VUPEN Security - Private Exploits and PoCs Service

	Contact \| Site en Français

Exploits & PoC Codes

For Security Professionals

For Security Vendors

Partner Program

Receive More Information

>> Latest Private Exploits Released by VUPEN

This page lists the latest private exploit and proof-of-concept (PoC) codes released by VUPEN. These security testing tools, available as part of the VUPEN Security Exploits & PoCs Service, enable security vendors (antivirus, IDS, or IPS providers) to proactively detect and protect against potential or real threats (defense), and allow security professionnals to regularly perform penetration testing and identify the latest vulnerabilities (offense).

Because of the sensitive nature of the information provided through this service, VUPEN Security has defined eligibility criteria for participants. VUPEN Security solely reserves the right to determine whether an organization or corporation meets the criteria.

For more information, contact our sales department.

VLC Media Player "ReadRealIndex()" Integer Overflow PoC Exploit This code demonstrates an integer overflow vulnerability in the "ReadRealIndex()" function in VLC Media Player when processing a malformed RealMedia (.rm) file.	CVE-2008-5276

Cain & Abel RDP File Processing Buffer Overflow Exploit This exploit takes advantage of a buffer overflow error in Cain & Abel when processing a RDP (Remote Desktop Protocol) file containing overly long data.	CVE-NOMATCH

Amaya ID Attribute Buffer Overflow Remote Code Execution Exploit This remote code execution exploit takes advantage of a buffer overflow vulnerability in the W3 Amaya browser when processing a specially crafted HTML "id" attribute.	CVE-NOMATCH

ffdshow URL Processing Buffer Overflow Remote Code Execution Exploit This remote code execution exploit takes advantage of a buffer overflow vulnerability in ffdshow when processing overly long URLs. K-Lite Codec Pack and Microsoft Windows Media Player are used as the attack vector.	CVE-NOMATCH

Mozilla Firefox HTTP Index Response Code Execution Exploit (MFSA 2008-54) This remote code execution exploit takes advantage of a NULL pointer dereference vulnerability in Mozilla Firefox leading to a 4-byte write of 0xFFFFFFFF to an arbitrary location.	CVE-2008-0017

Opera Browser "file://" URI Handling Buffer Overflow Exploit This reliable exploit takes advantage of a heap overflow vulnerability in Opera when processing an HTML file containing an overly long "file://" URI.	CVE-NOMATCH

1 2 3 4 5 6 7 8