VARIoT IoT exploits database
| VAR-E-201103-0086 |
CVE-2011-1567 CVE-2011-1566 CVE-2011-1568 CVE-2011-1565 |
7-Technologies IGSS 9 - IGSSdataServer .Rms Rename Buffer Overflow (Metasploit) - Windows remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201104-0292, VAR-201104-0289, VAR-201104-0291, VAR-201104-0290 | EDB ID: 17374 |
7-Technologies IGSS 9 - IGSSdataServer .Rms Rename Buffer Overflow (Metasploit). CVE-2011-1567CVE-72352 . remote exploit for Windows platform
| VAR-E-201103-0088 |
CVE-2011-1567 CVE-2011-1566 CVE-2011-1568 CVE-2011-1565 |
7-Technologies IGSS 9.00.00 b11063 - 'IGSSdataServer.exe' Remote Stack Overflow (Metasploit) - Windows remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201104-0292, VAR-201104-0289, VAR-201104-0291, VAR-201104-0290 | EDB ID: 17300 |
7-Technologies IGSS 9.00.00 b11063 - 'IGSSdataServer.exe' Remote Stack Overflow (Metasploit). CVE-2011-1567 . remote exploit for Windows platform
| VAR-E-201103-0089 |
CVE-2011-1565 CVE-2011-1566 CVE-2011-1567 CVE-2011-1568 |
7-Technologies IGSS 9.00.00.11059 - Multiple Vulnerabilities - Windows remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201104-0292, VAR-201104-0289, VAR-201104-0291, VAR-201104-0290 | EDB ID: 17024 |
7-Technologies IGSS 9.00.00.11059 - Multiple Vulnerabilities. CVE-2011-1568CVE-2011-1567CVE-2011-1566CVE-2011-1565CVE-72354CVE-72353CVE-72352CVE-72351CVE-72350CVE-72349 . remote exploit for Windows platform
| VAR-E-201103-0686 |
CVE-2011-1564 CVE-2011-1563 |
DATAC RealWin - Multiple Vulnerabilities - Windows dos Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201104-0287, VAR-201104-0288 | EDB ID: 17025 |
DATAC RealWin - Multiple Vulnerabilities. CVE-2011-1564CVE-72827CVE-2011-1563 . dos exploit for Windows platform
| VAR-E-201103-0504 | No CVE | Siemens Tecnomatix FactoryLink Multiple Security Vulnerabilities | No EDB ID |
Siemens Tecnomatix FactoryLink is prone to multiple security vulnerabilities, including buffer-overflow issues, a memory-corruption issue, information-disclosure issues, and denial-of-service issues.
Attackers can leverage these issues to obtain sensitive information, run arbitrary code, or cause a denial of service. Other attacks may also be possible.
Siemens Tecnomatix FactoryLink 8.0.1.1473 is vulnerable; other versions may also be affected.
| VAR-E-201103-0416 | No CVE | Iconics GENESIS32 and GENESIS64 Multiple Security Vulnerabilities | No EDB ID |
Iconics GENESIS32 and GENESIS64 are prone to multiple security vulnerabilities including multiple memory-corruption vulnerabilities and multiple integer-overflow vulnerabilities because they fail to properly validate user-supplied input.
Successful exploits may allow the attacker to execute arbitrary code in the context of the application. Failed exploit attempts will likely result in denial-of-service conditions.
The following versions are vulnerable; other versions may also be affected:
GENESIS32 9.21
GENESIS64 10.51
| VAR-E-201103-0485 | No CVE | SAP Crystal Reports 2008 Cross Site Scripting | No EDB ID |
Multiple cross site scripting vulnerabilities have been discovered in the PerformanceManagement application module in SAP Crystal Reports Server 2008.
| VAR-E-201103-0487 | No CVE | ABBS Electronic Flash Cards 2.1 Buffer Overflow | No EDB ID |
ABBS Electronic Flash Cards version 2.1 buffer overflow exploit.
