4300 matches found
Solaris SunSSH libpam buffer overflow
Added: 01/08/2021 Background SunSSH is a fork of OpenSSH for Solaris. It provides remote login capability on Solaris platforms. Problem A buffer overflow vulnerability in libpam could allow a remote attacker to execute arbitrary commands by sending a specially crafted authentication request to...
Apache Struts double OGNL evaluation
Added: 11/27/2020 CVE: CVE-2019-0230 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Struts uses Object-Graph Navigatio...
Citrix ADC and Gateway directory traversal and XML file upload
Added: 01/13/2020 Background Citrix ADC formerly NetScaler ADC is an application delivery and load balancing platform. Citrix Gateway formerly NetScaler Unified Gateway is a secure workspace access and single sign-on solution. Problem A directory traversal vulnerability allows remote attackers to...
PHPMailer Command Injection in WordPress Core via Exim
Added: 05/17/2017 BID: 95108 Background Wordpress is a free and open-source content management system CMS based on PHP and MySQL. WordPress uses PHPMailer, which is a PHP class used for sending email from PHP. PHPMailer provides an interface to the system's mail transfer agent MTA, such as...
Ruby on Rails Dynamic Render code execution
Added: 11/11/2016 CVE: CVE-2016-0752 BID: 81801 Background Ruby on Rails is a web application framework written in Ruby. Problem A vulnerability in Ruby on Rails allows arbitrary code to be uploaded and executed on the server if the application endpoint users dynamic render paths. Resolution...
PineApp Mail-SeCure confnetworking.html nsserver command execution
Added: 11/25/2013 CVE: CVE-2013-6830 BID: 63817 OSVDB: 100029 Background PineApp Mail-SeCure is an e-mail security appliance which provides perimeter security protection to stop threats prior to their penetration of the customer's network, as well as post-perimeter anti-spam content inspection...
WellinTech KingView KingMess.exe Log File Parsing Overflow
Added: 03/22/2013 CVE: CVE-2012-4711 BID: 57909 OSVDB: 89690 Background WellinTech is a China-based company which produces KingView, a Web-based SCADA application for Windows-based control, monitoring, and data collection that is used internationally. Problem WellinTech KingView KingMess.exe is...
Java MBeanInstantiator.findClass and Recursive Reflection Sandbox Escape
Added: 01/14/2013 CVE: CVE-2013-0422 BID: 57246 OSVDB: 89059 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...
IBM Cognos TM1 and Express Admin Server Buffer Overflow
Added: 12/27/2012 CVE: CVE-2012-0202 BID: 52847 OSVDB: 80876 Background IBM Cognos TM1 is enterprise planning software for planning, budgeting, forecasting and analysis. IBM Cognos Express is an integrated business intelligence BI and planning solution which delivers the essential reporting,...
Measuresoft ScadaPro xf Command Execution
Added: 11/28/2011 CVE: CVE-2011-3490 BID: 49613 OSVDB: 75490 Background ScadaPro is Real Time Data Acquisition software for Microsoft Windows. Problem ScadaPro version 4.0.0 and prior runs a legacy network service on UDP port 11234. This service contains multiple stack overflow and remote command...
Adobe Flash Player ActionScript Function Arguments Code Execution
Added: 08/22/2011 CVE: CVE-2011-2110 BID: 48268 OSVDB: 73007 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem The Adobe Flash Player ActionScript Engine is vulnerable to an information leak that can be leveraged to execute...
7-Technologies Interactive Graphical SCADA System Remote Code Execution
Added: 04/17/2011 CVE: CVE-2011-1567 BID: 46936 Background 7-Technologies Interactive Graphical SCADA System IGSS is a SCADA solution used mainly in Denmark and the US. Problem 7T IGSS server contains multiple stack overflows, a format string vulnerability, a remote command execution vulnerabilit...
Cisco IOS HTTP access level authentication bypass
Added: 12/23/2010 CVE: CVE-2001-0537 BID: 2936 OSVDB: 578 Background The Cisco Internetwork Operating System IOS is the operating system used by Cisco routers. Problem A remote attacker could execute arbitrary commands at the highest privilege level level 15 without needing to authenticate by...
Citect SCADA ODBC Service Overflow
Added: 03/10/2009 CVE: CVE-2008-2639 BID: 29634 OSVDB: 46105 Background The CitectSCADA and CitectFacilities applications include ODBC server capabilities to provide remote SQL access to a relational database. The ODBC Server component listens on port 20222/tcp by default. Problem A buffer overfl...
Mercury Mail IMAP DELETE command buffer overflow
Added: 09/18/2006 CVE: CVE-2004-1211 BID: 11775 OSVDB: 12508 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem Buffer overflow vulnerabilities in the IMAP service allow authenticated attackers to execute arbitrary commands using long arguments t...
Firefox crypto.generateCRMFRequest command execution
Added: 08/21/2014 CVE: CVE-2013-1710 BID: 61900 OSVDB: 96019 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A vulnerability in the implementation of the crypto.generateCRMFRequest javascript method allows command execution...
