) A-PDF WAV to MP3 1.0.0 - Buffer Overflow (Metasploit) S.O.M.P.L 1.0 Player - Buffer Overflow (Metasploit) gAlan 0.2.1 - Buffer Overflow (Metasploit) (2) A-PDF WAV to MP3 1.0.0 - Local Buffer Overflow (Metasploit) S.O.M.P.L 1.0 Player - Local Buffer Overflow (Metasploit) gAlan 0.2.1 - Local Buffer Overflow (Metasploit) (2) BACnet OPC Client - Buffer Overflow (Metasploit) (2) BACnet OPC Client - Local Buffer Overflow (Metasploit) (2) Adobe - 'Collab.collectEmailInfo()' Buffer Overflow (Metasploit) Adobe - 'Collab.collectEmailInfo()' Local Buffer Overflow (Metasploit) Microsoft Visual Basic - '.VBP' Buffer Overflow (Metasploit) Adobe - 'Collab.getIcon()' Buffer Overflow (Metasploit) (2) Microsoft Visual Basic - '.VBP' Local Buffer Overflow (Metasploit) Adobe - 'Collab.getIcon()' Local Buffer Overflow (Metasploit) (2) Movavi VideoSuite 8.0 MediaPlayer - '.m3u' Buffer Overflow Movavi VideoSuite 8.0 MediaPlayer - '.m3u' Local Buffer Overflow ABBS Audio Media Player - '.m3u' / '.LST' Buffer Overflow ABBS Audio Media Player 3.0 - '.lst' Buffer Overflow (SEH) ABBS Electronic Flash Cards 2.1 - '.fcd' Buffer Overflow ABBS Audio Media Player - '.m3u' / '.LST' Local Buffer Overflow ABBS Audio Media Player 3.0 - '.lst' Local Buffer Overflow (SEH) ABBS Electronic Flash Cards 2.1 - '.fcd' Local Buffer Overflow POP Peeper 3.7 - Overflow (SEH) CORE MultiMedia Suite 2011 CORE Player 2.4 - '.m3u' Buffer Overflow Mediacoder 2011 RC3 - '.m3u' Buffer Overflow POP Peeper 3.7 - Local Overflow (SEH) CORE MultiMedia Suite 2011 CORE Player 2.4 - '.m3u' Local Buffer Overflow Mediacoder 2011 RC3 - '.m3u' Local Buffer Overflow Word List Builder - Buffer Overflow (SEH) MPlayer (r33064 Lite) - Buffer Overflow + ROP Word List Builder - Local Buffer Overflow (SEH) MPlayer (r33064 Lite) - Local Buffer Overflow+ ROP MikeyZip 1.1 - '.zip' Buffer Overflow MikeyZip 1.1 - '.zip' Local Buffer Overflow VeryTools VideoSpirit Pro 1.70 - '.visprj' Buffer Overflow (Metasploit) Wordtrainer 3.0 - '.ord' Buffer Overflow VeryTools VideoSpirit Pro 1.70 - '.visprj' Local Buffer Overflow (Metasploit) Wordtrainer 3.0 - '.ord' Local Buffer Overflow PlaylistMaker 1.5 - '.txt' Buffer Overflow PlaylistMaker 1.5 - '.txt' Local Buffer Overflow SimplyPlay 66 - '.pls' Buffer Overflow SimplyPlay 66 - '.pls' Local Buffer Overflow Wireshark 1.4.1 < 1.4.4 - Overflow (SEH) Wireshark 1.4.1 < 1.4.4 - Local Overflow (SEH) Subtitle Processor 7.7.1 - Buffer Overflow (SEH Unicode) NetOp Remote Control 8.0/9.1/9.2/9.5 - Buffer Overflow Subtitle Processor 7.7.1 - Local Buffer Overflow (SEH Unicode) NetOp Remote Control 8.0/9.1/9.2/9.5 - Local Buffer Overflow PHP 5.3.5 - 'socket_connect()' Buffer Overflow Chasys Media Player 2.0 - Buffer Overflow (SEH) PHP 5.3.5 - 'socket_connect()' Local Buffer Overflow Chasys Media Player 2.0 - Local Buffer Overflow (SEH) CoolPlayer Portable 2.19.2 - Buffer Overflow Sonique 1.96 - '.m3u' Buffer Overflow SpongeBob SquarePants Typing - Buffer Overflow (SEH) CoolPlayer Portable 2.19.2 - Local Buffer Overflow Sonique 1.96 - '.m3u' Local Buffer Overflow SpongeBob SquarePants Typing - Local Buffer Overflow (SEH) The KMPlayer 3.0.0.1440 (Windows 7) - '.mp3' Buffer Overflow (ASLR Bypass) The KMPlayer 3.0.0.1440 (Windows 7) - '.mp3' Local Buffer Overflow (ASLR Bypass) FreeAmp 2.0.7 - '.fat' Buffer Overflow FreeAmp 2.0.7 - '.pls' Buffer Overflow FreeAmp 2.0.7 - '.fat' Local Buffer Overflow FreeAmp 2.0.7 - '.pls' Local Buffer Overflow PHP 5.3.6 - Buffer Overflow (ROP) (PoC) PHP 5.3.6 - Local Buffer Overflow (ROP) (PoC) Word List Builder 1.0 - Buffer Overflow (Metasploit) Wordtrainer 3.0 - '.ord' Buffer Overflow (Metasploit) CoolPlayer Portable 2.19.2 - Buffer Overflow (Metasploit) Word List Builder 1.0 - Local Buffer Overflow (Metasploit) Wordtrainer 3.0 - '.ord' Local Buffer Overflow (Metasploit) CoolPlayer Portable 2.19.2 - Local Buffer Overflow (Metasploit) ZipGenius 6.3.2.3000 - '.zip' Buffer Overflow ZipGenius 6.3.2.3000 - '.zip' Local Buffer Overflow MPlayer Lite r33064 - '.m3u' Buffer Overflow (DEP Bypass) Zinf Audio Player 2.2.1 - '.pls' Buffer Overflow (DEP Bypass) ABBS Audio Media Player 3.0 - Buffer Overflow (Metasploit) ABBS Electronic Flashcards 2.1 - Buffer Overflow (Metasploit) FreeAmp 2.0.7 - '.fat' Buffer Overflow (Metasploit) MPlayer Lite r33064 - '.m3u' Local Buffer Overflow (DEP Bypass) Zinf Audio Player 2.2.1 - '.pls' Local Buffer Overflow (DEP Bypass) ABBS Audio Media Player 3.0 - Local Buffer Overflow (Metasploit) ABBS Electronic Flashcards 2.1 - Local Buffer Overflow (Metasploit) FreeAmp 2.0.7 - '.fat' Local Buffer Overflow (Metasploit) CoolPlayer Portable 2.19.2 - Buffer Overflow (ASLR Bypass) (1) CoolPlayer Portable 2.19.2 - Local Buffer Overflow (ASLR Bypass) (1) DVD X Player 5.5 Pro - Overflow (SEH + ASLR + DEP Bypass) ScadaTEC ModbusTagServer & ScadaPhone - '.zip' Buffer Overflow DVD X Player 5.5 Pro - Local Overflow (SEH + ASLR + DEP Bypass) ScadaTEC ModbusTagServer & ScadaPhone - '.zip' Local Buffer Overflow Wav Player 1.1.3.6 - '.pll' Buffer Overflow Wav Player 1.1.3.6 - '.pll' Local Buffer Overflow Muse Music All-in-One 1.5.0.001 - '.pls' Buffer Overflow (DEP Bypass) Muse Music All-in-One 1.5.0.001 - '.pls' Local Buffer Overflow (DEP Bypass) GTA SA-MP - 'server.cfg' Buffer Overflow (Metasploit) GTA SA-MP - 'server.cfg' Local Buffer Overflow (Metasploit) Mini-stream Ripper 3.0.1.1 - Buffer Overflow (Metasploit) (3) Mini-stream Ripper 3.0.1.1 - Local Buffer Overflow (Metasploit) (3) Microsoft Excel 2007 - '.xlb' Buffer Overflow (MS11-021) (Metasploit) Microsoft Excel 2007 - '.xlb' Local Buffer Overflow (MS11-021) (Metasploit) BS.Player 2.57 - Buffer Overflow (SEH Unicode) (Metasploit) BS.Player 2.57 - Local Buffer Overflow (SEH Unicode) (Metasploit) DJ Studio Pro 5.1.6.5.2 - Overflow (SEH) (Metasploit) DJ Studio Pro 5.1.6.5.2 - Local Overflow (SEH) (Metasploit) Socusoft Photo 2 Video 8.05 - Buffer Overflow Socusoft Photo 2 Video 8.05 - Local Buffer Overflow RM Downloader 3.1.3.3.2010.06.26 - '.m3u' Buffer Overflow (Metasploit) RM Downloader 3.1.3.3.2010.06.26 - '.m3u' Local Buffer Overflow (Metasploit) Bitsmith PS Knowbase 3.2.3 - Buffer Overflow BlazeVideo HDTV Player 6.6 Professional - Overflow (SEH + ASLR + DEP Bypass) Bitsmith PS Knowbase 3.2.3 - Local Buffer Overflow BlazeVideo HDTV Player 6.6 Professional - Local Overflow (SEH + ASLR + DEP Bypass) GSM SIM Editor 5.15 - Buffer Overflow (Metasploit) xRadio 0.95b - Buffer Overflow (Metasploit) Shadow Stream Recorder 3.0.1.7 - Buffer Overflow (Metasploit) GSM SIM Editor 5.15 - Local Buffer Overflow (Metasploit) xRadio 0.95b - Local Buffer Overflow (Metasploit) Shadow Stream Recorder 3.0.1.7 - Local Buffer Overflow (Metasploit) SkinCrafter ActiveX Control 3.0 - Buffer Overflow SkinCrafter ActiveX Control 3.0 - Local Buffer Overflow Fred N. van Kempen dip 3.3.7 - Buffer Overflow (1) Fred N. van Kempen dip 3.3.7 - Buffer Overflow (2) Fred N. van Kempen dip 3.3.7 - Local Buffer Overflow (1) Fred N. van Kempen dip 3.3.7 - Local Buffer Overflow (2) TFM MMPlayer - '.m3u' / '.ppl' Buffer Overflow (Metasploit) TFM MMPlayer - '.m3u' / '.ppl' Local Buffer Overflow (Metasploit) Sun Solaris 7.0 - '/usr/dt/bin/dtprintinfo' Buffer Overflow Sun Solaris 7.0 - '/usr/bin/lpset' Buffer Overflow Sun Solaris 7.0 - '/usr/dt/bin/dtprintinfo' Local Buffer Overflow Sun Solaris 7.0 - '/usr/bin/lpset' Local Buffer Overflow Xcmail 0.99.6 - Buffer Overflow Xcmail 0.99.6 - Local Buffer Overflow Slackware Linux 3.1 - '/usr/X11/bin/SuperProbe' Buffer Overflow Armidale Software Yapp Conferencing System 2.2 - Buffer Overflow Slackware Linux 3.1/3.2 - 'color_xterm' Buffer Overflow (1) Slackware Linux 3.1/3.2 - 'color_xterm' Buffer Overflow (2) Slackware Linux 3.1 - '/usr/X11/bin/SuperProbe' Local Buffer Overflow Armidale Software Yapp Conferencing System 2.2 - Local Buffer Overflow Slackware Linux 3.1/3.2 - 'color_xterm' Local Buffer Overflow (1) Slackware Linux 3.1/3.2 - 'color_xterm' Local Buffer Overflow (2) IBM AIX 4.2.1 - '/usr/bin/portmir' Buffer Overflow / Insecure Temporary File Creation IBM AIX 4.2 - 'ping' Buffer Overflow IBM AIX 4.2 - '/usr/sbin/lchangelv' Buffer Overflow IBM AIX 4.2.1 - '/usr/bin/portmir' Local Buffer Overflow / Insecure Temporary File Creation IBM AIX 4.2 - 'ping' Local Buffer Overflow IBM AIX 4.2 - '/usr/sbin/lchangelv' Local Buffer Overflow RedHat Linux 5.0/5.1/5.2 / Slackware Linux 3.5 - 'klogd' Buffer Overflow (1) RedHat Linux 5.0/5.1/5.2 / Slackware Linux 3.5 - 'klogd' Buffer Overflow (2) RedHat Linux 5.0/5.1/5.2 / Slackware Linux 3.5 - 'klogd' Local Buffer Overflow (1) RedHat Linux 5.0/5.1/5.2 / Slackware Linux 3.5 - 'klogd' Local Buffer Overflow (2) URL Hunter - Buffer Overflow DEP Bypass Solaris 2.5.1 - 'kcms' Buffer Overflow (1) Solaris 2.5.1 - 'kcms' Buffer Overflow (2) URL Hunter - Local Buffer OverflowDEP Bypass Solaris 2.5.1 - 'kcms' Local Buffer Overflow (1) Solaris 2.5.1 - 'kcms' Local Buffer Overflow (2) Linux libc 5.3.12/5.4 / RedHat Linux 4.0 - 'vsyslog()' Buffer Overflow Linux libc 5.3.12/5.4 / RedHat Linux 4.0 - 'vsyslog()' Local Buffer Overflow Xi Graphics Accelerated X 4.0.x/5.0 - Buffer Overflow VMware 1.0.1 - Buffer Overflow Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E 6.1 - 'Lsof' Buffer Overflow (1) Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E 6.1 - 'Lsof' Buffer Overflow (2) Xi Graphics Accelerated X 4.0.x/5.0 - Local Buffer Overflow VMware 1.0.1 - Local Buffer Overflow Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E 6.1 - 'Lsof' Local Buffer Overflow (1) Debian 2.0/2.0 r5 / FreeBSD 3.2 / OpenBSD 2.4 / RedHat 5.2 i386 / S.u.S.E 6.1 - 'Lsof' Local Buffer Overflow (2) Samba < 2.0.5 - Overflow Samba < 2.0.5 - Local Overflow RedHat Linux 6.0 / Slackware Linux 4.0 - Termcap 'tgetent()' Buffer Overflow (1) RedHat Linux 6.0 / Slackware Linux 4.0 - Termcap 'tgetent()' Buffer Overflow (2) RedHat Linux 6.0 / Slackware Linux 4.0 - Termcap 'tgetent()' Local Buffer Overflow (1) RedHat Linux 6.0 / Slackware Linux 4.0 - Termcap 'tgetent()' Local Buffer Overflow (2) Martin Stover Mars NWE 0.99 - Buffer Overflow DIGITAL UNIX 4.0 d/e/f / AIX 4.3.2 / CDE 2.1 / IRIX 6.5.14 / Solaris 7.0 - Buffer Overflow Martin Stover Mars NWE 0.99 - Local Buffer Overflow DIGITAL UNIX 4.0 d/e/f / AIX 4.3.2 / CDE 2.1 / IRIX 6.5.14 / Solaris 7.0 - Local Buffer Overflow DIGITAL UNIX 4.0 d/f / AIX 4.3.2 / CDE 2.1 / IRIX 6.5.14 / Solaris 7.0 / SunOS 4.1.4 - Buffer Overflow DIGITAL UNIX 4.0 d/f / AIX 4.3.2 / CDE 2.1 / IRIX 6.5.14 / Solaris 7.0 / SunOS 4.1.4 - Local Buffer Overflow BSD/OS 2.1/3.0 / Larry Wall Perl 5.0 03 / RedHat 4.0/4.1 / SGI Freeware 1.0/2.0 SUIDPerl - Overflow (1) BSD/OS 2.1/3.0 / Larry Wall Perl 5.0 03 / RedHat 4.0/4.1 / SGI Freeware 1.0/2.0 SUIDPerl - Overflow (2) BSD/OS 2.1/3.0 / Larry Wall Perl 5.0 03 / RedHat 4.0/4.1 / SGI Freeware 1.0/2.0 SUIDPerl - Local Overflow (1) BSD/OS 2.1/3.0 / Larry Wall Perl 5.0 03 / RedHat 4.0/4.1 / SGI Freeware 1.0/2.0 SUIDPerl - Local Overflow (2) xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (1) xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Buffer Overflow (2) IRIX 6.5 / Solaris 7.0 / Turbolinux 4.2 - 'uum' Buffer Overflow Turbolinux 3.5 b2 - 'canuum' Buffer Overflow Yamaha MidiPlug 1.1 b-j MidiPlug - Buffer Overflow Hylafax Hylafax 4.0.2 - Buffer Overflow xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Local Buffer Overflow (1) xsoldier (FreeBSD 3.3/Linux Mandrake 7.0) - Local Buffer Overflow (2) IRIX 6.5 / Solaris 7.0 / Turbolinux 4.2 - 'uum' Local Buffer Overflow Turbolinux 3.5 b2 - 'canuum' Local Buffer Overflow Yamaha MidiPlug 1.1 b-j MidiPlug - Local Buffer Overflow Hylafax Hylafax 4.0.2 - Local Buffer Overflow SCO Unixware 7.0 - 'xlock(1)' 'Username' Buffer Overflow SCO Unixware 7.0 - 'xlock(1)' 'Username' Local Buffer Overflow FreeBSD 3.3 - 'gdc' Buffer Overflow FreeBSD 3.3 - 'gdc' Local Buffer Overflow FreeBSD 3.3 - 'xmindpath' Buffer Overflow FreeBSD 3.3 - 'angband' Buffer Overflow FreeBSD 3.3 - 'xmindpath' Local Buffer Overflow FreeBSD 3.3 - 'angband' Local Buffer Overflow RSA Security RSAREF 2.0 - Buffer Overflow SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'xauto' Buffer Overflow RSA Security RSAREF 2.0 - Local Buffer Overflow SCO Unixware 7.0/7.0.1/7.1/7.1.1 - 'xauto' Local Buffer Overflow SCO Unixware 7.1 pkgcat - Buffer Overflow SCO Unixware 7.1 pkginstall - Buffer Overflow SCO Unixware 7.1 pkgcat - Local Buffer Overflow SCO Unixware 7.1 pkginstall - Local Buffer Overflow VDOLive Player 3.0.2 - Buffer Overflow VDOLive Player 3.0.2 - Local Buffer Overflow SCO Open Server 