| VAR-E-201103-0597 |
CVE-2011-2963 |
Progea Movicon 11 - 'TCPUploadServer' Remote File System - Windows remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201107-0263 | EDB ID: 17034 |
Progea Movicon 11 - 'TCPUploadServer' Remote File System. CVE-78614CVE-2011-2963CVE-72888 . remote exploit for Windows platform
| VAR-E-201103-0229 | No CVE | ABBS Audio Media Player - '.m3u' / '.LST' Local Buffer Overflow - Windows local Exploit | EDB ID: 16971 |
ABBS Audio Media Player - '.m3u' / '.LST' Local Buffer Overflow. CVE-75096 . local exploit for Windows platform
| VAR-E-201103-0223 | No CVE | ABBS Electronic Flash Cards 2.1 - '.fcd' Local Buffer Overflow - Windows local Exploit | EDB ID: 16977 |
ABBS Electronic Flash Cards 2.1 - '.fcd' Local Buffer Overflow.. local exploit for Windows platform
| VAR-E-201103-0128 | No CVE | ABBS Audio Media Player 3.0 - '.lst' Local Buffer Overflow (SEH) - Windows local Exploit | EDB ID: 16976 |
ABBS Audio Media Player 3.0 - '.lst' Local Buffer Overflow (SEH).. local exploit for Windows platform
| VAR-E-201103-0632 | No CVE | Trend Micro WebReputation API 10.5 - URI SecURIty Bypass - Multiple remote Exploit | EDB ID: 35464 |
Trend Micro WebReputation API 10.5 - URI SecURIty Bypass.. remote exploit for Multiple platform
| VAR-E-201103-0599 |
CVE-2011-5154 |
SAP GUI DLL Loading Arbitrary Code Execution Vulnerability
Related entries in the VARIoT vulnerabilities database: VAR-201209-0611 | No EDB ID |
SAP GUI is prone to a vulnerability that lets attackers execute arbitrary code.
An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.
SAP GUI versions 6.4 through 7.2 are vulnerable; other versions may also be affected.
| VAR-E-201103-0867 |
CVE-2011-1290 |
WebKit Style Handling Memory Corruption Vulnerability
Related entries in the VARIoT vulnerabilities database: VAR-201103-0294 | No EDB ID |
WebKit is prone to a memory-corruption vulnerability.
An attacker can exploit this issue by enticing an unsuspecting victim to view a malicious webpage.
Successful exploits will allow attackers to execute arbitrary code in the context of the browser. Failed exploit attempts will result in a denial-of-service condition.
NOTE: This issue was previously discussed in BID 46833 (Blackberry Browser Multiple Unspecified Information Disclosure and Integer Overflow Vulnerabilities), but has been given its own record to better document it.
| VAR-E-201103-0456 |
CVE-2011-3142 |
KingView 6.5.3 SCADA - ActiveX - Windows remote Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201108-0127 | EDB ID: 16936 |
KingView 6.5.3 SCADA - ActiveX. CVE-72889CVE-2011-3142 . remote exploit for Windows platform
| VAR-E-201103-0495 |
CVE-2009-3249 |
vTiger CRM 5.0.4 - Local File Inclusion - PHP webapps Exploit
Related entries in the VARIoT vulnerabilities database: VAR-200909-0479 | EDB ID: 16280 |
vTiger CRM 5.0.4 - Local File Inclusion. CVE-2009-3249 . webapps exploit for PHP platform
| VAR-E-201102-0027 |
CVE-2011-0708 CVE-2013-2465 CVE-2012-0507 CVE-2011-4885 CVE-2011-5035 |
PHP 'Exif' Extension - 'exif_read_data()' Remote Denial of Service - Multiple dos Exploit
Related entries in the VARIoT vulnerabilities database: VAR-201112-0123, VAR-201306-0242 | EDB ID: 16261 |
PHP 'Exif' Extension - 'exif_read_data()' Remote Denial of Service. CVE-2011-0708 . dos exploit for Multiple platform
| VAR-E-201102-0516 | No CVE | Cisco Linksys WAG120N - Cross-Site Request Forgery - Hardware webapps Exploit | EDB ID: 16252 |
Cisco Linksys WAG120N - Cross-Site Request Forgery. CVE-71032 . webapps exploit for Hardware platform
| VAR-E-201102-0493 | No CVE | Pragyan CMS SQL Injection and PHP Code Execution Vulnerabilities | No EDB ID |
Pragyan CMS is prone to an SQL-injection vulnerability and a code-execution vulnerability because it fails to sufficiently sanitize user-supplied data.
Successfully exploiting these issues may allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, or execute arbitrary PHP code in the context of the application.
Pragyan CMS 3.0 rev 274 is vulnerable; other versions may be affected.