CVE-2009-3663

Format string vulnerability in the hreadrequest function in http.c in httpdx Web Server 1.4 allows remote attackers to cause a denial of service crash or execute arbitrary code via format string specifiers in the Host header...

CVE-2009-3575

Buffer overflow in DHTRoutingTableDeserializer.cc in aria2 0.15.3, 1.2.0, and other versions allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors...

CVE-2009-3574

CVE-2009-3574 affects Tuniac 090517c. The vulnerability is triggered by a long File1 argument in a .pls playlist file, described as possibly causing a buffer overflow. Consequences cited include remote denial of service (crash) and potential arbitrary code execution. Connected sources (NVD and CV...

CVE-2009-3537

Multiple stack-based buffer overflows in EpicDJSoftware EpicDJ 1.3.9.1 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long string in a 1 .m3u or 2 .mpl playlist file...

Mandriva Linux Security Advisory : graphviz (MDVSA-2009:254-1)

A vulnerability was discovered and corrected in graphviz : Stack-based buffer overflow in the pushsubg function in parser.y lib/graph/parser.c in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service memory corruption or execute arbitra...

CVE-2009-3484

Stack-based buffer overflow in Core FTP 2.1 build 1612 allows user-assisted remote attackers to execute arbitrary code via a long hostname in an FTP server entry in a site backup file. NOTE: some of these details are obtained from third party information...

CVE-2009-3364

Stack-based buffer overflow in FTPShell Client 4.1 RC2 allows remote FTP servers to execute arbitrary code via a long response to a PASV command...

Remote file inclusion

PHP remote file inclusion vulnerability in pages/pageHeader.php in OpenSiteAdmin 0.9.7 BETA allows remote attackers to execute arbitrary PHP code via a URL in the path parameter, a different vector than CVE-2008-0648...

Mandriva Linux Security Advisory : freetype2 (MDVSA-2009:243-2)

Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in 1 smooth/ftsmooth.c, 2 sfnt/ttcmap.c, and 3 cff/cffload.c. This update corrects the problem. Update : Packages for 2008.0 are provided...

Design/Logic Flaw

The saveForwardAttachments procedure in the Compose Mail functionality in vtiger CRM 5.0.4 allows remote authenticated users to execute arbitrary code by composing an e-mail message with an attachment filename ending in 1 .php in installations based on certain Apache HTTP Server configurations, 2...

CVE-2009-3244

Heap-based buffer overflow in the SwDir.dll ActiveX control in Adobe Shockwave Player 11.5.1.601 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PlayerVersion property value...

Buffer overflow

Buffer overflow in the perfcopyattr function in kernel/perfcounter.c in the Linux kernel 2.6.31-rc1 allows local users to cause a denial of service crash and execute arbitrary code via a "big size data" to the perfcounteropen system call...

CVE-2008-7225

Heap-based buffer overflow in Foxit Remote Access Server aka WAC Server 2.0 Build 3503 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via long SSH packets, a different vulnerability than CVE-2008-0151...

CVE-2009-3169

Multiple unspecified vulnerabilities in Hitachi JP1/File Transmission Server/FTP before 09-00 allow remote attackers to execute arbitrary code via unknown attack vectors...

CVE-2009-3071

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

CVE-2008-7159

The silcasn1encoder function in lib/silcasn1/silcasn1encode.c in Secure Internet Live Conferencing SILC Toolkit before 1.1.8 allows remote attackers to overwrite a stack location and possibly execute arbitrary code via a crafted OID value, related to incorrect use of a %lu format string...

CVE-2009-3163

Multiple format string vulnerabilities in lib/silcclient/command.c in Secure Internet Live Conferencing SILC Toolkit before 1.1.10, and SILC Client 1.1.8 and earlier, allow remote attackers to execute arbitrary code via format string specifiers in a channel name, related to 1...

CVE-2009-3074

CVE-2009-3074 is associated with Mozilla Firefox’s JavaScript engine and is described in connected advisories as an unspecified vulnerability in the Firefox JavaScript engine prior to 3.0.14, enabling remote attackers to trigger memory corruption and crash the application or possibly execute arbi...

Memory corruption

Microsoft Windows Media Format Runtime 9.0, 9.5, and 11; and Microsoft Media Foundation on Windows Vista Gold, SP1, and SP2 and Server 2008; allows remote attackers to execute arbitrary code via an MP3 file with crafted metadata that triggers memory corruption, aka "Windows Media Playback Memory...

Pidgin MSN SLP Packets Denial Of Service Vulnerability (Windows)

This host has Pidgin installed and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodpidginmsnslpdosvulnwin.nasl 5122 2017-01-27 12:16:00Z teissa $ Pidgin MSN SLP Packets Denial Of Service Vulnerability Windows Authors: Nikita MR Copyright: Copyright c 2009 SecPod...