Stack overflow

Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overfl...

ProFTPD < 1.3.3c Multiple Vulnerabilities

The remote host is using ProFTPD, a free FTP server for Unix and Linux. According to its banner, the version of ProFTPD installed on the remote host is earlier than 1.3.3c. Such versions are reportedly affected by the following vulnerabilities : - When ProFTPD is compiled with 'modsitemisc' and a...

CVE-2010-4221

Multiple stack-based buffer overflows in the prnetiotelnetgets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a 1 FTP or 2 FTPS server...

CVE-2010-3040

Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent Contact Manager ICM before 7.0 allow remote attackers to execute arbitrary code via a long parameter in a 1 HandleUpgradeAll, 2 AgentUpgrade, 3 HandleQueryNodeInfoReq, or 4 HandleUpgradeTrace TCP packet, aka...

Stack overflow

Multiple stack-based buffer overflows in the prnetiotelnetgets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a 1 FTP or 2 FTPS server...

CVE-2010-3040

Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent Contact Manager ICM before 7.0 allow remote attackers to execute arbitrary code via a long parameter in a 1 HandleUpgradeAll, 2 AgentUpgrade, 3 HandleQueryNodeInfoReq, or 4 HandleUpgradeTrace TCP packet, aka...

Fedora 12 : gnome-xcf-thumbnailer-1.0-4.fc12 (2010-17041)

This update fixes potential stack-based buffer overflows that can allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted image that causes a conversion to a location 'above or to the left of the canvas.' Note that Tenable Network Security has...

Fedora 14 : gnome-xcf-thumbnailer-1.0-4.fc14 (2010-17035)

This update fixes potential stack-based buffer overflows that can allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted image that causes a conversion to a location 'above or to the left of the canvas.' Note that Tenable Network Security has...

Cisco ICM Setup Manager Agent.exe HandleUpgradeAll Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco ICM. Authentication is not required to exploit this vulnerability. The flaw exists within the Agent.exe component which listens by default on TCP port 40078. When processing the...

ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow

$Id: proftptelnetiac.rb 10900 2010-11-04 18:12:11Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

ProFTPD 1.3.2rc3 - 1.3.3b Telnet IAC Buffer Overflow (FreeBSD)

This module exploits a stack-based buffer overflow in versions of ProFTPD server between versions 1.3.2rc3 and 1.3.3b. By sending data containing a large number of Telnet IAC commands, an attacker can corrupt memory and execute arbitrary code. This module requires Metasploit:...

CVE-2010-4142

DATAC RealWin SCADA Server 2.0 (Build 6.1.8.10 and earlier) is affected by stack-based buffer overflows in SCPC_INITIALIZE, SCPC_INITIALIZE_RF, and SCPC_TXTEVENT handling. Exploitation could crash the service and, in some cases, allow remote arbitrary code execution. Known affected versions inclu...

CVE-2010-3655

Stack-based buffer overflow in dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code via unspecified vectors...

Stack overflow

Stack-based buffer overflow in the UpdateFrameTitleForDocument method in the CFrameWnd class in mfc42.dll in the Microsoft Foundation Class MFC Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7...

CVE-2010-3227

Stack-based buffer overflow in the UpdateFrameTitleForDocument method in the CFrameWnd class in mfc42.dll in the Microsoft Foundation Class MFC Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7...

Mandriva Update for mozilla-thunderbird MDVSA-2010:211 (mozilla-thunderbird)

Check for the Version of mozilla-thunderbird OpenVAS Vulnerability Test Mandriva Update for mozilla-thunderbird MDVSA-2010:211 mozilla-thunderbird Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

CVE-2010-4053

Stack-based buffer overflow in an unspecified logging function in oninit.exe in IBM Informix Dynamic Server IDS 11.10 before 11.10.xC2W2 and 11.50 before 11.50.xC1 allows remote authenticated users to execute arbitrary code via a crafted EXPLAIN directive, aka idsdb00154125 and idsdb00154243...

CVE-2010-4053

CVE-2010-4053 concerns IBM Informix Dynamic Server (IDS). The vulnerability is a stack-based overflow in a logging function inside oninit.exe, reported for IDS 11.10 (before 11.10.xC2W2) and 11.50 (before 11.50.xC1). Exploitation requires a crafted EXPLAIN directive and remote authenticated acces...

CVE-2010-3179

Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption an...

CVE-2010-3748

Stack-based buffer overflow in the RichFX component in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and RealPlayer Enterprise 2.1.2 allows remote attackers to have an unspecified impact via unknown vectors...