5.0.5 / IRIX 6.2 ibX11/X11 Toolkit/Athena Widget Library - Buffer Overflows SCO Open Server 5.0.5 / IRIX 6.2 ibX11/X11 Toolkit/Athena Widget Library - Local Buffer Overflows Inter7 vpopmail (vchkpw) 3.4.11 - Buffer Overflow Inter7 vpopmail (vchkpw) 3.4.11 - Local Buffer Overflow Microsoft Clip Art Gallery 5.0 - Buffer Overflow Microsoft Clip Art Gallery 5.0 - Local Buffer Overflow Sam Hawker wmcdplay 1.0 beta1-2 - Buffer Overflow (1) Sam Hawker wmcdplay 1.0 beta1-2 - Buffer Overflow (2) Sam Hawker wmcdplay 1.0 beta1-2 - Local Buffer Overflow (1) Sam Hawker wmcdplay 1.0 beta1-2 - Local Buffer Overflow (2) Solaris 2.6/7.0 - 'lpset -r' Buffer Overflow (1) Solaris 2.6/7.0 - 'lpset -r' Buffer Overflow (2) Solaris 2.6/7.0 - 'lpset -r' Buffer Overflow (3) Solaris 2.6/7.0 - 'lpset -r' Local Buffer Overflow (1) Solaris 2.6/7.0 - 'lpset -r' Local Buffer Overflow (2) Solaris 2.6/7.0 - 'lpset -r' Local Buffer Overflow (3) SuSE Linux 6.3/6.4 Gnomelib - Buffer Overflow SuSE Linux 6.3/6.4 Gnomelib - Local Buffer Overflow Solaris 2.6/7.0/8 - 'netpr' Buffer Overflow (1) Solaris 2.6/7.0/8 - 'netpr' Buffer Overflow (2) Solaris 2.6/7.0/8 - 'netpr' Local Buffer Overflow (1) Solaris 2.6/7.0/8 - 'netpr' Local Buffer Overflow (2) Cygnus Network Security 4.0/KerbNet 5.0 / MIT Kerberos 4/5 / RedHat 6.2 - Compatibility 'krb_rd_req()' Buffer Overflow (2) Cygnus Network Security 4.0/KerbNet 5.0 / MIT Kerberos 4/5 / RedHat 6.2 - Compatibility 'krb_rd_req()' Local Buffer Overflow (2) S.u.S.E Linux 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Buffer Overflow (1) S.u.S.E Linux 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Buffer Overflow (2) S.u.S.E Linux 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Buffer Overflow (3) S.u.S.E Linux 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Local Buffer Overflow (1) S.u.S.E Linux 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Local Buffer Overflow (2) S.u.S.E Linux 4.x/5.x/6.x/7.0 / Slackware 3.x/4.0 / Turbolinux 6 / OpenLinux 7.0 - 'fdmount' Local Buffer Overflow (3) Mandriva Linux Mandrake 7.0 - Buffer Overflow Mandriva Linux Mandrake 7.0 - Local Buffer Overflow BSD 'mailx' 8.1.1-10 - Buffer Overflow (1) mailx 8.1.1-10 (BSD/Slackware) - Buffer Overflow (2) BSD 'mailx' 8.1.1-10 - Local Buffer Overflow (1) mailx 8.1.1-10 (BSD/Slackware) - Local Buffer Overflow (2) Sam Lantinga splitvt 1.6.3 - Buffer Overflow Solaris 2.5/2.6/7.0/8 ufsrestore - Buffer Overflow Sam Lantinga splitvt 1.6.3 - Local Buffer Overflow Solaris 2.5/2.6/7.0/8 ufsrestore - Local Buffer Overflow Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - Buffer Overflow (ASLR + DEP Bypass) IRIX 6.5.x - '/usr/sbin/gr_osview' Buffer Overflow SGI IRIX 6.2 - 'libgl.so' Buffer Overflow IRIX 6.5.x - '/usr/sbin/dmplay' Buffer Overflow IRIX 6.2/6.3 - '/bin/lpstat' Buffer Overflow Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - Local Buffer Overflow (ASLR + DEP Bypass) IRIX 6.5.x - '/usr/sbin/gr_osview' Local Buffer Overflow SGI IRIX 6.2 - 'libgl.so' Local Buffer Overflow IRIX 6.5.x - '/usr/sbin/dmplay' Local Buffer Overflow IRIX 6.2/6.3 - '/bin/lpstat' Local Buffer Overflow IRIX 5.3/6.x - '/usr/bin/mail' Buffer Overflow IRIX 5.3/6.x - '/usr/bin/mail' Local Buffer Overflow CoolPlayer Portable 2.19.2 - Buffer Overflow (ASLR Bypass) (2) CoolPlayer Portable 2.19.2 - Local Buffer Overflow (ASLR Bypass) (2) CoolPlayer+ Portable 2.19.2 - Buffer Overflow (ASLR Bypass) CoolPlayer+ Portable 2.19.2 - Local Buffer Overflow (ASLR Bypass) Exim Buffer 1.6.2/1.6.51 - Overflow Exim Buffer 1.6.2/1.6.51 - Local Overflow Jan Hubicka Koules 1.4 - 'Svgalib' Buffer Overflow Jan Hubicka Koules 1.4 - 'Svgalib' Local Buffer Overflow aSc Timetables 2017 - Buffer Overflow aSc Timetables 2017 - Local Buffer Overflow IBM AIX 4.x - '/usr/bin/setsenv' Buffer Overflow IBM AIX 4.3 - '/usr/lib/lpd/digest' Buffer Overflow IBM AIX 4.x - 'enq' Buffer Overflow IBM AIX 4.3.x - '/usr/lib/lpd/piobe' Buffer Overflow IBM AIX 4.x - '/usr/bin/setsenv' Local Buffer Overflow IBM AIX 4.3 - '/usr/lib/lpd/digest' Local Buffer Overflow IBM AIX 4.x - 'enq' Local Buffer Overflow IBM AIX 4.3.x - '/usr/lib/lpd/piobe' Local Buffer Overflow Rob Malda ASCDC 0.3 - Buffer Overflow (1) Rob Malda ASCDC 0.3 - Buffer Overflow (2) Rob Malda ASCDC 0.3 - Local Buffer Overflow (1) Rob Malda ASCDC 0.3 - Local Buffer Overflow (2) Solaris 2.5/2.6/7.0/8 tip - Buffer Overflow Solaris 2.5/2.6/7.0/8 tip - Local Buffer Overflow DG/UX 4.20 lpsched - 'Error Message' Buffer Overflow DG/UX 4.20 lpsched - 'Error Message' Local Buffer Overflow SGI IRIX 6.5 / Solaris 7.0/8 CDE - '/usr/dt/bin/dtsession' Buffer Overflow SGI IRIX 6.5 / Solaris 7.0/8 CDE - '/usr/dt/bin/dtsession' Local Buffer Overflow Solaris 2.5/2.6/7.0/8 - 'mailx -F' Buffer Overflow (1) Solaris 2.5/2.6/7.0/8 - 'mailx -F' Buffer Overflow (2) Solaris 2.5/2.6/7.0/8 - 'mailx -F' Local Buffer Overflow (1) Solaris 2.5/2.6/7.0/8 - 'mailx -F' Local Buffer Overflow (2) Solaris 8 mailtool - Buffer Overflow Solaris 8 mailtool - Local Buffer Overflow kosch suid wrapper 1.1.1 - Buffer Overflow kosch suid wrapper 1.1.1 - Local Buffer Overflow Rxvt 2.6.1/2.6.2 - Buffer Overflow Rxvt 2.6.1/2.6.2 - Local Buffer Overflow cfingerd 1.4.1/1.4.2/1.4.3 Utilities - Buffer Overflow (1) cfingerd 1.4.1/1.4.2/1.4.3 Utilities - Buffer Overflow (2) cfingerd 1.4.1/1.4.2/1.4.3 Utilities - Buffer Overflow (3) cfingerd 1.4.1/1.4.2/1.4.3 Utilities - Local Buffer Overflow (1) cfingerd 1.4.1/1.4.2/1.4.3 Utilities - Local Buffer Overflow (2) cfingerd 1.4.1/1.4.2/1.4.3 Utilities - Local Buffer Overflow (3) Solaris 8 libsldap - Buffer Overflow (1) Solaris 8 libsldap - Buffer Overflow (2) Solaris 2.6/2.6/7.0/8 whodo - Buffer Overflow Solaris 8 libsldap - Local Buffer Overflow (1) Solaris 8 libsldap - Local Buffer Overflow (2) Solaris 2.6/2.6/7.0/8 whodo - Local Buffer Overflow Xvt 2.1 - Buffer Overflow Xvt 2.1 - Local Buffer Overflow AIX 4.2/4.3 - '/usr/lib/lpd/pio/etc/piomkapqd' Buffer Overflow AIX 4.2/4.3 - '/usr/lib/lpd/pio/etc/piomkapqd' Local Buffer Overflow SuSE Linux 6.4/7.0/7.1/7.2 Berkeley Parallel Make - Buffer Overflow SuSE Linux 6.4/7.0/7.1/7.2 Berkeley Parallel Make - Local Buffer Overflow Internet Download Manager - Buffer Overflow (SEH) Internet Download Manager - Local Buffer Overflow (SEH) GNU Screen 3.9.x Braille Module - Buffer Overflow GNU Screen 3.9.x Braille Module - Local Buffer Overflow IBM Informix SE 7.25 sqlexec - Buffer Overflow (1) IBM Informix SE 7.25 sqlexec - Buffer Overflow (2) IBM Informix SE 7.25 sqlexec - Local Buffer Overflow (1) IBM Informix SE 7.25 sqlexec - Local Buffer Overflow (2) QNX RTOS 6.1 - 'PKG-Installer' Buffer Overflow QNX RTOS 6.1 - 'PKG-Installer' Local Buffer Overflow HP CIFS/9000 Server A.01.05/A.01.06 - Buffer Overflow HP CIFS/9000 Server A.01.05/A.01.06 - Local Buffer Overflow NCMedia Sound Editor Pro 7.5.1 - Overflow (SEH + DEP Bypass) NCMedia Sound Editor Pro 7.5.1 - Local Overflow (SEH + DEP Bypass) HP Tru64/OSF1 DXTerm - Buffer Overflow HP Tru64/OSF1 DXTerm - Local Buffer Overflow PLIB 1.8.5 - 'ssg/ssgParser.cxx' Buffer Overflow PLIB 1.8.5 - 'ssg/ssgParser.cxx' Local Buffer Overflow HPUX 10.20/11 Wall Message - Buffer Overflow HPUX 10.20/11 Wall Message - Local Buffer Overflow HT Editor 2.0.20 - Buffer Overflow (ROP) (PoC) HT Editor 2.0.20 - Local Buffer Overflow (ROP) (PoC) Microsoft Windows XP/2000 - 'RunDLL32.exe' Buffer Overflow Microsoft Windows XP/2000 - 'RunDLL32.exe' Local Buffer Overflow XBlast 2.6.1 - 'HOME Environment' Buffer Overflow XBlast 2.6.1 - 'HOME Environment' Local Buffer Overflow ViRobot Linux Server 2.0 - Overflow ViRobot Linux Server 2.0 - Local Overflow Nvidia Display Driver Service (Nsvr) - Buffer Overflow Nvidia Display Driver Service (Nsvr) - Local Buffer Overflow VirtualDJ Pro/Home 7.3 - Buffer Overflow HexChat 2.9.4 - Overflow VirtualDJ Pro/Home 7.3 - Local Buffer Overflow HexChat 2.9.4 - Local Overflow FuzeZip 1.0.0.131625 - Buffer Overflow (SEH) WinArchiver 3.2 - Buffer Overflow (SEH) FuzeZip 1.0.0.131625 - Local Buffer Overflow (SEH) WinArchiver 3.2 - Local Buffer Overflow (SEH) AudioCoder 0.8.18 - Buffer Overflow (SEH) AudioCoder 0.8.18 - Local Buffer Overflow (SEH) ABBS Audio Media Player 3.1 - '.lst' Buffer Overflow ABBS Audio Media Player 3.1 - '.lst' Local Buffer Overflow AudioCoder - '.m3u' Buffer Overflow (Metasploit) AudioCoder - '.m3u' Local Buffer Overflow (Metasploit) Adrenalin Player 2.2.5.3 - '.m3u' Buffer Overflow (SEH) Adrenalin Player 2.2.5.3 - '.m3u' Local Buffer Overflow (SEH) AdobeCollabSync - Buffer Overflow Adobe Reader X Sandbox Bypass (Metasploit) AdobeCollabSync - Local Buffer OverflowAdobe Reader X Sandbox Bypass (Metasploit) PHP 5.0.0 - 'tidy_parse_file()' Buffer Overflow PHP 5.0.0 - 'tidy_parse_file()' Local Buffer Overflow Adrenalin Player 2.2.5.3 - '.wax' Buffer Overflow (SEH) Adrenalin Player 2.2.5.3 - '.wax' Local Buffer Overflow (SEH) Adrenalin Player 2.2.5.3 - '.asx' Buffer Overflow (SEH) Adrenalin Player 2.2.5.3 - '.asx' Local Buffer Overflow (SEH) Mediacoder (.lst) - Buffer Overflow (SEH) Mediacoder - '.m3u' Buffer Overflow (SEH) Mediacoder PMP Edition 0.8.17 - '.m3u' Buffer Overflow Mediacoder (.lst) - Local Buffer Overflow (SEH) Mediacoder - '.m3u' Local Buffer Overflow (SEH) Mediacoder PMP Edition 0.8.17 - '.m3u' Local Buffer Overflow Static HTTP Server 1.0 - Overflow (SEH) AudioCoder (.lst) - Buffer Overflow (Metasploit) Adrenalin Player 2.2.5.3 - '.wvx' Buffer Overflow (SEH) Static HTTP Server 1.0 - Local Overflow (SEH) AudioCoder (.lst) - Local Buffer Overflow (Metasploit) Adrenalin Player 2.2.5.3 - '.wvx' Local Buffer Overflow (SEH) ABBS Audio Media Player - '.LST' Buffer Overflow (Metasploit) ABBS Audio Media Player - '.LST' Local Buffer Overflow (Metasploit) Easy LAN Folder Share 3.2.0.100 - Buffer Overflow (SEH) Easy LAN Folder Share 3.2.0.100 - Local Buffer Overflow (SEH) Chasys Draw IES - Buffer Overflow (Metasploit) Chasys Draw IES - Local Buffer Overflow (Metasploit) glibc and eglibc 2.5/2.7/2.13 - Buffer Overflow glibc and eglibc 2.5/2.7/2.13 - Local Buffer Overflow Internet Haut Debit Mobile PCW_MATMARV1.0.0B03 - Buffer Overflow (SEH) Beetel Connection Manager PCW_BTLINDV1.0.0B04 - Buffer Overflow (SEH) Internet Haut Debit Mobile PCW_MATMARV1.0.0B03 - Local Buffer Overflow (SEH) Beetel Connection Manager PCW_BTLINDV1.0.0B04 - Local Buffer Overflow (SEH) BlazeDVD Pro Player 7.0 - '.plf' Buffer Overflow (SEH) BlazeDVD Pro Player 7.0 - '.plf' Local Buffer Overflow (SEH) VideoCharge Studio 2.12.3.685 - Buffer Overflow (SEH) VideoCharge Studio 2.12.3.685 - Local Buffer Overflow (SEH) Watermark Master 2.2.23 - Buffer Overflow (SEH) BlazeDVD 6.2 - '.plf' Buffer Overflow (SEH) AudioCoder 0.8.22 - '.m3u' Buffer Overflow (SEH) Watermark Master 2.2.23 - Local Buffer Overflow (SEH) BlazeDVD 6.2 - '.plf' Local Buffer Overflow (SEH) AudioCoder 0.8.22 - '.m3u' Local Buffer Overflow (SEH) Steinberg MyMp3PRO 5.0 - Buffer Overflow (SEH) (DEP Bypass + ROP) Steinberg MyMp3PRO 5.0 - Local Buffer Overflow (SEH) (DEP Bypass + ROP) VideoSpirit Pro 1.90 - Buffer Overflow (SEH) VideoSpirit Pro 1.90 - Local Buffer Overflow (SEH) VideoSpirit Lite 1.77 - Buffer Overflow (SEH) VideoSpirit Lite 1.77 - Local Buffer Overflow (SEH) Watermark Master 2.2.23 - '.wstyle' Buffer Overflow (SEH) Watermark Master 2.2.23 - '.wstyle' Local Buffer Overflow (SEH) Light Alloy 4.7.3 - '.m3u' Buffer Overflow (SEH Unicode) Light Alloy 4.7.3 - '.m3u' Local Buffer Overflow (SEH Unicode) GOM Player 2.2.53.5169 - '.reg' Buffer Overflow (SEH) GOM Player 2.2.53.5169 - '.reg' Local Buffer Overflow (SEH) Total Video Player 1.3.1 (Settings.ini) - Buffer Overflow (SEH) Total Video Player 1.3.1 (Settings.ini) - Local Buffer Overflow (SEH) Kingsoft Office Writer 2012 8.1.0.3385 - '.wps' Buffer Overflow (SEH) Kingsoft Office Writer 2012 8.1.0.3385 - '.wps' Local Buffer Overflow (SEH) Adrenalin Player 2.2.5.3 - '.m3u' Buffer Overflow (SEH) (ASLR + DEP Bypass) Adrenalin Player 2.2.5.3 - '.m3u' Local Buffer Overflow (SEH) (ASLR + DEP Bypass) Publish-It 3.6d - '.pui' Buffer Overflow (SEH) Publish-It 3.6d - '.pui' Local Buffer Overflow (SEH) Easy CD-DA Recorder - '.pls' Buffer Overflow (Metasploit) Easy CD-DA Recorder - '.pls' Local Buffer Overflow (Metasploit) Gold MP4 Player 3.3 - Buffer Overflow (SEH) Total Video Player 1.3.1 - 'Settings.ini' Buffer Overflow (SEH) (Metasploit) Gold MP4 Player 3.3 - Local Buffer Overflow (SEH) Total Video Player 1.3.1 - 'Settings.ini' Local Buffer Overflow (SEH) (Metasploit) ALLPlayer 5.8.1 - '.m3u' Buffer Overflow (SEH) Calavera UpLoader 3.5 - Buffer