Vulnerabilities

On this page you can find vulnerabilities, security advisories, exploit codes and proof-of-concept codes discovered by the Zero Science Lab team.

- 2010 -

[06.09.2010] MySource Matrix 3.28.3 (height) Remote Reflected XSS Vulnerability

[01.09.2010] LEADTOOLS ActiveX Common Dialogs 16.5 Multiple Remote Vulnerabilities

[28.08.2010] LEADTOOLS ActiveX Raster Twain v16.5 (LtocxTwainu.dll) Remote Buffer Overflow PoC

[26.08.2010] Microsoft Visio 2010 v14.0.4514.1004 (dwmapi.dll) DLL Hijacking Exploit

[26.08.2010] Nullsoft Winamp 5.581 (wnaspi32.dll) DLL Hijacking Exploit

[26.08.2010] Microsoft Office PowerPoint 2007 v12.0.4518 (pp4x322.dll) DLL Hijacking Exploit

[26.08.2010] Media Player Classic 6.4.9.1 (iacenc.dll) DLL Hijacking Exploit

[26.08.2010] Google Earth v5.1.3535.3218 (quserex.dll) DLL Hijacking Exploit

[26.08.2010] Corel PHOTO-PAINT X3 v13.0.0.576 (crlrib.dll) DLL Hijacking Exploit

[26.08.2010] CorelDRAW X3 v13.0.0.576 (crlrib.dll) DLL Hijacking Exploit

[26.08.2010] Adobe ExtendedScript Toolkit CS5 v3.5.0.52 (dwmapi.dll) DLL Hijacking Exploit

[26.08.2010] Adobe Extension Manager CS5 v5.0.298 (dwmapi.dll) DLL Hijacking Exploit

[26.08.2010] Adobe Device Central CS5 v3.0.1.0 (dwmapi.dll) DLL Hijacking Exploit

[14.08.2010] Sports Accelerator Suite v2.0 (news_id) Remote SQL Injection Vulnerability

[13.08.2010] SmartCode ServerX VNC Server ActiveX 1.1.5.0 (scvncsrvx.dll) DoS Exploit

[04.08.2010] Team Johnlong RaidenTunes 2.1.1 Remote Cross-Site Scripting Vulnerability

[12.07.2010] Corel Presentations X5 15.0.0.357 (shw) Remote Buffer Preoccupation PoC

[12.07.2010] Corel WordPerfect Office X5 15.0.0.357 (wpd) Remote Buffer Preoccupation PoC

[02.07.2010] Xplico 0.5.7 (add.ctp) Remote XSS Vulnerability

[29.06.2010] Adobe Reader 9.3.2 (CoolType.dll) Remote Memory Corruption / DoS Vulnerability

[19.06.2010] UK One Media CMS (id) Error Based SQL Injection Vulnerability

[04.06.2010] Adobe InDesign CS3 INDD File Handling Buffer Overflow Vulnerability

[26.05.2010] Adobe Photoshop CS4 Extended 11.0 ABR File Handling Remote Buffer Overflow PoC

[26.05.2010] Adobe Photoshop CS4 Extended 11.0 GRD File Handling Remote Buffer Overflow PoC

[26.05.2010] Adobe Photoshop CS4 Extended 11.0 ASL File Handling Remote Buffer Overflow PoC

[11.05.2010] Adobe Shockwave Player 11.5.6.606 (DIR) Multiple Memory Vulnerabilities

[22.04.2010] EDraw Flowchart ActiveX Control 2.3 (EDImage.ocx) Remote DoS Exploit (IE)

[22.04.2010] EDraw Flowchart ActiveX Control 2.3 (.edd parsing) Remote Buffer Overflow PoC

[19.04.2010] AVTECH Software (AVC781Viewer.dll) ActiveX Multiple Remote Vulnerabilities

[11.04.2010] Aladdin eToken PKI Client v4.5 Virtual File Handling Unspecified Memory Corruption PoC

[05.03.2010] BS.Player v2.51 build 1022 (Media Library) Remote Buffer Overflow Vulnerability

[05.03.2010] VLC media player 1.0.5 Goldeneye (bookmarks) Remote Buffer Overflow PoC

[04.03.2010] J. River Media Jukebox 12 MP3 File Handling Remote Heap Overflow PoC

