Luigi Auriemma

me@aluigi.org [PGP]


News QuickBMS Research MyToolz Advisories Proof-of-concepts Fake players bug Patches Password recovery MyMusic TestingToolz About... RSS feeds
aluigi.org zenhax old forum mirror   Twitter LinkedIn
ADVISORIES

The complete archive of my advisories about software security vulnerabilities found by me.
All the advisories include the steps for replicating the vulnerabilities or links to the proof-of-concept.
- ZIP archive containing all the security advisories.
- PDF of the vulnerabilities in multiplayer games till 2012 (last update 02 May 2020).
- PDF of the vulnerabilities in HMI/SCADA and industrial software between 2010 and 2012 (last update 16 Oct 2020).


Directory traversal in TheBrain 11.0.127.0 (no tag)
17 Oct 2020:  slides

Exploiting Steam Lobbies and Matchmaking (game)
18 Sep 2014:  paper

Steam Service Security (game)
10 Jul 2014:  paper

Steam Voip Security (game)
04 Jul 2014:  paper

Overview of multiple vulnerabilities in Samsung SmartTV (tv)
26 Mar 2014:  slides

Miracast Wi-Fi backdoor in Philips SmartTV (6/7/8/9xxx) (tv)
26 Mar 2014:  slides - video

Buffer-overflow in IntegraXor 4.1.4380 (SCADA)
17 Jan 2014:  slides

DLL injection in NVIDIA mental ray (raysat) 3.11.1.10
10 Dec 2013:  paper - info

Exploitable update system in Playtech (poker)
10 Apr 2013:  paper

Exploitable update system in Microgaming (poker)
10 Apr 2013:  paper

Exploitable update system in B3W (poker)
10 Apr 2013:  paper

Integer Overflow in Nexuiz (game)
20 May 2013:  paper

Multiple vulnerabilities in CryEngine 3 (game)
20 May 2013:  paper - info

Multiple vulnerabilities in idTech 4 (idBitMsg::ReadData) (game)
20 May 2013:  paper - info

Buffer-overflow in Quake 4 (GetInfo) (game)
20 May 2013:  paper

Endless loop in Brink (game)
20 May 2013:  paper - info

Multiple vulnerabilities in Sanctum (game)
20 May 2013:  paper

OutOfMemory in The Haunted: Hells Reach (game)
20 May 2013:  paper

Multiple vulnerabilities in Homefront (game)
20 May 2013:  paper

Array Overflow in Monday Night Combat (game)
20 May 2013:  paper

Multiple vulnerabilities in Breach (game)
20 May 2013:  paper

EA Origin URL arguments injection (game)
22 Mar 2013:  paper

Battlefield Play4Free Arguments Injection (Plugin 1.0.80.2, Game 1.52.245751.0) (game)
22 Mar 2013:  paper

RealNetworks RealPlayer RV20 Frame Size Array Remote Code Execution Vulnerability (media)
19 Nov 2012:  zdi-12-187

Call of Duty: Modern Warfare 3 NULL pointer dereference (game)
13 Nov 2012:  paper

Steam Browser Protocol Insecurity (when local bugs go remote) (game)
16 Oct 2012:  paper

Desura local privilege escaltion (game)
20 Oct 2012:  adv - desurasvc

EMC NetWorker nsrd format string (enterprise)
30 Aug 2012:  adv - nsrd_1

HP iNode Management Center iNodeMngChecker.exe Remote Code Execution Vulnerability (enterprise)
22 Aug 2012:  zdi-12-163 - adv? - ?

Apple QuickTime Invalid Public Movie Atom Remote Code Execution Vulnerability (media)
17 Aug 2012:  zdi-12-136 - quicktime_?

Apple QuickTime Player MP4A Uninitialized Pointer Remote Code Execution Vulnerability (media)
03 Aug 2012:  zdi-12-130 - quicktime_?

Vulnerabilities in HP OpenView Performance Agent coda.exe (enterprise)
12 Jul 2012:  zdi-12-114 - zdi-12-115 - adv - adv - coda_*

Directory traversal in SpecView 2.5 build 853 (SCADA)
29 Jun 2012:  adv - specview_1

Unexploitable stack overflow in PowerNet Twin Client 8.9 (SCADA?)
29 Jun 2012:  adv - powernet_1

Apple Quicktime Dataref URI Buffer Remote Code Execution Vulnerability (media)
27 Jun 2012:  zdi-12-103 - quicktime_*

Vulnerabilities in Winlog 2.07.16 (and partially 2.07.17) (SCADA)
26 Jun 2012:  adv - winlog_2

HP OpenView Performance Manager PMParamHandler Remote Code Execution Vulnerability (enterprise)
21 Jun 2012:  zdi-12-100 - adv - hpperman_1

NULL pointer in Samsung AllShare 2.1.1.0 (streaming)
18 Jun 2012:  adv - allshare_1

Vulnerabilities in Quicktime (media)
06 Jun 2012:  zdi-12-075 - zdi-12-079 - quicktime_*

Vulnerabilities in RealPlayer (media)
06 Jun 2012:  zdi-12-084 - zdi-12-085 - zdi-12-086 - zdi-12-087 - real_*

Vulnerabilities in Pro-face Pro-Server EX 1.30 (SCADA)
13 May 2012:  adv - proservrex_1

Resources consumption or Denial of Service in Wonderware SuiteLink (SCADA)
11 May 2012:  adv - suitelink_1

Vulnerabilities in QNX phrelay/phindows/phditto (SCADA???)
10 May 2012:  adv - qnxph_1

Endless loop in Samsung NET-i ware 1.37 (no tag)
21 Apr 2012:  adv - netiware_1

Vulnerabilities in Samsung TV (remote controller protocol) (tv)
19 Apr 2012:  adv - poc - samsux_1

Denial of Service vulnerabilities in EMC IRM Server 4.6.1.1995 (enterprise)
10 Apr 2012:  adv - poc - irm_1

Apple Quicktime PNG Depth Decoding Remote Code Execution Vulnerability (media)
09 Apr 2012:  zdi-12-058 - quicktime_?

Denial of Service in EMC Data Protection Advisor 5.8.1 (enterprise)
29 Mar 2012:  adv - dpa_1

FlexNet License Server Manager lmgrd Remote Code Execution Vulnerability (enterprise)
26 Mar 2012:  adv - zdi-12-052 - lmgrd_1

Vulnerabilities in RealPlayer (media)
22 Mar 2012:  zdi-12-048 - zdi-12-049 - zdi-12-051 - realplayer_*

Vulnerabilities in Novell ZENworks Configuration Management (enterprise)
21 Mar 2012:  info - id975 - id974 - id973 - adv - adv - adv - adv - adv - adv - zenworks_*

Use-after-free in Microsoft Remote Desktop (ms12-020) (enterprise)
15 Mar 2012:  adv - leak_info - zdi-12-044 - ms - termdd_1

Vulnerabilities in GE iFix Profiy Historian (SCADA)
13 Mar 2012:  info - zdi-12-133 - adv - ifix_2

Vulnerabilities in GE Real-Time Information Portal (SCADA)
13 Mar 2012:  info - info - zdi-12-148 - adv - rtip_1

Directory traversal in Sockso 1.5 (streaming)
14 Mar 2012:  adv - sockso_1

Vulnerabilities in Presto! PageManager 9.01 (no tag)
14 Mar 2012:  adv - pagemanager_1

Denial of Service in Epson EventManager 2.50 (no tag)
14 Mar 2012:  adv - eeventmanager_1

Arbitrary files downloading in TVersity 1.9.7 (streaming)
14 Mar 2012:  adv - tversity_1

Directory traversal in NetDecision 4.6.1 (enterprise)
07 Mar 2012:  adv - netdecision_1

Vulnerabilities in xArrow 3.2 (SCADA)
02 Mar 2012:  adv - poc - xarrow_1

File vulnerability in Beckhoff TwinCAT (SCADA)
02 Mar 2012:  adv - twincat_2

Adobe Shockwave iml32.dll DEMX Remote Code Execution Vulnerability (media)
01 Mar 2012:  zdi-12-041 - shockwave_*

ABB WebWare RobNetScanHost.exe Remote Code Execution Vulnerability (SCADA)
22 Feb 2012:  zdi-12-033 - adv - abb_1

Heap corruption in Unity 3d Web Player 3.2.0.61061 (game)
21 Feb 2012:  adv - unity3d_1

Vulnerabilities in Buzz (build 1458) (media)
20 Feb 2012:  adv - buzz_1

Vulnerabilities in Psycle 1.10.0 (media)
18 Feb 2012:  adv - psycle_1

Arbitrary memory corruption in Novell GroupWise Messenger 2.1.0 (enterprise)
16 Feb 2012:  adv - nmma_3

Memory corruption in Novell GroupWise Messenger 2.1.0 (enterprise)
16 Feb 2012:  adv - nmma_1

Unicode stack overflow in Novell GroupWise Messenger client 2.1.0 (enterprise)
16 Feb 2012:  adv - nim_1

Vulnerabilities in XnView 1.98.5 (media)
16 Feb 2012:  adv - xnview_1

Vulnerabilities in R4 1.25 (no tag)
09 Feb 2012:  adv - r4_1

Vulnerabilities in R2 1.65 (no tag)
09 Feb 2012:  adv - r2_1

Vulnerabilities in RealPlayer (media)
07 Feb 2012:  info - real_*

Vulnerabilities in Quicktime (media)
03 Feb 2012:  info - quicktime_*

Two Denials of Service in Rockwell RNADiagReceiver 2.40.0.12 (SCADA)
17 Jan 2012:  adv - rnadiagreceiver_1

Directory traversal in NeoAxis Web Player 1.4 (game)
15 Jan 2012:  adv - neoaxis_1

Vulnerabilities in ExpressView Browser Plug-in (MrSID) 6.5 (no tag)
11 Jan 2012:  adv - expressview_1

Arbitrary NULL byte writing in SumatraPDF 1.9 (no tag)
09 Jan 2012:  adv - poc - sumatrapdf_1

Apple Quicktime JPEG2000 COD and RLE BGRA Decoding Remote Code Execution Vulnerability (media)
05 Jan 2012:  zdi-12-004 - zdi-12-005 - quicktime_*

WellinTech KingView HistoryServer.exe Opcode 3 Parsing Remote Code Execution Vulnerability (SCADA)
22 Dec 2011:  zdi-11-351 - adv - kingview_1

Adobe Shockwave NPAPI Plug-in Drag and Drop Remote Code Execution Vulnerability (media)
17 Dec 2011:  zdi-11-349 - shockwave_*

Microsoft OLE CPropertyStorage::ReadMultiple Variant Type Confusion Vulnerability (ms11-093) (enterprise)
13 Dec 2011:  adv - poc - ms - id966 - ole32_1

TrendMicro Control Manager CmdProcessor.exe AddTask Remote Code Execution Vulnerability (enterprise)
07 Dec 2011:  zdi-11-345 - adv - tmcm_2

Apple Quicktime Font Table Signed Length Remote Code Execution Vulnerability (media)
07 Dec 2011:  zdi-11-340 - quicktime_*

RealNetworks RealPlayer mp4arender esds channel count Remote Code Execution Vulnerability (media)
07 Dec 2011:  zdi-11-343 - real_*

Vulnerabilities in Serv-U 11.1.0.3 (no tag)
03 Dec 2011:  adv - poc - poc - servu_1

Endless loop in CyberLink PowerDVD 11.0.0.2114 (no tag)
03 Dec 2011:  adv - powerdvd_1

Vulnerabilities in 3S CoDeSys 3.4 SP4 Patch 2 (SCADA)
29 Nov 2011:  adv - codesys_1

Use-after-free in Microsys PROMOTIC 8.1.4 (SCADA)
28 Nov 2011:  adv - promotic_3

Vulnerabilities in Siemens Automation License Manager (SCADA)
28 Nov 2011:  adv - poc - almsrvx_1

Vulnerabilities in Siemens SIMATIC WinCC flexible 2008 SP2 (SCADA)
28 Nov 2011:  adv - winccflex_1

Vulnerabilities in Real Player 14.0.7 (media)
18 Nov 2011:  zdi-11-331 - zdi-11-332 - zdi-11-338 - real_*

InduSoft WebStudio vulnerabilities (SCADA)
16 Nov 2011:  zdi-11-329 - zdi-11-330 - adv? - adv - adv - adv - adv - indusoft_*

Denials of Service in Optima APIFTP Server 1.5.2.13 (SCADA)
13 Nov 2011:  adv - optimalog_1

Adobe Shockwave .w32 FLST Heap Buffer Overflow Vulnerability (media)
09 Nov 2011:  id961 - shockwave_?

