Code injection

Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0585...

CVE-2011-0589

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2011-0563 and CVE-2011-0606...

CVE-2011-0567

AcroRd32.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted image that triggers an incorrect pointer calculation, leading t...

CVE-2011-0603

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted image, a different vulnerability than CVE-2011-0566 and CVE-2011-0567...

CVE-2011-0577

Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 allows remote attackers to execute arbitrary code via a crafted font...

CVE-2011-0921

crs.exe in the Cell Manager Service in the client in HP Data Protector does not properly validate credentials associated with the hostname, domain, and username, which allows remote attackers to execute arbitrary code by sending unspecified data over TCP, related to the webreporting client, the...

Mandriva Linux Security Advisory : proftpd (MDVSA-2011:023)

A vulnerability has been found and corrected in proftpd : Heap-based buffer overflow in the sqlpreparewhere function contrib/modsql.c in ProFTPD before 1.3.3d, when modsql is enabled, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted...

CVE-2004-0694

Buffer overflow in LHA 1.14 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors related to "command line processing," a different vulnerability than CVE-2004-0771. NOTE: this issue may be REJECTED if there are not any case...

Buffer overflow

Multiple buffer overflows in the Cisco WebEx Recording Format WRF and Advanced Recording Format ARF Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted 1 .wrf or 2 .arf file,...

CVE-2010-3044

CVE-2010-3044: Multiple buffer-overflow vulnerabilities in Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players. Affected components are the WebEx Players T27LB before SP21 EP3 and T27LC before SP22, with exploitation via crafted .wrf or .arf files, related to atas32.dll...

Buffer overflow

Buffer overflow in the gettoken function in contrib/intarray/intbool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrar...

VideoLAN Releases Security Advisory for VLC Media Player

VideoLAN has released a security advisory to address a vulnerability in VLC Media Player. This vulnerability may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review VideoLAN security advisory VideoLAN-SA-1102 and apply any necessary updates or...

CVE-2011-0742

Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management 7.0 allows remote attackers to execute arbitrary code via a crafted IP Conduit packet to TCP port 2400...

CVE-2010-4015

Buffer overflow in the gettoken function in contrib/intarray/intbool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrar...

CVE-2010-4712

Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent GWIA in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing 1 multiple items separated by ; semicolon characters or 2 crafted string data...

CVE-2010-3451

Use-after-free vulnerability in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via malformed tables in an RTF document...

Heap overflow

The compressadddlabelpoints function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably other versions allows remote attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a long DNS hostname with a large number of labels, which triggers a...

CVE-2010-4709

CVE-2010-4709 = heap-based buffer overflow in Automated Solutions Modbus/TCP Master OPC Server (pre-3.0.2). A Modbus/TCP response with a crafted length field can crash the server and may allow arbitrary code execution, per NVD/ICS-CERT reporting. The most reliable public mitigation is to upgrade ...

CVE-2011-0520

The compressadddlabelpoints function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably other versions allows remote attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a long DNS hostname with a large number of labels, which triggers a...

CVE-2010-3451

Use-after-free vulnerability in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via malformed tables in an RTF document...