[03.03.2010] Deimos Kasa <= 2.58 (table) Local Integer Overflow Vulnerability

[27.02.2010] ExtCalendar 2.0 Beta 2 (upgrade.php) Remote XSS Vulnerability

[22.02.2010] Nero Burning ROM 9 (iso compilation) Local Buffer Invasion Proof Of Concept

[22.02.2010] WampServer 2.0i (index.php) Remote Cross Site Scripting Vulnerability

[22.02.2010] CableTEL's Triple Play v1.0 (login.php) Remote Login Bypass SQL Injection Vuln

- 2009 -

[01.08.2009] Google SketchUp Pro 7.0 (.skp file) Remote Stack Overflow PoC

[30.07.2009] Epiri Professional Web Browser 3.0 Remote Crash Exploit

[16.07.2009] Music Tag Editor 1.61 build 212 Remote Buffer Overflow PoC

[16.07.2009] Zortam MP3 Player 1.50 (m3u) Integer Division by Zero Exploit

[16.07.2009] Zortam MP3 Media Studio 9.40 Multiple Memory Corruption Vulnerabilities

[16.07.2009] Zortam ID3 Tag Editor 5.0 Remote Stack Overflow Vulnerability

[16.07.2009] Audio Editor Pro 2.91 Remote Memory Corruption PoC

[10.07.2009] eEye Retina WiFi Security Scanner 1.0 (.rws Parsing) Buffer Overflow PoC

[16.06.2009] Carom3D 5.06 Unicode Buffer Overrun/DoS Vulnerability

[01.06.2009] Mp3 Tag Assistant Pro 2.92 (tag metadata) Remote Stack Overflow PoC

[29.05.2009] AIMP 2.51 build 330 (ID3v1/ID3v2 Tag) Remote Stack Buffer Overflow PoC (SEH)

[08.05.2009] ViPlay3 <= 3.00 (.vpl) Local Stack Overflow PoC

[06.04.2009] Unsniff Network Analyzer 1.0 (usnf) Local Heap Overflow PoC

[01.04.2009] QtWeb Internet Browser 2.0 (build 043) Remote Denial of Service Exploit (smile)

[29.03.2009] PowerCHM 5.7 (hhp) Local Buffer Overflow Exploit

[17.03.2009] Talkative IRC 0.4.4.16 Remote Stack Overflow Exploit (SEH)

[12.03.2009] JDKChat v1.5 Remote Integer Overflow PoC

[20.02.2009] Got All Media 7.0.0.3 (t00t) Remote Denial of Service Exploit

[04.02.2009] BlazeVideo HDTV Player <= 3.5 PLF Playlist File Remote Buffer Overflow Exploit

[30.01.2009] Amaya Web Editor 11 Remote SEH Overwrite Exploit

[26.01.2009] WFTPD Pro Server 3.30.0.1 (pre auth) Multiple Remote Denial of Service Vulnerabilities

[22.01.2009] FTPShell Server 4.3 (licence key) Remote Buffer Overflow PoC

- 2008 -

[24.11.2008] Nero ShowTime 5.0.15.0 m3u Playlist File Remote Buffer Overflow PoC

[24.10.2008] KVIrc 3.4.0 Virgo Remote Format String Exploit PoC

[14.10.2008] Eserv 3.x FTP Server (ABOR) Remote Stack Overflow PoC

[03.10.2008] VBA32 Personal Antivirus 3.12.8.x (malformed archive) DoS Exploit

[17.09.2008] Femitter FTP Server 1.03 (RETR) Remote Denial of Service Exploit PoC

[11.09.2008] Maxthon Browser 2.1.4.443 UNICODE Remote Denial of Service PoC

[08.09.2008] SeaMonkey 1.1.11 Remote Denial of Service Exploit PoC

[06.09.2008] Flock Social Web Browser 1.2.5 (loop) Remote Denial of Service Exploit

[04.09.2008] Google Chrome Browser 0.2.149.27 Denial of Service Exploit

[18.08.2008] Linux/x86 setuid(0) . setgid(0) . aslr_off 79 Bytes Shellcode

[18.08.2008] VUPlayer 2.49 M3U Playlist File Remote Buffer Overflow Exploit

[10.08.2008] BlazeDVD 5.0 PLF Playlist File Remote Buffer Overflow Exploit

[02.07.2008] CyberLink PowerDVD <= 8.0 Crafted PLS/M3U Playlist File BoF Vulnerability