CVE-2007-5395

Stack-based buffer overflow in the separateword function in tokenize.c in Link Grammar 4.1b and possibly other versions, as used in AbiWord Link Grammar 4.2.4, allows remote attackers to execute arbitrary code via a long word, as reachable through the separatesentence function...

CVE-2007-4352

Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file...

Heap overflow

Heap-based buffer overflow in Perl-Compatible Regular Expression PCRE library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized...

CVE-2007-4766

CVE-2007-4766 concerns the PCRE library: multiple integer overflows in PCRE before 7.3 can be exploited via certain backslash escape sequences to cause a denial of service (crash) or arbitrary code execution. Affected component: PCRE. Remediation: update to PCRE 7.3 or later (or apply vendor-supp...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Vortex Portal 1.0.42 allow remote attackers to execute arbitrary PHP code via a URL in the cfgProgDir parameter to 1 admincp/auth/secure.php or 2 admincp/auth/checklogin.php...

Buffer overflow

Multiple buffer overflows in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allow remote attackers to execute arbitrary code via a long 1 serverAddress, 2 sessionId, 3 clientIPLower, 4 clientIPHigher, 5 userName, 6 domainName, or 7...

CVE-2002-2400

CVE-2002-2400 describes a buffer overflow in LibHTTPD 1.2’s httpdProcessRequest function. An attacker can send a long HTTP POST request to trigger a crash and potentially execute arbitrary code, enabling remote compromise without authentication. The issue is documented with a high-severity impact...

CVE-2002-2400

Buffer overflow in the httpdProcessRequest function in LibHTTPD 1.2 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long HTTP POST request...

CVE-2002-2367

Off-by-one buffer overflow in NEC SOCKS5 1.0 r11 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hostname...

CVE-2003-1436

The CVE-2003-1436 entry concerns Nukebrowser (versions 2.1–2.5). A PHP remote file inclusion vulnerability exists in nukebrowser.php that allows an attacker to execute arbitrary PHP code via the filhead parameter. This is a classic file inclusion flaw that can lead to remote code execution, with ...

CVE-2003-1452

Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program...

CVE-2007-5592

CVE-2007-5592 describes multiple PHP remote file inclusion vulnerabilities in awzMB 4.2 beta 1 and earlier. An attacker can supply a URL in the Setting[OPT_includepath] parameter to load remote PHP code via the following files in modules/: adminhelp.php; admin.incl.php; reg.incl.php; help.incl.ph...

CVE-2003-1375

Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument...

CVE-2007-5561

Format string vulnerability in the logging function in the Oracle OPMN daemon, as used on Oracle Enterprise Grid Console server 10.2.0.1, allows remote attackers to execute arbitrary code via format string specifiers in the URI in an HTTP request to port 6003, aka Oracle reference number 6296175...

CVE-2007-5545

Format string vulnerability in TIBCO SmartPGM FX allows remote attackers to execute arbitrary code via format string specifiers in unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known...

CVE-2007-5545

Format string vulnerability in TIBCO SmartPGM FX allows remote attackers to execute arbitrary code via format string specifiers in unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known...

openSUSE 10 Security Update : php5 (php5-2687)

CVE-2007-0906: Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the 1 session, 2 zip, 3 imap, and 4 sqlite extensions; 5 stream filters; and the 6 strreplace, 7 mail, 8 ibasedeleteuser, 9...

CVE-2003-1355

CVE-2003-1355 concerns Battlefield 1942, affected in versions 1.2 and 1.3. A buffer overflow in the remote console (rcon) can be triggered by a long user name and password, enabling remote attackers to crash the server and potentially execute arbitrary code. The vulnerability is network-based and...

Buffer overflow

Buffer overflow in the DB Software Laboratory VImpX VImpAX1 ActiveX control in VImpX.ocx 4.7.3.0 allows remote attackers to execute arbitrary code via a long RejectedRecordsFile parameter, a different vector than CVE-2007-2667...

CVE-2007-5387

PHP remote file inclusion vulnerability in active/components/xmlrpc/client.php in Pindorama 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the ccomponents parameter...