CVE-2009-1800

Stack-based buffer overflow in the Chinagames CGAgent ActiveX control 1.x in CGAgent.dll, as distributed in Chinagames iGame 2009, allows remote attackers to execute arbitrary code via a long argument to the CreateChinagames method, as exploited in the wild in April and May 2009. NOTE: some of...

FreeBSD : ntp -- stack-based buffer overflow (4175c811-f690-4898-87c5-755b3cf1bac6)

US-CERT reports : ntpd contains a stack-based buffer overflow which may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system or create a denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plug...

NSD packet.c Off-By-One Remote Overflow

According to its self-reported version number, the version of NSD running on the remote host has a stack-based buffer overflow vulnerability. This could allow a remote attacker to overwrite one byte in memory, leading to a denial of service. It is possible, but unlikely, that this vulnerability...

CVE-2009-1252

Stack-based buffer overflow in the cryptorecv function in ntpcrypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field...

CVE-2009-1252

CVE-2009-1252 describes a stack-based buffer overflow in ntpd’s ntp_crypto.c (function crypto_recv) when autokey is enabled. A crafted NTP extension-field packet can remote-execute code. Affected: NTP daemon (ntpd) before 4.2.4p7 and 4.2.5 before 4.2.5p74 with OpenSSL/autokey enabled. Impact per ...

CVE-2009-1667

CVE-2009-1667 is a stack-based buffer overflow in Mini-stream CastRipper 2.50.70. The vulnerability allows remote code execution when a long entry is present in a .m3u playlist, a vector distinct from CVE-2009-5137. Affected software: Mini-stream CastRipper 2.50.70. Impact: attacker can run arbit...

CVE-2009-1675

CVE-2009-1675 is tied to ElectraSoft 32bit FTP 09.04.24, where a stack-based buffer overflow occurs when handling a long 227 reply to PASV. The vulnerability allows a remote FTP server to execute arbitrary code on the client system, with high impact (confidentiality, integrity, and availability p...

CVE-2009-1674

CVE-2009-1674 describes a stack-based buffer overflow in Microchip MPLAB IDE 8.30. The vulnerability can allow user-assisted remote attackers to execute arbitrary code via a long .cof pathname in a [TOOL_SETTINGS] section of a .mcp file, potentially related to CVE-2009-1608. The connected records...

CVE-2009-1643

Stack-based buffer overflow in Sorinara Soritong MP3 Player 1.0 allows remote attackers to execute arbitrary code via a crafted .m3u file...

CVE-2009-1642

Multiple stack-based buffer overflows in Mini-stream ASX to MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via 1 a long rtsp URL in a .ram file and 2 a long string in the HREF attribute of a REF element in a .asx file. NOTE: the latter was also subsequently reported in...

CVE-2009-1644

Sorinara Streaming Audio Player 0.9 is affected by a stack-based overflow in a crafted .pla file, enabling remote arbitrary-code execution. The vulnerability is triggered via specially crafted input, with a CVSSv2 base score of 9.3 (HIGH) and a network attack vector, no authentication required, a...

CVE-2009-0150

Stack-based buffer overflow in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service application crash by attempting to mount a crafted sparse disk image...

CVE-2009-0227

Stack-based buffer overflow in the PowerPoint 4.2 conversion filter PP4X32.DLL in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via a large number of structures in sound data in a file that uses a PowerPoint 4.0 native file format,...

CVE-2009-0226

Stack-based buffer overflow in the PowerPoint 4.2 conversion filter in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via a long string in sound data in a file that uses a PowerPoint 4.0 native file format, leading to memory...

Stack overflow

Multiple stack-based buffer overflows in the PowerPoint 95 importer PP7X32.DLL in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allow remote attackers to execute arbitrary code via an inconsistent record length in sound data in a file that uses a PowerPoint 95 PPT95 native file...

CVE-2009-0226

Stack-based buffer overflow in the PowerPoint 4.2 conversion filter in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via a long string in sound data in a file that uses a PowerPoint 4.0 native file format, leading to memory...

CVE-2009-0227

Stack-based buffer overflow in the PowerPoint 4.2 conversion filter PP4X32.DLL in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via a large number of structures in sound data in a file that uses a PowerPoint 4.0 native file format,...

CVE-2009-1627

Stack-based buffer overflow in Streaming Download Project SDP Downloader 2.3.0 allows remote attackers to execute arbitrary code via a long .asf URL in the HREF attribute of a REF element in a .asx file...

CVE-2009-1612

Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control in mps.dll 3.9.4.27 in Baofeng Storm allows remote attackers to execute arbitrary code via a long argument to the OnBeforeVideoDownload method, as exploited in the wild in April and May 2009. NOTE: some of these details are...

CVE-2009-1612

BaoFeng Storm ActiveX control (MPS.StormPlayer.1 in mps.dll) is affected by a stack-based buffer overflow (CVE-2009-1612). Vulnerable component: mps.dll 3.9.4.27 and earlier; condition arises when an overly long string is passed to OnBeforeVideoDownload. Consequence: remote code execution by an a...