Overflow (SEH) ALLPlayer 5.8.1 - '.m3u' Local Buffer Overflow (SEH) Calavera UpLoader 3.5 - Local Buffer Overflow (SEH) ALLPlayer - '.m3u' Buffer Overflow (Metasploit) KMPlayer 3.8.0.117 - Buffer Overflow ALLPlayer - '.m3u' Local Buffer Overflow (Metasploit) KMPlayer 3.8.0.117 - Local Buffer Overflow MP3Info 0.8.5a - Buffer Overflow (SEH) MP3Info 0.8.5a - Local Buffer Overflow (SEH) Anti-Trojan Elite 4.2.1 - 'Atepmon.sys' IOCTL Request Local Overflow / Privilege Escalation Free WMA MP3 Converter 1.8 - '.wav' Buffer Overflow Free WMA MP3 Converter 1.8 - '.wav' Local Buffer Overflow i-FTP 2.20 - Buffer Overflow (SEH) i-FTP 2.20 - Local Buffer Overflow (SEH) Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' Buffer Overflow (SEH) Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' Local Buffer Overflow (SEH) BulletProof FTP Client 2010 - Buffer Overflow (SEH) (Ruby) VFU 4.10-1.1 - Buffer Overflow BulletProof FTP Client 2010 - Local Buffer Overflow (SEH) (Ruby) VFU 4.10-1.1 - Local Buffer Overflow Advantech AdamView 4.30.003 - '.gni' Buffer Overflow (SEH) Advantech AdamView 4.30.003 - '.gni' Local Buffer Overflow (SEH) i-FTP Schedule - Buffer Overflow (Metasploit) i-FTP Schedule - Local Buffer Overflow (Metasploit) T-Mobile Internet Manager - Buffer Overflow (SEH) Congstar Internet Manager - Buffer Overflow (SEH) T-Mobile Internet Manager - Local Buffer Overflow (SEH) Congstar Internet Manager - Local Buffer Overflow (SEH) MooPlayer 1.3.0 - 'm3u' Buffer Overflow (SEH) (1) MooPlayer 1.3.0 - 'm3u' Local Buffer Overflow (SEH) (1) Publish-It 3.6d - Buffer Overflow (SEH) Publish-It 3.6d - Local Buffer Overflow (SEH) Publish-It - '.PUI' Buffer Overflow (SEH) (Metasploit) Publish-It - '.PUI' Local Buffer Overflow (SEH) (Metasploit) MooPlayer 1.3.0 - 'm3u' Buffer Overflow (SEH) (2) MooPlayer 1.3.0 - 'm3u' Local Buffer Overflow (SEH) (2) Mediacoder 0.8.34.5716 - '.m3u' Buffer Overflow (SEH) Mediacoder 0.8.34.5716 - '.m3u' Local Buffer Overflow (SEH) VideoCharge Express 3.16.3.04 - Buffer Overflow VideoCharge Professional + Express Vanilla 3.18.4.04 - Buffer Overflow VideoCharge Vanilla 3.16.4.06 - Buffer Overflow VideoCharge Express 3.16.3.04 - Local Buffer Overflow VideoCharge Professional + Express Vanilla 3.18.4.04 - Local Buffer Overflow VideoCharge Vanilla 3.16.4.06 - Local Buffer Overflow BulletProof FTP Client 2010 - Buffer Overflow (DEP Bypass) BulletProof FTP Client 2010 - Local Buffer Overflow (DEP Bypass) Jildi FTP Client 1.5.6 - Buffer Overflow (SEH) Jildi FTP Client 1.5.6 - Local Buffer Overflow (SEH) 1 Click Audio Converter 2.3.6 - Activex Buffer Overflow 1 Click Audio Converter 2.3.6 - Activex Local Buffer Overflow Blueberry Express 5.9.0.3678 - Buffer Overflow (SEH) Blueberry Express 5.9.0.3678 - Local Buffer Overflow (SEH) Tomabo MP4 Player 3.11.3 - '.m3u' Buffer Overflow (SEH) Tomabo MP4 Player 3.11.3 - '.m3u' Local Buffer Overflow (SEH) PDF Shaper 3.5 - Buffer Overflow (Metasploit) PDF Shaper 3.5 - Local Buffer Overflow (Metasploit) Microsoft HTML Help Compiler 4.74.8702.0 - Overflow (SEH) Microsoft HTML Help Compiler 4.74.8702.0 - Local Overflow (SEH) VideoCharge Studio - Buffer Overflow (SEH) (Metasploit) VideoCharge Studio - Local Buffer Overflow (SEH) (Metasploit) Multiple ChiefPDF Software 2.0 - Buffer Overflow Multiple ChiefPDF Software 2.0 - Local Buffer Overflow ZSNES 1.51 - Buffer Overflow FENIX 0.92 - Buffer Overflow BSIGN 0.4.5 - Buffer Overflow Boxoft WAV to MP3 Converter - 'convert' Buffer Overflow ZSNES 1.51 - Local Buffer Overflow FENIX 0.92 - Local Buffer Overflow BSIGN 0.4.5 - Local Buffer Overflow Boxoft WAV to MP3 Converter - 'convert' Local Buffer Overflow AutoCAD DWG and DXF To PDF Converter 2.2 - Buffer Overflow AutoCAD DWG and DXF To PDF Converter 2.2 - Local Buffer Overflow VeryPDF HTML Converter 2.0 - Buffer Overflow (SEH/ToLower() Bypass) VeryPDF HTML Converter 2.0 - Local Buffer Overflow (SEH/ToLower() Bypass) Logitech Webcam Software 1.1 - 'eReg.exe' Buffer Overflow (SEH Unicode) Logitech Webcam Software 1.1 - 'eReg.exe' Local Buffer Overflow (SEH Unicode) ZTE PC UI USB Modem Software - Buffer Overflow IKEView R60 - Buffer Overflow Local (SEH) ZTE PC UI USB Modem Software - Local Buffer Overflow IKEView R60 - Local Buffer OverflowLocal (SEH) GNU Coreutils 'sort' Text Utility - Buffer Overflow Total Commander 8.52 (Windows 10) - Buffer Overflow Total Commander 8.52 - Buffer Overflow GNU Coreutils 'sort' Text Utility - Local Buffer Overflow Total Commander 8.52 (Windows 10) - Local Buffer Overflow Total Commander 8.52 - Local Buffer Overflow Symantec Encryption Desktop 10 - Buffer Overflow Privilege Escalation Symantec Encryption Desktop 10 - Local Buffer OverflowPrivilege Escalation VeryPDF Image2PDF Converter - Buffer Overflow (SEH) Boxoft WAV to MP3 Converter 1.1 - Buffer Overflow (SEH) VeryPDF Image2PDF Converter - Local Buffer Overflow (SEH) Boxoft WAV to MP3 Converter 1.1 - Local Buffer Overflow (SEH) Blat 2.7.6 SMTP / NNTP Mailer - Buffer Overflow Blat 2.7.6 SMTP / NNTP Mailer - Local Buffer Overflow TCPing 2.1.0 - Buffer Overflow TCPing 2.1.0 - Local Buffer Overflow IBM i Access 7.1 - Buffer Overflow Code Execution IBM i Access 7.1 - Local Buffer OverflowCode Execution FTPShell Client 5.24 - Buffer Overflow FTPShell Client 5.24 - Local Buffer Overflow Oracle - 'HtmlConverter.exe' Buffer Overflow Oracle - 'HtmlConverter.exe' Local Buffer Overflow Core FTP Server 1.2 - Buffer Overflow (PoC) Core FTP Server 1.2 - Local Buffer Overflow (PoC) MP3 WAV to CD Burner 1.4.24 - Buffer Overflow (SEH) MP3 WAV to CD Burner 1.4.24 - Local Buffer Overflow (SEH) Mediacoder 0.8.43.5830 - '.m3u' Buffer Overflow (SEH) VUPlayer 2.49 (Windows 7) - '.m3u' Buffer Overflow (DEP Bypass) Mediacoder 0.8.43.5830 - '.m3u' Local Buffer Overflow (SEH) VUPlayer 2.49 (Windows 7) - '.m3u' Local Buffer Overflow (DEP Bypass) My Video Converter 1.5.24 - Buffer Overflow (SEH) My Video Converter 1.5.24 - Local Buffer Overflow (SEH) VirusChaser 8.0 - Buffer Overflow (SEH) VirusChaser 8.0 - Local Buffer Overflow (SEH) Disk Sorter Enterprise 9.5.12 - 'Import Command' Buffer Overflow DiskBoss Enterprise 7.8.16 - 'Import Command' Buffer Overflow Sync Breeze Enterprise 9.5.16 - 'Import Command' Buffer Overflow Disk Sorter Enterprise 9.5.12 - 'Import Command' Local Buffer Overflow DiskBoss Enterprise 7.8.16 - 'Import Command' Local Buffer Overflow Sync Breeze Enterprise 9.5.16 - 'Import Command' Local Buffer Overflow Easy Video to iPod/MP4/PSP/3GP Converter 1.5.20 - Buffer Overflow (SEH) Easy Video to iPod/MP4/PSP/3GP Converter 1.5.20 - Local Buffer Overflow (SEH) Gemalto SmartDiag Diagnosis Tool < 2.5 - Buffer Overflow (SEH) Gemalto SmartDiag Diagnosis Tool < 2.5 - Local Buffer Overflow (SEH) Easy MOV Converter 1.4.24 - 'Enter User Name' Buffer Overflow (SEH) Easy MOV Converter 1.4.24 - 'Enter User Name' Local Buffer Overflow (SEH) JAD Java Decompiler 1.5.8e - Buffer Overflow Flat Assembler 1.7.21 - Buffer Overflow JAD Java Decompiler 1.5.8e - Local Buffer Overflow Flat Assembler 1.7.21 - Local Buffer Overflow Easy AVI DivX Converter 1.2.24 - Buffer Overflow (SEH) Easy AVI DivX Converter 1.2.24 - Local Buffer Overflow (SEH) DNSTracer 1.9 - Buffer Overflow DNSTracer 1.9 - Local Buffer Overflow ALLPlayer 7.4 - Buffer Overflow (SEH Unicode) Internet Download Manager 6.28 Build 17 - Buffer Overflow (SEH Unicode) ALLPlayer 7.4 - Local Buffer Overflow (SEH Unicode) Internet Download Manager 6.28 Build 17 - Local Buffer Overflow (SEH Unicode) Easy DVD Creater 2.5.11 - Buffer Overflow (SEH) Disk Pulse Enterprise 9.9.16 - 'Import Command' Buffer Overflow Easy DVD Creater 2.5.11 - Local Buffer Overflow (SEH) Disk Pulse Enterprise 9.9.16 - 'Import Command' Local Buffer Overflow Disk Savvy Enterprise 9.9.14 - 'Import Command' Buffer Overflow VX Search Enterprise 9.9.12 - 'Import Command' Buffer Overflow Disk Savvy Enterprise 9.9.14 - 'Import Command' Local Buffer Overflow VX Search Enterprise 9.9.12 - 'Import Command' Local Buffer Overflow Easy DVD Creator 2.5.11 - Buffer Overflow (SEH) Easy WMV/ASF/ASX to DVD Burner 2.3.11 - Buffer Overflow (SEH) Easy RM RMVB to DVD Burner 1.8.11 - Buffer Overflow (SEH) Easy Vedio to PSP Converter 1.6.20 - Buffer Overflow (SEH) Easy DVD Creator 2.5.11 - Local Buffer Overflow (SEH) Easy WMV/ASF/ASX to DVD Burner 2.3.11 - Local Buffer Overflow (SEH) Easy RM RMVB to DVD Burner 1.8.11 - Local Buffer Overflow (SEH) Easy Vedio to PSP Converter 1.6.20 - Local Buffer Overflow (SEH) CyberLink LabelPrint < 2.5 - Buffer Overflow (SEH Unicode) CyberLink LabelPrint < 2.5 - Local Buffer Overflow (SEH Unicode) DiskBoss Enterprise 8.4.16 - 'Import Command' Buffer Overflow Dup Scout Enterprise 10.0.18 - 'Import Command' Buffer Overflow DiskBoss Enterprise 8.4.16 - 'Import Command' Local Buffer Overflow Dup Scout Enterprise 10.0.18 - 'Import Command' Local Buffer Overflow ASX to MP3 3.1.3.7 - '.m3u' Buffer Overflow ASX to MP3 3.1.3.7 - '.m3u' Local Buffer Overflow Easy MPEG/AVI/DIVX/WMV/RM to DVD - 'Enter User Name' Buffer Overflow (SEH) Easy MPEG/AVI/DIVX/WMV/RM to DVD - 'Enter User Name' Local Buffer Overflow (SEH) VX Search 10.2.14 - 'Proxy' Buffer Overflow (SEH) VX Search 10.2.14 - 'Proxy' Local Buffer Overflow (SEH) Samba 2.2.x - Buffer Overflow SETI@home Clients - Buffer Overflow Samba 2.2.x - Remote Buffer Overflow SETI@home Clients - Remote Buffer Overflow GtkFtpd 1.0.4 - Buffer Overflow GtkFtpd 1.0.4 - Remote Buffer Overflow IPSwitch IMail LDAP Daemon/Service - Buffer Overflow IPSwitch IMail LDAP Daemon/Service - Remote Buffer Overflow Monit 4.1 - Buffer Overflow Monit 4.2 - Buffer Overflow Monit 4.1 - Remote Buffer Overflow Monit 4.2 - Remote Buffer Overflow PHF (Linux/x86) - Buffer Overflow PHF (Linux/x86) - Remote Buffer Overflow Ability Server 2.34 - FTP 'STOR' Buffer Overflow Ability Server 2.34 - FTP 'STOR' Remote Buffer Overflow TABS MailCarrier 2.51 - SMTP 'EHLO' / 'HELO' Buffer Overflow TABS MailCarrier 2.51 - SMTP 'EHLO' / 'HELO' Remote Buffer Overflow Ability Server 2.34 (Unix) - FTP 'STOR' Buffer Overflow Ability Server 2.34 (Unix) - FTP 'STOR' Remote Buffer Overflow DMS POP3 Server 1.5.3 build 37 - Buffer Overflow CoffeeCup FTP Clients (Direct 6.2.0.62) (Free 3.0.0.10) - Buffer Overflow DMS POP3 Server 1.5.3 build 37 - Remote Buffer Overflow CoffeeCup FTP Clients (Direct 6.2.0.62) (Free 3.0.0.10) - Remote Buffer Overflow Solaris 2.5.1/2.6/7/8 rlogin (SPARC) - '/bin/login' Buffer Overflow Solaris 2.5.1/2.6/7/8 rlogin (SPARC) - '/bin/login' Remote Buffer Overflow PHP 4.3.7 - 'openlog()' Buffer Overflow PHP 4.3.7 - 'openlog()' Remote Buffer Overflow NodeManager Professional 2.00 - Buffer Overflow NodeManager Professional 2.00 - Remote Buffer Overflow GlobalScape Secure FTP Server 3.0 - Buffer Overflow GlobalScape Secure FTP Server 3.0 - Remote Buffer Overflow Microsoft Windows Message Queuing - Buffer Overflow Universal (MS05-017) (v.0.3) Microsoft Windows Message Queuing - Remote Buffer Overflow Universal (MS05-017) (v.0.3) CA BrightStor ARCserve Backup - 'dsconfig.exe' Buffer Overflow CA BrightStor ARCserve Backup - 'dsconfig.exe' Remote Buffer Overflow Mirabilis ICQ 2003a - Buffer Overflow Download Shellcode Mirabilis ICQ 2003a - Remote Buffer Overflow Download Shellcode MailEnable Enterprise Edition 1.1 - 'EXAMINE' Buffer Overflow MailEnable Enterprise Edition 1.1 - 'EXAMINE' Remote Buffer Overflow Ultr@VNC 1.0.1 - 'client Log::ReallyPrint' Buffer Overflow Ultr@VNC 1.0.1 - 'client Log::ReallyPrint' Remote Buffer Overflow Apache < 1.3.37/2.0.59/2.2.3 mod_rewrite - Remote Overflow Evince Document Viewer - 'DocumentMedia' Buffer Overflow Evince Document Viewer - 'DocumentMedia' Remote Buffer Overflow Apple QuickTime (Windows 2000) - 'rtsp URL Handler' Buffer Overflow Apple QuickTime (Windows 2000) - 'rtsp URL Handler' Remote Buffer Overflow dproxy-nexgen (Linux x86) - Buffer Overflow dproxy-nexgen (Linux x86) - Remote Buffer Overflow IPIX Image Well - ActiveX 'iPIX-ImageWell-ipix.dll' Buffer Overflow IPIX Image Well - ActiveX 'iPIX-ImageWell-ipix.dll' Remote Buffer Overflow LeadTools Raster Thumbnail Object Library - 'LTRTM14e.dll' Buffer Overflow LeadTools Raster Thumbnail Object Library - 'LTRTM14e.dll' Remote Buffer Overflow AMX Corp. VNC ActiveX Control - 'AmxVnc.dll 1.0.13.0' Buffer Overflow AXIS Camera Control (AxisCamControl.ocx 1.0.2.15) - Buffer Overflow AMX Corp. VNC ActiveX Control - 'AmxVnc.dll 1.0.13.0' Remote Buffer Overflow AXIS Camera Control (AxisCamControl.ocx 1.0.2.15) - Remote Buffer Overflow Postcast Server Pro 3.0.61 / Quiksoft EasyMail - 'emsmtp.dll 