4305 matches found
Citect SCADA ODBC Service Overflow
Added: 03/10/2009 CVE: CVE-2008-2639 BID: 29634 OSVDB: 46105 Background The CitectSCADA and CitectFacilities applications include ODBC server capabilities to provide remote SQL access to a relational database. The ODBC Server component listens on port 20222/tcp by default. Problem A buffer overfl...
Microsoft Works WkImgSrv.dll ActiveX Control WksPictureInterface vulnerability
Added: 01/08/2009 CVE: CVE-2008-1898 BID: 28820 OSVDB: 44458 Background Microsoft Works is a suite of productivity tools for home users. Problem The WkImgSrv.dll ActiveX control included in Microsoft Works allows command execution when a user loads a web page which instantiates the control with a...
Oracle WebLogic Server Apache Connector POST buffer overflow
Added: 07/25/2008 CVE: CVE-2008-3257 BID: 30273 OSVDB: 47096 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A buffer overflow in the Apache Connector for WebLogic Server allows remote attackers to execute arbitrary commands by sending a...
Facebook PhotoUploader ActiveX control ExtractIptc buffer overflow
Added: 05/19/2008 CVE: CVE-2008-0660 BID: 27576 OSVDB: 41073 Background Facebook PhotoUploader is an ActiveX control which allows uploading of photos to the Facebook web site. It uses the Aurigma ImageUploader product. Problem A buffer overflow vulnerability in Facebook PhotoUploader allows comma...
EMC NetWorker Remote Exec service subcmd buffer overflow
Added: 11/09/2007 CVE: CVE-2007-3618 BID: 25375 OSVDB: 39744 Background EMC NetWorker is a centralized data backup solution. Problem A buffer overflow vulnerability in the Remote Exec service nsrexecd.exe allows remote attackers to execute arbitrary commands by sending a long, invalid subcmd to a...
ClamAV milter popen command injection
Added: 09/06/2007 CVE: CVE-2007-4560 BID: 25439 OSVDB: 36909 Background ClamAV is an open-source anti-virus toolkit. clamav-milter is a derivative of ClamAV for e-mail servers running Sendmail. Problem An insecure call to the popen function in clamav-milter, when running in black hole mode, allow...
Trend Micro ServerProtect EarthAgent RPC buffer overflow
Added: 05/16/2007 CVE: CVE-2007-2508 BID: 23866 OSVDB: 35789 Background Trend Micro ServerProtect is a virus scanner for servers. It includes the EarthAgent daemon which listens for connections on port 3628/TCP. Problem A buffer overflow vulnerability in the EarthAgent daemon allows remote...
Windows Workstation service NetpManageIPCConnect buffer overflow
Added: 11/27/2006 CVE: CVE-2006-4691 BID: 20985 OSVDB: 30263 Background The Windows Workstation service routes network requests for file or printer resources. Problem A buffer overflow in the NetpManageIPCConnect function in the Windows Workstation service allows command execution when a domain...
ntdll.dll buffer overflow via IIS 5.0 WebDAV
Added: 07/18/2006 CVE: CVE-2003-0109 BID: 7116 OSVDB: 4467 Background The dynamic link library ntdll.dll is a core component of the Windows operating system. It is used by many operating system components including the WebDAV component of Microsoft IIS. Problem A buffer overflow in ntdll.dll allo...
Internet Explorer isComponentInstalled buffer overflow
Added: 03/16/2006 CVE: CVE-2006-1016 BID: 16870 OSVDB: 31647 Background The isComponentInstalled method allows scripts to determine which components are installed. Problem Internet Explorer is affected by a buffer overflow in the isComponentInstalled method which can lead to remote command...
Apache HTTP Server path traversal
Added: 10/21/2021 Background Apache HTTP Server is an HTTP server implementation for Linux and Windows. Problem A path traversal vulnerability allows remote attackers to execute arbitrary commands in certain configurations if CGI scripts are enabled. Resolution Upgrade to Apache HTTP Server 2.4.5...
