Heap overflow

Multiple stack-based and heap-based buffer overflows in Dafolo DafoloControl ActiveX control DafoloFFControl.dll 1.108.6.195 allow remote attackers to execute arbitrary code via long 1 baseurl, 2 kommune, 3 felter, 4 afdeling, 5 Flags, 6 HelpURL, 7 caburl, or 8 filename properties; or 9 a long...

CVE-2009-1612

BaoFeng Storm ActiveX control (MPS.StormPlayer.1 in mps.dll) is affected by a stack-based buffer overflow (CVE-2009-1612). Vulnerable component: mps.dll 3.9.4.27 and earlier; condition arises when an overly long string is passed to OnBeforeVideoDownload. Consequence: remote code execution by an a...

CVE-2009-1586

Stack-based buffer overflow in the NZB importer feature in GrabIt 1.7.2 Beta 3 and earlier allows remote attackers to execute arbitrary code via a crafted DTD reference in a DOCTYPE element in an NZB file...

CVE-2009-1577

Multiple stack-based buffer overflows in the putstring function in find.c in Cscope before 15.6 allow user-assisted remote attackers to execute arbitrary code via a long 1 function name or 2 symbol in a source-code file...

Stack overflow

Multiple stack-based buffer overflows in the putstring function in find.c in Cscope before 15.6 allow user-assisted remote attackers to execute arbitrary code via a long 1 function name or 2 symbol in a source-code file...

CVE-2009-1577

Multiple stack-based buffer overflows in the putstring function in find.c in Cscope before 15.6 allow user-assisted remote attackers to execute arbitrary code via a long 1 function name or 2 symbol in a source-code file...

Stack overflow

Stack-based buffer overflow in the IceWarpServer.APIObject ActiveX control in api.dll in IceWarp Merak Mail Server 9.4.1 might allow context-dependent attackers to execute arbitrary code via a large value in the second argument to the Base64FileEncode method, as possibly demonstrated by a web...

CVE-2009-1516

Stack-based buffer overflow in the IceWarpServer.APIObject ActiveX control in api.dll in IceWarp Merak Mail Server 9.4.1 might allow context-dependent attackers to execute arbitrary code via a large value in the second argument to the Base64FileEncode method, as possibly demonstrated by a web...

Stack overflow

Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 AMS2, as used in Symantec System Center SSS; Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus SAV Corporate Edition 9 before 9.0...

CVE-2009-1430

Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 AMS2, as used in Symantec System Center SSS; Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus SAV Corporate Edition 9 before 9.0...

CVE-2009-1437

Stack-based buffer overflow in PortableApps CoolPlayer Portable aka CoolPlayer+ Portable 2.19.6 and earlier allows remote attackers to execute arbitrary code via a long string in a malformed playlist .m3u file. NOTE: this may overlap CVE-2008-3408...

Icewarp Merak Mail Server 9.4.1 - Base64FileEncode() Buffer Overflow (PoC)

Icewarp Merak Mail Server 9.4.1 - Base64FileEncode Buffer Overflow PoC "cgi-fcgi" die"Launch from the merak php console!"; if !functionexists"icewarpapiobjectcall" die"You need the icewarp extension loaded!"; $shellcode= //original scode, alpha2 esp sh.txt...

Icewarp Merak Mail Server 9.4.1 - 'Base64FileEncode()' Buffer Overflow (PoC)

"cgi-fcgi" die"Launch from the merak php console!"; if !functionexists"icewarpapiobjectcall" die"You need the icewarp extension loaded!"; $shellcode= //original scode, alpha2 esp sh.txt "\xeb\x13\x5b\x31\xc0\x50\x31\xc0\x88\x43\x4a\x53". "\xbb\x0d\x25\x86\x7c". //WinExec, kernel32.dll XP SP3...

Mandriva Linux Security Advisory : emacs (MDVSA-2008:034)

The hack-local-variable function in Emacs 22 prior to version 22.2, when enable-local-variables is set to ':safe', did not properly search lists of unsafe or risky variables, which could allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file...

FreeBSD : xchat remotely exploitable buffer overflow (Socks5) (8338a20f-9573-11d8-9366-0020ed76ef5a)

A straightforward stack-based buffer overflow exists in XChat's Socks5 proxy support. The XChat developers report that tsifra' discovered this issue. NOTE: XChat Socks5 support is disabled by support in the FreeBSD Ports Collection. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Mandriva Linux Security Advisory : audacity (MDVSA-2009:055)

A vulnerability has been identified and corrected in audacity : Stack-based buffer overflow in the Stringparse::getnonspacequoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service crash and possibly...

FreeBSD : libpng stack-based buffer overflow and other code concerns (f9e3e60b-e650-11d8-9b0a-000347a4fa7d)

Chris Evans has discovered multiple vulnerabilities in libpng, which can be exploited by malicious people to compromise a vulnerable system or cause a DoS Denial of Service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

Mandriva Linux Security Advisory : audit (MDVSA-2008:083)

Joe Nall reported a stack-based buffer overflow in Audit's log handling that could allow remote attackers to execute arbitrary code via a long command argument CVE-2008-1628. The updated packages have been patched to correct this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Stack overflow

Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long filename...

Stack overflow

Stack-based buffer overflow in Elecard AVC HD Player allows remote attackers to execute arbitrary code via a long MP3 filename in a playlist .xpl file...