6.0.1' Buffer Overflow Postcast Server Pro 3.0.61 / Quiksoft EasyMail - 'emsmtp.dll 6.0.1' Remote Buffer Overflow EasyMail MessagePrinter Object - 'emprint.dll 6.0.1.0' Buffer Overflow EasyMail MessagePrinter Object - 'emprint.dll 6.0.1.0' Remote Buffer Overflow Persits Software XUpload Control - 'AddFolder()' Buffer Overflow IBM Domino Web Access 7.0 Upload Module - 'inotes6.dll' Buffer Overflow Persits Software XUpload Control - 'AddFolder()' Remote Buffer Overflow IBM Domino Web Access 7.0 Upload Module - 'inotes6.dll' Remote Buffer Overflow IBM Domino Web Access Upload Module - 'dwa7w.dll' Buffer Overflow IBM Domino Web Access Upload Module - 'dwa7w.dll' Remote Buffer Overflow StreamAudio ChainCast ProxyManager - 'ccpm_0237.dll' Buffer Overflow NUVICO DVR NVDV4 / PdvrAtl Module 'PdvrAtl.DLL 1.0.1.25' - Buffer Overflow StreamAudio ChainCast ProxyManager - 'ccpm_0237.dll' Remote Buffer Overflow NUVICO DVR NVDV4 / PdvrAtl Module 'PdvrAtl.DLL 1.0.1.25' - Remote Buffer Overflow RTS Sentry Digital Surveillance - 'CamPanel.dll 2.1.0.2' Buffer Overflow RTS Sentry Digital Surveillance - 'CamPanel.dll 2.1.0.2' Remote Buffer Overflow HP Virtual Rooms WebHPVCInstall Control - Buffer Overflow HP Virtual Rooms WebHPVCInstall Control - Remote Buffer Overflow Move Networks Upgrade Manager Control - Buffer Overflow Move Networks Upgrade Manager Control - Remote Buffer Overflow MySpace Uploader - 'MySpaceUploader.ocx 1.0.0.4' Buffer Overflow MySpace Uploader - 'MySpaceUploader.ocx 1.0.0.4' Remote Buffer Overflow FaceBook PhotoUploader - 'ImageUploader4.ocx 4.5.57.0' Buffer Overflow FaceBook PhotoUploader - 'ImageUploader4.ocx 4.5.57.0' Remote Buffer Overflow dBpowerAMP Audio Player 2 - '.m3u' Buffer Overflow dBpowerAMP Audio Player 2 - '.m3u' Remote Buffer Overflow Move Networks Quantum Streaming Player Control - Buffer Overflow D-Link MPEG4 SHM Audio Control - 'VAPGDecoder.dll 1.7.0.5' Buffer Overflow Symantec BackupExec Calendar Control - 'PVCalendar.ocx' Buffer Overflow Move Networks Quantum Streaming Player Control - Remote Buffer Overflow D-Link MPEG4 SHM Audio Control - 'VAPGDecoder.dll 1.7.0.5' Remote Buffer Overflow Symantec BackupExec Calendar Control - 'PVCalendar.ocx' Remote Buffer Overflow Black Ice Software Annotation Plugin - 'BiAnno.ocx' Buffer Overflow (2) Black Ice Software Annotation Plugin - 'BiAnno.ocx' Remote Buffer Overflow (2) FlashGet 1.9.0.1012 - 'FTP PWD Response' Buffer Overflow (SafeSEH) FlashGet 1.9.0.1012 - 'FTP PWD Response' Remote Buffer Overflow (SafeSEH) EasyMail - ActiveX 'emmailstore.dll 6.5.0.3' Buffer Overflow EasyMail - ActiveX 'emmailstore.dll 6.5.0.3' Remote Buffer Overflow NaviCOPA Web Server 3.0.1 - Buffer Overflow / Script Source Disclosure NaviCOPA Web Server 3.0.1 - Remote Buffer Overflow / Script Source Disclosure Serv-U Web Client 9.0.0.5 - Buffer Overflow (2) Serv-U Web Client 9.0.0.5 - Remote Buffer Overflow (2) Xion Audio Player 1.0 121 - '.m3u' Buffer Overflow (1) Xion Audio Player 1.0 121 - '.m3u' Remote Buffer Overflow (1) Novell eDirectory 8.8sp5 - Buffer Overflow Novell eDirectory 8.8sp5 - Remote Buffer Overflow Solaris TelnetD - 'TTYPROMPT' Buffer Overflow (1) (Metasploit) Solaris TelnetD - 'TTYPROMPT' Remote Buffer Overflow (1) (Metasploit) Solaris sadmind adm_build_path - Buffer Overflow (Metasploit) Solaris sadmind adm_build_path - Remote Buffer Overflow (Metasploit) NTPd 4.0.99j-k readvar - Buffer Overflow (Metasploit) NTPd 4.0.99j-k readvar - Remote Buffer Overflow (Metasploit) Borland Interbase 2007 - 'PWD_db_aliased' Buffer Overflow (Metasploit) Pegasus Mail Client 4.51 - Buffer Overflow (PoC) Serv-U Web Client 9.0.0.5 - Buffer Overflow (1) Borland Interbase 2007 - 'PWD_db_aliased' Remote Buffer Overflow (Metasploit) Pegasus Mail Client 4.51 - Remote Buffer Overflow (PoC) Serv-U Web Client 9.0.0.5 - Remote Buffer Overflow (1) Borland Interbase 2007/2007 SP2 - 'open_marker_file' Buffer Overflow (Metasploit) Borland Interbase 2007/2007 SP2 - 'jrd8_create_database' Buffer Overflow (Metasploit) Borland Interbase 2007/2007 SP2 - 'INET_connect' Buffer Overflow (Metasploit) Borland Interbase 2007/2007 SP2 - 'open_marker_file' Remote Buffer Overflow (Metasploit) Borland Interbase 2007/2007 SP2 - 'jrd8_create_database' Remote Buffer Overflow (Metasploit) Borland Interbase 2007/2007 SP2 - 'INET_connect' Remote Buffer Overflow (Metasploit) Linksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - 'apply.cgi' Buffer Overflow (Metasploit) Linksys WRT54G < 4.20.7 / WRT54GS < 1.05.2 - 'apply.cgi' Remote Buffer Overflow (Metasploit) Xtacacsd 4.1.2 - 'report()' Buffer Overflow (Metasploit) Xtacacsd 4.1.2 - 'report()' Remote Buffer Overflow (Metasploit) SAP GUI VSFlexGrid.VSFlexGridL sp 14 - Buffer Overflow SAP GUI VSFlexGrid.VSFlexGridL sp 14 - Remote Buffer Overflow Ada Image Server 0.6.7 - 'imgsrv.exe' Buffer Overflow Ada Image Server 0.6.7 - 'imgsrv.exe' Remote Buffer Overflow Hero DVD Remote 1.0 - Buffer Overflow HP Application Recovery Manager - 'OmniInet.exe' Buffer Overflow Hero DVD Remote 1.0 - Remote Buffer Overflow HP Application Recovery Manager - 'OmniInet.exe' Remote Buffer Overflow EFS Software Easy Chat Server 2.2 - Buffer Overflow EFS Software Easy Chat Server 2.2 - Remote Buffer Overflow AOL 9.5 - Phobos.Playlist 'Import()' Buffer Overflow (Metasploit) AOL 9.5 - Phobos.Playlist 'Import()' Remote Buffer Overflow (Metasploit) ProSSHD 1.2 20090726 - Buffer Overflow ProSSHD 1.2 20090726 - Remote Buffer Overflow Image22 ActiveX 1.1.1 - Buffer Overflow Image22 ActiveX 1.1.1 - Remote Buffer Overflow XFTP 3.0 Build 0239 - 'Filename' Buffer Overflow XFTP 3.0 Build 0239 - 'Filename' Remote Buffer Overflow Apple Mac OSX EvoCam Web Server 3.6.6/3.6.7 - Buffer Overflow Apple Mac OSX EvoCam Web Server 3.6.6/3.6.7 - Remote Buffer Overflow UFO: Alien Invasion 2.2.1 (Windows 7) - Buffer Overflow (ASLR + DEP Bypass) UFO: Alien Invasion 2.2.1 (Windows 7) - Remote Buffer Overflow (ASLR + DEP Bypass) Hero DVD - Buffer Overflow (Metasploit) Hero DVD - Remote Buffer Overflow (Metasploit) Barcodewiz Barcode ActiveX Control 3.29 - Buffer Overflow (SEH) Barcodewiz Barcode ActiveX Control 3.29 - Remote Buffer Overflow (SEH) Easy FTP 1.7.0.11 - 'NLST' / 'NLST -al' / 'APPE' / 'RETR' / 'SIZE' / 'XCWD' Buffer Overflow Easy FTP 1.7.0.11 - 'NLST' / 'NLST -al' / 'APPE' / 'RETR' / 'SIZE' / 'XCWD' Remote Buffer Overflow Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - 'SoftekATL.dll' Buffer Overflow (PoC) Softek Barcode Reader Toolkit ActiveX 7.1.4.14 - 'SoftekATL.dll' Remote Buffer Overflow (PoC) Novell iPrint Client - ActiveX Control 'debug' Buffer Overflow (Metasploit) Novell iPrint Client - ActiveX Control 'debug' Remote Buffer Overflow (Metasploit) Oracle Java 6 - OBJECT tag 'launchjnlp'/'docbase' Buffer Overflow Oracle Java 6 - OBJECT tag 'launchjnlp'/'docbase' Remote Buffer Overflow DATAC RealWin SCADA Server 1.06 - Buffer Overflow XBMC 9.04.1r20672 - 'soap_action_name' POST UPnP 'sscanf' Buffer Overflow DATAC RealWin SCADA Server 1.06 - Remote Buffer Overflow XBMC 9.04.1r20672 - 'soap_action_name' POST UPnP 'sscanf' Remote Buffer Overflow Viscom Image Viewer CP Gold 5.5 - 'Image2PDF()' Buffer Overflow (Metasploit) Viscom Image Viewer CP Gold 5.5 - 'Image2PDF()' Remote Buffer Overflow (Metasploit) Viscom Image Viewer CP Gold 6 - ActiveX 'TifMergeMultiFiles()' Buffer Overflow Freefloat FTP Server - Buffer Overflow Viscom Image Viewer CP Gold 6 - ActiveX 'TifMergeMultiFiles()' Remote Buffer Overflow Freefloat FTP Server - Remote Buffer Overflow Kolibri 2.0 - 'HEAD' Buffer Overflow RET (SEH) Kolibri 2.0 - 'HEAD' Remote Buffer Overflow RET (SEH) FTPGetter 3.58.0.21 - 'PASV' Buffer Overflow FTPGetter 3.58.0.21 - 'PASV' Remote Buffer Overflow NTP daemon readvar - Buffer Overflow (Metasploit) NTP daemon readvar - Remote Buffer Overflow (Metasploit) Samba 2.2.2 < 2.2.6 - 'nttrans' Buffer Overflow (Metasploit) (1) Samba 2.2.2 < 2.2.6 - 'nttrans' Remote Buffer Overflow (Metasploit) (1) Sun Solaris sadmind - 'adm_build_path()' Buffer Overflow (Metasploit) Sun Solaris sadmind - 'adm_build_path()' Remote Buffer Overflow (Metasploit) Solaris TelnetD - 'TTYPROMPT' Buffer Overflow (2) (Metasploit) Solaris TelnetD - 'TTYPROMPT' Remote Buffer Overflow (2) (Metasploit) WinComLPD 3.0.2 - Buffer Overflow (Metasploit) WinComLPD 3.0.2 - Remote Buffer Overflow (Metasploit) SapLPD 6.28 - Buffer Overflow (Metasploit) SapLPD 6.28 - Remote Buffer Overflow (Metasploit) Oracle 8i - TNS Listener 'ARGUMENTS' Buffer Overflow (Metasploit) Oracle 8i - TNS Listener 'ARGUMENTS' Remote Buffer Overflow (Metasploit) D-Link TFTP 1.0 - 'Filename' Buffer Overflow (Metasploit) ProSysInfo TFTP server TFTPDWIN 0.4.2 - 'Filename' Buffer Overflow (Metasploit) 3Com TFTP Service (3CTftpSvc) - 'Mode' Buffer Overflow (Metasploit) D-Link TFTP 1.0 - 'Filename' Remote Buffer Overflow (Metasploit) ProSysInfo TFTP server TFTPDWIN 0.4.2 - 'Filename' Remote Buffer Overflow (Metasploit) 3Com TFTP Service (3CTftpSvc) - 'Mode' Remote Buffer Overflow (Metasploit) TFTPD32 < 2.21 - 'Filename' Buffer Overflow (Metasploit) TFTPD32 < 2.21 - 'Filename' Remote Buffer Overflow (Metasploit) CitectSCADA/CitectFacilities ODBC - Buffer Overflow (Metasploit) MOXA Device Manager Tool 2.1 - Buffer Overflow (Metasploit) CitectSCADA/CitectFacilities ODBC - Remote Buffer Overflow (Metasploit) MOXA Device Manager Tool 2.1 - Remote Buffer Overflow (Metasploit) DATAC RealWin SCADA Server - Buffer Overflow (Metasploit) DATAC RealWin SCADA Server - Remote Buffer Overflow (Metasploit) Omni-NFS Server - Buffer Overflow (Metasploit) Omni-NFS Server - Remote Buffer Overflow (Metasploit) EMC AlphaStor Agent - Buffer Overflow (Metasploit) EMC AlphaStor Agent - Remote Buffer Overflow (Metasploit) CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (Metasploit) (1) CA BrightStor ARCserve for Laptops & Desktops LGServer - Remote Buffer Overflow (Metasploit) (1) CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (Metasploit) (2) CA BrightStor ARCserve for Laptops & Desktops LGServer - Remote Buffer Overflow (Metasploit) (2) CA BrightStor ARCserve for Laptops & Desktops LGServer - Buffer Overflow (Metasploit) (3) CA BrightStor ARCserve Message Engine 0x72 - Buffer Overflow (Metasploit) CA BrightStor ARCserve for Laptops & Desktops LGServer - Remote Buffer Overflow (Metasploit) (3) CA BrightStor ARCserve Message Engine 0x72 - Remote Buffer Overflow (Metasploit) CA BrightStor ARCserve License Service - 'GCR NETWORK' Buffer Overflow (Metasploit) CA BrightStor ARCserve for Laptops & Desktops LGServer - 'rxsSetDataGrowthScheduleAndFilter' Buffer Overflow (Metasploit) CA BrightStor ARCserve License Service - 'GCR NETWORK' Remote Buffer Overflow (Metasploit) CA BrightStor ARCserve for Laptops & Desktops LGServer - 'rxsSetDataGrowthScheduleAndFilter' Remote Buffer Overflow (Metasploit) Firebird Relational Database - 'SVC_attach()' Buffer Overflow (Metasploit) IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (Metasploit) (1) Firebird Relational Database - 'SVC_attach()' Remote Buffer Overflow (Metasploit) IBM Tivoli Storage Manager Express CAD Service - Remote Buffer Overflow (Metasploit) (1) SAP Business One License Manager 2005 - Buffer Overflow (Metasploit) SAP Business One License Manager 2005 - Remote Buffer Overflow (Metasploit) Asus Dpcproxy - Buffer Overflow (Metasploit) Asus Dpcproxy - Remote Buffer Overflow (Metasploit) Microsoft Windows RSH daemon - Buffer Overflow (Metasploit) IBM Tivoli Storage Manager Express RCA Service - Buffer Overflow (Metasploit) Microsoft Windows RSH daemon - Remote Buffer Overflow (Metasploit) IBM Tivoli Storage Manager Express RCA Service - Remote Buffer Overflow (Metasploit) BigAnt Server 2.2 - Buffer Overflow (Metasploit) BigAnt Server 2.50 SP1 - Buffer Overflow (Metasploit) Firebird Relational Database - 'isc_create_database()' Buffer Overflow (Metasploit) BomberClone 0.11.6 - Buffer Overflow (Metasploit) BigAnt Server 2.2 - Remote Buffer Overflow (Metasploit) BigAnt Server 2.50 SP1 - Remote Buffer Overflow (Metasploit) Firebird Relational Database - 'isc_create_database()' Remote Buffer Overflow (Metasploit) BomberClone 0.11.6 - Remote Buffer Overflow (Metasploit) Borland Interbase - 'isc_create_database()' Buffer Overflow (Metasploit) Borland Interbase - 'isc_create_database()' Remote Buffer Overflow (Metasploit) NetTransport Download Manager 2.90.510 - Buffer Overflow (Metasploit) Firebird Relational Database - 'isc_attach_database()' Buffer Overflow (Metasploit) NetTransport Download Manager 2.90.510 - Remote Buffer Overflow (Metasploit) Firebird Relational Database - 'isc_attach_database()' Remote Buffer Overflow (Metasploit) Bopup Communications Server - Buffer Overflow (Metasploit) UFO: Alien Invasion IRC Client (Windows) - Buffer Overflow (Metasploit) Borland Interbase - 'isc_attach_database()' Buffer Overflow (Metasploit) Bopup Communications Server - Remote Buffer Overflow (Metasploit) UFO: Alien Invasion IRC Client (Windows) - Remote Buffer Overflow (Metasploit) Borland Interbase - 'isc_attach_database()' Remote Buffer Overflow (Metasploit) Borland Interbase - 'SVC_attach()' Buffer Overflow (Metasploit) Borland Interbase - 'SVC_attach()' Remote Buffer Overflow (Metasploit) Borland Interbase - 'Create-Request' Buffer Overflow (Metasploit) Borland Interbase - 'Create-Request' Remote Buffer Overflow (Metasploit) Realtek Media Player Playlist - Buffer Overflow (Metasploit) Realtek Media Player Playlist - Remote Buffer Overflow (Metasploit) SecureCRT 4.0 Beta 2 SSH1 - Buffer Overflow (Metasploit) SecureCRT 4.0 Beta 2 SSH1 - Remote Buffer Overflow (Metasploit) PuTTy.exe 0.53 - Buffer Overflow (Metasploit) PuTTy.exe 0.53 - Remote Buffer Overflow (Metasploit) Eudora Qualcomm WorldMail 3.0 - IMAPd 'LIST' Buffer Overflow (Metasploit) Eudora Qualcomm WorldMail 3.0 - IMAPd 'LIST' Remote Buffer Overflow (Metasploit) IBM Lotus Domino Web Access Upload Module - Buffer Overflow (Metasploit) IBM Lotus Domino Web Access Upload Module - Remote Buffer Overflow (Metasploit) Macrovision Installshield Update Service - Buffer Overflow (Metasploit) Macrovision Installshield Update Service - Remote Buffer Overflow (Metasploit) SAP AG SAPgui EAI WebViewer3D - Buffer Overflow (Metasploit) SAP AG SAPgui EAI WebViewer3D - Remote Buffer Overflow (Metasploit) Symantec BackupExec Calendar Control - Buffer Overflow (Metasploit) Symantec BackupExec Calendar Control - Remote Buffer Overflow (Metasploit) RealNetworks RealPlayer - '.SMIL' Buffer Overflow (Metasploit) RealNetworks RealPlayer - '.SMIL' Remote Buffer Overflow (Metasploit) AOL Radio AmpX - ActiveX Control 'ConvertFile()' Buffer Overflow (Metasploit) AOL Radio AmpX - ActiveX Control 'ConvertFile()' Remote Buffer Overflow (Metasploit) NCTAudioFile2 2.x - ActiveX Control 'SetFormatLikeSample()' Buffer Overflow (Metasploit) NCTAudioFile2 2.x - ActiveX Control 'SetFormatLikeSample()' Remote Buffer Overflow (Metasploit) Winamp Ultravox Streaming Metadata 'in_mp3.dll' - Buffer Overflow (Metasploit) Winamp Ultravox Streaming Metadata 'in_mp3.dll' - Remote Buffer Overflow (Metasploit) Racer 0.5.3 Beta 5 - Buffer Overflow (Metasploit) Racer 0.5.3 Beta 5 - Remote Buffer Overflow (Metasploit) CesarFTP 0.99g - 'MKD' Buffer Overflow (Metasploit) CesarFTP 0.99g - 'MKD' Remote Buffer Overflow (Metasploit) Xlink FTP Server - Buffer Overflow (Metasploit) Xlink FTP Server - Remote Buffer Overflow (Metasploit) Xlink FTP Client - Buffer Overflow (Metasploit) Xlink FTP Client - Remote Buffer Overflow (Metasploit) FileCOPA FTP Server (Pre 18 Jul Version) - 'LIST' Buffer Overflow (Metasploit) FileCOPA FTP Server (Pre 18 Jul Version) - 'LIST' Remote Buffer Overflow (Metasploit) NetTerm NetFTPD - 'USER' Buffer Overflow (Metasploit) NetTerm NetFTPD - 'USER' Remote Buffer Overflow (Metasploit) MiniShare 1.4.1 - Buffer Overflow (Metasploit) MiniShare 1.4.1 - Remote Buffer Overflow (Metasploit) Private Wire Gateway - Buffer Overflow (Metasploit) BadBlue 2.5 - 'ext.dll' Buffer Overflow (Metasploit) Private Wire Gateway - Remote Buffer Overflow (Metasploit) BadBlue 2.5 - 'ext.dll' Remote Buffer Overflow (Metasploit) IBM Tivoli Storage Manager Express CAD Service - Buffer Overflow (Metasploit) (2) IBM Tivoli Storage Manager Express CAD Service - Remote Buffer Overflow (Metasploit) (2) IA WebMail Server 3.x - Buffer Overflow (Metasploit) IA WebMail Server 3.x - Remote Buffer Overflow (Metasploit) Now SMS/Mms Gateway - Buffer Overflow (Metasploit) Now SMS/Mms Gateway - Remote Buffer Overflow (Metasploit) Hewlett-Packard (HP) Power Manager Administration - Buffer Overflow (Metasploit) Hewlett-Packard (HP) Power Manager Administration - Remote Buffer Overflow (Metasploit) IPSwitch WhatsUp Gold 8.03 - Buffer Overflow (Metasploit) IPSwitch WhatsUp Gold 8.03 - Remote Buffer Overflow (Metasploit) Apache Tomcat mod_jk 1.2.20 - Buffer Overflow (Metasploit) httpdx - 'h_handlepeer()' Buffer Overflow (Metasploit) Apache Tomcat mod_jk 1.2.20 - Remote Buffer Overflow (Metasploit) httpdx - 'h_handlepeer()' Remote Buffer Overflow (Metasploit) Alt-N SecurityGateway 1.0.1 - 'Username' Buffer Overflow (Metasploit) Alt-N SecurityGateway 1.0.1 - 'Username' Remote Buffer Overflow (Metasploit) IBM TPM for OS Deployment 5.1.0.x - 'rembo.exe' Buffer Overflow (Metasploit) IBM TPM for OS Deployment 5.1.0.x - 'rembo.exe' Remote Buffer Overflow (Metasploit) Novell Groupwise Messenger Client - Buffer Overflow (Metasploit) Novell Groupwise Messenger Client - Remote Buffer Overflow (Metasploit) GAMSoft TelSrv 1.5 - 'Username' Buffer Overflow (Metasploit) GoodTech Telnet Server 5.0.6 - Buffer Overflow (Metasploit) YahooPOPs (YPOPS) 0.6 - Buffer Overflow (Metasploit) SoftiaCom wMailServer 1.0 - Buffer Overflow (Metasploit) GAMSoft TelSrv 1.5 - 'Username' Remote Buffer Overflow (Metasploit) GoodTech Telnet Server 5.0.6 - Remote Buffer Overflow (Metasploit) YahooPOPs (YPOPS) 0.6 - Remote Buffer Overflow (Metasploit) SoftiaCom wMailServer 1.0 - Remote Buffer Overflow (Metasploit) IPSwitch IMail LDAP Daemon/Service - Buffer Overflow (Metasploit) IPSwitch IMail LDAP Daemon/Service - Remote Buffer Overflow (Metasploit) Symantec Alert Management System Intel Alert Originator Service - Buffer Overflow (Metasploit) Trend Micro ServerProtect 5.58 - Buffer Overflow (Metasploit) Trend Micro ServerProtect 5.58 - 'CreateBinding()' Buffer Overflow (Metasploit) Trend Micro ServerProtect 5.58 - 'EarthAgent.exe' Buffer Overflow (Metasploit) Symantec Remote Management - Buffer Overflow (Metasploit) Symantec Alert Management System Intel Alert Originator Service - Remote Buffer Overflow (Metasploit) Trend Micro ServerProtect 5.58 - Remote Buffer Overflow (Metasploit) Trend Micro ServerProtect 5.58 - 'CreateBinding()' Remote Buffer Overflow (Metasploit) Trend Micro ServerProtect 5.58 - 'EarthAgent.exe' Remote Buffer Overflow (Metasploit) Symantec Remote Management - Remote Buffer Overflow (Metasploit) Borland Interbase - 'PWD_db_aliased()' Buffer Overflow (Metasploit) Borland Interbase - 'open_marker_file()' Buffer Overflow (Metasploit) Borland Interbase - 'PWD_db_aliased()' Remote Buffer Overflow (Metasploit) Borland Interbase - 'open_marker_file()' Remote Buffer Overflow (Metasploit) Borland Interbase - 'jrd8_create_database()' Buffer Overflow (Metasploit) Borland Interbase - 'INET_connect()' Buffer Overflow (Metasploit) Borland Interbase - 'jrd8_create_database()' Remote Buffer Overflow (Metasploit) Borland Interbase - 'INET_connect()' Remote Buffer Overflow (Metasploit) ProFTPd 1.2 < 1.3.0 (Linux) - 'sreplace' Buffer Overflow (Metasploit) ProFTPd 1.2 < 1.3.0 (Linux) - 'sreplace' Remote Buffer Overflow (Metasploit) Linksys WRT54 Access Point - 'apply.cgi' Buffer Overflow (Metasploit) Linksys WRT54 Access Point - 'apply.cgi' Remote Buffer Overflow (Metasploit) Apple iPhone MobileSafari LibTIFF - 'browser' Buffer Overflow (Metasploit) (1) Apple iPhone MobileSafari LibTIFF - 'browser' Remote Buffer Overflow (Metasploit) (1) UFO: Alien Invasion IRC Client (OSX) - Buffer Overflow (Metasploit) UFO: Alien Invasion IRC Client (OSX) - Remote Buffer Overflow (Metasploit) Apple iPhone MobileSafari LibTIFF - 'email' Buffer Overflow (Metasploit) (2) Apple iPhone MobileSafari LibTIFF - 'email' Remote Buffer Overflow (Metasploit) (2) HP Network Node Manager (NMM) - CGI 'webappmon.exe OvJavaLocale' Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI 'webappmon.exe execvp' Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI 'webappmon.exe OvJavaLocale' Remote Buffer Overflow (Metasploit) HP Network Node Manager (NMM) - CGI 'webappmon.exe execvp' Remote Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'nnmRptConfig.exe schdParams' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'snmpviewer.exe' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'nnmRptConfig.exe schdParams' Remote Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'snmpviewer.exe' Remote Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe main' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe main' Remote Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe ovutil' Buffer Overflow (Metasploit) HP OpenView Network Node Manager (OV NNM) - 'ovwebsnmpsrv.exe ovutil' Remote Buffer Overflow (Metasploit) SPlayer 3.7 (build 2055) - Buffer Overflow SPlayer 3.7 (build 2055) - Remote Buffer Overflow Citrix Provisioning Services 5.6 - 'streamprocess.exe' Buffer Overflow (Metasploit) Citrix Provisioning Services 5.6 - 'streamprocess.exe' Remote Buffer Overflow (Metasploit) Sielco Sistemi Winlog - Buffer Overflow (Metasploit) Sielco Sistemi Winlog - Remote Buffer Overflow (Metasploit) HP OmniInet.exe Opcode 20 - Buffer Overflow (Metasploit) HP OmniInet.exe Opcode 20 - Remote Buffer Overflow (Metasploit) Freefloat FTP Server - Buffer Overflow (Metasploit) Freefloat FTP Server - Remote Buffer Overflow (Metasploit) Blue Coat Authentication and Authorization Agent (BCAAA) 5 - Buffer Overflow (Metasploit) Blue Coat Authentication and Authorization Agent (BCAAA) 5 - Remote Buffer Overflow (Metasploit) Freefloat FTP Server - 'LIST' Buffer Overflow Freefloat FTP Server - 'LIST' Remote Buffer Overflow Freefloat FTP Server 1.0 - 'MKD' Buffer Overflow Freefloat FTP Server - 'MKD' Buffer Overflow (Metasploit) Freefloat FTP Server 1.0 - 'MKD' Remote Buffer Overflow Freefloat FTP Server - 'MKD' Remote Buffer Overflow (Metasploit) Freefloat FTP Server 1.0 - 'REST' / 'PASV' Buffer Overflow Freefloat FTP Server - 'REST' Buffer Overflow (Metasploit) Freefloat FTP Server 1.0 - 'ACCL' Buffer Overflow Freefloat FTP Server 1.0 - 'REST' / 'PASV' Remote Buffer Overflow Freefloat FTP Server - 'REST' Remote Buffer Overflow (Metasploit) Freefloat FTP Server 1.0 - 'ACCL' Remote Buffer Overflow KnFTP Server - Buffer Overflow KnFTP Server - Remote Buffer Overflow Freefloat FTP Server - Buffer Overflow (DEP Bypass) Freefloat FTP Server - Remote Buffer Overflow (DEP Bypass) HP Power Manager - 'formExportDataLogs' Buffer Overflow (Metasploit) HP Power Manager - 'formExportDataLogs' Remote Buffer Overflow (Metasploit) KnFTP 1.0 - Buffer Overflow (DEP Bypass) (Metasploit) KnFTP 1.0 - Remote Buffer Overflow (DEP Bypass) (Metasploit) RhinoSoft Serv-U FTPd Server < 4.2 - Buffer Overflow (Metasploit) RhinoSoft Serv-U FTPd Server < 4.2 - Remote Buffer Overflow (Metasploit) TFTP Server 1.4 - ST 'RRQ' Buffer Overflow TFTP Server 1.4 - ST 'RRQ' Remote Buffer Overflow Linux BSD-derived Telnet Service Encryption Key ID - Buffer Overflow (Metasploit) Linux BSD-derived Telnet Service Encryption Key ID - Remote Buffer Overflow (Metasploit) Savant Web Server 3.1 - Buffer Overflow (Egghunter) NetOp Remote Control Client 9.5 - Buffer Overflow (Metasploit) Savant Web Server 3.1 - Remote Buffer Overflow (Egghunter) NetOp Remote Control Client 9.5 - Remote Buffer Overflow (Metasploit) Sysax 5.53 - SSH 'Username' Buffer Overflow Unauthenticated Remote Code Execution (Egghunter) Sysax 5.53 - SSH 'Username' Remote Buffer Overflow Unauthenticated Remote Code Execution (Egghunter) FlashFXP 4.1.8.1701 - Buffer Overflow Sysax 5.53 - SSH 'Username' Buffer Overflow (Metasploit) FlashFXP 4.1.8.1701 - Remote Buffer Overflow Sysax 5.53 - SSH 'Username' Remote Buffer Overflow (Metasploit) Netmechanica NetDecision HTTP Server 4.5.1 - Buffer Overflow (Metasploit) Netmechanica NetDecision HTTP Server 4.5.1 - Remote Buffer Overflow (Metasploit) UltraVNC 1.0.2 Client - 'vncviewer.exe' Buffer Overflow (Metasploit) UltraVNC 1.0.2 Client - 'vncviewer.exe' Remote Buffer Overflow (Metasploit) RabidHamster R4 - Log Entry 'sprintf()' Buffer Overflow (Metasploit) RabidHamster R4 - Log Entry 'sprintf()' Remote Buffer Overflow (Metasploit) Sielco Sistemi Winlog 2.07.14 - Buffer Overflow (Metasploit) Sielco Sistemi Winlog 2.07.14 - Remote Buffer Overflow (Metasploit) Sielco Sistemi Winlog 2.07.16 - Buffer Overflow Sielco Sistemi Winlog 2.07.16 - Remote Buffer Overflow BSD 4.2 - 'fingerd' Buffer Overflow BSD 4.2 - 'fingerd' Remote Buffer Overflow Stalker Internet Mail Server 1.6 - Buffer Overflow Stalker Internet Mail Server 1.6 - Remote Buffer Overflow Qualcomm Eudora Internet Mail Server 1.2 - Buffer Overflow