Edraw Office Viewer Component 7.4 - ActiveX Stack Buffer Overflow

Edraw Office Viewer Component 7.4 - ActiveX Stack Buffer Overflow function heapspray //exec calc.exe var shellcode = unescape "%u9090%u9090%u9090%u9090" ; shellcode += unescape...

Microsoft Office Excel Axis and Art Object Parsing RCE Vulnerabilities

Microsoft Office Excel is prone to multiple remote code execution RCE vulnerabilities. This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.902410. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and...

CesarFTP 0.99g - 'MKD' Remote Buffer Overflow (Metasploit) (2)

$Id: cesarftpmkd.rb 11799 2011-02-23 00:58:54Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

ZDI-11-087: Novell iPrint LPD Remote Code Execution Vulnerability

ZDI-11-087: Novell iPrint LPD Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-087 February 16, 2011 -- CVE ID: CVE-2010-4328 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Novell -- Affected Products: Novell iPrint -- TippingPointTM IPS Customer...

Symantec Alert Management System pagehndl.dll Stack Buffer Overflow (CVE-2010-0110)

Symantec Alert management System 2 AMS2 is a package used by various Symantec solutions such as System Center, AntiVirus Server, and AntiVirus Central Quarantine Server. AMS2 starts multiple services on the system that run with System account privileges, by default. A stack buffer overflow...

Microsoft Server Service - NetpwPathCanonicalize Overflow (MS06-040) (Metasploit)

$Id: ms06040netapi.rb 11762 2011-02-17 03:56:15Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

Novell iPrint LPD Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Server. Authentication is not required to exploit this vulnerability. The flaw exists within the '/opt/novell/iprint/bin/ipsmd' component this component communicates with 'ilprsrvd'...

Microsoft Windows CreateSizeDIBSECTION Stack Buffer Overflow

$Id: ms11006createsizeddibsection.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Microsoft Windows - CreateSizedDIBSECTION Stack Buffer Overflow (MS11-006) (Metasploit)

$Id: ms11006createsizeddibsection.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

HP Photo Creative audio.Record ActiveX Stack Buffer Overflow

HP Photo Creative is free software offered by HP. It allows users to create photo books, calendars, and collages which can be printed or shipped to the user. A buffer overflow vulnerability has been reported in HP Photo Creative ActiveX control. The vulnerability is due to a boundary error in...

IBM Lotus Domino iCalendar Meeting Request Parsing Remote Stack Buffer Overflow Vulnerability

IBM Lotus Domino is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

(0Day) IBM Lotus Domino Calendar Request Attachment Name Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NRouter service while transporting malformed e-mails. The vulnerable...

(0Day) IBM Lotus Domino iCalendar Meeting Request Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nrouter.exe service while processing a malformed calendar meeting...

BMC Perform Agent Service Daemon BGS_MULTIPLE_READS Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of BMC Perform Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the service daemon which listens by default on TCP port 6768. When processing the...

IBM DB2 db2dasrrm validateUser Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM DB2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the db2dasrrm process responsible for handling queries to the com.ibm.db2.das.core.DasSysCmd...

Symantec AMS Intel Alert Handler Pin Number Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Alert Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the pagehndl.dll module while processing data sent from the msgsys.ex...

CVE-2011-0495

CVE-2011-0495 affects Asterisk Open Source prior to the fixed versions listed in multiple advisories. The issue is a stack-based buffer overflow in ast_uri_encode in main/utils.c that can be triggered by crafted caller ID data and exploited via (1) SIP channel driver, (2) URIENCODE dialplan funct...

FreeBSD : asterisk -- Exploitable Stack Buffer Overflow (5ab9fb2a-23a5-11e0-a835-0003ba02bf30)

The Asterisk Development Team reports : The releases of Asterisk 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.2, 1.8.1.2, and 1.8.2.1 resolve an issue when forming an outgoing SIP request while in pedantic mode, which can cause a stack buffer to be made to overflow if supplied with carefull...

HP OpenView Network Node Manager nnmRptConfig.exe nameParams text1 Buffer Overflow

Added: 01/20/2011 CVE: CVE-2011-0268 BID: 45762 OSVDB: 70473 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability allows remote attackers to execute arbitrary commands by requesting the...

Citrix Provisioning Services streamprocess.exe Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Citrix Provisioning Services. Authentication is not required to exploit this vulnerability. The specific flaw exists within the streamprocess.exe component which listens by default on UDP port 6095...