Fedora Core 5 : krb5-1.4.3-5.5 (2007-620)

This update incorporates fixes for a stack-based buffer overflow and heap corruption in the RPC library, and a fix for a potential stack-based buffer overflow in kadmind. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...

Fedora Core 6 : krb5-1.5-21.1 (2007-621)

This update incorporates fixes for a stack-based buffer overflow and heap corruption in the RPC library, and a fix for a potential stack-based buffer overflow in kadmind. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...

flack123 buffer overflow

Stack-based buffer overflow on Vorbis comments parsing...

Stack overflow

Stack-based buffer overflow in PCSoft WinDEV 11 01F110053p allows user-assisted remote attackers to execute arbitrary code via a long string in the "used DLL" field in a WDP project file...

CVE-2007-3479

Stack-based buffer overflow in PCSoft WinDEV 11 01F110053p allows user-assisted remote attackers to execute arbitrary code via a long string in the "used DLL" field in a WDP project file...

Mandrake Linux Security Advisory : krb5 (MDKSA-2007:137)

David Coffey discovered an uninitialized pointer free flaw in the RPC library used by kadmind. A remote unauthenticated attacker who could access kadmind could trigger the flaw causing kadmind to crash or possibly execute arbitrary code CVE-2007-2442. David Coffey also discovered an overflow flaw...

CVE-2007-2798

Stack-based buffer overflow in the renameprincipal2svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal...

CVE-2007-2798

Stack-based buffer overflow in the renameprincipal2svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal...

CVE-2003-1331

Stack-based buffer overflow in the mysqlrealconnect function in the MySql client library libmysqlclient 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453...

Stack overflow

Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows user-assisted remote attackers to execute arbitrary code via a crafted LZH archive, as exploited by malware such as Trojan.Lhdropper...

CVE-2007-3375

CVE-2007-3375: Lhaca File Archiver before 1.21 is affected by a stack-based buffer overflow in a crafted LZH archive, allowing user-assisted remote code execution. The vulnerability is exploited by malware such as Trojan.Lhdropper. Impact details indicate arbitrary code execution with user intera...

CVE-2007-3375

Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows user-assisted remote attackers to execute arbitrary code via a crafted LZH archive, as exploited by malware such as Trojan.Lhdropper...

CVE-2007-3314

Stack-based buffer overflow in peviewer.spl in Altap Servant Salamander 2.5 with Portable Executable Viewer 2.02 English Trial, and 2.0 with Portable Executable Viewer 1.00 English Trial, allows remote attackers to execute arbitrary code via a long PDB debug filename in a PE file...

CVE-2007-3210

Stack-based buffer overflow in nptoken.mox in the Cellosoft Tokens Object 2.0.0.6 extension for Vitalize! allows remote attackers to execute arbitrary code via a long string argument to the RemoveChr method. NOTE: the provenance of this information is unknown; the details are obtained solely from...

CVE-2007-3210

CVE-2007-3210 is a stack-based buffer overflow in nptoken.mox within the Cellosoft Tokens Object 2.0.0.6 extension for Vitalize!, enabling remote attackers to execute arbitrary code by sending a long string to the RemoveChr method. The NVD entry assigns a high base score (9.3, CVSS2.0) with netwo...

CVE-2007-3203

Stack-based buffer overflow in smtpdll.dll in the SMTP service in 602Pro LAN SUITE 2003 2003.0.03.0828 allows remote attackers to execute arbitrary code via an e-mail message with a long address. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

CVE-2007-2863

Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA formerly Computer Associates products allows remote attackers to execute arbitrary code via a long filename in a .CAB file...

CVE-2007-2863

CVE-2007-2863 is a stack-based buffer overflow in the CA Anti-Virus engine (and related CA products) caused by insufficient bounds checking on filenames in CAB archives. A remote attacker can trigger the overflow via a long filename in a CAB file, potentially executing arbitrary code. Affected pr...

CVE-2007-2514

Stack-based buffer overflow in XferWan.exe as used in multiple products including 1 Symantec Discovery 6.5, 2 Numara Asset Manager 8.0, and 3 Centennial UK Ltd Discovery 2006 Feature Pack, allows remote attackers to execute arbitrary code via a long request. NOTE: this might be a reservation...

CVE-2007-2514

CVE-2007-2514 is a stack-based buffer overflow in the CentennialXferWan service (XferWan.exe) used by Centennial Discovery 2006 Feature Pack, Symantec Discovery 6.5, and Numara Asset Manager 8.0. The overflow occurs when processing overly long strings in TCP requests, due to insufficient boundary...