CVE-2008-2080

Stack-based buffer overflow in the Read32s64 function in src/lib/cdfread64.c in the NASA Goddard Space Flight Center Common Data Format CDF library before 3.2.1 allows context-dependent attackers to execute arbitrary code via a .cdf file with crafted length tags...

[SECURITY] [DSA 1567-1] New blender packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1567-1 [email protected] http://www.debian.org/security/ Devin Carraway May 05, 2008 http://www.debian.org/security/faq -...

PHP < 5.2.6 Multiple Vulnerabilities

According to its banner, the version of PHP installed on the remote host is older than 5.2.6. Such versions may be affected by the following issues : - A stack-based buffer overflow in FastCGI SAPI. - An integer overflow in printf. - An security issue arising from improper calculation of the leng...

CVE-2008-2040

Stack-based buffer overflow in the HTTP::getAuthUserPass function core/common/http.cpp in Peercast 0.1218 and gnome-peercast allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a Basic Authentication string with a long 1 username or 2 password...

CVE-2008-1994

Multiple stack-based buffer overflows in a acon.c, b menu.c, and c child.c in Acon 1.0.5-5 through 1.0.5-7 allow local users to execute arbitrary code via 1 a long HOME environment variable or 2 a large number of terminal columns...

CVE-2008-1964

Stack-based buffer overflow in the demuxnsfsendheaders function in src/demuxers/demuxnsf.c in xine-lib allows remote attackers to have an unknown impact via a long copyright field in an NSF header in an NES Sound file, a different issue than CVE-2008-1878. NOTE: a third party claims that the...

Stack overflow

Stack-based buffer overflow in the getremotevideoportmedia function in call.cpp in SIPp 3.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted SIP message. NOTE: some of these details are obtained from third party information...

CVE-2008-1964

CVE-2008-1964 describes a stack-based buffer overflow in the demux_nsf_send_headers function of xine-lib (src/demuxers/demux_nsf.c) triggered by a long copyright field in an NSF header within NES Sound files. The issue is remote in nature with potential partial impacts to confidentiality, integri...

CVE-2008-1959

CVE-2008-1959: SIPp 3.0 contains a stack-based buffer overflow in get_remote_video_port_media (call.cpp) that can be triggered by a crafted SIP message, leading to denial of service and possible remote code execution. The Red Hat and Fedora advisories confirm the issue and note updates for sipp p...

xine-lib NES Sound Format Demuxer Buffer Overflow

Hi there Original advisory: http://milw0rm.com/exploits/5458 There's another stack-based buffer overflow in demuxnfs.c line 111: this-copyright = strdup&header0x4E; line 189: char copyright100; line 208: sprintfcopyright, "C s", this-copyright; Regards Laurent Gaffi...

CVE-2008-1914

Stack-based buffer overflow in the AntServer module AntServer.exe in BigAnt IM Server in BigAnt Messenger 2.2 allows remote attackers to execute arbitrary code via a long URI in a request to TCP port 6080. NOTE: some of these details are obtained from third party information...

Stack overflow

Stack-based buffer overflow in the AntServer module AntServer.exe in BigAnt IM Server in BigAnt Messenger 2.2 allows remote attackers to execute arbitrary code via a long URI in a request to TCP port 6080. NOTE: some of these details are obtained from third party information...

CVE-2008-1910

Stack-based buffer overflow in the database service ibserver.exe in Borland InterBase 2007 SP2 allows remote attackers to execute arbitrary code via a malformed opcode 0x52 request to TCP port 3050. NOTE: this might overlap CVE-2007-5243 or CVE-2007-5244...

CVE-2008-1914

Stack-based buffer overflow in the AntServer module AntServer.exe in BigAnt IM Server in BigAnt Messenger 2.2 allows remote attackers to execute arbitrary code via a long URI in a request to TCP port 6080. NOTE: some of these details are obtained from third party information...

CVE-2008-1910

CVE-2008-1910 describes a stack-based buffer overflow in Borland InterBase 2007 SP2’s database server (ibserver.exe) that can be triggered remotely by sending a malformed opcode 0x52 to TCP port 3050. This vulnerability allows arbitrary code execution and is noted as potentially overlapping CVE-2...

CVE-2008-1102

Blender 2.45 is affected by a stack-based buffer overflow in the imb_loadhdr function triggered by a crafted Radiance RGBE image inside a .blend file, enabling user-assisted remote code execution. The issue stems from improper handling of Radiance RGBE data, as described for CVE-2008-1102, and is...

CVE-2008-1102

Stack-based buffer overflow in the imbloadhdr function in Blender 2.45 allows user-assisted remote attackers to execute arbitrary code via a .blend file that contains a crafted Radiance RGBE image...

CVE-2008-1881

Stack-based buffer overflow in the ParseSSA function modules/demux/subtitle.c in VLC 0.8.6e allows remote attackers to execute arbitrary code via a long subtitle in an SSA file. NOTE: this issue is due to an incomplete fix for CVE-2007-6681...

CVE-2008-1881

VLC 0.8.6e contains a stack-based buffer overflow in ParseSSA (modules/demux/subtitle.c) that can be triggered by a long SSA subtitle, allowing remote code execution. This CVE is CVE-2008-1881; related OpenVAS and Debian advisories document the issue as a real vulnerability and note Debian/ Gento...

CVE-2008-1881

Stack-based buffer overflow in the ParseSSA function modules/demux/subtitle.c in VLC 0.8.6e allows remote attackers to execute arbitrary code via a long subtitle in an SSA file. NOTE: this issue is due to an incomplete fix for CVE-2007-6681...