Java Runtime Environment java.awt.image.IntegerComponentRaster buffer overflow
Added: 09/04/2013 CVE: CVE-2013-2471 BID: 60659 OSVDB: 94357 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...
Java Runtime Environment Color Management memory overwrite
Added: 04/04/2013 CVE: CVE-2013-1493 BID: 58238 OSVDB: 90737 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...
Microsoft SharePoint Office Document Load Balancer SOAP Vulnerability
Added: 11/23/2011 CVE: CVE-2010-3964 BID: 45264 OSVDB: 69817 Background Microsoft SharePoint is a web application platform that provides web content management and document management as an aid to collaboration among users. SharePoint's multi-purpose design allows for managing and provisioning of...
Cisco Security Agent Management Center Code Execution
Added: 03/17/2011 CVE: CVE-2011-0364 BID: 65436 OSVDB: 70884 Background Cisco Security Agent Management Center is the server component of Cisco's Security Agent endpoint IPS solution. It is responsible for collecting event log information from endpoints and distributing rules updates. Problem The...
Microsoft Office Web Components OWC.Spreadsheet.9 HTMLURL property overflow
Added: 08/14/2009 CVE: CVE-2009-1534 BID: 35992 OSVDB: 56916 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
Microsoft PowerPoint malformed data record vulnerability
Added: 01/17/2007 CVE: CVE-2006-3876 BID: 20322 OSVDB: 29447 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem Improper handling of malformed Data records in PowerPoint files allows command execution. Resolution Apply the patch...
TikiWiki file upload vulnerability (jhot.php)
Added: 09/08/2006 CVE: CVE-2006-4602 BID: 19819 OSVDB: 28456 Background TikiWiki is a multi-purpose web content management system written in PHP. Problem The jhot.php script allows remote attackers to upload arbitrary PHP commands into the img/wiki directory. The commands can then be executed by...
Adobe Flash Player SWF Content Regular Expression Heap Overflow
Added: 02/21/2013 CVE: CVE-2013-0634 BID: 57788 OSVDB: 89936 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem The ActiveX version of Adobe Flash Player on Windows is vulnerable to heap buffer overflow because it does not proper...
Webmin show.cgi Open Function Call Command Execution
Added: 11/26/2012 CVE: CVE-2012-2982 BID: 55446 OSVDB: 85248 Background Webmin is a web-based interface for system administration of Unix systems. The Webmin web server listens by default on port 10000/tcp. Problem Webmin 1.59 and earlier are vulnerable to remote code execution as a result of...
Microsoft OLE Object File Handling vulnerability
Added: 06/15/2012 CVE: CVE-2011-3400 BID: 50977 OSVDB: 77663 Background Object Linking and Embedding OLE allows applications to create and edit compound documents. For example, a Microsoft Excel spreadsheet can be embedded within a Microsoft Word application. Problem A vulnerability when handling...
Chrome Password Grabber
Added: 01/10/2012 Background This tool grabs the saved passwords in the Chrome browser of the target's logged in user. Limitations Password Hash Grabber works on Windows targets. A connection to the target is required to run this tool. The target must have the .NET runtime 2.0 or higher. Platform...
eSignal WinSig.exe long StyleTemplate buffer overflow
Added: 11/21/2011 CVE: CVE-2011-3494 BID: 49600 OSVDB: 75456 Background eSignal is a tool which provides real-time financial and market information. Problem WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code v...
Java Runtime Environment Soundbank Resource Name Stack Buffer Overflow
Added: 04/22/2010 CVE: CVE-2010-0839 BID: 39070 OSVDB: 63494 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The JRE Java programming class library contains the Java Sound Application Interface API t...
Java Runtime Environment AWT setDiffICM buffer overflow
Added: 11/27/2009 CVE: CVE-2009-3869 BID: 36881 OSVDB: 59710 Background Java Runtime Environment JRE allows end users to run Java applications. Problem A buffer overflow vulnerability in the setDiffICM function of the Abstract Window Toolkit AWT allows command execution when a user loads a...
Adobe Reader JBIG2 image stream buffer overflow
Added: 02/27/2009 CVE: CVE-2009-0658 BID: 33751 OSVDB: 52073 Background Adobe Acrobat is software for creating PDF documents. Adobe Reader is free software for viewing PDF documents. Problem A buffer overflow vulnerability allows command execution when a user opens a PDF file containing a special...
Java Runtime Environment JAR manifest Main Class buffer overflow
Added: 02/26/2009 CVE: CVE-2008-5354 BID: 32608 OSVDB: 50499 Background Java Runtime Environment JRE allows end users to run Java applications. Problem A buffer overflow vulnerability in JRE allows command execution when a user opens a JAR archive containing a manifest file with a specially craft...
Adobe Acrobat util.printf JavaScript function buffer overflow
Added: 11/10/2008 CVE: CVE-2008-2992 BID: 30035 OSVDB: 49520 Background Adobe Acrobat is software for creating PDF documents. Problem A buffer overflow vulnerability allows command execution when a user opens a PDF file which calls the util.printf JavaScript function with a specially crafted form...
