CVE-2008-3159

This CVE affects Novell eDirectory: integer overflow in ds.dlm/dhost.exe (port 524) causing a stack-based buffer overflow that enables remote code execution. Affected versions are eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2. The flaw is linked to flawed arithmetic and can be ...

CVE-2008-3159

Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "flawed arithmetic."...

CVE-2008-3155

Stack-based buffer overflow in the ActiveX control as2guiie.dll in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service crash or execute arbitrary code via a long argument to the Update method...

CVE-2008-3148

Stack-based buffer overflow in 1 OllyDBG 1.10 and 2 ImpREC 1.7f allows user-assisted attackers to execute arbitrary code via a crafted DLL file that contains a long string...

CVE-2008-3024

Stack-based buffer overflow in phgrafx in QNX Momentics aka RTOS 6.3.2 and earlier allows local users to gain privileges via a long .pal filename in palette/...

CVE-2008-3024

CVE-2008-3024 describes a stack-based buffer overflow in the phgrafx component of QNX Momentics (RTOS) 6.3.2 and earlier. The overflow is triggered by a long *.pal filename in the palette/ path, allowing local users to gain privileges. The vulnerability is local and does not indicate network acce...

openSUSE 10 Security Update : mtr (mtr-5289)

This update fixes a stack based buffer overflow which could potentially be exploited by a remote attacker to execute arbitrary code CVE-2008-2357. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Upda...

SuSE 10 Security Update : mtr (ZYPP Patch Number 5291)

This update fixes a stack-based buffer overflow which could potentially be exploited by a remote attacker to execute arbitrary code. CVE-2008-2357 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

SuSE 10 Security Update : PHP5 (ZYPP Patch Number 5345)

This version upgrade php5 to 5.2.6 fixes several security vulnerabilities. - Fixed possible stack-based buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin. - Fixed integer overflow in printf identified by Maksymilian Aciemowicz. - Fixed security issue detailed in CVE-2008-0599...

CVE-2008-2828

CVE-2008-2828 describes a stack-based buffer overflow in tmsnc’s UBX payload handling. A crafted MSN UBX packet with a large payload length can trigger a overflow in core_net.c, potentially allowing remote code execution or crash (DoS). The vulnerability is triggered when UBX payload length excee...

Alt-N Technologies SecurityGateway Username Buffer Overflow (CVE-2008-4193)

The Alt-N Technologies SecurityGateway offers email security with a spam filter that serves as an Exchange or SMTP firewall. A stack-based buffer overflow vulnerability was reported in Alt-N Technologies SecurityGateway. The vulnerability is due to a boundary error in the SecurityGateway that fai...

CVE-2008-2745

Stack-based buffer overflow in BiAnno ActiveX Control BiAnno.ocx in Black Ice Software Annotation Plugin 10.95 allows remote attackers to execute arbitrary code via a long parameter to the AnnoSaveToTiff method...

CVE-2008-2639

Stack-based buffer overflow in the ODBC server service in Citect CitectSCADA 6 and 7, and CitectFacilities 7, allows remote attackers to execute arbitrary code via a long string in the second application packet in a TCP session on port 20222...

CVE-2008-2639

CVE-2008-2639 corresponds to a stack-based buffer overflow in the ODBC server service of CitectSCADA v6/v7 and CitectFacilities v7, exploitable remotely via the 20222/tcp ODBC port by sending a crafted second packet; vendor advisory CORE-2008-0125 confirms remote code execution as the impact. A p...

CVE-2008-2693

Stack-based buffer overflow in the BITIFF.BITiffCtrl.1 ActiveX control in BITiff.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via a long first argument to the SetByteOrder method...

CVE-2008-2693

Stack-based buffer overflow in the BITIFF.BITiffCtrl.1 ActiveX control in BITiff.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via a long first argument to the SetByteOrder method...

CVE-2008-2654

Off-by-one error in the readclient function in webhttpd.c in Motion 3.2.10 and earlier might allow remote attackers to execute arbitrary code via a long request to a Motion HTTP Control interface, which triggers a stack-based buffer overflow with some combinations of processor architecture and...

CVE-2008-2654

Off-by-one error in the readclient function in webhttpd.c in Motion 3.2.10 and earlier might allow remote attackers to execute arbitrary code via a long request to a Motion HTTP Control interface, which triggers a stack-based buffer overflow with some combinations of processor architecture and...

CVE-2008-1444

CVE-2008-1444 is a DirectX SAMI Format Parsing Vulnerability affecting Microsoft DirectX 7.0 and 8.1 on Windows 2000 SP4. The issue is a stack-based buffer overflow in the SAMI file parser (Class Name parameter) that can enable remote code execution when a user opens a crafted SAMI file. OpenVAS ...

CVE-2008-1584

Stack-based buffer overflow in Indeo.qtx in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service crash or execute arbitrary code via crafted Indeo video codec content in a movie file...