Horde Imp Unauthenticated Remote Command Execution
Added: 01/18/2019 BID: 106018 Background The IMP is a web-based mail client for IMAP and POP3 accounts. It is built atop the Horde Application Framework, which is a general-purpose web application library written in PHP. Problem A vulnerability in Horde IMP could allow unauthenticated command...
HP Data Protector missing authentication
Added: 05/31/2016 CVE: CVE-2016-2004 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem Data Protector does not authenticate users, even with Encrypted Control Communications enabled. This could allow an unauthenticated remote...
Schneider Electric StruxureWare Building Operation Automation Server msh bypass
Added: 03/14/2016 CVE: CVE-2016-2278 Background The Schneider Electric StruxureWare Building Operation software suite provides integrated monitoring, control, and management of energy, HVAC, lighting and fire safety. The Automation Server is a building automation system for small and medium-sized...
Linux kernel __sock_diag_rcv_msg Netlink message privilege elevation
Added: 05/13/2014 CVE: CVE-2013-1763 BID: 58137 OSVDB: 90604 Background Netlink is a feature of the Linux kernel which allows communication between kernel and user space. Problem An array index error in the sockdiagrcvmsg function in the Linux kernel allows local users to gain root privileges by...
HP Data Protector Backup Client Service opcode 42 directory traversal
Added: 01/28/2014 CVE: CVE-2013-6194 BID: 64647 OSVDB: 101630 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem A vulnerability in the Backup Client Service OmniInet.exe allows remote, unauthenticated attackers to write files t...
PineApp Mail-SeCure confnetworking.html nsserver command execution
Added: 11/25/2013 CVE: CVE-2013-6830 BID: 63817 OSVDB: 100029 Background PineApp Mail-SeCure is an e-mail security appliance which provides perimeter security protection to stop threats prior to their penetration of the customer's network, as well as post-perimeter anti-spam content inspection...
HP System Management Homepage iprange Parameter Stack Buffer Overflow
Added: 09/09/2013 CVE: CVE-2013-2362 BID: 61337 OSVDB: 95489 Background HP System Management Homepage SMH is a web-based interface that consolidates the management of ProLiant and Integrity servers. Problem A stack buffer overflow vulnerability in HP SMH allows command execution when an attacker...
Internet Explorer VML Dashstyle Attributes Integer Overflow
Added: 06/03/2013 CVE: CVE-2013-2551 BID: 58570 OSVDB: 91197 Background Vector Markup Language VML is an XML-based format for vector graphics. Problem An integer overflow vulnerability in vml.dll when processing dashstyle attributes of certain VML elements in a web page allows arbitrary command...
3S Smart Software Solutions CoDeSys Gateway Server Directory Traversal
Added: 05/06/2013 CVE: CVE-2012-4705 BID: 59446 OSVDB: 90368 Background Smart Software Solutions GmbH 3S manufactures CoDeSys Gateway Server, a Supervisory Control and Data Acquisition/Human-Machine Interface SCADA/HMI product. The Gateway Server listens on TCP port 1211. Problem 3S CoDeSys Gatew...
Adobe InDesign Server SOAP interface RunScript command execution
Added: 02/04/2013 BID: 56574 OSVDB: 87548 Background Adobe InDesign is a desktop publishing application. It includes a server interface providing an API for software developers using SOAP. Problem The SOAP interface in Adobe InDesign Server allows remote, unauthenticated attackers to run arbitrar...
Webmin show.cgi Open Function Call Command Execution
Added: 11/26/2012 CVE: CVE-2012-2982 BID: 55446 OSVDB: 85248 Background Webmin is a web-based interface for system administration of Unix systems. The Webmin web server listens by default on port 10000/tcp. Problem Webmin 1.59 and earlier are vulnerable to remote code execution as a result of...
Internet Explorer CMshtmlEd execCommand Use After Free
Added: 09/19/2012 CVE: CVE-2012-4969 BID: 55562 OSVDB: 85532 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Internet Explorer does not properly clean up references to objects passed to the execCommand Javascript method. If...
Adobe Flash Player MP4 Sequence Parameter Set Processing
Added: 02/09/2012 CVE: CVE-2011-2140 BID: 49083 OSVDB: 74439 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem The Adobe Flash Player Sub1005B396 function allows command execution when a user opens a specially crafted .swf file...
