CVE-2008-2639

CVE-2008-2639 corresponds to a stack-based buffer overflow in the ODBC server service of CitectSCADA v6/v7 and CitectFacilities v7, exploitable remotely via the 20222/tcp ODBC port by sending a crafted second packet; vendor advisory CORE-2008-0125 confirms remote code execution as the impact. A p...

CVE-2008-2693

Stack-based buffer overflow in the BITIFF.BITiffCtrl.1 ActiveX control in BITiff.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via a long first argument to the SetByteOrder method...

CVE-2008-2693

Stack-based buffer overflow in the BITIFF.BITiffCtrl.1 ActiveX control in BITiff.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via a long first argument to the SetByteOrder method...

CVE-2008-2654

Off-by-one error in the readclient function in webhttpd.c in Motion 3.2.10 and earlier might allow remote attackers to execute arbitrary code via a long request to a Motion HTTP Control interface, which triggers a stack-based buffer overflow with some combinations of processor architecture and...

CVE-2008-2654

Off-by-one error in the readclient function in webhttpd.c in Motion 3.2.10 and earlier might allow remote attackers to execute arbitrary code via a long request to a Motion HTTP Control interface, which triggers a stack-based buffer overflow with some combinations of processor architecture and...

Stack overflow

Multiple stack-based buffer overflows in the BackWeb Lite Install Runner ActiveX control in the BackWeb Web Package ActiveX object in LiteInstActivator.dll in BackWeb before 8.1.1.87, as used in Logitech Desktop Manager LDM before 2.56, allow remote attackers to execute arbitrary code via...

CVE-2008-1444

CVE-2008-1444 is a DirectX SAMI Format Parsing Vulnerability affecting Microsoft DirectX 7.0 and 8.1 on Windows 2000 SP4. The issue is a stack-based buffer overflow in the SAMI file parser (Class Name parameter) that can enable remote code execution when a user opens a crafted SAMI file. OpenVAS ...

CVE-2008-1584

Stack-based buffer overflow in Indeo.qtx in Apple QuickTime before 7.5 allows remote attackers to cause a denial of service crash or execute arbitrary code via crafted Indeo video codec content in a movie file...

QuickTime < 7.5 Multiple Vulnerabilities (Windows)

The version of QuickTime installed on the remote Windows host is older than 7.5. Such versions contain several vulnerabilities : - There are two heap-based buffer overflows in QuickTime's handling of PICT image files that could result in a program crash or arbitrary code execution CVE-2008-1581 a...

QuickTime < 7.5 Multiple Vulnerabilities (Mac OS X)

The version of QuickTime installed on the remote Mac OS X host is older than 7.5. Such versions contain several vulnerabilities : - There is a heap-based buffer overflow in QuickTime's handling of PICT image files that could result in a program crash or arbitrary code execution CVE-2008-1583. -...

CVE-2008-2573

The CVE-2008-2573 issue affects freeSSHd 1.2.1, where a stack-based buffer overflow in SFTP can be triggered by a long directory name in an SSH_FXP_OPENDIR (opendir) request. Exploitation requires remote access with valid authentication and occurs over the network; successful exploitation could a...

CVE-2008-2573

Stack-based buffer overflow in SFTP in freeSSHd 1.2.1 allows remote authenticated users to execute arbitrary code via a long directory name in an SSHFXPOPENDIR aka opendir command...

Integer overflow

Integer overflow in Borland Interbase 2007 SP2 8.1.0.256 allows remote attackers to execute arbitrary code via a malformed packet to TCP port 3050, which triggers a stack-based buffer overflow. NOTE: this issue might be related to CVE-2008-0467...

CVE-2008-2559

CVE-2008-2559 concerns Borland Interbase 2007 SP2 (8.1.0.256). The issue is an integer/stack overflow triggered by a malformed packet sent to TCP port 3050, allowing remote attackers to execute arbitrary code with the service’s privileges. The vulnerability affects the InterBase server; CORE-2008...

CVE-2008-2559

Integer overflow in Borland Interbase 2007 SP2 8.1.0.256 allows remote attackers to execute arbitrary code via a malformed packet to TCP port 3050, which triggers a stack-based buffer overflow. NOTE: this issue might be related to CVE-2008-0467...

CVE-2008-2541

Multiple stack-based buffer overflows in the HTTP Gateway Service icihttp.exe in CA eTrust Secure Content Manager 8.0 allow remote attackers to execute arbitrary code or cause a denial of service via long FTP responses, related to 1 the file month field in a LIST command; 2 the PASV command; and ...

CVE-2008-2541

CA eTrust Secure Content Manager (SCM) HTTP Gateway Service (icihttp.exe) contains multiple stack-based buffer overflow vulnerabilities when handling FTP responses (LIST and PASV). CVE-2008-2541 allows remote, unauthenticated attackers to execute arbitrary code or cause DoS with SYSTEM privileges...

Stack overflow

Stack-based buffer overflow in msiexec.exe 3.1.4000.1823 and 4.5.6001.22159 in Microsoft Windows Installer allows context-dependent attackers to execute arbitrary code via a long GUID value for the /x aka /uninstall option. NOTE: this issue might cross privilege boundaries if msiexec.exe is...

CVE-2008-2548

Stack-based buffer overflow in the JPEG thumbprint component in the EXIF parser on Motorola cell phones with RAZR firmware allows user-assisted remote attackers to execute arbitrary code via an MMS transmission of a malformed JPEG image, which triggers memory corruption...

CVE-2008-2426

The CVE-2008-2426 issue affects Imlib2 (imlib2) 1.4.0, where two stack-based buffer overflows in image loaders can be triggered by specially crafted PNM or XPM images. The loader_pnm.c and loader_xpm.c paths are implicated, potentially causing a crash (DoS) or arbitrary code execution upon user-a...