Oracle9i Database contains remotely exploitable buffer overflow in "BFILENAME" function

Overview A remotely exploitable buffer overflow vulnerability exists in Oracle9i Database. Description A buffer overflow vulnerability exists on all platforms in the following versions of Oracle 9i Database: Oracle9i Database Release 2 9i Release 1 8i 8.1.7 8.0.6 A buffer overflow exists in...

CVE-2003-0003

Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information...

WinRAR buffer overflow vulnerability

Hello everybody. We found vulnerability in WinRAR 3.10 or lower version, and reported details to Author of this Software at 2003/01/12. Fixed version 3.11 of WinRAR was released, so we release the Information about this vulnerability. ----------------------------------------------------------...

CVE-2002-1403

dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to execute arbitrary code via shell metacharacters that are fed from a dhcpd .info script into a .exe script...

Lotus Domino web server vulnerable to buffer overflow via long HTTP authentication header containing non-ASCII characters

Overview A remotely exploitable buffer overflow exists in versions of IBM's Lotus Domino web server prior to R5.0.10. Description A remotely exploitable buffer overflow exists in the Lotus Domino web server. The overflow can occur as the result of an overly long HTTP Authenticate header containin...

CVE-2002-2099

Buffer overflow in the GNU DataDisplay Debugger DDD 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or setgid, perhaps this issue should not be included in CVE...

CVE-2002-1158

Buffer overflow in the irwthrough function for Canna 3.5b2 and earlier allows local users to execute arbitrary code as the bin user...

Microsoft Java implementation allows execution of malicious code

Overview A class in Microsoft's Java virtual machine VM does not properly validate trusted applets, allowing untrusted applets to exploit native methods and execute arbitrary code. Description Microsoft's Java VM is installed on Windows 98, NT, 2000, and xp. It is used by Internet Explorer and...

CVE-2002-0965

Buffer overflow in TNS Listener for Oracle 9i Database Server on Windows systems, and Oracle 8 on VM, allows local users to execute arbitrary code via a long SERVICENAME parameter, which is not properly handled when writing an error message to a log file...

CVE-2002-1128

Buffer overflow in inc mail utility for Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long MH environment variable...

CVE-2002-0981

Buffer overflow in ndcfg command for UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to execute arbitrary code via a long command line...

HP Tru64 UNIX "rdist" contains buffer overflow (SSRT2275)

Overview The HP Tru64 UNIX implementation of "rdist" contains a locally exploitable buffer overflow. Description "rdist" allows a user to maintain identical copies of files on multiple hosts. A locally exploitable buffer overflow in "rdist" may permit a local attacker to gain elevated privileges...

HP Tru64 UNIX "ipcs" contains buffer overflow (SSRT0794U)

Overview The HP Tru64 UNIX implementation of "ipcs" contains a locally exploitable buffer overflow. Description "ipcs" is used to report inter-process communication status. A locally exploitable buffer overflow in "ipcs" may permit a local attacker to gain elevated privileges and execute arbitrar...

HP Tru64 UNIX "lpd" contains buffer overflow (SSRT2275)

Overview The HP Tru64 UNIX implementation of "lpd" contains a locally exploitable buffer overflow. Description "lpd" is used to handle the printer spool area. A locally exploitable buffer overflow in "lpd" may permit a local attacker to gain elevated privileges and execute arbitrary code on a...

CVE-2002-0979

The Java logging feature for the Java Virtual Machine in Internet Explorer writes output from functions such as System.out.println to a known pathname, which can be used to execute arbitrary code...

CVE-2002-0825

CVE-2002-0825 describes a buffer overflow in the DNS SRV code used by nss_ldap when configuring via DNS SRV records. The issue affects nss_ldap versions prior to 198 (also related to 199 for data length handling) and can allow remote attackers to cause a denial of service and potentially execute ...

Microsoft SQL Server 2000 - User Authentication Remote Buffer Overflow

source: https://www.securityfocus.com/bid/5411/info A vulnerability has been discovered in Microsoft SQL Server that could make it possible for remote attackers to gain access to target hosts. It is possible for an attacker to cause a buffer overflow condition on the vulnerable SQL server with a...

VMware GSX Server 2.0 - Authentication Server Buffer Overflow

VMware GSX Server 2.0 - Authentication Server Buffer Overflow // source: https://www.securityfocus.com/bid/5294/info VMWare GSX Server ships with an authentication server. The server is vulnerable to a buffer overflow related to handling of the argument to the "GLOBAL" command. While attackers mu...

Microsoft Internet Information Server (IIS) vulnerable to buffer overflow via malformed server-side include directive

Overview A buffer overflow in the code that processes server-side include files on IIS 4.0 and IIS 5.0 could allow an intruder to execute code with the privileges of the web server. Description A buffer overflow exists in the code that processes server side include directives on IIS versions 4 an...

AnalogX SimpleServer:WWW Buffer Overflow

The remote installation of AnalogX SimpleServer:WWW is affected by a buffer overflow triggered when processing input, such as a series of 640 '@' characters. An unauthenticated, remote attacker can leverage this issue to crash the affected service or even to execute arbitrary code on the remote...