GE Proficy Historian ihDataArchiver.exe Trusted Header Size Remote Code Execution Vulnerability (SCADA)
07 Nov 2011:  zdi-11-320 - adv - ifix_1

Vulnerabilities in HP Data Protector Media Operations 6.20 (enterprise)
03 Nov 2011:  adv - adv - hpdpmedia_1/2

Use-after-free in Excel for Office 2003 11.8335.8333 SP3 (enterprise)
two advisories but probably the same bug. no additional research, released as-is
03 Nov 2011:  adv - adv - excel_1/2

ActiveX bug in Microsys PROMOTIC 8.1.4 (SCADA)
30 Oct 2011:  adv - promotic_2

Vulnerabilities in Quicktime (media)
26 Oct 2011:  zdi-11-304 - zdi-11-311 - zdi-11-314 - quicktime_*

Novell/GroupWise Messenger Server Memory Disclosure Vulnerability (enterprise)
25 Oct 2011:  adv - nmma_2

Vulnerabilities in Novell ZenWorks Handheld Management (enterprise)
18 Oct 2011:  id954 - id953 - (search zenworks for the other adv) - zenworks_*

Vulnerabilities in Microsys PROMOTIC 8.1.4 (SCADA)
13 Oct 2011:  adv - promotic_1

Vulnerabilities in atvise webMI2ADS 1.0 (SCADA)
10 Oct 2011:  adv - webmi2ads_1

Use after free in IRAI AUTOMGEN 8.022 (SCADA)
10 Oct 2011:  adv - automgen_1

Denial of Service in OPC Systems.NET 4.00.0048 (SCADA)
10 Oct 2011:  adv - opcnet_1

Vulnerabilities in Cytel Studio 9 (no tag)
02 Oct 2011:  adv - cytel_1

Vulnerabilities in GenStat 14.1.0.5943 (no tag)
01 Oct 2011:  adv - genstat_1

Reference for a vulnerability in atvise server 2.0.0.3291 (SCADA)
30 Sep 2011:  adv - atvise_1

Arbitrary memory corruption in NCSS 07.1.21 (no tag)
28 Sep 2011:  adv - ncss_1

Vulnerabilities in PcVue 10 (SCADA)
27 Sep 2011:  adv - pcvue_1

Integer overflow in Sterling Trader 7.0.2 (finance)
25 Sep 2011:  adv - sterling_1

Vulnerabilities in Sunway ForceControl 6.1 sp3 (SCADA)
22 Sep 2011:  adv - forcecontrol_1

Vulnerabilities in EViews 7.2 (no tag)
19 Sep 2011:  adv - eviews_1

Vulnerabilities in MetaServer RT 3.2.1.450 (finance)
19 Sep 2011:  adv - metaserver_1

Code execution in MetaStock 11 (finance)
13 Sep 2011:  adv - poc - metastock_1

Vulnerabilities in eSignal 10.6.2425 (finance)
13 Sep 2011:  adv - poc - esignal_1

Multiple vulnerabilities in Cogent DataHub 7.1.1.63 (SCADA)
13 Sep 2011:  adv - adv - adv - adv - cogent_*

Stack overflow in DAQFactory 5.85 build 1853 (SCADA)
13 Sep 2011:  adv - daqfactory_1

Multiple vulnerabilities in Progea Movicon / PowerHMI 11.2.1085 (SCADA)
13 Sep 2011:  adv - adv - adv - movicon_*

Directory traversal in Carel PlantVisor 2.4.4 (SCADA)
13 Sep 2011:  adv - plantvisor_1

Heap overflow in Rockwell RSLogix 19 (FactoryTalk RnaUtility.dll) (SCADA)
13 Sep 2011:  adv - rslogix_1

Multiple vulnerabilities in Measuresoft ScadaPro 4.0.0 (SCADA)
13 Sep 2011:  adv - scadapro_1

Denial of Service in Beckhoff TwinCAT 2.11.0.2004 (SCADA)
13 Sep 2011:  adv - twincat_1

Vulnerabilities in BroadWin WebAccess Client 1.0.0.10 (SCADA)
02 Sep 2011:  adv - poc - bwocxrun_1

calloc integer overflow in MPlayer on Windows (media)
02 Sep 2011:  adv - mplayerwin_1

Limited directory traversal in CodeMeter 4.30c (no tag)
02 Sep 2011:  adv - codemeter_1

Multiple vulnerabilities in HP SiteScope 11.10 (enterprise)
26 Aug 2011:  adv - adv - sitescope_1/2

Multiple vulnerabilities in Symantec Veritas Storage Foundation (enterprise)
17 Aug 2011:  zdi-11-262 - zdi-11-263 - zdi-11-264 - adv - adv - adv - veritas_*

FlexNet License Server Manager Remote Code Execution Vulnerability (enterprise)
17 Aug 2011:  adv - zdi-11-272 - fnplm_1

Multiple vulnerabilities in RealPlayer 14.0.5 (media)
16 Aug 2011:  zdi-11-268 - cve - cve - cve - real_*

Upload directory traversal in Novell ZenWorks Asset Management 7.5 (enterprise)
16 Aug 2011:  adv - zenasset_1

Sybase Adaptive Server Backup and Monitor Server vulnerabilities (enterprise)
29 Jul 2011:  zdi-11-245 - zdi-11-246 - adv - adv - sybase_1/2

FlexNet License Server Manager lmadmin Remote Code Execution Vulnerability (enterprise)
28 Jul 2011:  adv - zdi-11-244 - fnplm_2

TrendMicro Control Manager CASProcessor.exe BLOB Remote Code Execution Vulnerability (enterprise)
12 Jul 2011:  zdi-11-235 - adv - tmcm_1

Integer overflow in foobar2000 1.1.7 (media)
03 Jul 2011:  adv - poc - foobar2000_1

HP iNode Management Center iNodeMngChecker.exe Remote Code Execution Vulnerability (enterprise)
01 Jul 2011:  zdi-11-232 - adv - inodemc_1

Multiple vulnerabilities in Apple QuickTime (media)
29 Jun 2011:  id927 - zdi-11-229 - zdi-11-230 - quicktime_2/5/7

in_midi multiple vulnerabilities in Winamp and Essentials Pack 5.61 (media)
27 Jun 2011:  adv - poc - winamp_3

Multiple vulnerabilities in Winamp 5.61 (media)
27 Jun 2011:  adv - poc - winamp_2

Arbitrary files deletion in HP OpenView Communication Broker (enterprise)
27 Jun 2011:  adv - ovbbccb_1

Upload directory traversal in Novell ZenWorks Handheld Management 7.0.2 (enterprise)
27 Jun 2011:  adv - zfhsrvr_1

Arbitrary files deletion in Novell File Reporter 1.0.4.2 (enterprise)
27 Jun 2011:  adv - nfr_2

Off-by-one in Sybase Advantage Server 10.0.0.3 (enterprise)
27 Jun 2011:  adv - sybase_4

bcksrvr format string in Sybase Adaptive Server 15.5 (enterprise)
27 Jun 2011:  adv - sybase_3

Stack overflow in Kart Racing Pro, GP Bikes and World Racing Series (game)
27 Jun 2011:  adv - piboso_1

NULL pointer in Shockvoice 0.9.5.2941 (game)
27 Jun 2011:  adv - shockvoice_1

NULL pointer in NVIDIA RealityServer 3.1.1 (no tag)
27 Jun 2011:  adv - realityserver_1

Some vulnerabilities in third parties servers for Minecraft (game)
27 Jun 2011:  adv - minecraft_like

Some vulnerabilities in Ubisoft Gaming Zone (aka GS4) (game)
27 Jun 2011:  adv - poc - gs4_1

Multiple vulnerabilities in Adobe Shockwave (media)
15 Jun 2011:  zdi-11-202 - zdi-11-203 - zdi-11-204 - zdi-11-205 - zdi-11-206 - zdi-11-207 - zdi-11-208 - zdi-11-209 - zdi-11-210 - zdi-11-212 - zdi-11-214 - zdi-11-216 - id919 - id920 - id921 - id922 - shockwave_*

NULL pointer in iMatix Xitami 5.0a0 (no tag)
04 Jun 2011:  adv - xitami_1

Sybase OneBridge Mobile Data Suite Format String Remore Code Execution Vulnerability (enterprise)
03 Jun 2011:  zdi-11-171 - adv - onebridge_1

HP 3COM/H3C Intelligent Management Center img recv Remote Code Execution Vulnerability (enterprise)
31 May 2011:  zdi-11-170 - adv - imc_4

Integer overflow in Quest NetVault SmartDisk 1.2.2 (enterprise)
28 May 2011:  adv - poc - percolator_1

Microsoft WINS Service Failed Response Memory Corruption Remote Code Execution Vulnerability (ms11-035) (enterprise)
10 May 2011:  adv - zdi-11-167 - ms - wins_1

Vulnerabilities in Quest Big Brother 4.40 (enterprise)
10 May 2011:  adv1 - adv2 - bbntd_1/2

Multiple vulnerabilities in HP 3COM/H3C Intelligent Management Center (enterprise)
10 May 2011:  zdi-11-160 - zdi-11-161 - zdi-11-162 - zdi-11-163 - zdi-11-164 - zdi-11-165 - zdi-11-166 - adv - adv - adv - adv - adv - adv - adv - imc_*

Sybase M-Business Anywhere agd.exe username Parameter Remote Code Execution Vulnerability (enterprise)
09 May 2011:  zdi-11-156 - adv - agd_1

Stack overflow in Microsoft HTML Help 6.1 (CHM files) (no tag)
12 Apr 2011:  adv - poc - chm_1

Vulnerabilities in Microsoft Reader 2.1.1.3143 / 2.6.1.7169 (no tag)
11 Apr 2011:  adv1 - adv2 - adv3 - adv4 - adv5 - msreader_1/5

