There is a heap overflow in daeElement::setElementName() method, where a fixed size heap-allocated buffer is used to copy the name of an arbitrary element. By setting the name of the element to something larger, the buffer overflows.
The PowerPointViewer.ocx version 3.1.0.3 is vulnerable to multiple methods denial of service. The vulnerable methods are DoOleCommand, FTPDownloadFile, FTPUploadFile, HttpUploadFile, Save, and SaveWebFile.
Input passed to the 'wpPATH' parameter in wordtube-button.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources.
Due to improper access restriction the ADH-Web device allows a remote attacker to browse and access arbitrary files from the '/hdd0/logs' directory. It is also possible to gather important information via the 'variable.cgi' script.
This exploit allows an attacker to create a buffer overflow in Total Commander 8.52. By executing a specially crafted python script, the attacker can create a file that triggers the buffer overflow when certain actions are performed in Total Commander. This can lead to remote code execution or denial of service.
This exploit targets the Wireshark version 1.12.7 and performs a division by zero denial of service attack. The exploit author is spyk, with contact email spyk[dot]developpeur[at]gmail[dot]com. The exploit has been tested on Windows 7.
Winamp MP4's plugin fails to handle exceptional conditions, which can lead to code execution. However exploitation is hard, firstly because of the return address. This code exploits a call [eax], and it might be complicated to find a correct return address. Moreover, the bug doesn't always appear. I think one attempt out of 2 will success. I'm still working on it...
A vulnerability within the ndvbs module allows an attacker to inject memory they control into an arbitrary location they define. This vulnerability can be used to overwrite function pointers in HalDispatchTable resulting in an elevation of privilege.
This exploit takes advantage of a buffer overflow vulnerability in IKEView R60 to execute arbitrary code. By creating a specially crafted file and opening it with IKEView.exe, an attacker can trigger the overflow and open a bind tcp port at port 4444. The exploit has been tested on Windows XP Service Pack 2.
This exploit targets the 3Proxy tiny free proxy server version 0.5.3g on Linux. The vulnerability is found in the logurl() function in proxy.c, where a buffer overflow can occur if the 'Host: [FILLER]' string exceeds the buffer boundary. By crafting a specific payload consisting of [NOPS][SHELLCODE][RETADDR], an attacker can execute arbitrary code on the target system.