CVE-2006-4868

CVE-2006-4868: A stack-based buffer overflow in VGX.dll (VML processing) used by Microsoft Outlook and Internet Explorer on Windows XP SP2 enables remote code execution via a crafted VML rect tag with a long fill parameter. Affected: Internet Explorer/VML handling. Impact per sources: arbitrary c...

CVE-2006-4379

CVE-2006-4379 affects Ipswitch IMail Server (and related Ipswitch products) where the SMTP daemon is vulnerable to a stack-based buffer overflow via a long RCPT TO argument (between @ and :) that allows remote code execution. Public material across advisories and exploit references notes the issu...

Ipswitch IMail Server SMTP Service Crafted RCPT String Remote Overflow

The remote host is running Ipswitch Collaboration Suite / IMail Secure Server / IMail Server, commercial messaging and collaboration suites for Windows. According to its banner, the version of Ipswitch Collaboration Suite / IMail Secure Server / IMail Server installed on the remote host has a...

CVE-2006-4359

The CVE-2006-4359 entry describes a stack-based buffer overflow in Trident Software PowerZip 7.06 Build 3895 affecting Windows 2000. The vulnerability arises from processing a ZIP archive containing a long filename, enabling remote code execution. Documents explicitly state the affected product/v...

CVE-2006-4326

Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before 20060818 allows remote attackers to execute arbitrary code via long Unicode strings in a crafted document, as being actively exploited by...

CVE-2006-4221

Stack-based buffer overflow in the IBM Access Support eGatherer ActiveX control before 3.20.0284.0 allows remote attackers to execute arbitrary code via a long filename parameter to the RunEgatherer method...

CVE-2006-4116

Multiple stack-based buffer overflows in Lhaz before 1.32 allow user-assisted attackers to execute arbitrary code via a long filename in 1 an LHZ archive, when saving the filename during extraction; and 2 an LHZ archive with an invalid CRC checksum, when constructing an error message...

CVE-2006-4116

Multiple stack-based buffer overflows in Lhaz before 1.32 allow user-assisted attackers to execute arbitrary code via a long filename in 1 an LHZ archive, when saving the filename during extraction; and 2 an LHZ archive with an invalid CRC checksum, when constructing an error message...

CVE-2006-4046

Multiple stack-based buffer overflows in Open Cubic Player 2.6.0pre6 and earlier for Windows, and 0.1.10rc5 and earlier on Linux/BSD, allow remote attackers to execute arbitrary code via 1 a large .S3M file handled by the mpLoadS3M function, 2 a crafted .IT file handled by the...

CVE-2006-4029

AGEphone 1.24 and 1.38.1 are affected by a stack-based buffer overflow in sipd.dll that can be triggered by a crafted UDP SIP packet. This vulnerability allows remote attackers to execute arbitrary code. Affected component: sipd.dll within AGEphone. Root cause: stack-based overflow in the SIP pac...

CVE-2006-3985

CVE-2006-3985 affects ConeXware PowerArchiver 9.62.03 via DZIPS32.DLL 6.0.0.4, where a stack-based buffer overflow occurs when a crafted ZIP archive containing a long-named file is processed. This allows a user‑assisted attacker to execute arbitrary code. The connected records confirm the vulnera...

CVE-2006-3459

Multiple stack-based buffer overflows in the TIFF library libtiff before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdircount value in the...

CVE-2006-3952

Stack-based buffer overflow in EFS Software Easy File Sharing FTP Server 2.0 allows remote attackers to execute arbitrary code via a long argument to the PASS command. NOTE: the provenance of this information is unknown; the details are obtained from third party information...

CVE-2006-3943

Stack-based buffer overflow in NDFXArtEffects in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service crash via long 1 RGBExtraColor, 2 RGBForeColor, and 3 RGBBackColor properties...

CVE-2006-3925

Stack-based buffer overflow in ITIRecorder.MicRecorder ActiveX control in iarecord.dll in InterActual Player before 2.6 allows remote attackers to execute arbitrary code via a long argument to the Files method. NOTE: the provenance of this information is unknown; the details are obtained from thi...

CVE-2006-3350

Stack-based buffer overflow in AutoVue SolidModel Professional Desktop Edition 19.1 Build 5993 allows user-assisted remote attackers to execute arbitrary code via a long filename in a 1 ARJ, 2 RAR, or 3 ZIP archive...

[Full-disclosure] ZDI-06-024: eIQNetworks Enterprise Security Analyzer License Manager Buffer Overflow Vulnerability

ZDI-06-024: eIQnetworks Enterprise Security Analyzer License Manager Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-024.html July 25, 2006 -- CVE ID: CVE-2006-3838 -- Affected Vendor: eIQnetworks -- Affected Products: eIQnetworks Enterprise Security Analyzer Asta...

[SA20852] AutoVue SolidModel Professional Buffer Overflow Vulnerability

---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation...

CVE-2006-3845

CVE-2006-3845 corresponds to a stack-based buffer overflow in WinRAR’s LHA handling (lzh.fmt) that affects WinRAR 3.00 through 3.60 beta 6. The issue occurs when processing LHA archives with a long filename, potentially allowing remote attackers to execute arbitrary code on the affected host. The...

CVE-2006-3845

Stack-based buffer overflow in lzh.fmt in WinRAR 3.00 through 3.60 beta 6 allows remote attackers to execute arbitrary code via a long filename in a LHA archive...