DoS vulnerabilities in Microsoft Host Integration Server 2010 8.5.4224.0 (enterprise)
11 Apr 2011:  adv - snabase_1

Vulnerabilities in Siemens Tecnomatix FactoryLink 8.0.1.1473 (SCADA)
21 Mar 2011:  adv1 - adv2 - adv3 - adv4 - adv5 - adv6 - factorylink_1/6

Vulnerabilities in Iconics GENESIS32 9.21 and GENESIS64 10.51 (SCADA)
21 Mar 2011:  adv1 - adv2 - adv3 - adv4 - adv5 - adv6 - adv7 - adv8 - adv9 - adv10 - adv11 - adv12 - adv13 - genesis_1/13

Vulnerabilities in 7-Technologies IGSS 9.00.00.11059 (SCADA)
21 Mar 2011:  adv1 - adv2 - adv3 - adv4 - adv5 - adv6 - adv7 - adv8 - igss_1/8

Vulnerabilities in DATAC RealWin 2.1 (Build 6.1.10.10) (SCADA)
21 Mar 2011:  adv1 - adv2 - adv3 - adv4 - adv5 - adv6 - adv7 - realwin_2/8

Heap overflow in RealPlayer 14.0.2.633 (media)
21 Mar 2011:  adv - poc - real_5

Refractor 2 engine NULL pointer (game)
Battlefield 2 (1.50), Battlefield 2142 (1.51), ...
19 Feb 2011:  adv - poc - bf2null

Shockwave Player 11.5.9.615 (media)
08 Feb 2011:  zdi-11-080 - zdi/tpti-11-05 - shockwave_*

Code execution in Microsoft Fax Cover Page Editor 5.2.3790.3959 (no tag)
19 Jan 2011:  adv - poc - fxscover_1

Stack overflow in Winlog 2.07.00 (SCADA)
13 Jan 2011:  adv - winlog_1

Directory traversal in IntegraXor 3.6.4000.0 (SCADA)
21 Dec 2010:  adv - integraxor_1

Wonderware InBatch 9.0sp1 (SCADA)
07 Dec 2010:  adv - inbatch_1

Memory leak in Call of Duty Black Ops (game)
18 Nov 2010:  adv - cod7mem

Two buffer-overflow in DATAC RealWin 2.0 (Build 6.1.8.10) (SCADA)
15 Oct 2010:  adv - poc - realwin_1

Multiple Denial of Service in UniData unirpcd.exe 7.2.7.3806 (enterprise)
15 Oct 2010:  adv - poc - unirpcd_1

Denial of Service in solidDB 6.5.0.3 (enterprise)
15 Oct 2010:  adv - poc - soliddb_1

Multiple buffer-overflows in Winamp 5.5.8.2985 (media)
13 Oct 2010:  adv - poc - winamp_1

Lithtech engine memory corruption (game)
F.E.A.R., F.E.A.R. 2, probably any other game based on this engine, ...
20 Jul 2010:  adv - poc - fearless

Vulnerabilities in Microsoft DirectPlay8 (game)
any game based on DP8 like Robot Arena 2, Dungeon Siege 2, Vietcong, Deer Hunter 2004 and 2005, Trophy Hunter 2003, Homeworld 2, Freelancer, Giants, Sacrifice, SWINE, Wings of War, ...
18 Jul 2010:  adv - poc - dplay8blah

Invalid memory access in Unreal Tournament 3 2.1 (game)
17 Jul 2010:  adv - ut3steamer

Failed assertion in old games based on Unreal engine (game)
Raven Shield, Deus Ex, Land of the Dead, Postal 2, Rune, Shadow Ops, Unreal 2, UT, UT2003, WarPath, XIII, ...
15 Jul 2010:  adv - unreliable

Two vulnerabilities in Ghost Recon Advanced Warfighter 1 and 2 (game)
07 Jul 2010:  adv - grawful

Clients unicode buffer-overflow in Unreal engine 2.5 (game)
UT2004, UT2003, SWAT4, Postal2, RavenShield, ...
06 Jul 2010:  adv - unrealcbof

Negative memcpy in id Tech 4 engine (game)
Enemy Territory: Quake Wars, Wolfenstein, ...
05 Jul 2010:  adv - idtech4key

NULL pointer in Tripwire Interactive games (game)
Red Orchestra, Killing Floor, Darkest Hour, Mare Nostrum...
05 Jul 2010:  adv - tripwireless

Denials of Service in Freeciv 2.2.1 (game)
03 Jul 2010:  adv - poc - freecivet

Buffer-overflow in the Electronic Arts games that use Gamespy (game)
Command Conquer 3, Red Alert 3, Battle for Middle-Earth, Battle for Middle-Earth 2, ...
01 Jul 2010:  adv - eagsbof

Buffer-overflow in Area 51 1.1 (game)
30 Jun 2010:  adv - a51senseless

Refractor 2 engine clients URL directory traversal (game)
Battlefield 2, Battlefield 2142, ...
29 Jun 2010:  adv - bf2urlz

Battlefield 2 1.50 voip failed assertion (game)
29 Jun 2010:  adv - bf2voipz

Endless loop in Qt QSSLsocket 4.6.3 (no tag)
29 Jun 2010:  adv - poc - qtsslame

Database error in Mumble server 1.2.2 (game)
29 Jun 2010:  adv - poc - mumbleed

Vulnerabilities in America's Army 3 3.0.7 (game)
20 Jun 2010:  adv - poc - aa3again

Client array overflow in id Tech 4 engine (game)
Enemy Territory: Quake Wars, Wolfenstein, ...
19 Jun 2010:  adv - poc - idtech4carray

Client buffer-overflow in Enemy Territory: Quake Wars 1.5 (game)
18 Jun 2010:  adv - poc - etqwcbof

Exception in Chrome Engine 4 (game)
Call of Juarez: Bound in Blood, Sniper: Ghost Warrior, ...
17 Jun 2010:  adv - poc - chromerda

Multiple vulnerabilities in TeamSpeak 3.0.0-beta23 (game)
16 Jun 2010:  adv - poc - teamspeakrack

Refractor 2 engine endless loop (game)
Battlefield 2 (1.41), Battlefield 2142, ...
06 Jun 2010:  adv - poc - bf2loop

Multiple vulnerabilities in the Gem3 engine (game)
Majesty 2, ...
12 May 2010:  adv - poc - gem3bugs

Denial of Service in GameCore 2.5 (game)
12 May 2010:  adv - gamecorex

Invalid memory access in Torque game engine (game)
Metal Drift, Cyber Wing, Legends, 3D RC Racing, Burger Warz, Singularity, Blockland, Mach 1, Buccaneer, Once upon a time, PenguinsArena, ...
09 May 2010:  adv - poc - torqueer

Multiple vulnerabilities in Alien vs Predator 2.22 (game)
07 May 2010:  adv - poc - avp3dos

Buffer-overflow and exceptions in X-Motor Racing 1.275 (server 1.24) (game)
06 May 2010:  adv - poc - xmotorbof

Buffer-overflow and NULL pointer in netKar 1.1 (server 1.0.3) (game)
13 Apr 2010:  adv - poc - netkarbof

Denial of Service in Unity 2.61 (game)
25 Mar 2010:  adv - disunity

Null pointer in Raknet 3.72 (game)
25 Mar 2010:  adv - rakkia

NULL pointer and format string in Ca3D/Cafu engine 9.06/r39 (game)
22 Mar 2010:  adv - cafux

Buffer-overflow in MX Simulator 2010-02-06 (game)
22 Mar 2010:  adv - mxsx

Access violation in Ventrilo client 3.0.5 with Speex codec (game)
10 Sep 2009:  adv - poc - ventspeex

Voice memset overflow in Ventrilo client 3.0.5 (game)
08 Sep 2009:  adv - poc - ventrilomemset

Server restart in Live for Speed S2 Z13 (game)
23 Aug 2009:  adv - lfsreset

Fragments memory corruption in the Source engine (build 3933) (game)
Half-Life 2, Counter-Strike Source, OrangeBox, Team Fortress 2, Left 4 Dead, ...
20 Aug 2009:  adv - PoC_LAN - sourcefraghof

Files uploading vulnerabilities in the Source engine (build 3933 and 3950) (game)
Half-Life 2, Counter-Strike Source, OrangeBox, Team Fortress 2, Left 4 Dead, ...
19 Aug 2009:  adv - poc - PoC_LAN - sourceupfile

NULL pointer in the Source engine (build 3933) with SourceTV disabled (game)
Half-Life 2, Counter-Strike Source, (Valve has confirmed also OrangeBox, Team Fortress 2, Left 4 Dead), ...
18 Aug 2009:  adv - poc - sourcenotvnull

Format string in the Source engine (build 3933) (game)
Half-Life 2, Counter-Strike Source, OrangeBox, Team Fortress 2, Left 4 Dead, ...
17 Aug 2009:  adv - poc - PoC_LAN - sourcefs

Multiple NULL pointers in Sniper Elite 1.0 (game)
14 Aug 2009:  adv - poc - snipernull

Format string in Vietcong 2 1.10 (game)
12 Aug 2009:  adv - vietcong2fs

Multiple vulnerabilities in the GEM 2 engine (game)
Men of War, Faces of War, ...
11 Aug 2009:  adv - gem2bugs

Denial of Service in PunkBuster (09 Aug 2009) (game)
America's Army 2/3, Battlefield 2*, Call of Duty 1/2/4/5, Crysis, DOOM 3, Enemy Territory, ETQW, FEAR, Fuel of War, Need for Speed, Quake 3/4, RTCW, Soldier of Fortune II, Wolfenstein, ...
09 Aug 2009:  reference - pbmsgsdos2

Buffer-overflow in PunkBuster 1.728 for Soldier of Fortune II (game)
09 Aug 2009:  adv - sof2pbbof

Clients NULL pointer in TrackMania 2.11.19 (game)
07 Aug 2009:  adv - poc - tmnullever

Unbannable clients and bell bug in TrackMania Forever v2009-08-01 / 2.11.19 (game)
07 Aug 2009:  adv - poc - tmbellban

Clients termination in TrackMania Forever 2.11.19 (game)
04 Aug 2009:  adv - tmlocdos

Multiple vulnerabilities in TrackMania Forever v2009-05-25 / 2.11.19 (game)
27 Jul 2009:  adv - poc - tm4never

Access violation in Star Wars Battlefront II 1.1 (game)
24 Jul 2009:  adv - swbf2seven

Buffer-overflow in S.T.A.L.K.E.R. Clear Sky 1.5.10 (game)
22 Jul 2009:  adv - poc - stalkerbof

Unhandled malloc exception in S.T.A.L.K.E.R. Clear Sky 1.5.10 (game)
22 Jul 2009:  adv - poc - stalkazz

Unhandled exception in S.T.A.L.K.E.R. Clear Sky 1.5.10 (game)
22 Jul 2009:  adv - poc - dirtysky

Temporary freezing in Crysis 1.21 and Crysis Wars/Warhead 1.5 (game)
21 Jul 2009:  adv - crysisdos

Format string in Crysis 1.21 and Crysis Wars/Warhead 1.5 (game)
21 Jul 2009:  adv - poc - crysisfs

Access violation in the HTTP/XML-RPC service of Crysis 1.21 and Crysis Wars/Warhead 1.5 (game)
20 Jul 2009:  adv - crysisviol