MacroVision InstallShield Update Service isusweb.dll unsafe method
Added: 12/07/2007 CVE: CVE-2007-5660 BID: 26280 OSVDB: 38347 Background MacroVision InstallShield is software for creating installers or software packages. Problem Several unsafe methods in the Update Service ActiveX control allow command execution when a user loads a specially crafted web page...
Microsoft Excel URL unicode buffer overflow
Added: 06/21/2006 CVE: CVE-2006-3086 BID: 18500 OSVDB: 26666 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms. Problem A buffer overflow in Excel when processing long URL strings allows command execution when a user clicks ...
PHPMailer PwnScriptum Remote Code Execution
Added: 01/05/2017 BID: 95108 Background PHPMailer is a PHP class used for sending email from PHP. It is used by many open-source projects, e.g., WordPress, Drupal, and Joomla. Problem PHPMailer class mailSend function is vulnerable to command injection due to failure to properly sanitize the...
Kolibri WebServer HTTP GET Request Handling Buffer Overflow
Added: 08/07/2014 CVE: CVE-2014-4158 BID: 68195 OSVDB: 108090 Background SENKAS Kolibri Webserver is a free very simple web server for Microsoft Windows that supports serving static web content. Problem Kolibri Webserver is vulnerable to a stack buffer overflow as a result of failure to properly...
Symantec Altiris DS SQL injection
Added: 11/18/2013 CVE: CVE-2008-2286 BID: 29198 OSVDB: 45313 Background Altiris Deployment Solution DS is software for managing the configuration of machines on a network. Problem An SQL injection vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...
Oracle Java Runtime Environment AWT storeImageArray Vulnerability
Added: 08/30/2013 CVE: CVE-2013-2465 BID: 60657 OSVDB: 94339 Background Java Runtime Environment JRE allows end users to run Java applications. Problem A buffer overflow vulnerability in the storeImageArray function of the Abstract Window Toolkit AWT library awt.dll allows command execution when ...
ABB WebWare Server RobNetScanHost.exe Stack Buffer Overflow
Added: 03/01/2012 CVE: CVE-2012-0245 BID: 52123 OSVDB: 79476 Background ABB provides power and automation technology solutions including robots and related software. ABB WebWare Server is a web-based manufacturing support system designed to facilitate a wide range of production management tasks,...
Java Runtime Environment MixerSequence Function Pointer Control
Added: 02/28/2012 CVE: CVE-2010-0842 BID: 39077 OSVDB: 63493 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...
Cisco AnyConnect Secure Mobility Client VPNWeb ActiveX Code Execution
Added: 06/13/2011 CVE: CVE-2011-2039 BID: 48081 OSVDB: 72714 Background Cisco AnyConnect Secure Mobility Client provides remote mobile users with secure IPsec IKEv2 or SSL Virtual Private Network VPN connections to Cisco 5500 Series Adaptive Security Appliances ASA and devices that are running...
Oracle Java Applet2ClassLoader Vulnerability
Added: 05/05/2011 CVE: CVE-2010-4452 BID: 46388 OSVDB: 71193 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...
Microsoft Office RTF pFragments Property Stack Buffer Overflow
Added: 11/16/2010 CVE: CVE-2010-3333 BID: 44652 OSVDB: 69085 Background Microsoft Office is a package which provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. Problem A stack buffer overflow vulnerability exists when...
Adobe Reader FlateDecode filter TIFF Predictor integer overflow
Added: 10/27/2009 CVE: CVE-2009-3459 BID: 36600 OSVDB: 58729 Background Adobe Reader is free software for viewing PDF documents. Problem An integer overflow in the FlateDecode filter in Adobe Reader allows command execution when a user opens a PDF file containing specially crafted compressed...
Microsoft WordPad Word97 text converter buffer overflow
Added: 04/23/2009 CVE: CVE-2009-0235 BID: 34470 OSVDB: 53664 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability in the Word 97 text converter allows command execution when a use...
Microsoft Excel TXO and OBJ record parsing memory corruption
Added: 12/18/2008 CVE: CVE-2008-4265 BID: 32618 OSVDB: 50556 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A memory corruption vulnerability allows command execution when a user opens an Excel...
FlashGet FTP PWD buffer overflow
Added: 08/27/2008 CVE: CVE-2008-4321 BID: 30685 OSVDB: 47457 Background FlashGet is an FTP client formerly known as JetCar. Problem A buffer overflow in FlashGet allows command execution when a user connects to an FTP server which sends a specially crafted PWD response. Resolution Use a different...
sadmind AUTH_SYS authentication vulnerability
Added: 01/09/2006 CVE: CVE-2003-0722 BID: 8615 OSVDB: 4585 Background sadmind is a service which coordinates distributed system administration operations remotely. The Sun Solstice AdminSuite runs sadmind with the AUTHSYS authentication method by default. Problem The sadmind running with the...
BrightStor ARCserve Backup agent for MS-SQL buffer overflow
Added: 12/20/2005 CVE: CVE-2005-1272 BID: 14453 OSVDB: 18501 Background BrightStor ARCserve Backup is a backup and recovery solution for multiple platforms. Problem A buffer overflow in the backup agent for Microsoft SQL Server allows remote attackers to execute arbitrary commands. Resolution App...