CVE-2007-5155

IceGUI.DLL in ICEOWS 4.20b is affected. The vulnerability occurs when a function is invoked with incorrect arguments, allowing user-assisted remote attackers to execute arbitrary code via a long filename in the header of an ACE archive, which triggers a stack-based buffer overflow.

CVE-2007-5107

Stack-based buffer overflow in the AskJeevesToolBar.SettingsPlugin.1 ActiveX control in askBar.dll in IAC Search & Media ask.com Ask Toolbar 4.0.2.53 and earlier allows remote attackers to execute arbitrary code via a long ShortFormat property value. NOTE: some of these details are obtained from...

CentOS 4 : nfs-utils-lib (CESA-2007:0913)

An updated nfs-utils-lib package to correct a security flaw is now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. The nfs-utils-lib package contains support libraries that are needed by the commands a...

EEYE: Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops

Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops Release Date: September 20, 2007 Date Reported: June 5, 2007 Severity: High Remote Code Execution Vendor: Computer Associates CA Systems Affected: CA ARCserve Backup for Laptops and Desktops r11.5 CA ARCserve Backup for Laptops and...

CVE-2003-1339

Stack-based buffer overflow in eZnet.exe, as used in eZ a eZphotoshare, b eZmeeting, c eZnetwork, and d eZshare allows remote attackers to cause a denial of service crash or execute arbitrary code, as demonstrated via 1 a long GET request and 2 a long operation or autologin parameter to...

Integer overflow

Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528...

CVE-2007-0062

Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 befor...

Security fix for the ALT Linux 6 package eggdrop version 1.6.18-alt2

Sept. 20, 2007 Vladimir V Kamarzin 1.6.18-alt2 - Security fix: CVE-2007-2807: Stack-based buffer overflow in mod/server.mod/servrmsg.c - Recode README.ALT to utf8 and update it - Create pseudouser on %pre stage - Install config to /var/lib/eggdrop - Load module blowfish by default - Change defaul...

Stack overflow

Multiple stack-based buffer overflows in the PhotoChannel Networks PNI Digital Media Photo Upload Plugin ActiveX control before 2.0.0.10, as used by multiple retailers, allow remote attackers to execute arbitrary code via unspecified vectors...

CVE-2007-0326

Multiple stack-based buffer overflows in the PhotoChannel Networks PNI Digital Media Photo Upload Plugin ActiveX control before 2.0.0.10, as used by multiple retailers, allow remote attackers to execute arbitrary code via unspecified vectors...

Intuit QuickBooks Online Edition < 10 ActiveX Multiple Vulnerabilities

The remote host contains an Active control associated with QuickBooks Online Edition, a variant of Intuit QuickBooks implemented as an ActiveX control. The version of this control on the remote host reportedly is affected by multiple and as-yet unspecified stack-based buffer overflows that could...

iDefense Security Advisory 09.11.07: Microsoft Windows 2000 Agent URL Canonicalizing Stack Based Buffer Overflow Vulnerability

Microsoft Windows 2000 Agent URL Canonicalizing Stack Based Buffer Overflow Vulnerability iDefense Security Advisory 09.11.07 http://labs.idefense.com/intelligence/vulnerabilities/ Sep 11, 2007 I. BACKGROUND Microsoft Agent allows websites and programs to display animated characters that speak an...

Stack overflow

Stack-based buffer overflow in certain ActiveX controls in 1 FPOLE.OCX 6.0.8450.0 and 2 Foxtlib.ocx, as used in the Microsoft Visual FoxPro 6.0 fpole 1.0 Type Library; and Internet Explorer 5.01, 6 SP1 and SP2, and 7; allows remote attackers to execute arbitrary code via a long first argument to...

CVE-2007-4790

Stack-based buffer overflow in certain ActiveX controls in 1 FPOLE.OCX 6.0.8450.0 and 2 Foxtlib.ocx, as used in the Microsoft Visual FoxPro 6.0 fpole 1.0 Type Library; and Internet Explorer 5.01, 6 SP1 and SP2, and 7; allows remote attackers to execute arbitrary code via a long first argument to...

Stack overflow

Multiple stack-based buffer overflows in the Earth Resource Mapping NCSView ActiveX control before 3.4.0.242 in NCSView.dll, as distributed in ER Mapper ECW JPEG 2000 Plug-in before 8.1, allow remote attackers to execute arbitrary code via unspecified vectors...

Mandrake Linux Security Advisory : krb5 (MDKSA-2007:174-1)

A stack-based buffer overflow vulnerability was discovered in the RPC library used by Kerberos' kadmind program by Tenable Network Security. A remote unauthenticated user who could access kadmind would be able to trigger the flaw and cause it to crash CVE-2007-3999. This issue is only applicable ...

RHEL 5 : krb5 (RHSA-2007:0858)

Updated krb5 packages that fix two security flaws are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authenticate to...

Stack overflow

Multiple stack-based buffer overflows in the Spooler service nwspool.dll in Novell Client 4.91 SP2 through SP4 for Windows allow remote attackers to execute arbitrary code via certain long arguments to the 1 RpcAddPrinterDriver, 2 RpcGetPrinterDriverDirectory, and other unspecified RPC requests,...

CVE-2007-4584

Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the pmode variable...

irc/bitchx -- multiple vulnerabilities

bannedit reports: Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the pmode variable. Nico Golde reports: There is a security issue in ircii-pana in bitchx' hostname command. The ehostname function...