Negative memcpy in Armed Assault 1.14 and ArmA 2 1.04 (game)
18 Jul 2009:  adv - poc - armadioz

Format string in Armed Assault 1.14 and ArmA 2 1.04 (Real Virtuality engine) (game)
ArmA, ArmA2, Operation Flashpoint, VBS1, VBS2, ...
18 Jul 2009:  adv - poc - armazzofs

Memory bug in Armed Assault 1.14 and ArmA 2 1.04 (Real Virtuality engine) (game)
ArmA, ArmA2, Operation Flashpoint, VBS1, VBS2, ...
18 Jul 2009:  adv - poc - armazzo

Wrong type assert in World in Conflict 1.0.1.1 (game)
16 Jul 2009:  adv - poc - wicass2

Negative memset overflow in America's Army 3 3.0.8 (game)
15 Jul 2009:  adv - poc - aa3memset

NULL pointer and access violation in America's Army 3 3.0.8 (game)
15 Jul 2009:  adv - poc - aa3pwood

Packets loop in America's Army 3.0.6 (game)
14 Jul 2009:  adv - aa3mah

Resource consumption and crash in America's Army 3 3.0.6 (game)
13 Jul 2009:  adv - aa3boh

NULL pointer in America's Army 3 3.0.4 (game)
06 Jul 2009:  adv - aa3blah

Reference for a couple of bugs in HTTP File Server (no tag)
05 Feb 2009:  adv - hfsref

Directory traversal in the webadmin of Unreal Tournament 3 1.3 (game)
21 Sep 2008:  adv - ut3webown

Failed assertion in the Unreal engine (game)
Unreal Tournament 3, Unreal Tournament 2003 and 2004, Dead Man's Hand, Pariah, WarPath, Postal2, Shadow Ops, ...
15 Sep 2008:  adv - poc - unreaload

Server termination in the Unreal engine 3 (game)
Unreal Tournament 3, Frontlines: Fuel of War, America's Army 3, HomeFront ...
11 Sep 2008:  adv - poc - ut3sticle

Clients format strings in the Unreal engine (game)
11 Sep 2008:  adv - poc - unrealcfs

NULL pointer in Ventrilo 3.0.2 (game)
13 Aug 2008:  adv - poc - ventrilobotomy

NULL pointer in Skulltag 0.97d2-RC3 (game)
11 Aug 2008:  adv - poc - skulltagod

Endless loop and resources consumption in Halo 1.0.7.0615 (game)
06 Aug 2008:  adv - poc - poc - halonsoloop3

Server termination in America's Army 2.8.3.1 (game)
02 Aug 2008:  adv - poc - armynchia

Memory corruption and NULL pointer in Unreal Tournament III 1.2 (game)
Unreal Tournament 3, America's Army 3 ...
30 Jul 2008:  adv - poc - ut3mendo

NULL pointer in Unreal Tournament 2004 v3369 (game)
affects also other games like Red Orchestra, Shadow Ops: Red Mercury, ...
30 Jul 2008:  adv - poc - ut2004null

NULL pointer in ZDaemon 1.08.07 (game)
21 Jul 2008:  adv - poc - zdaemonull

Vulnerabilities in SWAT 4 1.1 (game)
20 Jul 2008:  adv - swat4x

Endless loop in Soldner 33724 (game)
01 Jul 2008:  adv - poc - usurdat

Endless loop in Halo 1.07 (game)
29 Jun 2008:  adv - poc - haloloop2

Multiple vulnerabilities in S.T.A.L.K.E.R. 1.0006 (game)
28 Jun 2008:  adv - poc - stalker39x

Some bugs in SunAge 1.08.1 (game)
23 Jun 2008:  adv - poc - sunagex

Double Denial of Service in Call of Duty 4 1.7 (game)
22 Jun 2008:  adv - poc - cod4vamap

NULL pointer in World in Conflict 1.009 (game)
22 Jun 2008:  adv - poc - wicboom

Server freezed in Skulltag 0.97d2-RC2 (game)
16 Jun 2008:  adv - poc - skulltagloop

NULL pointer in the HTTP/XML-RPC service of Crysis 1.21 (game)
16 Jun 2008:  adv - dontcrysis

Denial of Service in S.T.A.L.K.E.R. 1.0006 (game)
15 Jun 2008:  adv - poc - stalkerboom

Information disclosure in Crysis 1.21 (game)
15 Jun 2008:  adv - poc - crysislog

Multiple vulnerabilities in WebMod 0.48 (game)
03 May 2008:  adv - webmodz

Denial of Service in Call of Duty 4 1.5 (game)
02 May 2008:  adv - PoC (requires sudppipe) - PoC for LAN - cod4statz

Denial of Service in eTrust Secure Content Manager r8 (enterprise)
18 Apr 2008:  adv - poc - ecsqdamn

Invalid memory access in CA ARCserve Backup 12.0.5454.0 (enterprise)
17 Apr 2008:  adv - poc - carcbackazz

Denial of Service in PunkBuster (22 Oct 2007 and 09 Aug 2009) (game)
America's Army 2/3, Battlefield 2*, Call of Duty 1/2/4/5, Crysis, DOOM 3, Enemy Territory, ETQW, FEAR, Fuel of War, Need for Speed, Quake 3/4, RTCW, Soldier of Fortune II, Wolfenstein, ...
16 Apr 2008:  adv - poc - new PoC - pbmsgsdos

Directory traversal in BigAnt Messenger 2.2 (no tag)
16 Apr 2008:  adv - biggayant

CGI source disclosure in Ruby WEBrick 1.9.0 (FAT/NTFS) (no tag)
15 Apr 2008:  adv - webrickcgi

Reference advisory for old bugs in HP OpenView NNM 7.50/7.51 (enterprise)
15 Apr 2008:  adv - closedview_old

NULL pointer in Nero MediaHome 3.3.3.0 (no tag)
12 Apr 2008:  adv - neromedia

Upload directory traversal in HP LoadRunner 9.10 (enterprise)
12 Apr 2008:  adv - poc - willycoyote

Directory traversal and multiple Denials of Service in HP OpenView NNM 7.53 (enterprise)
11 Apr 2008:  adv - closedviewx

Denial of Service in SmarterMail 5.0.2999 (no tag)
11 Apr 2008:  adv - dumbermail

Memory corruption in HP OpenView Network Node Manager 7.53 (enterprise)
08 Apr 2008:  adv - poc - closedview

Directory traversal in LANDesk Management Suite 8.80.1.1 (enterprise)
01 Apr 2008:  adv - landesktftp

Directory traversal in 2X ThinClientServer v5.0_sp1-r3497 (enterprise)
29 Mar 2008:  adv - thindirtrav

Denial of Service in SLMail Pro 6.3.1.0 (no tag)
29 Mar 2008:  adv - slmaildos

Multiple vulnerabilities in solidDB 06.00.1018 (enterprise)
26 Mar 2008:  adv - poc - soliduro

Buffer-overflow in ASUS Remote Console 2.0.0.24 (no tag)
21 Mar 2008:  adv - asuxdpc

Multiple heap overflows in xine-lib 1.1.11 (media)
20 Mar 2008:  adv - poc - xinehof

Buffer-overflow in BootManage TFTPD 1.99 (enterprise)
16 Mar 2008:  adv - bootixtftpd

Multiple vulnerabilities in Net Inspector 6.5.0.828 (enterprise)
14 Mar 2008:  adv - netinsp

Format string in McAfee Framework 3.6.0.569 (ePolicy Orchestrator 4.0) (enterprise)
12 Mar 2008:  adv - poc - meccaffi

Vulnerabilities in Timbuktu Pro 8.6.5 (enterprise)
10 Mar 2008:  adv - poc - timbuto

Multiple vulnerabilities in ASG-Sentry 7.0.0 (enterprise)
10 Mar 2008:  adv - asgulo

NULL pointer in Remotely Anywhere 8.0.668 (enterprise)
08 Mar 2008:  adv - remotelynowhere

Directory traversal in Argon Client Management Services 1.31 (enterprise)
08 Mar 2008:  adv - argonauti

Directory traversal and NULL pointer in Acronis PXE Server 2.0.0.1076 (enterprise)
08 Mar 2008:  adv - acropxe

Invalid memory access in Acronis True Image Group Server 1.5.19.191 (enterprise)
08 Mar 2008:  adv - acrogroup

NULL pointer in Acronis True Image Windows Agent 1.0.0.54 (enterprise)
08 Mar 2008:  adv - acroagent

Denial of Service in PacketTrap TFTP server 2.0.3901.0 (enterprise)
08 Mar 2008:  adv - packettrash

Multiple vulnerabilities in MailEnable Professional/Enterprise 3.13 (enterprise)
07 Mar 2008:  adv - poc - maildisable

Directory traversal in MicroWorld eScan Server 9.0.742.98 (enterprise)
06 Mar 2008:  adv - escaz

Multiple vulnerabilities in Perforce Server 2007.3/143793 (enterprise)
05 Mar 2008:  adv - poc - perforces

Arbitrary commands execution in Versant Object Database 7.0.1.3 (enterprise)
04 Mar 2008:  adv - poc - versantcmd

Heap overflow in Borland VisiBroker Smart Agent 08.00.00.C1.03 (enterprise)
03 Mar 2008:  adv - poc - visibroken

Multiple vulnerabilities in Borland StarTeam MPX 6.7 (enterprise)
02 Mar 2008:  adv - poc - starteammpx

Multiple integer overflows in Borland StarTeam server 10.0.0.57 (enterprise)
02 Mar 2008:  adv - poc - starteamz

Denial of Service in SmsGate 1.1n (no tag)
28 Feb 2008:  adv - smsgheit

Buffer-overflow in the passwords handling of Trend Micro OfficeScan 8.0 and possibly other products (enterprise)
27 Feb 2008:  adv - poc - officescaz

NULL pointer in SurgeFTP 2.3a2 (enterprise)
25 Feb 2008:  adv - surgeftpizza

Format string and buffer-overflow in SurgeMail 38k4 (enterprise)
25 Feb 2008:  adv - poc - surgemailz

Multiple vulnerabilities in Double-Take 5.0.0.2865 (enterprise)
22 Feb 2008:  adv - poc - doubletakedown

Denial of Service in Zilab Remote Console Server 3.2.9 (no tag)
21 Feb 2008:  adv - poc - zilabzrcsdos

Multiple vulnerabilities in Zilab Chat and Instant Messaging 2.1 (no tag)
21 Feb 2008:  adv - poc - zilabzcsx

Heap overflow in Sybase MobiLink 10.0.1.3629 (enterprise)
20 Feb 2008:  adv - poc - mobilinkhof

Multiple buffer-overflow in NowSMS v2007.06.27 (no tag)
19 Feb 2008:  adv - poc - nowsmsz

Directory traversal in SCI Chat v3.4.9 (no tag)
19 Feb 2008:  adv - scichatdt

Access violation and limited information disclosure in webcamXP 3.72.440.0 (no tag)
18 Feb 2008:  adv - webcamxp

NULL pointer crash in freeSSHd 1.20 (no tag)
17 Feb 2008:  adv - poc - freesshdnull

Two heap overflow in Foxit WAC Server 2.0 Build 3503 (enterprise)
16 Feb 2008:  adv - poc - wachof

