FormatFactory versions 3.0.1 and below suffer from a profile file handling buffer overflow vulnerability.
0c29efe3ead46ec1b8b8b18717562e87540d38612b3cbe97b146a01d6a7a66c6
Zoner Photo Studio version 15 build 3 (Zps.exe) registry value parsing local buffer overflow exploit.
c53242a37889f34cff9f519a6c111241471f745688fa36be001c3be8eb171446
Zoner Photo Studio 15 builds 2 and 3 suffer from a stack-based buffer overflow vulnerability. Full proof of concept code included.
562915b74a8fedb12889e09ea4190964fe550f41396e218b3d54305d5f1f93d6
A local buffer overflow vulnerability has been found on the NCMedia Sound Editor Pro version 7.5.1. The application saves the paths for all recently used files in a file called "MRUList201202.dat" in the directory %appdata%\Sound Editor Pro\. When clicking on the "File" menu item the application reads the contents of the file, but does not validate the length of the string loaded from the file before passing it to a buffer, which leads to a stack-based buffer overflow.
a1f0e2a2be8b3403de464902a0d925d7567541a522d8d12be77fb9410aac9104
NCMedia Sound Editor Pro version 7.5.1 suffers from a MRUList201202.dat file handling buffer overflow vulnerability.
622be827ae2f496adf9292ac657f311604c6fcd62f590a02bc8c7745d6858de5
Aoop CMS version 0.3.6 suffers from cross site scripting and remote SQL injection vulnerabilities.
7e543732ca411d58df4bf7efa3788a00659b4a6763765dbc770b4af139d338a7
This Metasploit module exploits a stack-based buffer overflow in Photodex ProShow Producer version 5.0.3256 in the handling of the plugins load list file. An attacker must send the crafted "load" file to victim, who must store it in the installation directory. The vulnerability will be triggered the next time ProShow is opened. The module has been tested successfully on Windows XP SP3 and Windows 7 SP1.
bf2514d474a7b08d3b8119c8f11509c92a1414014f2de791e9a5e94b2b9e0c03
Photodex ProShow Producer version 5.0.3256 suffers from a local buffer overflow vulnerability.
0b8b05ed7b3f945e79239735409a386a1787e080be042c09324706c888d700e7
Astaro Security Gateway suffers from a backup related cross site scripting vulnerability. Version 8.304 is affected.
30eadf9f0efee1d3942c913ec214043f8d8064e76bff3708ef9b6013b88ed5e6
LAN Messenger versions 1.2.28 and below suffer from a remote denial of service vulnerability.
eff6948e4801547fe1cfebd1aacccadc027fc700ffd47ae47741cd482302bb51
C4B XPhone UC Web version 4.1.890S R1 suffers from a cross site scripting vulnerability.
1b8cac9e10cd2aec0e9e56a8d8f7b493da9bc789c084cd43c73042d53a980ead
Crystal Office Suite version 1.43 suffers from a buffer overflow vulnerability.
00e9187291df1055fbc476956aad1c96f69a0d2299d6723bf0c988d16d578cdf
AnvSoft Any Video Converter version 4.3.6 suffers from multiple buffer overflow vulnerabilities.
173e934c2251243689357b86b7685fd1bf71a5232e53c4f7f5e1a3d1ac924079
BulletProof FTP Client 2010 suffers from a buffer overflow vulnerability.
da2f4783654c5380123c4e604cf4c7e32cbe8268b49ea2738f7e9f1687be93d8
Bitsmith PS Knowbase version 3.2.3 suffers from a buffer overflow vulnerability.
ff8b475b068dda8ae047b8fac7df7397a76692e21be2a9c19f5a7db55247df62
This Metasploit module exploits a vulnerability found in Ricoh DC's DL-10 SR10 FTP service. By supplying a long string of data to the USER command, it is possible to trigger a stack-based buffer overflow, which allows remote code execution under the context of the user. Please note that in order to trigger the vulnerability, the server must be configured with a log file name (by default, it's disabled).
2e39652db0079e5ca51125d0179fc236f418207928058994109116189eadb542
Ricoh DC Software DL-10 FTP server (SR10.exe) versions 1.1.0.6 and below remote buffer overflow proof of concept exploit that sends a malformed request.
e13e1ecd389948511c8683234485d24ca0d9825e618486eaf3a184e64db4cf90
Pitrinec MacroToolworks version 7.5 suffers from a buffer overflow vulnerability.
d49a142622e868df3c34d8b8c8ab710381a4ee9cf3d94ae64b06cd5021209ddb
Enterasys SecureStack Switch version 6.x suffers from multiple cross site scripting vulnerabilities.
780aef06e36039bb7d2830730651f06018461ad1dfda9c5cdd589170a78ff75f
Ilient SysAid version 8.5.05 suffers from multiple cross site scripting vulnerabilities.
0ea62b4681e5c78413e9b1f6f7b30fcfb63724d1e147ed96c22f8a237c64eab2
Socusoft Photo 2 Video version 8.05 suffers from a buffer overflow vulnerability.
ec0e7d80300a84c40d226a2e9521bc1913c77ea22caf5e0a89c1471ddcca54d6
DAMN Hash Calculator version 1.5.1 local heap overflow proof of concept exploit.
0a07425a5cb63b5c8cdabd7b39c0cd2a1863c4b2e2e5946de069c4370473370e
GPSMapEdit version 1.1.73.2 suffers from a denial of service vulnerability.
bc6c29d9492d5d11092e5dd3773f451c46997514a84060f7f85c719213a671ea