Buffer overflow

Multiple buffer overflows in the Cisco WebEx Recording Format WRF and Advanced Recording Format ARF Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted 1 .wrf or 2 .arf file,...

CVE-2010-3044

CVE-2010-3044: Multiple buffer-overflow vulnerabilities in Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players. Affected components are the WebEx Players T27LB before SP21 EP3 and T27LC before SP22, with exploitation via crafted .wrf or .arf files, related to atas32.dll...

Buffer overflow

Buffer overflow in the gettoken function in contrib/intarray/intbool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrar...

VideoLAN Releases Security Advisory for VLC Media Player

VideoLAN has released a security advisory to address a vulnerability in VLC Media Player. This vulnerability may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review VideoLAN security advisory VideoLAN-SA-1102 and apply any necessary updates or...

CVE-2011-0742

Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management 7.0 allows remote attackers to execute arbitrary code via a crafted IP Conduit packet to TCP port 2400...

CVE-2010-4015

Buffer overflow in the gettoken function in contrib/intarray/intbool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrar...

CVE-2010-4712

Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent GWIA in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing 1 multiple items separated by ; semicolon characters or 2 crafted string data...

CVE-2010-3451

Use-after-free vulnerability in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via malformed tables in an RTF document...

Heap overflow

The compressadddlabelpoints function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably other versions allows remote attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a long DNS hostname with a large number of labels, which triggers a...

CVE-2011-0520

The compressadddlabelpoints function in dns/Compress.c in MaraDNS 1.4.03, 1.4.05, and probably other versions allows remote attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a long DNS hostname with a large number of labels, which triggers a...

CVE-2010-4709

CVE-2010-4709 = heap-based buffer overflow in Automated Solutions Modbus/TCP Master OPC Server (pre-3.0.2). A Modbus/TCP response with a crafted length field can crash the server and may allow arbitrary code execution, per NVD/ICS-CERT reporting. The most reliable public mitigation is to upgrade ...

CVE-2010-3451

Use-after-free vulnerability in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via malformed tables in an RTF document...

Opera < 11.01 Multiple Vulnerabilities

Binary data 800855.prm...

SuSE 10 Security Update : acroread (ZYPP Patch Number 6803)

Specially crafted PDF files could crash acroread. Attackers could exploit that to potentially execute arbitrary code. CVE-2009-3953 / CVE-2009-3954 / CVE-2009-3955 / CVE-2009-3956 / CVE-2009-3957 / CVE-2009-3958 / CVE-2009-3959 / CVE-2009-4324 Acrobat reader was updated to version 9.3 to fix thos...

CVE-2011-0020

Heap-based buffer overflow in the pangoft2fontrenderboxglyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code...

FreeBSD Ports: webkit-gtk2

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2011-0427

Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unspecified vectors...

CVE-2011-0270

Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in input data that involves an invalid template name...

Format string

Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in input data that involves an invalid template name...

WellinTech KingView 6.53 remote heap overflow vulnerability

Overview WellinTech KingView 6.53 contains a remote heap overflow vulnerability in the HistorySrv process which may allow a remote, unauthenticated attacker to execute arbitrary code. Description According to WellinTech's website: "King V iew software is a high-pormance production which can be us...