Directory traversal and DoS in WinIPDS G52-33-021 (enterprise)
12 Feb 2008:  adv - winipds

Unicode buffer-overflow in RPM Remote Print Manager 4.5.1.11 (enterprise)
11 Feb 2008:  adv - poc - rpmlpdbof

Format string and buffer-overflow in Lst Network Print Server 9.4.2 build 105 (enterprise)
11 Feb 2008:  adv - lstnpsx

Format string and DoS in Opium OPI and cyanPrintIP servers 4.10.x (enterprise)
11 Feb 2008:  adv - poc - cyanuro

Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0 (enterprise)
10 Feb 2008:  adv - sentinella

Multiple vulnerabilities in ExtremeZ-IP File and Printer Server 5.1.2x15 (enterprise)
10 Feb 2008:  adv - poc - ezipirla

NULL byte writing in Emerald, RadiusNT/X and Air Marshal (enterprise)
08 Feb 2008:  adv - emerdal

Multiple vulnerabilities in Ipswitch Instant Messaging 2.0.8.1 (enterprise)
07 Feb 2008:  adv - poc - ipsimene

Logs visualization in WS_FTP Server Manager 6.1.0.0 (enterprise)
06 Feb 2008:  adv - wsftpweblog

Chat vulnerabilities in TinTin++ 1.97.9 (game)
06 Feb 2008:  adv - poc - rintintin

Multiple vulnerabilities in WinCom LPD Total 3.0.2.623 (enterprise)
04 Feb 2008:  adv - poc - wincomalpd

Multiple vulnerabilities in SAPlpd 6.28 and SAPSprint 1018 (enterprise)
04 Feb 2008:  adv - poc - saplpdz

Socket termination in WS_FTP FTP Log Server 7.9.14.0 (enterprise)
04 Feb 2008:  adv - ftplogsrvz

Denial of Service in Print Manager Plus 7.0.127.16 (enterprise)
31 Jan 2008:  adv - pqcorez

Crash in BitTorrent 6.0.1 and uTorrent 1.7.6 through webui (p2p)
27 Jan 2008:  adv - poc - ruttorrent2

Multiple crashes in Steamcast 0.9.75 (streaming)
24 Jan 2008:  adv - steamcazz

Peers unicode overflow in BitTorrent 6.0 and uTorrent 1.7.5 (p2p)
16 Jan 2008:  adv - poc - ruttorrent

Buffer-overflow in Quicktime Player 7.3.1.70 (media)
10 Jan 2008:  adv - poc - quicktimebof

Pre-auth remote commands execution in SAP MaxDB 7.6.03.07 (enterprise)
09 Jan 2008:  adv - poc - sapone

rmff_dump_header heap-overflow in Xine 1.1.9 (media)
08 Jan 2008:  adv - xinermffhof

sdpplin_parse heap-overflow in VLC 0.8.6d (media)
08 Jan 2008:  adv - vlcxhof

report buffer-overflow in xtacacsd 4.1.2 (enterprise)
08 Jan 2008:  adv - poc - xtacacsdz

Multiple vulnerabilities in yaSSL 1.7.5 (enterprise)
04 Jan 2008:  adv - poc - PoC_mySQL - yasslick

Multiple vulnerabilities in Georgia SoftWorks SSH2 Server 7.01.0003 (enterprise)
02 Jan 2008:  adv - poc - gswsshit

Buffer-overflow and format string in White_Dune 0.29beta791 (no tag)
02 Jan 2008:  adv - poc - whitedunboffs

Denial of Service in Pragma FortressSSH 5.0.4.293 (enterprise)
02 Jan 2008:  adv - poc - pragmassh

Denial of Service in Pragma TelnetServer 7.0.4.589 (enterprise)
02 Jan 2008:  adv - poc - pragmatel

Exception message in Seattle Lab Telnet Server 4.1.1.3758 (enterprise)
02 Jan 2008:  adv - poc - slnetmsg

Exception message in VanDyke VShell 3.0.3.569 (enterprise)
02 Jan 2008:  adv - poc - vshellmsg

Buffer-overflow in CoolPlayer 217 (media)
28 Dec 2007:  adv - culplayer

Buffer-overflow in Extended Module Player 2.5.1 (media)
27 Dec 2007:  adv - poc - xmpbof

Multiple vulnerabilities in libnemesi 0.6.4-rc1 (streaming)
27 Dec 2007:  adv - poc - libnemesibof

Multiple vulnerabilities in Feng 0.1.15 (streaming)
27 Dec 2007:  adv - poc - fengulo

Unicode buffer-overflow in Zoom Player 6.00b2 (media)
24 Dec 2007:  adv - poc - zoomprayer

Buffer-overflow and format string in VideoLAN VLC 0.8.6d (media)
24 Dec 2007:  adv - poc - vlcboffs

Double directory traversal in ImgSvr 0.6.21 (no tag)
24 Dec 2007:  adv - imgsvr

Buffer-overflow in WinUAE 1.4.4 (game)
21 Dec 2007:  adv - poc - winuaebof

Array overflow in id3lib (devel CVS) (media)
19 Dec 2007:  adv - poc - id3libexec

Some buffer-overflow in ProWizard 1.62 (media)
19 Dec 2007:  adv - poc - prowizbof

Two vulnerabilities in Cherokee r952 for Windows (no tag)
17 Dec 2007:  adv - cherokaz

Heap overflow in PeerCast 0.1217 / SVN 344 (streaming)
17 Dec 2007:  adv - poc - peercasthof

Multiple vulnerabilities in BarracudaDrive 3.7.2 (enterprise)
10 Dec 2007:  adv - barradrive

Multiple vulnerabilities in BadBlue 2.72b (enterprise)
10 Dec 2007:  adv - badblue

Filesystem access in DOSBox 0.72 (game)
10 Dec 2007:  adv - poc - dosboxxx

Upload directory traversal in Easy File Sharing 4.5 (no tag)
07 Dec 2007:  adv - poc - efsup

Two vulnerabilities in Simple HTTPD 1.38 (no tag)
07 Dec 2007:  adv - shttpd

Limited upload directory traversal in HTTP File Server 2.2a / 2.3 beta (build #146) (no tag)
05 Dec 2007:  adv - hfsup

Multiple vulnerabilities in Firefly Media Server (mt-daapd) 2.4.1 / SVN 1699 (streaming)
03 Dec 2007:  adv - poc - fireflyz

Two DoS in I Hear U 0.5.6 (no tag)
20 Nov 2007:  adv - poc - ihudos

Static buffer overflow in Rigs of Rods 0.33d (game)
19 Nov 2007:  adv - poc - rorbof

Crash in LIVE555 Media Server 2007.11.01 (streaming)
18 Nov 2007:  adv - poc - live555x

assert() DoS in World in Conflict 1.001 (game)
26 Oct 2007:  adv - poc - wicassert

Clients buffer-overflow in Live for Speed 0.5Y (game)
13 Oct 2007:  adv - poc - lfscbof

NULL pointer crash in World in Conflict 1.000 (game)
09 Oct 2007:  adv - wicvoipnull

Format string in The Dawn of Time 1.69s beta4 (game)
05 Oct 2007:  adv - dawnfs

Multiple vulnerabilities in Dropteam 1.3.3 (game)
05 Oct 2007:  adv - poc - dropteamz

Format string in the Doom 3 engine through PunkBuster (game)
Doom 3, Quake 4, Prey, ...
01 Oct 2007:  adv - poc - d3engfspb

Format string in F.E.A.R. 1.08 through PunkBuster (game)
01 Oct 2007:  adv - poc - fearfspb

Unexploitable buffer-overflow in America's Army 2.8.2 through PunkBuster (game)
01 Oct 2007:  adv - poc - aaboompb

Two buffer-overflow in FSD V2.052 d9 and FSFDT V3.000 d9 (game)
01 Oct 2007:  adv - fsdbof

Multiple vulnerabilities in the gMotor2 engine (game)
F1 Challenge 99-02, rFactor, GT Legends, GTR, GTR 2, RACE, Race 07, BMW M3 Challenge, ...
19 Sep 2007:  adv - poc - gmotor2

Format string and buffer-overflow in CellFactor Revolution 1.03 (game)
07 Sep 2007:  adv - poc - cellfucktor

Format string and clients disconnection in Alien Arena 2007 6.10 (game)
05 Sep 2007:  adv - poc - aa2k7x

Multiple vulnerabilities in Doomsday 1.9.0-beta5.1 (game)
29 Aug 2007:  adv - poc - dumsdei

Heap overflow in Skulltag 0.97d-beta4.1 (game)
23 Aug 2007:  adv - poc - skulltaghof

Multiple denial of service in Soldat 1.4.2/2.6.2 (game)
23 Aug 2007:  adv - poc - soldatdos

Multiple vulnerabilities in Vavoom 1.24 (game)
23 Aug 2007:  adv - vaboom2

hell bell bug in odamex 0.2a (game)
23 Aug 2007:  adv - odamexbell

Buffer-overflow in the Asura engine (game)
Rogue Trooper, Prism: Guard Shield, ...
22 Aug 2007:  adv - poc - asurabof

Unexploitable buffer-overflow in the logging function of the Unreal engine (game)
18 Aug 2007:  adv - poc - unrwebdos

Multiple vulnerabilities in Toribash 2.71 (game)
18 Aug 2007:  adv - poc - toribashish

Multiple vulnerabilities in rFactor 1.250 (game)
18 Aug 2007:  adv - poc - rfactorx

Multiple vulnerabilities in Live for Speed 0.5X10 (game)
14 Aug 2007:  adv - poc - lfsbof

Multiple vulnerabilities in Babo Violent 2 2.08.00 (game)
14 Aug 2007:  adv - poc - bv2x

Crash in Zoidcom 0.6.7 (game)
14 Aug 2007:  adv - poc - zoidboom2

Details about the hlfreeze/hl-headnut/csdos/"Born to be pig" bugs (game)
06 Apr 2007:  adv - poc - hlfreeze/hl-headnut/csdos/Born to be pig

Pulseaudio 0.9.5 (rev 1437) termination (no tag)
29 Mar 2007:  adv - poc - pulsex

Multiple vulnerabilities in NAS 1.8a (svn 231) (no tag)
18 Mar 2007:  adv - poc - nasbugs

Buffer-overflow in Conquest client 8.2a (svn 691) (game)
07 Mar 2007:  adv - italiano - conquestbof

Limited format string in Netrek 2.12.0 (game)
02 Mar 2007:  adv - italiano - poc - netrekfs

Players disconnection in Simbin racing games (game)
GTR - FIA GT Racing Game, GT Legends, GTR 2, RACE - The WTCC Game
21 Feb 2007:  adv - italiano - simbinzero

DoS and possible format string in Marathon Aleph One 16 Dec 2006 (game)
07 Jan 2007:  adv - poc - alephonz

Buffer-overflow in ml_ipod 2.00p19 (media)
12 Dec 2006:  adv - mlipodbof

Multiple vulnerabilities in Winamp Web Interface 7.5.13 (media)
10 Dec 2006:  adv - italiano - wawix

In-game callvote map buffer-overflow in Call of Duty series (game)
24 Sep 2006:  adv - italiano - codmapbof

Multiple buffer-overflows in libmusicbrainz 2.1.2 (media)
13 Aug 2006:  adv - italiano - poc - brainzbof