Qualcomm Eudora Internet Mail Server 1.2 - Remote Buffer Overflow Lynx 2.8 - Buffer Overflow Lynx 2.8 - Remote Buffer Overflow WU-FTPD 2.4.2 / SCO Open Server 5.0.5 / ProFTPd 1.2 pre1 - 'realpath' Buffer Overflow (1) WU-FTPD 2.4.2 / SCO Open Server 5.0.5 / ProFTPd 1.2 pre1 - 'realpath' Buffer Overflow (2) WU-FTPD 2.4.2 / SCO Open Server 5.0.5 / ProFTPd 1.2 pre1 - 'realpath' Remote Buffer Overflow (1) WU-FTPD 2.4.2 / SCO Open Server 5.0.5 / ProFTPd 1.2 pre1 - 'realpath' Remote Buffer Overflow (2) Muhammad A. Muquit wwwcount 2.3 - 'Count.cgi' Buffer Overflow Netscape Messaging Server 3.55 & University of Washington imapd 10.234 - Buffer Overflow Muhammad A. Muquit wwwcount 2.3 - 'Count.cgi' Remote Buffer Overflow Netscape Messaging Server 3.55 & University of Washington imapd 10.234 - Remote Buffer Overflow ISC BIND (Linux/BSD) - Buffer Overflow (1) ISC BIND (Multiple OSes) - Buffer Overflow (2) ISC BIND (Linux/BSD) - Remote Buffer Overflow (1) ISC BIND (Multiple OSes) - Remote Buffer Overflow (2) Cat Soft Serv-U FTP Server 2.5 - Buffer Overflow Cat Soft Serv-U FTP Server 2.5 - Remote Buffer Overflow SmartDesk WebSuite 2.1 - Buffer Overflow SmartDesk WebSuite 2.1 - Remote Buffer Overflow University of Washington pop2d 4.4 - Buffer Overflow University of Washington pop2d 4.4 - Remote Buffer Overflow Microsoft IIS 4.0 - Buffer Overflow (1) Microsoft IIS 4.0 - Buffer Overflow (2) Microsoft IIS 4.0 - Buffer Overflow (3) Microsoft IIS 4.0 - Buffer Overflow (4) Microsoft IIS 4.0 - Remote Buffer Overflow (1) Microsoft IIS 4.0 - Remote Buffer Overflow (2) Microsoft IIS 4.0 - Remote Buffer Overflow (3) Microsoft IIS 4.0 - Remote Buffer Overflow (4) Symantec pcAnywhere 12.5.0 - 'Login' / 'Password' Buffer Overflow Symantec pcAnywhere 12.5.0 - 'Login' / 'Password' Remote Buffer Overflow ToxSoft NextFTP 1.82 - Buffer Overflow Fujitsu Chocoa 1.0 beta7R - 'Topic' Buffer Overflow CREAR ALMail32 1.10 - Buffer Overflow ToxSoft NextFTP 1.82 - Remote Buffer Overflow Fujitsu Chocoa 1.0 beta7R - 'Topic' Remote Buffer Overflow CREAR ALMail32 1.10 - Remote Buffer Overflow Hybrid Ircd 5.0.3 p7 - Buffer Overflow Hybrid Ircd 5.0.3 p7 - Remote Buffer Overflow BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - 'amd' Buffer Overflow (1) BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - 'amd' Buffer Overflow (2) BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - 'amd' Remote Buffer Overflow (1) BSD/OS 3.1/4.0.1 / FreeBSD 3.0/3.1/3.2 / RedHat Linux 6.0 - 'amd' Remote Buffer Overflow (2) Washington University WU-FTPD 2.5.0 - 'message' Buffer Overflow Washington University WU-FTPD 2.5.0 - 'message' Remote Buffer Overflow Omnicron OmniHTTPd 1.1/2.4 Pro - Buffer Overflow Omnicron OmniHTTPd 1.1/2.4 Pro - Remote Buffer Overflow BTD Studio Zom-Mail 1.0.9 - Buffer Overflow BTD Studio Zom-Mail 1.0.9 - Remote Buffer Overflow IBM HomePagePrint 1.0 7 - Buffer Overflow IBM HomePagePrint 1.0 7 - Remote Buffer Overflow Trend Micro Interscan VirusWall 3.2.3/3.3 - 'HELO' Buffer Overflow (1) Poison Ivy 2.3.2 (C2 Server) - Buffer Overflow (Metasploit) Trend Micro Interscan VirusWall 3.2.3/3.3 - 'HELO' Buffer Overflow (2) Trend Micro Interscan VirusWall 3.2.3/3.3 - 'HELO' Remote Buffer Overflow (1) Poison Ivy 2.3.2 (C2 Server) - Remote Buffer Overflow (Metasploit) Trend Micro Interscan VirusWall 3.2.3/3.3 - 'HELO' Remote Buffer Overflow (2) Admiral Systems EmailClub 1.0.0.5 - Buffer Overflow Antelope Software W4-Server 2.6 a/Win32 - 'Cgitest.exe' Buffer Overflow Admiral Systems EmailClub 1.0.0.5 - Remote Buffer Overflow Antelope Software W4-Server 2.6 a/Win32 - 'Cgitest.exe' Remote Buffer Overflow ETL Delegate 5.9.x/6.0.x - Buffer Overflow ETL Delegate 5.9.x/6.0.x - Remote Buffer Overflow Solaris 2.3/2.4/2.5/2.5.1/2.6/7.0 snoop - 'print_domain_name' Buffer Overflow WolfPack Development XSHIPWARS 1.0/1.2.4 - Buffer Overflow Solaris 2.5/2.5.1/2.6/7.0 - 'sadmind' Buffer Overflow (1) Solaris 2.5/2.5.1/2.6/7.0 - 'sadmind' Buffer Overflow (2) Solaris 2.5/2.5.1/2.6/7.0 - 'sadmind' Buffer Overflow (3) Solaris 2.5/2.5.1/2.6/7.0 - 'sadmind' Buffer Overflow (4) Solaris 2.3/2.4/2.5/2.5.1/2.6/7.0 snoop - 'print_domain_name' Remote Buffer Overflow WolfPack Development XSHIPWARS 1.0/1.2.4 - Remote Buffer Overflow Solaris 2.5/2.5.1/2.6/7.0 - 'sadmind' Remote Buffer Overflow (1) Solaris 2.5/2.5.1/2.6/7.0 - 'sadmind' Remote Buffer Overflow (2) Solaris 2.5/2.5.1/2.6/7.0 - 'sadmind' Remote Buffer Overflow (3) Solaris 2.5/2.5.1/2.6/7.0 - 'sadmind' Remote Buffer Overflow (4) ZBServer Pro 1.5 - Buffer Overflow (1) ZBServer Pro 1.5 - Buffer Overflow (2) ZBServer Pro 1.5 - Remote Buffer Overflow (1) ZBServer Pro 1.5 - Remote Buffer Overflow (2) Hughes Technologies Mini SQL (mSQL) 2.0.11 - 'w3-msql' Buffer Overflow Hughes Technologies Mini SQL (mSQL) 2.0.11 - 'w3-msql' Remote Buffer Overflow Qualcomm qpopper 3.0 - 'LIST' Buffer Overflow Qualcomm qpopper 3.0 - 'LIST' Remote Buffer Overflow Michael Sandrof IrcII 4.4-7 - Buffer Overflow Michael Sandrof IrcII 4.4-7 - Remote Buffer Overflow Microsoft FrontPage 98 Server Extensions for IIS / Microsoft InterDev 1.0 - Buffer Overflow UoW IMAPd Server 10.234/12.264 - Buffer Overflow Microsoft FrontPage 98 Server Extensions for IIS / Microsoft InterDev 1.0 - Remote Buffer Overflow UoW IMAPd Server 10.234/12.264 - Remote Buffer Overflow ALLMediaServer 0.8 - Buffer Overflow (Metasploit) ALLMediaServer 0.8 - Remote Buffer Overflow (Metasploit) LCDProc 0.4 - Buffer Overflow LCDProc 0.4 - Remote Buffer Overflow NetWin DNews 5.3 Server - Buffer Overflow NetWin DNews 5.3 Server - Remote Buffer Overflow Cygnus Network Security 4.0/KerbNet 5.0 / MIT Kerberos 4/5 / RedHat 6.2 - Compatibility 'krb_rd_req()' Buffer Overflow (1) Cygnus Network Security 4.0/KerbNet 5.0 / MIT Kerberos 4/5 / RedHat 6.2 - Compatibility 'krb_rd_req()' Buffer Overflow (3) Cygnus Network Security 4.0/KerbNet 5.0 / MIT Kerberos 4/5 / RedHat 6.2 - Compatibility 'krb_rd_req()' Remote Buffer Overflow (1) Cygnus Network Security 4.0/KerbNet 5.0 / MIT Kerberos 4/5 / RedHat 6.2 - Compatibility 'krb_rd_req()' Remote Buffer Overflow (3) Novell ZENworks Configuration Management Preboot Service 0x06 - Buffer Overflow (Metasploit) Novell ZENworks Configuration Management Preboot Service 0x21 - Buffer Overflow (Metasploit) Novell ZENworks Configuration Management Preboot Service 0x06 - Remote Buffer Overflow (Metasploit) Novell ZENworks Configuration Management Preboot Service 0x21 - Remote Buffer Overflow (Metasploit) Lotus Domino Enterprise Server 5.0.1/5.0.2/5.0.3 / Mail Server 5.0.1/5.0.2/5.0.3 - Buffer Overflow Lotus Domino Enterprise Server 5.0.1/5.0.2/5.0.3 / Mail Server 5.0.1/5.0.2/5.0.3 - Remote Buffer Overflow Concatus IMate Web Mail Server 2.5 - Buffer Overflow Concatus IMate Web Mail Server 2.5 - Remote Buffer Overflow SapporoWorks WinProxy 2.0/2.0.1 - Buffer Overflow SapporoWorks WinProxy 2.0/2.0.1 - Remote Buffer Overflow DALnet Bahamut IRCd 4.6.5 - 'SUMMON' Buffer Overflow DALnet Bahamut IRCd 4.6.5 - 'SUMMON' Remote Buffer Overflow Michael Lamont Savant Web Server 2.1/3.0 - Buffer Overflow Michael Lamont Savant Web Server 2.1/3.0 - Remote Buffer Overflow Infopulse GateKeeper 3.5 - Buffer Overflow Infopulse GateKeeper 3.5 - Remote Buffer Overflow OReilly Software WebSite Professional 2.3.18/2.4/2.4.9 - 'webfind.exe' Buffer Overflow OReilly Software WebSite Professional 2.3.18/2.4/2.4.9 - 'webfind.exe' Remote Buffer Overflow NAI Net Tools PKI Server 1.0 - 'strong.exe' Buffer Overflow NAI Net Tools PKI Server 1.0 - 'strong.exe' Remote Buffer Overflow MediaHouse Software Statistics Server LiveStats 5.2 - Buffer Overflow MediaHouse Software Statistics Server LiveStats 5.2 - Remote Buffer Overflow Luca Deri ntop 1.2 a7-9/1.3.1 - Buffer Overflow Luca Deri ntop 1.2 a7-9/1.3.1 - Remote Buffer Overflow RobTex Viking Server 1.0.6 Build 355 - Buffer Overflow RobTex Viking Server 1.0.6 Build 355 - Remote Buffer Overflow eEye Digital Security IRIS 1.0.1 / SpyNet CaptureNet 3.0.12 - Buffer Overflow eEye Digital Security IRIS 1.0.1 / SpyNet CaptureNet 3.0.12 - Remote Buffer Overflow Mobius DocumentDirect for the Internet 1.2 - Buffer Overflow Mobius DocumentDirect for the Internet 1.2 - Remote Buffer Overflow Cisco Secure ACS for Windows NT 2.42 - Buffer Overflow Cisco Secure ACS for Windows NT 2.42 - Remote Buffer Overflow UoW Pine 4.0.4/4.10/4.21 - 'From:' Buffer Overflow UoW Pine 4.0.4/4.10/4.21 - 'From:' Remote Buffer Overflow Nevis Systems All-Mail 1.1 - Buffer Overflow Nevis Systems All-Mail 1.1 - Remote Buffer Overflow Samba 1.9.19 - 'Password' Buffer Overflow Samba 1.9.19 - 'Password' Remote Buffer Overflow Joe Kloss RobinHood 1.1 - Buffer Overflow Joe Kloss RobinHood 1.1 - Remote Buffer Overflow Microsoft Windows Media Player 7.0 - '.asx' Buffer Overflow Microsoft Windows Media Player 7.0 - '.asx' Remote Buffer Overflow Oops Proxy Server 1.4.22 - Buffer Overflow (1) Oops Proxy Server 1.4.22 - Buffer Overflow (2) Oops Proxy Server 1.4.22 - Remote Buffer Overflow (1) Oops Proxy Server 1.4.22 - Remote Buffer Overflow (2) AOL Instant Messenger 3.5.1856/4.0/4.1.2010/4.2.1193 - 'aim://' Buffer Overflow AOL Instant Messenger 3.5.1856/4.0/4.1.2010/4.2.1193 - 'aim://' Remote Buffer Overflow SWSoft ASPSeek 1.0 - 's.cgi' Buffer Overflow SWSoft ASPSeek 1.0 - 's.cgi' Remote Buffer Overflow FreeBSD 2.2-4.2 / NetBSD 1.2-4.5 / OpenBSD 2.x - FTPd 'glob()' Buffer Overflow FreeBSD 4.2-stable - FTPd 'glob()' Buffer Overflow OpenBSD 2.x < 2.8 FTPd - 'glob()' Buffer Overflow FreeBSD 2.2-4.2 / NetBSD 1.2-4.5 / OpenBSD 2.x - FTPd 'glob()' Remote Buffer Overflow FreeBSD 4.2-stable - FTPd 'glob()' Remote Buffer Overflow OpenBSD 2.x < 2.8 FTPd - 'glob()' Remote Buffer Overflow Netscape SmartDownload 1.3 - Buffer Overflow Netscape SmartDownload 1.3 - Remote Buffer Overflow WFTPD 3.0 - 'RETR' / 'CWD' Buffer Overflow WFTPD 3.0 - 'RETR' / 'CWD' Remote Buffer Overflow Xinetd 2.1.8 - Buffer Overflow Xinetd 2.1.8 - Remote Buffer Overflow Microsoft Visual Studio RAD Support - Buffer Overflow Microsoft Visual Studio RAD Support - Buffer Overflow (MS03-051) (Metasploit) Microsoft Visual Studio RAD Support - Remote Buffer Overflow Microsoft Visual Studio RAD Support - Remote Buffer Overflow (MS03-051) (Metasploit) Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - 'TelnetD' Buffer Overflow Solaris 2.x/7.0/8 / IRIX 6.5.x / OpenBSD 2.x / NetBSD 1.x / Debian 3 / HP-UX 10 - 'TelnetD' Remote Buffer Overflow xloadimage 4.1 - Buffer Overflow xloadimage 4.1 - Remote Buffer Overflow NCSA HTTPd 1.x - Buffer Overflow (1) NCSA HTTPd 1.x - Buffer Overflow (2) NCSA HTTPd 1.x - Remote Buffer Overflow (1) NCSA HTTPd 1.x - Remote Buffer Overflow (2) AOLServer 3 - 'Authentication String' Buffer Overflow (1) AOLServer 3 - 'Authentication String' Buffer Overflow (2) AIX 4.1/4.2 - 'pdnsd' Buffer Overflow AOLServer 3 - 'Authentication String' Remote Buffer Overflow (1) AOLServer 3 - 'Authentication String' Remote Buffer Overflow (2) AIX 4.1/4.2 - 'pdnsd' Remote Buffer Overflow EFTP 2.0.7 337 - Buffer Overflow Code Execution / Denial of Service EFTP 2.0.7 337 - Remote Buffer Overflow Code Execution / Denial of Service Oracle9iAS Web Cache 2.0 - Buffer Overflow Oracle9iAS Web Cache 2.0 - Remote Buffer Overflow Ipswitch WS_FTP Server 1.0.x/2.0.x - 'STAT' Buffer Overflow Ipswitch WS_FTP Server 1.0.x/2.0.x - 'STAT' Remote Buffer Overflow ActivePerl 5.6.1 - 'perlIIS.dll' Buffer Overflow (1) ActivePerl 5.6.1 - 'perlIIS.dll' Buffer Overflow (2) ActivePerl 5.6.1 - 'perlIIS.dll' Buffer Overflow (3) ActivePerl 5.6.1 - 'perlIIS.dll' Remote Buffer Overflow (1) ActivePerl 5.6.1 - 'perlIIS.dll' Remote Buffer Overflow (2) ActivePerl 5.6.1 - 'perlIIS.dll' Remote Buffer Overflow (3) Solaris 2.x/7.0/8 - Derived 'login' Buffer Overflow Solaris 2.x/7.0/8 - Derived 'login' Remote Buffer Overflow BrowseFTP Client 1.62 - Buffer Overflow BrowseFTP Client 1.62 - Remote Buffer Overflow Boozt 0.9.8 - Buffer Overflow Boozt 0.9.8 - Remote Buffer Overflow John Roy Pi3Web 2.0 For Windows - Buffer Overflow John Roy Pi3Web 2.0 For Windows - Remote Buffer Overflow Phusion WebServer 1.0 - 'URL' Buffer Overflow Phusion WebServer 1.0 - 'URL' Remote Buffer Overflow Essentia Web Server 2.1 - 'URL' Buffer Overflow Essentia Web Server 2.1 - 'URL' Remote Buffer Overflow Youngzsoft CMailServer 3.30/4.0 - Buffer Overflow (1) Youngzsoft CMailServer 3.30/4.0 - Buffer Overflow (2) Matu FTP Server 1.13 - Buffer Overflow Youngzsoft CMailServer 3.30/4.0 - Remote Buffer Overflow (1) Youngzsoft CMailServer 3.30/4.0 - Remote Buffer Overflow (2) Matu FTP Server 1.13 - Remote