Buffer overflow

Buffer overflow in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified variables to jovgraph.exe, which are not properly handled in a call to the sprintf function...

HP OpenView NNM getnnmdata.exe CGI Invalid MaxAge Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getnnmdata.exe CGI. If this CGI is requested with an invalid MaxAge...

HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getnnmdata.exe CGI. If this CGI is requested with an invalid iCount POST...

WebEx UCF atucfobj.dll ActiveX NewObject Method Buffer Overflow

This module exploits a stack-based buffer overflow in WebEx's WebexUCFObject ActiveX Control. If a long string is passed to the 'NewObject' method, a stack- based buffer overflow will occur when copying attacker-supplied data using the sprintf function. It is noteworthy that this vulnerability wa...

Ultra Shareware Office Control ActiveX HttpUpload Buffer Overflow

This module exploits a stack-based buffer overflow in Ultra Shareware's Office Control. When processing the 'HttpUpload' method, the arguments are concatenated together to form a command line to run a bundled version of cURL. If the command fails to run, a stack-based buffer overflow occurs when...

Debian DSA-1979-1 : lintian - multiple vulnerabilities

Multiple vulnerabilities have been discovered in lintian, a Debian package checker. The following Common Vulnerabilities and Exposures project ids have been assigned to identify them : - CVE-2009-4013: missing control files sanitation Control field names and values were not sanitised before using...

PHP php_sprintf_appendstring 函数存在整形溢出

No description provided by source...

CVE-2008-7174

Multiple buffer overflows in the Jura Internet Connection Kit for the Jura Impressa F90 coffee maker allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via unspecified vectors related to improper use of the gets and sprintf functions...

Cscope Multiple Buffer Overflow vulnerability

This host has installed Cscope and is prone to Multiple Buffer Overflow vulnerability. OpenVAS Vulnerability Test $Id: gbcscopemultbofvuln.nasl 4865 2016-12-28 16:16:43Z teissa $ Cscope Multiple Buffer Overflow Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbone Networks GmbH...

Cscope < 15.7a Multiple Buffer Overflow Vulnerabilities

This host has installed Cscope and is prone to multiple buffer overflow vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Cscope sprintf()调用栈溢出漏洞

BUGTRAQ ID: 34805 CVECAN ID: CVE-2009-0148 Cscope是开发人员用于查看源码的工具。 Cscope的sprintf调用中存在多个栈溢出漏洞。如果用户受骗查看了特制的文件或目录并使用超长的路径名称或源码字符串调用了有漏洞函数的话，就可能触发这个溢出，导致拒绝服务或执行任意代码。 Cscope 15.7a Cscope ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Thunder local overflow POC-the exploit-warning-the black bar safety net

By:mad DogB. C. T Previously been in the pass thunder and 0day, the Activex should be almost, but also not neglect, or uninstall it, today the abundance of the initial issuance to a URL, the original pixel a Thunderbolt 0day, see the instructions or remotely! Feel a, look at that vulnerability...

xine-lib NES Sound Format Demuxer Buffer Overflow

Hi there Original advisory: http://milw0rm.com/exploits/5458 There's another stack-based buffer overflow in demuxnfs.c line 111: this-copyright = strdup&header0x4E; line 189: char copyright100; line 208: sprintfcopyright, "C s", this-copyright; Regards Laurent Gaffi...

Firebird process_packet() Remote Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Firebird SQL server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the database service fbserver.exe, which binds to TCP port 3050. When processing a...

Format string in The Dawn of Time 1.69s beta4

Luigi Auriemma Application: The Dawn of Time http://www.dawnoftime.org Versions: = 1.69s beta4 and 1.69r too Platforms: nix and Windows Bug: format string in web server authorization Exploitation: remote Date: 05 Oct 2007 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1...

EMC Legato Networker Remote Exec Service Stack Overflow Vulnerabilities

These vulnerabilities allow remote attackers to execute arbitrary code on vulnerable installations of EMC Networker. Authentication is not required to exploit this vulnerability. The specific flaws exist in the Networker Remote Exec Service, nsrexecd.exe. The location of this service is available...

Stack overflow

Stack-based buffer overflow in the giomgr process in ESRI ArcSDE service 9.2, as used with ArcGIS, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large number that requires more than 8 bytes to represent in ASCII, which triggers the overflow i...

CVE-2007-4278

Stack-based buffer overflow in the giomgr process in ESRI ArcSDE service 9.2, as used with ArcGIS, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large number that requires more than 8 bytes to represent in ASCII, which triggers the overflow i...

PT-2007-5469 · Esri · Esri Arcsde

Name of the Vulnerable Software and Affected Versions: ESRI ArcSDE service version 9.2 Description: The issue allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large number that requires more than 8 bytes to represent in ASCII. This triggers the...

Buffer overflow

Multiple unspecified vulnerabilities in Free-SA before 1.2.2 allow remote attackers to execute arbitrary code via unspecified vectors involving certain 1 sprintf and 2 vsprintf calls in a rindex.c, b rreports.c, c rtopsites.c, d rtopuser.c, e rtypical.c, f ruserdatetime.c, and g rusers.c in...