Multiple buffer-overflows in AlsaPlayer 0.99.76 (media)
09 Aug 2006:  adv - italiano - poc - alsapbof

Stack and heap overflows in MODPlug Tracker/OpenMPT 1.17.02.43 and libmodplug 0.8 (no tag)
09 Aug 2006:  adv - italiano - poc - mptho

Buffer-overflow in Aqualung 0.9beta5 (CVS 0.193.2) (media)
09 Aug 2006:  adv - italiano - poc - aquabof

Heap corruption in Festalon 0.5.5 (media)
06 Aug 2006:  adv - italiano - poc - festahc

Multiple vulnerabilities in DConnect Daemon 0.7.0 (CVS 30 Jul 2006) (p2p)
06 Aug 2006:  adv - italiano - poc - dconnx

Multiple vulnerabilities in Open Cubic Player 2.6.0pre6 / 0.1.10_rc5 (media)
31 Jul 2006:  adv - italiano - poc - ocpbof

Bugs in BomberClone 0.11.6 (game)
30 Jul 2006:  adv - italiano - poc - bcloneboom

Heap overflow in the GT2 loader of libmikmod 3.2.2 (media)
24 Jul 2006:  adv - italiano - poc - lmmgt2ho

Format string bug in the gout console output of Game Networking Engine 0.70 (CVS 23 Jul 2006) (game)
24 Jul 2006:  adv - italiano - gnefs

Buffer-overflow in the XM loader of Cheese Tracker 0.9.9 (media)
23 Jul 2006:  adv - italiano - poc - cheesebof

Two crash vulnerabilities in Freeciv 2.1.0-beta1 (SVN 15 Jul 2006) (game)
23 Jul 2006:  adv - italiano - freecivx

Buffer-overflow in recvTextMessage and NETrecvFile in Warzone Resurrection 2.0.3 (SVN 127) (game)
22 Jul 2006:  adv - italiano - warzonebof

Multiple vulnerabilities in UFO2000 svn 1057 (game)
16 Jul 2006:  adv - italiano - ufo2ko

Heap overflow in Dumb 0.9.3 through it_read_envelope (media)
16 Jul 2006:  adv - italiano - poc - dumbit

Crash and freeze in Armagetron Advanced 2.8.2 (game)
16 Jul 2006:  adv - italiano - atrondos

Format string bug in Sparklet 0.9.4try3 (game)
06 Jul 2006:  adv - italiano - sparkletfs

Possible code execution in Kaillera 0.86 (game)
06 Jul 2006:  adv - italiano - poc - kailleraex

Various heap and stack overflow bugs in AdPlug library 2.0 (CVS 04 Jul 2006) (media)
06 Jul 2006:  adv - italiano - adplugbof

Format string bug and some DoS in Zig Game Engine 1.0.0 (CVS 24 Jun 2006) (game)
06 Jul 2006:  adv - italiano - zigfs

Socket unreachable in Nascar Racing 4, 2002 and 2003 Season (game)
02 Jul 2006:  adv - italiano - nascarzero

Files and cvars overwriting in Quake 3 engine (1.32c / rev 803 / ...) (game)
some of the possible vulnerable games/engines are listed here
27 Jun 2006:  adv - italiano - q3cfilevar

Format string and crash in Neoengine 0.8.2 (rev 3422) (game)
27 Jun 2006:  adv - italiano - neoenginex

Client buffer-overflow in Quake 3 engine (1.32c / rev 795 / ...) (game)
some of the possible vulnerable games/engines are listed here
02 Jun 2006:  adv - italiano - q3cbof

Buffer-overflow in the WebTool service of PunkBuster for servers (minor than v1.229) (game)
America's Army 2, Battlefield 2*, Call of Duty 1/2, DOOM 3, Enemy Territory, FEAR, Quake 3/4, RTCW, Soldier of Fortune II, ...
23 May 2006:  adv - italiano - poc - pbwebbof

Server termination in netPanzer 0.8 (rev 952) (game)
23 May 2006:  adv - italiano - poc - panza

Format string vulnerabilities in OpenBOR 2.0046 (game)
20 May 2006:  adv - italiano - borfs

Two heap overflow in libextractor 0.5.13 (rev 2832) (media)
17 May 2006:  adv - italiano - poc - libextho

Socket unreachable in GNUnet rev 2780 (game)
12 May 2006:  adv - italiano - gnunetzero

Multiple vulnerabilities in Outgun 1.0.3 bot 2 (game)
12 May 2006:  adv - italiano - poc - outgunx

Server crash in Empire 4.3.2 (game)
12 May 2006:  adv - italiano - poc - empiredos

Buffer-overflow and NULL pointer crash in Genecys 0.2 (game)
12 May 2006:  adv - italiano - poc - genecysbof

Multiple vulnerabilities in Raydium rev 309 (game)
12 May 2006:  adv - italiano - poc - raydiumx

Format string bug in Skulltag 0.96f (game)
23 Apr 2006:  adv - italiano - poc - skulltagfs

Denial of service bugs in OpenTTD 0.4.7 (game)
23 Apr 2006:  adv - italiano - poc - openttdx

Buffer-overflow and crash in Fenice OMS 1.10 (streaming)
23 Apr 2006:  adv - italiano - fenicex

network_receive_packet and network_host_handle_join buffer-overflow in dimension3 1.5 (game)
23 Apr 2006:  adv - italiano - poc - dim3bof

Buffer-overflow in Ultr@VNC 1.0.1 viewer and server (enterprise)
04 Apr 2006:  adv - italiano - poc - uvncbof

Format string in Doomsday 1.8.6 (game)
03 Apr 2006:  adv - italiano - doomsdayfs

Buffer-overflow and in-game crash in Zdaemon 1.08.01 and X-Doom R6 (game)
31 Mar 2006:  adv - italiano - poc - zdaebof

Socket unreachable and decompression buffer-overflow in Vavoom 1.19.1 (game)
26 Mar 2006:  adv - italiano - poc - vaboom

Multiple vulnerabilities in csDoom 0.7 (game)
26 Mar 2006:  adv - italiano - poc - csdoombof

Multiple vulnerabilities in ENet library (Jul 2005) (game)
Cube, Sauerbraten, Duke3d_w32, Soccar, Ered Luin, breve, Enigma, The Mana World, Block Attack and many others
12 Mar 2006:  adv - italiano - poc - enetx

Clients disconnection in GGZ Gaming Zone 0.0.12 (game)
12 Mar 2006:  adv - italiano - poc - ggzcdos

Multiple vulnerabilities in Alien Arena 2006 GE 5.00 (game)
07 Mar 2006:  adv - italiano - poc - aa2k6x

Out of memory crash in Freeciv 2.0.7 (game)
06 Mar 2006:  adv - italiano - poc - freecivdos

Multiple vulnerabilities in Liero Xtreme 0.62b (game)
06 Mar 2006:  adv - italiano - poc - lieroxxx

Multiple vulnerabilities in Sauerbraten engine 2006_02_28 (game)
06 Mar 2006:  adv - italiano - poc - sauerburn

Multiple vulnerabilities in Cube engine 2005_08_29 (game)
06 Mar 2006:  adv - italiano - poc - evilcube

Server freeze in Monopd 0.9.3 (game)
03 Mar 2006:  adv - italiano - poc - monopdx

Off-by-one in Tenes Empanadas Graciela 0.11.1 (game)
03 Mar 2006:  adv - italiano - tegob1

Soldier of Fortune II format string through PunkBuster < 1.180 (game)
16 Feb 2006:  adv - italiano - sof2pbfs

Buffer-overflow in Dual DHCP DNS Server 1.0 (no tag)
14 Jan 2006:  adv - italiano - poc - dualsbof

BZFlag 2.0.4 server crash due to undelimited callsign (game)
25 Dec 2005:  adv - italiano - poc - bzflagboom

Buffer-overflow in GO-Global for Windows 3.1.0.3270 (enterprise)
02 Nov 2005:  adv - italiano - PoC (server) - PoC (clients) - ggwbof

Buffer-overflow and directory traversal in Asus Video Security 3.5.0.0 (no tag)
02 Nov 2005:  adv - italiano - poc - asusvsbugs

Multiple vulnerabilities in Scorched 3D 39.1 (game)
02 Nov 2005:  adv - italiano - poc - scorchbugs

Limited directory traversal in NeroNET 1.2.0.2 (no tag)
02 Nov 2005:  adv - italiano - neronet

Buffer-overflow in Glider collect'n kill 1.0.0.0 (game)
02 Nov 2005:  adv - italiano - poc - gliderbof

Buffer-overflow and crash in FlatFrag 0.3 (game)
02 Nov 2005:  adv - italiano - poc - flatfragz

Player disconnection and server interruption in Blitzkrieg 2 1.21 (game)
02 Nov 2005:  adv - italiano - poc - blitz2out

Socket termination in Battle Carry .005 (game)
02 Nov 2005:  adv - italiano - poc - bcarrydos

Buffer-overflow and directory traversal bugs in Virtools Web Player 3.0.0.100 (game)
30 Sep 2005:  adv - italiano - poc - virtbugs

Server crash and motd deletion in MultiTheftAuto 0.5 patch 1 (game)
25 Sep 2005:  adv - italiano - poc - mtaboom

Multiple vulnerabilities in BFCommand & Control Server Manager (game)
BFCC <= 1.22_A and BFVCC <= 2.14_B
29 Aug 2005:  adv - italiano - poc - bfccown

Server crash in Ventrilo 2.3.0 (game)
23 Aug 2005:  adv - italiano - poc - ventboom

Buffer-overflow in Chris Moneymaker's World Poker Championship 1.0 (game)
17 Aug 2005:  adv - italiano - poc - chmpokbof

Format string and buffer-overflow in Sacrifice (game)
01 Aug 2005:  adv - italiano - sacrifice

Broadcast format string and buffer-overflow in Race Driver 1.20 (game)
18 Jul 2005:  adv - italiano - rdrum

Endless loop in NetPanzer 0.8 (game)
13 Jul 2005:  adv - italiano - poc - panzone

In-game /ignore crash in Soldier of Fortune II 1.03 (game)
29 Jun 2005:  adv - italiano - sof2ignore

Server termination in Raknet 2.33 (before 30 May 2005) (game)
Elite Warriors: Vietnam, ...
05 Jun 2005:  adv - italiano - poc - rakzero

Crash in Stronghold 2 1.2 (game)
30 May 2005:  adv - italiano - poc - strong2boom

Buffer-overflow and crash in Terminator 3: War of the Machines 1.16 (game)
26 May 2005:  adv - italiano - poc - t3wmbof

Buffer-overflow in C'Nedra 0.4.0 (game)
26 May 2005:  adv - italiano - poc - cnedrabof

Endless loop in Halo 1.06 (game)
24 May 2005:  adv - italiano - poc - haloloop

Format string and crash in Warrior Kings 1.3 and Battles 1.23 (game)
23 May 2005:  adv - italiano - PoC for WK - PoC for WKB - warkings

In-game server crash in War Times 1.03 (game)
17 May 2005:  adv - italiano - poc - wartimesboom