Buffer Overflow Microsoft Internet Explorer 5/6 / Microsoft ISA Server 2000 / Microsoft Proxy Server 2.0 Gopher Client - Buffer Overflow Microsoft Internet Explorer 5/6 / Microsoft ISA Server 2000 / Microsoft Proxy Server 2.0 Gopher Client - Remote Buffer Overflow ATPhttpd 0.4b - Buffer Overflow ATPhttpd 0.4b - Remote Buffer Overflow Trillian 0.x IRC Module - Buffer Overflow Trillian 0.x IRC Module - Remote Buffer Overflow Avaya WinPMD UniteHostRouter - Buffer Overflow (Metasploit) Avaya WinPMD UniteHostRouter - Remote Buffer Overflow (Metasploit) ghttpd 1.4.x - 'Log()' Buffer Overflow ghttpd 1.4.x - 'Log()' Remote Buffer Overflow TFTPD32 2.50 - 'Filename' Buffer Overflow TFTPD32 2.50 - 'Filename' Remote Buffer Overflow AIX 3.x/4.x / Windows 95/98/2000/NT 4.0 / SunOS 5 - 'gethostbyname()' Buffer Overflow AIX 3.x/4.x / Windows 95/98/2000/NT 4.0 / SunOS 5 - 'gethostbyname()' Remote Buffer Overflow PGP4Pine 1.75.6/1.76 - 'Message Line' Buffer Overflow PGP4Pine 1.75.6/1.76 - 'Message Line' Remote Buffer Overflow Freefloat FTP Server - 'PUT' Buffer Overflow Freefloat FTP Server - 'PUT' Remote Buffer Overflow Microsoft IIS 5.0 (Windows XP/2000/NT 4.0) - WebDAV 'ntdll.dll' Buffer Overflow (1) Microsoft IIS 5.0 (Windows XP/2000/NT 4.0) - WebDAV 'ntdll.dll' Buffer Overflow (2) Microsoft IIS 5.0 (Windows XP/2000/NT 4.0) - WebDAV 'ntdll.dll' Buffer Overflow (3) Microsoft IIS 5.0 (Windows XP/2000/NT 4.0) - WebDAV 'ntdll.dll' Buffer Overflow (4) Microsoft IIS 5.0 (Windows XP/2000/NT 4.0) - WebDAV 'ntdll.dll' Remote Buffer Overflow (1) Microsoft IIS 5.0 (Windows XP/2000/NT 4.0) - WebDAV 'ntdll.dll' Remote Buffer Overflow (2) Microsoft IIS 5.0 (Windows XP/2000/NT 4.0) - WebDAV 'ntdll.dll' Remote Buffer Overflow (3) Microsoft IIS 5.0 (Windows XP/2000/NT 4.0) - WebDAV 'ntdll.dll' Remote Buffer Overflow (4) Aladdin Knowledge System Ltd - 'ChooseFilePath' Buffer Overflow (Metasploit) Aladdin Knowledge System Ltd - 'ChooseFilePath' Remote Buffer Overflow (Metasploit) HP Intelligent Management Center UAM - Buffer Overflow (Metasploit) HP Intelligent Management Center UAM - Remote Buffer Overflow (Metasploit) Microsoft Internet Explorer 5 - Remote 'URLMON.dll' Buffer Overflow Microsoft Internet Explorer 5 - Remote 'URLMON.dll' Remote Buffer Overflow Yahoo! Voice Chat ActiveX Control 1.0.0.43 - Buffer Overflow Yahoo! Voice Chat ActiveX Control 1.0.0.43 - Remote Buffer Overflow MNOGoSearch 3.1.20 - 'search.cgi?UL' Buffer Overflow (1) MNOGoSearch 3.1.20 - 'search.cgi?UL' Buffer Overflow (2) MNOGoSearch 3.1.20 - 'search.cgi?UL' Remote Buffer Overflow (1) MNOGoSearch 3.1.20 - 'search.cgi?UL' Remote Buffer Overflow (2) Alt-N WebAdmin 2.0.x - 'USER' Buffer Overflow (1) Alt-N WebAdmin 2.0.x - 'USER' Buffer Overflow (2) Alt-N WebAdmin 2.0.x - 'USER' Remote Buffer Overflow (1) Alt-N WebAdmin 2.0.x - 'USER' Remote Buffer Overflow (2) Freefloat FTP Server - 'USER' Buffer Overflow Freefloat FTP Server - 'USER' Remote Buffer Overflow PLD Software Ebola 0.1.4 - Buffer Overflow PLD Software Ebola 0.1.4 - Remote Buffer Overflow Webcam Corp Webcam Watchdog 1.0/1.1/3.63 Web Server - Buffer Overflow Webcam Corp Webcam Watchdog 1.0/1.1/3.63 Web Server - Remote Buffer Overflow Metamail 2.7 - Multiple Buffer Overflow/Format String Handling Vulnerabilities Metamail 2.7 - Multiple Buffer Overflow / Format String Handling Vulnerabilities Enterasys NetSight - 'nssyslogd.exe' Buffer Overflow (Metasploit) Enterasys NetSight - 'nssyslogd.exe' Remote Buffer Overflow (Metasploit) LHA 1.x - Buffer Overflow / Directory Traversal LHA 1.x - Remote Buffer Overflow / Directory Traversal Novell eDirectory 8 - Buffer Overflow (Metasploit) Novell eDirectory 8 - Remote Buffer Overflow (Metasploit) Citadel/UX 5.9/6.x - 'Username' Buffer Overflow (1) Citadel/UX 5.9/6.x - 'Username' Buffer Overflow (2) Citadel/UX 5.9/6.x - 'Username' Remote Buffer Overflow (1) Citadel/UX 5.9/6.x - 'Username' Remote Buffer Overflow (2) Freefloat FTP Server 1.0 - 'Raw' Buffer Overflow Freefloat FTP Server 1.0 - 'Raw' Remote Buffer Overflow Raven Software Soldier Of Fortune 2 - Buffer Overflow Raven Software Soldier Of Fortune 2 - Remote Buffer Overflow Cool PDF Image Stream - Buffer Overflow (Metasploit) Cool PDF Image Stream - Remote Buffer Overflow (Metasploit) KNet Web Server 1.04b - Buffer Overflow (SEH) BigAnt Server 2.97 - DDNF 'Username' Buffer Overflow KNet Web Server 1.04b - Remote Buffer Overflow (SEH) BigAnt Server 2.97 - DDNF 'Username' Remote Buffer Overflow MinaliC WebServer 2.0.0 - Buffer Overflow MinaliC WebServer 2.0.0 - Remote Buffer Overflow 2Fax 3.0 Tab Expansion - Buffer Overflow 2Fax 3.0 Tab Expansion - Remote Buffer Overflow Light HTTPD 0.1 (Windows) - Buffer Overflow Light HTTPD 0.1 (Windows) - Remote Buffer Overflow PGN2WEB 0.3 - Buffer Overflow PGN2WEB 0.3 - Remote Buffer Overflow Mesh Viewer 0.2.2 - Buffer Overflow Mesh Viewer 0.2.2 - Remote Buffer Overflow CSV2XML 0.5.1 - Buffer Overflow CSV2XML 0.5.1 - Remote Buffer Overflow PCAL 4.x - Calendar File 'getline' Buffer Overflow PCAL 4.x - Calendar File 'get_holiday' Buffer Overflow PCAL 4.x - Calendar File 'getline' Remote Buffer Overflow PCAL 4.x - Calendar File 'get_holiday' Remote Buffer Overflow Microsoft MSN Messenger 6.2.0137 - '.png' Buffer Overflow Microsoft MSN Messenger 6.2.0137 - '.png' Remote Buffer Overflow Convert-UUlib 1.04/1.05 Perl Module - Buffer Overflow Convert-UUlib 1.04/1.05 Perl Module - Remote Buffer Overflow Clever's Games Terminator 3: War of the Machines 1.16 Server - Buffer Overflow Clever's Games Terminator 3: War of the Machines 1.16 Server - Remote Buffer Overflow PCMan FTP Server 2.0.7 - Buffer Overflow PCMan FTP Server 2.0.7 - Remote Buffer Overflow PCMan FTP Server 2.07 - 'PASS' Buffer Overflow PCMan FTP Server 2.07 - 'PASS' Remote Buffer Overflow MinaliC WebServer 2.0.0 - Buffer Overflow (Egghunter) MinaliC WebServer 2.0.0 - Remote Buffer Overflow (Egghunter) Intrasrv 1.0 - Buffer Overflow (Metasploit) Intrasrv 1.0 - Remote Buffer Overflow (Metasploit) PCMan FTP Server 2.07 - 'STOR' Buffer Overflow PCMan FTP Server 2.07 - 'STOR' Remote Buffer Overflow freeFTPd 1.0.10 - 'PASS' Buffer Overflow (SEH) freeFTPd 1.0.10 - 'PASS' Remote Buffer Overflow (SEH) freeFTPd 1.0.10 - 'PASS' Buffer Overflow (SEH) (Metasploit) freeFTPd 1.0.10 - 'PASS' Remote Buffer Overflow (SEH) (Metasploit) freeFTPd 1.0.10 - 'PASS' Buffer Overflow (Metasploit) freeFTPd 1.0.10 - 'PASS' Remote Buffer Overflow (Metasploit) NETGEAR MA521 Wireless Driver 5.148.724 - 'Beacon Probe' Buffer Overflow NETGEAR MA521 Wireless Driver 5.148.724 - 'Beacon Probe' Remote Buffer Overflow Supermicro Onboard IPMI - 'close_window.cgi' Buffer Overflow (Metasploit) Supermicro Onboard IPMI - 'close_window.cgi' Remote Buffer Overflow (Metasploit) PHP 5.1.6 - 'Imap_Mail_Compose()' Buffer Overflow PHP 5.1.6 - 'Imap_Mail_Compose()' Remote Buffer Overflow LANDesk Management Suite 8.7 Alert Service - 'AOLSRVR.exe' Buffer Overflow LANDesk Management Suite 8.7 Alert Service - 'AOLSRVR.exe' Remote Buffer Overflow BlueSkyChat ActiveX Control 8.1.2 - Buffer Overflow BlueSkyChat ActiveX Control 8.1.2 - Remote Buffer Overflow OpenBase 10.0.x - Buffer Overflow / Remote Command Execution OpenBase 10.0.x - Remote Buffer Overflow / Remote Command Execution GlobalLink 'GLChat.ocx' 2.5.1 - ActiveX Control 'ChatRoom()' Buffer Overflow GlobalLink 'GLChat.ocx' 2.5.1 - ActiveX Control 'ChatRoom()' Remote Buffer Overflow LamaHub 0.0.6.2 - Buffer Overflow LamaHub 0.0.6.2 - Remote Buffer Overflow WinComLPD Total 3.0.2.623 - Buffer Overflow / Authentication Bypass WinComLPD Total 3.0.2.623 - Remote Buffer Overflow / Authentication Bypass PCMan FTP Server 2.07 - 'ABOR' Buffer Overflow PCMan FTP Server 2.07 - 'CWD' Buffer Overflow PCMan FTP Server 2.07 - 'ABOR' Remote Buffer Overflow PCMan FTP Server 2.07 - 'CWD' Remote Buffer Overflow haneWIN DNS Server 1.5.3 - Buffer Overflow (SEH) haneWIN DNS Server 1.5.3 - Remote Buffer Overflow (SEH) Ghostscript 8.0.1/8.15 - 'zseticcspace()' Buffer Overflow Ghostscript 8.0.1/8.15 - 'zseticcspace()' Remote Buffer Overflow PECL 3.0.x - Alternative PHP Cache Extension 'apc_search_paths()' Buffer Overflow PECL 3.0.x - Alternative PHP Cache Extension 'apc_search_paths()' Remote Buffer Overflow PCMan FTP Server 2.07 - Buffer Overflow PCMan FTP Server 2.07 - Remote Buffer Overflow Yokogawa CENTUM CS 3000 - 'BKHOdeq.exe' Buffer Overflow (Metasploit) Yokogawa CENTUM CS 3000 - 'BKBCopyD.exe' Buffer Overflow (Metasploit) Yokogawa CENTUM CS 3000 - 'BKHOdeq.exe' Remote Buffer Overflow (Metasploit) Yokogawa CENTUM CS 3000 - 'BKBCopyD.exe' Remote Buffer Overflow (Metasploit) Novell ZENworks Desktop Management 6.5 - ActiveX Control 'CanUninstall()' Buffer Overflow Novell ZENworks Desktop Management 6.5 - ActiveX Control 'CanUninstall()' Remote Buffer Overflow Hummingbird HostExplorer 6.2/8.0 - ActiveX Control 'PlainTextPassword()' Buffer Overflow Hummingbird HostExplorer 6.2/8.0 - ActiveX Control 'PlainTextPassword()' Remote Buffer Overflow PyCrypto ARC2 Module - Buffer Overflow PyCrypto ARC2 Module - Remote Buffer Overflow Novell eDirectory 8.8 - '/dhost/modules?I:' Buffer Overflow Novell eDirectory 8.8 - '/dhost/modules?I:' Remote Buffer Overflow SmartVMD 1.3 - ActiveX Control 'VideoMovementDetection.dll' Buffer Overflow SmartVMD 1.3 - ActiveX Control 'VideoMovementDetection.dll' Remote Buffer Overflow Yokogawa CS3000 - 'BKESimmgr.exe' Buffer Overflow (Metasploit) Yokogawa CS3000 - 'BKESimmgr.exe' Remote Buffer Overflow (Metasploit) Xfig and Transfig 3.2.5 - '.fig' Buffer Overflow Xfig and Transfig 3.2.5 - '.fig' Remote Buffer Overflow Ericom AccessNow Server - Buffer Overflow (Metasploit) Ericom AccessNow Server - Remote Buffer Overflow (Metasploit) WinSoftMagic Photo Editor - '.png' Buffer Overflow WinSoftMagic Photo Editor - '.png' Remote Buffer Overflow D-Link Devices - 'Authentication.cgi' Buffer Overflow (Metasploit) D-Link Devices - 'hedwig.cgi' Buffer Overflow in Cookie Header (Metasploit) D-Link Devices - 'Authentication.cgi' Remote Buffer Overflow (Metasploit) D-Link Devices - 'hedwig.cgi' Remote Buffer Overflow in Cookie Header (Metasploit) Serenity Audio Player 3.2.3 - '.m3u' Buffer Overflow Serenity Audio Player 3.2.3 - '.m3u' Buffer Overflow (Metasploit) Serenity Audio Player 3.2.3 - '.m3u' Remote Buffer Overflow Serenity Audio Player 3.2.3 - '.m3u' Remote Buffer Overflow (Metasploit) X-Motor Racing 1.26 - Buffer Overflow / Multiple Denial of Service Vulnerabilities X-Motor Racing 1.26 - Remote Buffer Overflow / Multiple Denial of Service Vulnerabilities Yokogawa CS3000 - 'BKFSim_vhfd.exe' Buffer Overflow (Metasploit) Yokogawa CS3000 - 'BKFSim_vhfd.exe' Remote Buffer Overflow (Metasploit) Enemy Territory: Quake Wars 1.5.12642.33243 - Buffer Overflow Enemy Territory: Quake Wars 1.5.12642.33243 - Remote Buffer Overflow Mozilla Firefox and SeaMonkey Plugin Parameters - Buffer Overflow Mozilla Firefox and SeaMonkey Plugin Parameters - Remote Buffer Overflow Kolibri WebServer 2.0 - Buffer Overflow (EMET 5.0 / EMET 4.1 Partial Bypass) Kolibri WebServer 2.0 - Remote Buffer Overflow (EMET 5.0 / EMET 4.1 Partial Bypass) Belkin N750 - 'jump?login' Buffer Overflow Belkin N750 - 'jump?login' Remote Buffer Overflow ESTsoft ALZip 8.12.0.3 - '.zip' Buffer Overflow ESTsoft ALZip 8.12.0.3 - '.zip' Remote Buffer Overflow Monkey's Audio - '.ape' Buffer Overflow Monkey's Audio - '.ape' Remote Buffer Overflow Microsoft Excel - Buffer Overflow Microsoft Excel - Remote Buffer Overflow OpenMyZip 0.1 - '.zip' Buffer Overflow OpenMyZip 0.1 - '.zip' Remote Buffer Overflow Achat 0.150 beta7 - Buffer Overflow (Metasploit) Achat 0.150 beta7 - Remote Buffer Overflow (Metasploit) PCMan FTP Server 2.0.7 - 'MKD' Buffer Overflow PCMan FTP Server 2.0.7 - 'MKD' Remote Buffer Overflow WebDrive 12.2 (Build #4172) - Buffer Overflow (PoC) WebDrive 12.2 (Build #4172) - Remote Buffer Overflow (PoC) FileZilla Client 2.2.x - Buffer Overflow (SEH) PCMan FTP Server 2.0.7 - 'PUT' Buffer Overflow FileZilla Client 2.2.x - Remote Buffer Overflow (SEH) PCMan FTP Server 2.0.7 - 'PUT' Remote Buffer Overflow PCMan FTP Server 2.0.7 - 'GET' Buffer Overflow PCMan FTP Server 2.0.7 - 'GET' Remote Buffer Overflow PCMan FTP Server 2.0.7 - 'RENAME' Buffer Overflow PCMan FTP Server 2.0.7 - 'RENAME' Remote Buffer Overflow Achat 0.150 beta7 - Buffer Overflow Achat 0.150 beta7 - Remote Buffer Overflow AVM FRITZ!Box < 6.30 - Buffer Overflow AVM FRITZ!Box < 6.30 - Remote Buffer Overflow PCMan FTP Server 2.0.7 - 'RENAME' Buffer Overflow (Metasploit) PCMan FTP Server 2.0.7 - 'RENAME' Remote