Buffer overflow

Buffer overflow in KarjaSoft Sami FTP Server 2.0.x allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via a long argument to an arbitrary command, which triggers the overflow when the SamyFtp.binlog log file is viewed in the management console...

Design/Logic Flaw

nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by modifying properties of a file input element while it is stil...

Memory corruption

Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allow remote attackers to execute arbitrary code via a crafted PDF document that 1 performs unspecified actions on a Collab object that trigger memory corruption, related to a GetCosObj method; or 2 contains a malformed PDF object that...

Input validation

Unspecified vulnerability in a JavaScript method in Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allows remote attackers to execute arbitrary code via unknown vectors, related to an "input validation issue."...

CVE-2008-4814

Unspecified vulnerability in a JavaScript method in Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allows remote attackers to execute arbitrary code via unknown vectors, related to an "input validation issue."...

CVE-2008-2992

Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104...

CVE-2008-4911

PHP remote file inclusion vulnerability in read.php in Chattaitaliano Istant-Replay allows remote attackers to execute arbitrary PHP code via a URL in the data parameter...

CVE-2008-4863

Blender (BPY_interface) vulnerability CVE-2008-4863: PySys_SetArgv() causes Python to prepend sys.path with an empty string, allowing a local attacker to place a crafted Python module in the working directory and execute arbitrary code with the user’s privileges. Affected component: Blender’s BPY...

CVE-2008-4779

Stack-based buffer overflow in TUGzip 3.5.0.0 allows remote attackers to denial of service crash or execute arbitrary code via a long filename in a .zip file...

CVE-2008-4779

Stack-based buffer overflow in TUGzip 3.5.0.0 allows remote attackers to denial of service crash or execute arbitrary code via a long filename in a .zip file...

Trend Micro OfficeScan CGI Parsing Buffer Overflow Vulnerability

This host is installed with Trend Micro OfficeScan and is prone to stack based buffer overflow vulnerability. The vulnerability is due to boundary error in the CGI modules when processing specially crafted HTTP request. OpenVAS Vulnerability Test $Id:...

CVE-2008-4762

Stack-based buffer overflow in freeSSHd 1.2.1 allows remote authenticated users to cause a denial of service service crash and potentially execute arbitrary code via a long argument to the 1 rename and 2 realpath parameters...

Stack overflow

Stack-based buffer overflow in freeSSHd 1.2.1 allows remote authenticated users to cause a denial of service service crash and potentially execute arbitrary code via a long argument to the 1 rename and 2 realpath parameters...

CVE-2008-4720

Multiple PHP remote file inclusion vulnerabilities in The Gemini Portal 4.7 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to 1 page/forums/bottom.php and 2 page/forums/category.php...

CVE-2008-4720

The CVE-2008-4720 entry concerns The Gemini Portal 4.7, where the vulnerability is a PHP remote file inclusion. The affected functionality is exposed via the lang parameter to two pages (page/forums/bottom.php and page/forums/category.php), enabling remote code execution on the server. The core i...

CVE-2008-4687

manageprojpage.php in Mantis before 1.1.4 allows remote authenticated users to execute arbitrary code via a sort parameter containing PHP sequences, which are processed by createfunction within the multisort function in core/utilityapi.php...

CVE-2008-4631

Stack-based buffer overflow in the Message::AddToString function in message/Message.cpp in MUSCLE before 4.40 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted message. NOTE: some of these details are obtained from third party information...

Heap overflow

GuildFTPd 0.999.14, and possibly other versions, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via long arguments to the CWD and LIST commands, which triggers heap corruption related to an improper free call, and possibly triggering a heap-based...

Stack overflow

Stack-based buffer overflow in the pushsubg function in parser.y lib/graph/parser.c in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service memory corruption or execute arbitrary code via a DOT file with a large number of Agrapht...

CVE-2008-4555

CVE-2008-4555 is a real vulnerability in Graphviz 2.20.2 (and possibly earlier) involving a stack-based buffer overflow in the push_subg function (parser.y, lib/graph/parser.c). A DOT file with a large number of Agraph_t elements can allow user‑assisted remote attackers to cause memory corruption...