CVE-2007-1997

Integer signedness error in the 1 cabunstore and 2 cabextract functions in libclamav/cab.c in Clam AntiVirus ClamAV before 0.90.2 allow remote attackers to execute arbitrary code via a crafted CHM file that contains a negative integer, which passes a signed comparison and leads to a stack-based...

[Full-disclosure] Microsoft DNS Server Remote Code execution Exploit and analysis

Hi, im sending you the headers of the new exploit code for microsoft DNS servers. You can download the full source code exploit and analysis at: - http://www.514.es/MicrosoftDnsServerExploit.zip or - http://www.48bits.com/exploits/dnsxpl.rar Microsoft DNS Server Remote Code execution Exploit and...

Microsoft Windows - DNS DnssrvQuery Remote Stack Overflow

/ Copyright c 2007 devcode ^^ D E V C O D E ^^ Windows DNS DnssrvQuery Stack Overflow CVE-2007-1748 Description: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary erro...

CVE-2007-1559

CVE-2007-1559 affects Roxio CinePlayer 3.2, involving stack-based buffer overflows in SonicMediaPlayer.dll (and related SonicDVDDashVRNav.dll) that allow remote code execution. The documented vectors involve overly long values in SonicMediaPlayer.dll (DiskType method) or other long arguments to S...

CVE-2007-1955

Multiple stack-based buffer overflows in the SignKorea SKCrypAX ActiveX control module 5.4.1.2 allow remote attackers to execute arbitrary code via a long string in unspecified arguments to the 1 DownloadCert, 2 DecryptFileByKey, and 3 EncryptFileByKey functions, a different module and vectors th...

CVE-2007-1204

Stack-based buffer overflow in the Universal Plug and Play UPnP service in Microsoft Windows XP SP2 allows remote attackers on the same subnet to execute arbitrary code via crafted HTTP headers in request or notification messages, which trigger memory corruption...

CVE-2007-1204

The CVE-2007-1204 issue affects Microsoft Windows XP SP2 with the UPnP service. It is a stack-based buffer overflow triggered by specially crafted HTTP headers in UPnP requests/notifications, allowing a remote attacker on the same subnet to execute arbitrary code in the context of the vulnerable ...

HP Mercury Quality Center ActiveX Control ProgColor Buffer Overflow

This module exploits a stack-based buffer overflow in SPIDERLib.Loader ActiveX control Spider90.ocx 9.1.0.4353 installed by TestDirector TD for Hewlett-Packard Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32. By setting an overly long value to 'ProgColor', an attacker ca...

Debian DSA-1273-1 : nas - several vulnerabilities

Several vulnerabilities have been discovered in nas, the Network Audio System. - CVE-2007-1543 A stack-based buffer overflow in the acceptattlocal function in server/os/connection.c in nas allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection. -...

Mandrake Linux Security Advisory : openoffice.org (MDKSA-2007:073)

Stack-based buffer overflow in the StarCalc parser in OpenOffice.org OOo Office Suite allows user-assisted remote attackers to execute arbitrary code via a crafted document. CVE-2007-0238 OpenOffice.org OOo Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell...

CVE-2007-1866

CVE-2007-1866 involves a stack-based buffer overflow in the dns_decode_reverse_name function of the dproxy-nexgen project (dns_decode.c). The vulnerability allows remote attackers to gain arbitrary code execution by sending a crafted UDP DNS packet to port 53. This is a remote-exploit scenario wi...

Stack overflow

Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control Spider90.ocx 9.1.0.4353 in TestDirector TD for Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32, allows remote attackers to execute arbitrary code via a long ProgColor property...

CVE-2007-1819

CVE-2007-1819 describes a stack-based buffer overflow in the SPIDERLib.Loader ActiveX control (Spider90.ocx) version 9.1.0.4353 used by TestDirector (TD) for Mercury Quality Center, with patches: 9.0 before Patch 12.1 and 8.2 SP1 before Patch 32. The overflow is triggered by a long ProgColor prop...

CVE-2007-1819

Stack-based buffer overflow in the SPIDERLib.Loader ActiveX control Spider90.ocx 9.1.0.4353 in TestDirector TD for Mercury Quality Center 9.0 before Patch 12.1, and 8.2 SP1 before Patch 32, allows remote attackers to execute arbitrary code via a long ProgColor property...

Stack overflow

Multiple stack-based buffer overflows in High Performance Anonymous FTP Server hpaftpd 1.01 allow remote attackers to execute arbitrary code via long arguments to the 1 USER, 2 PASS, 3 CWD, 4 MKD, 5 RMD, 6 DELE, 7 RNFR, or 8 RNTO FTP command...

[SECURITY] [DSA 1273-1] New nas packages fix multiple remote vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1273-1 [email protected] http://www.debian.org/security/ Noah Meyerhans March 27, 2007 - ------------------------------------------------------------------------ Package : nas Vulnerability :...

CVE-2007-1465

CVE-2007-1465 describes a stack-based buffer overflow in dproxy.c for dproxy 0.1–0.5 triggered by a long DNS query packet to UDP port 53, enabling remote execution of code. The core issue is a overflow in handling DNS queries, leading to arbitrary code execution. The connected records also refere...

CVE-2007-1465

Stack-based buffer overflow in dproxy.c for dproxy 0.1 through 0.5 allows remote attackers to execute arbitrary code via a long DNS query packet to UDP port 53...

CVE-2007-1657

Stack-based buffer overflow in the filecompress function in minigzip Modules/zlib in Python 2.5 allows context-dependent attackers to execute arbitrary code via a long file argument...

CVE-2007-1614

Stack-based buffer overflow in the zzipopensharedio function in zzip/file.c in ZZIPlib Library before 0.13.49 allows user-assisted remote attackers to cause a denial of service application crash or execute arbitrary code via a long filename...