Stack overflow

Stack-based buffer overflow in AIMP 2.51 build 330 allows remote attackers to execute arbitrary code via an MP3 file with a long ID3 tag...

CVE-2009-1944

Stack-based buffer overflow in AIMP 2.51 build 330 allows remote attackers to execute arbitrary code via an MP3 file with a long ID3 tag...

CVE-2009-1943

Stack-based buffer overflow in the IKE service ireIke.exe in SafeNet SoftRemote before 10.8.6 allows remote attackers to execute arbitrary code via a long request to UDP port 62514...

CVE-2009-1943

CVE-2009-1943 pertains to SafeNet SoftRemote: the IKE service (ireIKE.exe) on affected versions up to 10.8.5 (pre-10.8.6) is vulnerable to a stack-based buffer overflow triggered by a crafted UDP payload to port 62514, allowing remote code execution. The vulnerability is widely cited across multi...

CVE-2009-1915

Stack-based buffer overflow in the URL Search Hook ICQToolBar.dll in ICQ 6.5 allows remote attackers to cause a denial of service persistent crash and possibly execute arbitrary code via an Internet shortcut .URL file containing a long URL parameter, which triggers a crash when browsing a folder...

EUVD-2009-1910

Stack-based buffer overflow in the URL Search Hook ICQToolBar.dll in ICQ 6.5 allows remote attackers to cause a denial of service persistent crash and possibly execute arbitrary code via an Internet shortcut .URL file containing a long URL parameter, which triggers a crash when browsing a folder...

Apple iTunes 'itms:' URI Stack Buffer Overflow Vulnerability (HT3592)

Apple iTunes is prone to a stack based buffer overflow vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

pidgin -- multiple vulnerabilities

Secunia reports: Some vulnerabilities and weaknesses have been reported in Pidgin, which can be exploited by malicious people to cause a DoS or to potentially compromise a user's system. A truncation error in the processing of MSN SLP messages can be exploited to cause a buffer overflow. A bounda...

CVE-2009-1800

Stack-based buffer overflow in the Chinagames CGAgent ActiveX control 1.x in CGAgent.dll, as distributed in Chinagames iGame 2009, allows remote attackers to execute arbitrary code via a long argument to the CreateChinagames method, as exploited in the wild in April and May 2009. NOTE: some of...

FreeBSD : ntp -- stack-based buffer overflow (4175c811-f690-4898-87c5-755b3cf1bac6)

US-CERT reports : ntpd contains a stack-based buffer overflow which may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system or create a denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plug...

NSD packet.c Off-By-One Remote Overflow

According to its self-reported version number, the version of NSD running on the remote host has a stack-based buffer overflow vulnerability. This could allow a remote attacker to overwrite one byte in memory, leading to a denial of service. It is possible, but unlikely, that this vulnerability...

CVE-2009-1252

Stack-based buffer overflow in the cryptorecv function in ntpcrypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field...

CVE-2009-1252

CVE-2009-1252 describes a stack-based buffer overflow in ntpd’s ntp_crypto.c (function crypto_recv) when autokey is enabled. A crafted NTP extension-field packet can remote-execute code. Affected: NTP daemon (ntpd) before 4.2.4p7 and 4.2.5 before 4.2.5p74 with OpenSSL/autokey enabled. Impact per ...

CVE-2009-1667

CVE-2009-1667 is a stack-based buffer overflow in Mini-stream CastRipper 2.50.70. The vulnerability allows remote code execution when a long entry is present in a .m3u playlist, a vector distinct from CVE-2009-5137. Affected software: Mini-stream CastRipper 2.50.70. Impact: attacker can run arbit...

CVE-2009-1675

CVE-2009-1675 is tied to ElectraSoft 32bit FTP 09.04.24, where a stack-based buffer overflow occurs when handling a long 227 reply to PASV. The vulnerability allows a remote FTP server to execute arbitrary code on the client system, with high impact (confidentiality, integrity, and availability p...

CVE-2009-1674

CVE-2009-1674 describes a stack-based buffer overflow in Microchip MPLAB IDE 8.30. The vulnerability can allow user-assisted remote attackers to execute arbitrary code via a long .cof pathname in a [TOOL_SETTINGS] section of a .mcp file, potentially related to CVE-2009-1608. The connected records...

CVE-2009-1643

Stack-based buffer overflow in Sorinara Soritong MP3 Player 1.0 allows remote attackers to execute arbitrary code via a crafted .m3u file...

CVE-2009-1644

Sorinara Streaming Audio Player 0.9 is affected by a stack-based overflow in a crafted .pla file, enabling remote arbitrary-code execution. The vulnerability is triggered via specially crafted input, with a CVSSv2 base score of 9.3 (HIGH) and a network attack vector, no authentication required, a...

CVE-2009-0150

Stack-based buffer overflow in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service application crash by attempting to mount a crafted sparse disk image...

CVE-2009-0227

Stack-based buffer overflow in the PowerPoint 4.2 conversion filter PP4X32.DLL in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via a large number of structures in sound data in a file that uses a PowerPoint 4.0 native file format,...