Buffer Overflow (Metasploit) Poison Ivy 2.1.x (C2 Server) - Buffer Overflow (Metasploit) Poison Ivy 2.1.x (C2 Server) - Remote Buffer Overflow (Metasploit) PCMan FTP Server 2.0.7 - 'ls' Buffer Overflow (Metasploit) PCMan FTP Server 2.0.7 - 'ls' Remote Buffer Overflow (Metasploit) TFTP Server 1.4 - 'WRQ' Buffer Overflow (Egghunter) TFTP Server 1.4 - 'WRQ' Remote Buffer Overflow (Egghunter) Disk Pulse Enterprise 9.0.34 - 'Login' Buffer Overflow VX Search Enterprise 9.0.26 - 'Login' Buffer Overflow Sync Breeze Enterprise 8.9.24 - 'Login' Buffer Overflow Dup Scout Enterprise 9.0.28 - 'Login' Buffer Overflow Disk Sorter Enterprise 9.0.24 - 'Login' Buffer Overflow Disk Savvy Enterprise 9.0.32 - 'Login' Buffer Overflow Disk Pulse Enterprise 9.0.34 - 'Login' Remote Buffer Overflow VX Search Enterprise 9.0.26 - 'Login' Remote Buffer Overflow Sync Breeze Enterprise 8.9.24 - 'Login' Remote Buffer Overflow Dup Scout Enterprise 9.0.28 - 'Login' Remote Buffer Overflow Disk Sorter Enterprise 9.0.24 - 'Login' Remote Buffer Overflow Disk Savvy Enterprise 9.0.32 - 'Login' Remote Buffer Overflow PCMan FTP Server 2.0.7 - 'DELETE' Buffer Overflow Freefloat FTP Server 1.0 - 'ABOR' Buffer Overflow Freefloat FTP Server 1.0 - 'RMD' Buffer Overflow Freefloat FTP Server 1.0 - 'HOST' Buffer Overflow PCMan FTP Server 2.0.7 - 'DELETE' Remote Buffer Overflow Freefloat FTP Server 1.0 - 'ABOR' Remote Buffer Overflow Freefloat FTP Server 1.0 - 'RMD' Remote Buffer Overflow Freefloat FTP Server 1.0 - 'HOST' Remote Buffer Overflow Freefloat FTP Server 1.0 - 'RENAME' Buffer Overflow PCMan FTP Server 2.0.7 - 'UMASK' Buffer Overflow Freefloat FTP Server 1.0 - 'DIR' Buffer Overflow Freefloat FTP Server 1.0 - 'RENAME' Remote Buffer Overflow PCMan FTP Server 2.0.7 - 'UMASK' Remote Buffer Overflow Freefloat FTP Server 1.0 - 'DIR' Remote Buffer Overflow PCMan FTP Server 2.0.7 - 'ACCT' Buffer Overflow Freefloat FTP Server 1.0 - 'SITE ZONE' Buffer Overflow PCMan FTP Server 2.0.7 - 'NLST' Buffer Overflow PCMan FTP Server 2.0.7 - 'SITE CHMOD' Buffer Overflow PCMan FTP Server 2.0.7 - 'PORT' Buffer Overflow PCMan FTP Server 2.0.7 - 'ACCT' Remote Buffer Overflow Freefloat FTP Server 1.0 - 'SITE ZONE' Remote Buffer Overflow PCMan FTP Server 2.0.7 - 'NLST' Remote Buffer Overflow PCMan FTP Server 2.0.7 - 'SITE CHMOD' Remote Buffer Overflow PCMan FTP Server 2.0.7 - 'PORT' Remote Buffer Overflow Disk Pulse Enterprise 9.0.34 - 'Login' Buffer Overflow' (Metasploit) Disk Pulse Enterprise 9.0.34 - 'Login' Remote Buffer Overflow (Metasploit) VX Search Enterprise 9.1.12 - 'Login' Buffer Overflow Sync Breeze Enterprise 9.1.16 - 'Login' Buffer Overflow Disk Sorter Enterprise 9.1.12 - 'Login' Buffer Overflow Dup Scout Enterprise 9.1.14 - 'Login' Buffer Overflow Disk Savvy Enterprise 9.1.14 - 'Login' Buffer Overflow Disk Pulse Enterprise 9.1.16 - 'Login' Buffer Overflow Disk Savvy Enterprise 9.1.14 - 'GET' Buffer Overflow VX Search Enterprise 9.1.12 - 'Login' Remote Buffer Overflow Sync Breeze Enterprise 9.1.16 - 'Login' Remote Buffer Overflow Disk Sorter Enterprise 9.1.12 - 'Login' Remote Buffer Overflow Dup Scout Enterprise 9.1.14 - 'Login' Remote Buffer Overflow Disk Savvy Enterprise 9.1.14 - 'Login' Remote Buffer Overflow Disk Pulse Enterprise 9.1.16 - 'Login' Remote Buffer Overflow Disk Savvy Enterprise 9.1.14 - 'GET' Remote Buffer Overflow Dup Scout Enterprise 9.1.14 - Buffer Overflow (SEH) DiskBoss Enterprise 7.4.28 - 'GET' Buffer Overflow Dup Scout Enterprise 9.1.14 - Remote Buffer Overflow (SEH) DiskBoss Enterprise 7.4.28 - 'GET' Remote Buffer Overflow DiskBoss Enterprise 7.5.12 - 'POST' Buffer Overflow (SEH) DiskBoss Enterprise 7.5.12 - 'POST' Remote Buffer Overflow (SEH) WinaXe Plus 8.7 - Buffer Overflow WinaXe Plus 8.7 - Remote Buffer Overflow Disk Savvy Enterprise 9.4.18 - Buffer Overflow (SEH) Disk Savvy Enterprise 9.4.18 - Remote Buffer Overflow (SEH) SysGauge 1.5.18 - Buffer Overflow SysGauge 1.5.18 - Remote Buffer Overflow FTPShell Client 6.53 - Buffer Overflow Azure Data Expert Ultimate 2.2.16 - Buffer Overflow FTPShell Client 6.53 - Remote Buffer Overflow Azure Data Expert Ultimate 2.2.16 - Remote Buffer Overflow Disk Sorter Enterprise 9.5.12 - 'GET' Buffer Overflow (SEH) Disk Sorter Enterprise 9.5.12 - 'GET' Remote Buffer Overflow (SEH) Easy File Sharing Web Server 7.2 - GET 'PassWD' Buffer Overflow (SEH) Easy File Sharing Web Server 7.2 - GET 'PassWD' Remote Buffer Overflow (SEH) Microsoft IIS 6.0 - WebDAV 'ScStoragePathFromUrl' Buffer Overflow Microsoft IIS 6.0 - WebDAV 'ScStoragePathFromUrl' Remote Buffer Overflow Sync Breeze Enterprise 9.5.16 - 'GET' Buffer Overflow (SEH) Sync Breeze Enterprise 9.5.16 - 'GET' Remote Buffer Overflow (SEH) LabF nfsAxe 3.7 FTP Client - Buffer Overflow (SEH) LabF nfsAxe 3.7 FTP Client - Remote Buffer Overflow (SEH) EFS Easy Chat Server 3.1 - Buffer Overflow (SEH) EFS Easy Chat Server 3.1 - Remote Buffer Overflow (SEH) Easy File Sharing Web Server 7.2 - 'POST' Buffer Overflow Easy File Sharing Web Server 7.2 - 'POST' Remote Buffer Overflow Easy File Sharing Web Server 7.2 - 'POST' Buffer Overflow (DEP Bypass) SpyCamLizard 1.230 - Buffer Overflow Easy File Sharing Web Server 7.2 - 'POST' Remote Buffer Overflow (DEP Bypass) SpyCamLizard 1.230 - Remote Buffer Overflow Easy File Sharing Web Server 7.2 - GET 'PassWD' Buffer Overflow (DEP Bypass) Easy File Sharing Web Server 7.2 - GET 'PassWD' Remote Buffer Overflow (DEP Bypass) FTPGetter 5.89.0.85 - Buffer Overflow (SEH) FTPGetter 5.89.0.85 - Remote Buffer Overflow (SEH) DiskBoss Enterprise 8.2.14 - Buffer Overflow DiskBoss Enterprise 8.2.14 - Remote Buffer Overflow Dup Scout Enterprise 9.9.14 - Buffer Overflow (SEH) Disk Savvy Enterprise 9.9.14 - Buffer Overflow (SEH) Sync Breeze Enterprise 9.9.16 - Buffer Overflow (SEH) Disk Pulse Enterprise 9.9.16 - Buffer Overflow (SEH) Dup Scout Enterprise 9.9.14 - Remote Buffer Overflow (SEH) Disk Savvy Enterprise 9.9.14 - Remote Buffer Overflow (SEH) Sync Breeze Enterprise 9.9.16 - Remote Buffer Overflow (SEH) Disk Pulse Enterprise 9.9.16 - Remote Buffer Overflow (SEH) Gh0st Client (C2 Server) - Buffer Overflow (Metasploit) Gh0st Client (C2 Server) - Remote Buffer Overflow (Metasploit) Sielco Sistemi Winlog 2.07.16 - Buffer Overflow (Metasploit) Sielco Sistemi Winlog 2.07.16 - Remote Buffer Overflow (Metasploit) Lockstep Backup for Workgroups 4.0.3 - Buffer Overflow (Metasploit) Disk Pulse Server 2.2.34 - 'GetServerInfo' Buffer Overflow (Metasploit) haneWIN DNS Server 1.5.3 - Buffer Overflow (Metasploit) Lockstep Backup for Workgroups 4.0.3 - Remote Buffer Overflow (Metasploit) Disk Pulse Server 2.2.34 - 'GetServerInfo' Remote Buffer Overflow (Metasploit) haneWIN DNS Server 1.5.3 - Remote Buffer Overflow (Metasploit) Sync Breeze Enterprise 10.0.28 - Buffer Overflow Sync Breeze Enterprise 10.0.28 - Remote Buffer Overflow VX Search Enterprise 10.1.12 - Buffer Overflow Sync Breeze Enterprise 10.1.16 - Buffer Overflow (SEH) (Metasploit) VX Search Enterprise 10.1.12 - Remote Buffer Overflow Sync Breeze Enterprise 10.1.16 - Remote Buffer Overflow (SEH) (Metasploit) Ayukov NFTP FTP Client < 2.0 - Buffer Overflow Ayukov NFTP FTP Client < 2.0 - Remote Buffer Overflow Avaya OfficeScan (IPO) < 10.1 - 'SoftConsole' Buffer Overflow (SEH) Avaya OfficeScan (IPO) < 10.1 - 'SoftConsole' Remote Buffer Overflow (SEH) Dup Scout Enterprise 10.0.18 - 'Login' Buffer Overflow Sync Breeze Enterprise 10.1.16 - 'POST' Buffer Overflow Dup Scout Enterprise 10.0.18 - 'Login' Remote Buffer Overflow Sync Breeze Enterprise 10.1.16 - 'POST' Remote Buffer Overflow |
||
|---|---|---|
| platforms | ||
| files.csv | ||
| README.md | ||
| searchsploit | ||
The Exploit Database Git Repository
This is the official repository of The Exploit Database, a project sponsored by Offensive Security.
The Exploit Database is an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Its aim is to serve as the most comprehensive collection of exploits gathered through direct submissions, mailing lists, and other public sources, and present them in a freely-available and easy-to-navigate database. The Exploit Database is a repository for exploits and proof-of-concepts rather than advisories, making it a valuable resource for those who need actionable data right away.
This repository is updated daily with the most recently added submissions. Any additional resources can be found in our binary sploits repository.
Included with this repository is the searchsploit utility, which will allow you to search through the exploits using one or more terms. For more information, please see the SearchSploit manual.
root@kali:~# searchsploit -h
Usage: searchsploit [options] term1 [term2] ... [termN]
==========
Examples
==========
searchsploit afd windows local
searchsploit -t oracle windows
searchsploit -p 39446
searchsploit linux kernel 3.2 --exclude="(PoC)|/dos/"
For more examples, see the manual: https://www.exploit-db.com/searchsploit/
=========
Options
=========
-c, --case [Term] Perform a case-sensitive search (Default is inSEnsITiVe).
-e, --exact [Term] Perform an EXACT match on exploit title (Default is AND) [Implies "-t"].
-h, --help Show this help screen.
-j, --json [Term] Show result in JSON format.
-m, --mirror [EDB-ID] Mirror (aka copies) an exploit to the current working directory.
-o, --overflow [Term] Exploit titles are allowed to overflow their columns.
-p, --path [EDB-ID] Show the full path to an exploit (and also copies the path to the clipboard if possible).
-t, --title [Term] Search JUST the exploit title (Default is title AND the file's path).
-u, --update Check for and install any exploitdb package updates (deb or git).
-w, --www [Term] Show URLs to Exploit-DB.com rather than the local path.
-x, --examine [EDB-ID] Examine (aka opens) the exploit using $PAGER.
--colour Disable colour highlighting in search results.
--id Display the EDB-ID value rather than local path.
--nmap [file.xml] Checks all results in Nmap's XML output with service version (e.g.: nmap -sV -oX file.xml).
Use "-v" (verbose) to try even more combinations
--exclude="term" Remove values from results. By using "|" to separated you can chain multiple values.
e.g. --exclude="term1|term2|term3".
=======
Notes
=======
* You can use any number of search terms.
* Search terms are not case-sensitive (by default), and ordering is irrelevant.
* Use '-c' if you wish to reduce results by case-sensitive searching.
* And/Or '-e' if you wish to filter results by using an exact match.
* Use '-t' to exclude the file's path to filter the search results.
* Remove false positives (especially when searching using numbers - i.e. versions).
* When updating or displaying help, search terms will be ignored.
root@kali:~#
root@kali:~# searchsploit afd windows local
---------------------------------------------------------------------------------------- -----------------------------------
Exploit Title | Path
| (/usr/share/exploitdb/platforms/)
---------------------------------------------------------------------------------------- -----------------------------------
Microsoft Windows (x86) - 'afd.sys' Privilege Escalation (MS11-046) | win_x86/local/40564.c
Microsoft Windows - 'AfdJoinLeaf' Privilege Escalation (MS11-080) (Metasploit) | windows/local/21844.rb
Microsoft Windows - 'afd.sys' Local Kernel Exploit (PoC) (MS11-046) | windows/dos/18755.c
Microsoft Windows 7 (x64) - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040) | win_x86-64/local/39525.py
Microsoft Windows 7 (x86) - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040) | win_x86/local/39446.py
Microsoft Windows XP - 'afd.sys' Local Kernel Denial of Service | windows/dos/17133.c
Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (K-plugin) (MS08-066) | windows/local/6757.txt
Microsoft Windows XP/2003 - 'afd.sys' Privilege Escalation (MS11-080) | windows/local/18176.py
---------------------------------------------------------------------------------------- -----------------------------------
root@kali:~#
root@kali:~# searchsploit -p 39446
Exploit: Microsoft Windows 7 (x86) - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040)
URL: https://www.exploit-db.com/exploits/39446/
Path: /usr/share/exploitdb/platforms/win_x86/local/39446.py
Copied EDB-ID 39446's path to the clipboard.
root@kali:~#
SearchSploit requires either "CoreUtils" or "utilities" (e.g. bash, sed, grep, awk, etc.) for the core features to work. The self updating function will require git, and the Nmap XML option to work, will require xmllint (found in the libxml2-utils package in Debian-based systems).