Crash in Zoidcom 1.0 beta 4 (game)
10 May 2005:  adv - italiano - poc - zoidboom

Gamespy cd-key validation system: "Cd-key in use" DoS versus many games (game)
Players of the games Halo, Battlefield 1942 and Vietnam, Men of Valor, Painkiller, Star Wars Battlefront, Star Wars Republic Commando, Tribes: Vengeance and many others
04 May 2005:  adv - italiano - PoC (method 2) - PoC (method 1 for Gore 1.48) - gskeyinuse

Gamespy cd-key validation system: Cd-key never in use (game)
04 May 2005:  adv - italiano - poc - gskeydisc

Clients format string and server crash in Mtp-Target 1.2.2 (game)
01 May 2005:  adv - italiano - poc - mtpbugs

In-game vulnerabilities in IGI 2: Covert Strike 1.3 (game)
14 Apr 2005:  adv - italiano - poc - igi2bugs

Multiple vulnerabilities in Yager 5.24 (game)
14 Apr 2005:  adv - italiano - poc - yagerbof

In-game server buffer-overflow in Jedi Academy 1.011 (game)
02 Apr 2005:  adv - italiano - poc - jamsgbof

In-game server crash (buffer overrun) in Call of Duty 1.5b, United Offensive 1.51b, Call of Duty II 1.0 (game)
02 Apr 2005:  adv - italiano - poc - codmsgboom

In-game players kicking in the Quake 3 engine (game)
Call of Duty, Quake III Arena, Return to Castle Wolfenstein, Soldier of Fortune II, Star Wars Jedi Knight II: Jedi Outcast, Star Wars Jedi Knight: Jedi Academy and Wolfenstein: Enemy Territory
02 Apr 2005:  adv - italiano - poc - q3msgboom

Buffer-overflow in Tincat 2 minor than 2.0.28 (game)
The Settlers: Heritage of Kings <= 1.02, Sacred <= 1.8.2.6 and others
28 Mar 2005:  adv - italiano - poc - tincat2bof

Socket unreachable and crash in FunLabs games (game)
Cabela's, Revolution, Secret Service - In harm's Way, Shadow Force: Razor Unit, US Most Wanted: Nowhere To Hide, ...
20 Mar 2005:  adv - italiano - poc - funlabsboom

In-game format string in Xpand Rally 1.1.0.0 (game)
09 Mar 2005:  adv - italiano - poc - xprallyfs

Client buffer-overflow in Chaser 1.50 (game)
04 Mar 2005:  adv - italiano - poc - chasercool

Format string and crash in Carsten's 3D Engine (March 2004) (game)
03 Mar 2005:  adv - italiano - poc - ca3dex

Server termination in Scrapland 1.0 (game)
28 Feb 2005:  adv - italiano - poc - scrapboom

In-game cl_guid crash in Soldier of Fortune II 1.03 (game)
24 Feb 2005:  adv - italiano - poc - sof2guidboom

Multiple vulnerabilities in TrackerCam 5.12 (no tag)
18 Feb 2005:  adv - italiano - poc - tcambof

Buffer-overflow in Bontago 1.1 (game)
18 Feb 2005:  adv - italiano - poc - bontagobof

Directory traversal in Xinkaa web station 1.0.3 (no tag)
18 Feb 2005:  adv - xinkaa

Infostring crash and shutdown in the Quake 3 engine (game)
Call of Duty, Quake III Arena, Return to Castle Wolfenstein, Soldier of Fortune II, Star Trek Voyager: Elite Force, Star Trek: Elite Force II, Star Wars Jedi Knight II: Jedi Outcast, Star Wars Jedi Knight: Jedi Academy, Wolfenstein: Enemy Territory, ...
12 Feb 2005:  adv - italiano - poc - q3infoboom

Crashes and socket unreachable in Armagetron Advanced 0.2.7.0 (game)
10 Feb 2005:  adv - italiano - PoC 1 - PoC 2 - atron

Integer overflow and arbitrary files deletion in RealArcade 1.2.0.994 (game)
08 Feb 2005:  adv - italiano - PoC RGS - PoC RGP - realarcade

Limited buffer-overflow in Painkiller 1.35 (game)
02 Feb 2005:  adv - italiano - poc - painkkeybof

Broadcast crash in Xpand Rally 1.0.0.0 (game)
30 Jan 2005:  adv - italiano - poc - xprallyboom

Local buffer-overflow in W32Dasm 8.93 (no tag)
24 Jan 2005:  adv - italiano - poc - w32dasmbof

Arbitrary files overwriting through skins in DivX Player 2.6 (media)
21 Jan 2005:  adv - italiano - poc - divxplayer

Socket termination in Halocon 2.0.0.81 (game)
16 Jan 2005:  adv - halocon

Server crash in Breed patch #1 (game)
13 Jan 2005:  adv - italiano - poc - breedzero

Socket unreachable in Amp II engine (game)
Gore, ...
06 Jan 2005:  adv - italiano - poc - amp2zero

Socket termination, format string and XSS in Soldner Secret Wars 30830 (game)
04 Jan 2005:  adv - italiano - poc - soldnerx

Socket unreachable in the Lithtech engine (new protocol) (game)
Contract Jack 1.1, No one lives forever 2 1.3, Tron 2.0 1.042 and F.E.A.R. 1.02
13 Dec 2004:  adv - italiano - poc - lithsock

Socket unreachable in Codename Eagle 1.42 (game)
11 Dec 2004:  adv - italiano - poc - ceaglesock

In-game buffer-overflow in the Gamespy cd-key validation SDK (game)
Some of the games listed here
10 Dec 2004:  adv - italiano - PoC for Gore - gskeysdk

Broadcast client crash in Battlefield 1942 1.6.19 and Vietnam 1.2 (game)
07 Dec 2004:  adv - italiano - poc - bfcboom

Multiple vulnerabilities in Kreed 1.05 (game)
02 Dec 2004:  adv - italiano - poc - kreedexec

Endless loops in the http-server and pna-proxy modules of Jana server 2.4.4 (no tag)
30 Nov 2004:  adv - italiano - poc - janados

Buffer-overflow in Orbz 2.10 (game)
29 Nov 2004:  adv - italiano - poc - orbzbof

Players overflow in Serious engine UDP (game)
Alpha Black Zero, Nitro family and Serious Sam Second Encounter 1.07
28 Nov 2004:  adv - italiano - poc - serious

Crash in Remote admin for Star wars battlefront (swbfraw32) (game)
28 Nov 2004:  adv - swbfraw32

Limited buffer-overflow and arbitrary memory access in Star Wars Battlefront 1.11 (game)
24 Nov 2004:  adv - italiano - poc - swb

Broadcast memory corruption in Soldier of Fortune II 1.03 (refer to q3infoboom too) (game)
23 Nov 2004:  adv - italiano - poc - sof2boom

Broadcast client crash in Halo 1.05 (game)
22 Nov 2004:  adv - italiano - poc - halocboom

Multiple vulnerabilities in Hired Team: Trial (Shine engine) (game)
15 Nov 2004:  adv - italiano - hteam

Format string bug in Army Men RTS (game)
14 Nov 2004:  adv - italiano - artsfs

Crash in Secure Network Messenger 1.4.2 (no tag)
12 Nov 2004:  adv - italiano - snmboom

Resources consumption in 602 Lan Suite 2004.0.04.0909 (enterprise)
06 Nov 2004:  adv - italiano - poc - 602res

In-game format string bug in the Lithtech engine (game)
Alien vs Predator 2, Blood 2, Contract Jack, Global Operations, Kiss Psycho Circus, Legends of Might and Magic, No one lives forever, No one lives forever 2, Purge Jihad, Sanity, Shogo, Tron 2.0, F.E.A.R. 1.02 and others...
05 Nov 2004:  adv - italiano - lithfs

Directory traversal and DoS in Chesapeake TFTP Server 1.0 (no tag)
30 Oct 2004:  adv - poc - cccitftp

Buffer-overflow and directory traversal in Allied Telesyn TFTP server 1.8 (no tag)
30 Oct 2004:  adv - poc - attftp

Crashes in Master of Orion III 1.2.5 (game)
27 Oct 2004:  adv - italiano - poc - moo3boom

Buffer-overflow in Age of Sail II 1.04.151 (game)
20 Oct 2004:  adv - italiano - poc - aos2bof

Broadcast crash in Vypress Tonecast 1.3 (streaming)
19 Oct 2004:  adv - italiano - poc - toneboom

Directory traversal in Yak! 2.1.2 (no tag)
15 Oct 2004:  adv - italiano - yak

Buffer-overflow in ShixxNOTE 6.net (no tag)
13 Oct 2004:  adv - italiano - poc - shixxbof

Limited \secure\ buffer-overflow in some old Monolith games (game)
Alien versus predator 2, Blood 2, No one lives forever and Shogo
08 Oct 2004:  adv - italiano - poc - lithsec

Server crash in Flash Messaging 5.2.0g (no tag)
07 Oct 2004:  adv - italiano - poc - flashmsg

Directory traversal in Tridcomm 1.3 (no tag)
06 Oct 2004:  adv - italiano - tridcomm

In-game format string in Judge Dredd vs. Death 1.01 (game)
02 Oct 2004:  adv - italiano - dreddfs

Broadcast buffer-overflow in Vypress Messenger 3.5.1 (no tag)
01 Oct 2004:  adv - italiano - poc - vymesbof

Code execution in Icecast 2.0.1 (streaming)
28 Sep 2004:  adv - italiano - poc - iceexec

Broadcast crash in Chatman 1.5.1 RC1 (no tag)
27 Sep 2004:  adv - italiano - poc - chatmanx

Buffer-overflow in Zinf 2.2.1 for Windows through PLS file (media)
24 Sep 2004:  mail with info - poc - zinf-bof

Multiple vulnerabilities in ActivePost Standard 3.1 (no tag)
23 Sep 2004:  adv - italiano - PoC crash - PoC directory traversal - actp

Broadcast crash in Popmessenger 1.60 (before 20 Sep 2004) (no tag)
21 Sep 2004:  adv - italiano - poc - popmsgboom

Crash in Lords of the Realm III 1.01 (game)
19 Sep 2004:  adv - italiano - poc - lotr3boom

Freeze in Pigeon Server 3.02.0143 (no tag)
16 Sep 2004:  adv - italiano - poc - pigeonx

Off-by-one bug in Halo 1.04 (game)
09 Sep 2004:  adv - italiano - poc - haloboom

Broadcast shutdown in Call of Duty 1.4 (refer to q3infoboom too) (game)
05 Sep 2004:  adv - italiano - poc - codboom

Broadcast forced exit in Ground Control II 1.0.0.7 (game)
26 Aug 2004:  adv - italiano - poc - gc2boom

Limited buffer overflow in Painkiller 1.31 (game)
24 Aug 2004:  adv - italiano - poc - painkex

Medal of Honor remote buffer-overflow (AA 1.11v9, SH 2.15, BT 2.40b) (game)
17 Jul 2004:  adv - italiano - poc - mohaabof

Remote crash of Half-Life servers and clients (versions before the 07 July 2004) (game)
12 Jul 2004:  adv - italiano - poc - hlboom

Code execution in the Unreal Engine through \secure\ packet (game)
DeusEx, Devastation, Mobile Forces, Nerf Arena Blast, Postal 2, Rune, Tactical Ops, Unreal 1, Unreal II XMP, Unreal Tournament, Unreal Tournament 2003, Unreal Tournament 2004, Wheel of Time, X-com Enforcer, ...
18 Jun 2004:  adv - italiano - poc - SpoofedPoC - unsecure

Various in-game crashes and fun in Race Driver 1.20 (game)
08 Jun 2004:  adv - italiano - poc - rdboom

Colin McRae Rally 04 1.0 broadcast clients crash (game)
04 Jun 2004:  adv - italiano - poc - cmr4cdos

Arbitrary file overwriting in Unreal engine through UMOD (game)
22 Apr 2004:  adv - italiano - poc - umod

DoS in Rsniff 1.0 (no tag)
09 Apr 2004:  adv - italiano - poc - rsniff

Format string bug in IGI 2: Covert Strike 1.3 (game)
05 Apr 2004:  adv - italiano - poc - igi2fs

RogerWilco new bugs: UDP crash, "Voices from the deep", privacy problems and annoying attacks (game)
31 Mar 2004:  adv - poc - wilco

Remote crash in Etherlords I 1.07 and II 1.03 (game)
25 Mar 2004:  adv - italiano - poc - ethboom

Buffer overflow in PicoPhone 1.63 (no tag)
24 Mar 2004:  adv - italiano - poc - picobof

Server freeze in The Rage 1.01 (game)
23 Mar 2004:  adv - italiano - poc - ragefreeze

Castles and Catapults game freeze (game)
23 Mar 2004:  adv - italiano - cnc

Broadcast client buffer-overflow in Terminator 3 1.0 (game)
19 Mar 2004:  adv - italiano - poc - t3cbof

Chrome 1.2.0.0 server crash (game)
18 Mar 2004:  adv - italiano - poc - chrome-boom

Battle Mages server freeze (game)
11 Mar 2004:  adv - italiano - poc - LAN_PoC - battlemages

Format string bug in EpicGames Unreal engine (game)
America's Army, DeusEx, Devastation, Magic Battlegrounds, Mobile Forces, Nerf Arena Blast, Postal 2, Rainbow Six: Raven Shield, Rune, Sephiroth: 3rd episode the Crusade, Star Trek: Klingon Honor Guard, TNN Pro Hunter, Unreal 1, Unreal II XMP, Unreal Tournament, Unreal Tournament 2003, Wheel of Time, X-com Enforcer, XIII, ...
10 Mar 2004:  adv - italiano - poc - unrfs

Crash of Battle Isle Andosia War 2.08 (game)
09 Mar 2004:  adv - italiano - PoC (for server) - PoC (for client) - bisleboom

Ghost users in Chat Anywhere 2.72 (no tag)
09 Mar 2004:  adv - italiano - PoC (html page) - chatany-ghost

Remote server crash in Haegemonia 1.07 and Desert Rats vs. Afrika Korps (game)
24 Feb 2004:  adv - italiano - poc - hgmcrash

Client buffer overflow in Freespace 2 1.2 (game)
02 Mar 2004:  adv - italiano - poc - fs2cbof

Clients broadcast buffer overflow in Red Faction 1.20 (game)
01 Mar 2004:  adv - italiano - poc - rfcbof

Games servers crash and possible small privacy problem caused by Gamespy cd-key SDK (game)
several games vulnerables (before March 2004 but also some recents)
Battlefield 1942, Contract Jack, Gore, Halo, Hidden & Dangerous 2, IGI 2: Covert Strike, Need For Speed Hot Pursuit 2, Tribes: Vengeance, TRON 2.0, ...

24 Feb 2004:  adv - italiano - poc - more_stuff - gshboom

Remote crash in Ghost Recon engine (game)
Ghost Recon, Desert Siege and The Sum of all Fears
24 Feb 2004:  adv - italiano - poc - grboom

Remote server crash in Team Factor 1.25 (game)
20 Feb 2004:  adv - italiano - poc - tfboom

Broadcast client buffer-overflow in Purge Jihad 2.0.1 (game)
16 Feb 2004:  adv - italiano - poc - purge-cbof

Denial of Service in Ratbag's game engine (game)
Dirt Track Racing, Dirt Track Racing Australia, Leadfoot, Dirt Track Racing Sprint Cars, Dirt Track Racing 2 and World of Outlaws Sprint Cars
11 Feb 2004:  adv - italiano - poc - ratbag

Denial of Service in Monkey httpd 0.8.1 (no tag)
11 Feb 2004:  adv - italiano - poc - monkeydos

Remote crash of Chaser game 1.50 (game)
03 Feb 2004:  adv - italiano - PoC for server - PoC for client - chaser

Need for Speed Hot pursuit 2 242 broadcast client's buffer overflow (game)
22 Jan 2004:  adv - italiano - poc - nfshp2cbof

Xitami 2.5c1 server crash and possible code execution through malformed SSI files (no tag)
19 Jan 2004:  poc - ssi-xitami

Denial of service in Getware's built-in webserver (Webcam Live and Photohost) (no tag)
19 Jan 2004:  adv - italiano - poc - wcamdos

Directories management bypassing in Goahead webserver 2.1.8 (no tag)
19 Jan 2004:  adv - italiano - goahead2

Resources consumption in Goahead webserver 2.1.8 (no tag)
19 Jan 2004:  adv - italiano - poc - goahead1

Multiple vulnerabilities in WWW Fileshare Pro 2.42 (no tag)
14 Jan 2004:  adv - italiano - PoC bug 1 - PoC bug 2a - PoC bug 2b - wfshare

Buffer-overflow in Jordan's telnet server (no tag)
29 Dec 2003:  adv - italiano - poc - jordwts

Directory traversal bug in DCAM server 8.2.5 (no tag)
22 Dec 2003:  adv - italiano - dcam

Directory traversal and XSS in Active Webcam 4.3 (no tag)
19 Dec 2003:  adv - italiano - activecam

Server side scripts viewing in Goahead webserver 2.1.7 (no tag)
bug originally found by Richard Brain of Procheckup
17 Dec 2003:  adv - italiano - goahead3

FAT32 directory auth bypass on Linux Abyssws 1.2 (no tag)
08 Dec 2003:  adv - italiano - abyss-dot

Surfboard 1.1.8 vulns (no tag)
01 Dec 2003:  adv - italiano - surfd

Remote crash in the Serious Sam engine (game)
30 Oct 2003:  adv - italiano - poc - ssboom

Medieval Total War 1.1 crash (game)
07 Oct 2003:  adv - italiano - poc - mtwdos-server

Medieval Total War 1.1 Connection expired (game)
07 Oct 2003:  adv - italiano - poc - mtwexp-server

Medieval Total War 1.1 client crash and directory traversal (game)
07 Oct 2003:  adv - italiano - poc - mtw2client

Gamespy3d 263020 lets code execution through long IRC answer (game)
30 Sep 2003:  adv - italiano - poc - gs3d-ircbof

Half-Life's client 1.1.1.0 format string (mail sent to vuln-dev) (game)
29 Sep 2003:  adv - italiano - poc - hlclientfs

NULLhttpd 0.5.1 remote resources consumption (no tag)
24 Sep 2003:  adv - italiano - poc - nullhttpd-dos

NULLhttpd 0.5.1 XSS through Bad request (no tag)
24 Sep 2003:  adv - italiano - poc - nullhttpd-xss

SpeakFreely for Win 7.6a remote crash through malformed GIF (no tag)
22 Sep 2003:  adv - italiano - poc - sfwin-gif

SpeakFreely for Win 7.6a spoofed DoS (no tag)
22 Sep 2003:  adv - italiano - poc - sfwin-dos

GuildFTPd 0.999.5 partial directory traversal bug (no tag)
?? Sep 2003:  adv - italiano - guildftpd-dir

Goahead 2.1.3 DoS through negative Content-Length (no tag)
22 Sep 2003:  adv - italiano - goahead-neg

Winamp 2.91 lets code execution through MIDI files (IN_MIDI.DLL 3.01) (media)
08 Sep 2003:  adv - italiano - example - winamp-midi

Rogerwilco: server's buffer overflow (1.4.1.6, 0.30a) (game)
08 Sep 2003:  adv - italiano - poc - wilco-recvbof

Rogerwilco 1.4.1.2 and 1.4.1.6 remix of bugs (game)
08 Sep 2003:  adv - italiano - poc - wilco-remix

Problems with the MODs of Half-Life 1.1.1.0 (game)
29 Jul 2003:  adv - italiano - hlmods

Half-Life servers: buffer-overflow and freeze (versions 1.1.1.0, 4.1.1.1c1 and 3.1.1.1c1) (game)
29 Jul 2003:  adv - italiano - poc - hlbof-server

Half-Life broadcast client's buffer-overflow (versions 1.1.1.0) (game)
29 Jul 2003:  adv - italiano - poc - hlbof-client

Broadcast buffer-overflow and server freeze in RogerWilco Mk.1d3 2001 (game)
02 Jul 2003:  adv - poc - wilco

Quake 3 con\con exploit (funny) (game)
27 May 2003:  adv - italiano - poc - q3concon

UnrealTournament 2003 2199 client passive DoS (game)
13 May 2003:  adv - italiano - poc - ut2003pdos

Abyss webserver X1 1.1.2 remote crash (no tag)
05 Apr 2003:  adv - articolo in italiano scritto riguardo al problema abyssx1

Emule 0.27b remote crash (p2p)
25 Mar 2003:  adv - italiano - poc - emule

Edonkey and Overnet 0.45 resources consumption (p2p)
21 Mar 2003:  adv - italiano - poc - edonkey

Some game master servers can be used as amplifiers (game)
20 Feb 2003:  adv - italiano - poc - msddos

Unreal engine: results of my research (game)
DoS, DDoS, remote memory problems, execution of malicious code and more
05 Feb 2003:  adv - italiano - PoC section - ueng

Blade encoder 0.94.2 code execution (no tag)
02 Feb 2003:  adv - italiano - PoC wave - blade942

Savant 3.1 multiple vulnerabilities (no tag)
13 Sep 2002:  adv - italiano - PoC data - savant

SWServer 2.2 directory traversal bug (no tag)
28 Aug 2002:  adv - italiano - swserver

Blazix 1.2 jsp view and protected folder access (no tag)
24 Aug 2002:  adv - italiano - Blazix

Abyss 1.0.3 (patch 2) directory traversal and administration bug (no tag)
22 Aug 2002:  adv - italiano - poc - abyss

Bajie 0.95zvh index viewing and server scripts download (no tag)
16 Aug 2002:  adv - bajie

Apache 2.0.39 directory traversal and path disclosure bug for not Unix systems (enterprise)
16 Aug 2002:  adv - italiano - apache

Lcc-win32 (all versions) privacy problem in Windows9x (no tag)
02 Aug 2002:  adv - italiano - lcc

Pegasus Mail 4.01 DoS (no tag)
24 Jul 2002:  adv - italiano - poc - pegasus

Popcorn mail client 1.20 multiple vulnerabilities (no tag)
11 Jul 2002:  adv - italiano - poc - popcorn

Webtrends 3.1 script files view (enterprise)
03 Jun 2001:  adv - webtrends

CheckBo 1.56 multiple vulnerabilities (no tag)
20 Apr 2001:  adv - italiano - poc - checkbo

Apache 1.3.15 Win32 anonymous DoS (enterprise)
12 Apr 2001:  adv - italiano - apache1