Adobe Reader U3D Heap Overflow
Added: 12/21/2011 CVE: CVE-2011-2462 BID: 50922 OSVDB: 77529 Background Adobe Reader is free software for viewing PDF documents. Problem A heap memory corruption vulnerability exists in Adobe Acrobat Reader. The vulnerability is due to an input validation error while parsing Universal 3D U3D file...
Oracle Java Rhino Script Engine Code Execution
Added: 12/02/2011 CVE: CVE-2011-3544 BID: 50218 OSVDB: 76500 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Java...
Apple Safari libxslt File Create
Added: 10/24/2011 CVE: CVE-2011-1774 BID: 48840 OSVDB: 74017 Background Safari is a web browser for Mac OS X and Windows. Problem Safari versions prior to 5.0.6 use unsafe security settings when implementing libxslt. An attacker may leverage this weakness by creating a web page that references a...
Oracle Warehouse Builder SQL Injection
Added: 08/01/2011 CVE: CVE-2011-0799 BID: 47431 OSVDB: 71956 Background Oracle Warehouse Builder OWB is an ETL tool produced by Oracle that offers a graphical environment to build, manage and maintain data integration processes in business intelligence systems. Problem A SQL injection vulnerabili...
Oracle Warehouse Builder SQL Injection
Added: 08/01/2011 CVE: CVE-2011-0799 BID: 47431 OSVDB: 71956 Background Oracle Warehouse Builder OWB is an ETL tool produced by Oracle that offers a graphical environment to build, manage and maintain data integration processes in business intelligence systems. Problem A SQL injection vulnerabili...
VideoLAN VLC Media Player MKV Demuxer Code Execution
Added: 06/27/2011 CVE: CVE-2011-0531 BID: 46060 OSVDB: 70698 Background VLC media player is a media player supporting various audio and video formats for multiple platforms. Problem VideoLan VLC 1.1.6.1 and earlier are vulnerable to a remote code execution vulnerability as a result of insufficien...
Quest Big Brother Remote File Overwrite
Added: 06/14/2011 BID: 47805 OSVDB: 72347 Background Quest Big Brother is server monitoring package. Problem The 'bbntd.exe' service of the Big Brother server version 4.40 and prior does not properly sanitize user requests and may allow an attacker to upload files using a directory traversal...
HP Universal CMDB Server Axis2 default password
Added: 02/22/2011 CVE: CVE-2010-0219 BID: 45625 OSVDB: 70233 Background HP Universal CMDB Server 9.0 is a modular management system that consists of a rich business-service-oriented data model with built-in discovery of configuration items CIs and configuration item dependencies, visualization an...
Oracle Secure Backup Administration preauth variable command injection
Added: 12/06/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 67128 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A vulnerability in the Administration server allows remote, authenticated attackers to execute arbitrary commands which are...
Oracle Virtual Server Agent Command Injection
Added: 11/26/2010 CVE: CVE-2010-3582 BID: 44031 Background Oracle VM software provides virtualization technology that allows running multiple instances of x86 virtual computers simultaneously within the host operating system. It supports many Oracle and non-Oracle based systems such as Windows,...
Adobe Flash Player Flash Content Parsing Code Execution
Added: 11/16/2010 CVE: CVE-2010-3654 BID: 44504 OSVDB: 68932 Background Adobe Reader is free software for viewing PDF documents. Problem Adobe Reader 9.x is vulnerable to a remote code execution vulnerability as a result of parsing flash content by the bundled Adobe Flash Player. Resolution Apply...
Oracle Database DBMS_JVM_EXP_PERMS IMPORT_JVM_PERMS privilege elevation
Added: 02/26/2010 BID: 38115 OSVDB: 62184 Background Oracle Database embeds a Java runtime environment called OracleJVM. The DBMSJVMEXPPERMS package is included in Oracle Database and is used for importing and exporting Java permissions between database servers. Problem A privilege elevation...
Novell iPrint Client ienipp.ocx target-frame buffer overflow
Added: 01/12/2010 CVE: CVE-2009-1568 BID: 37242 OSVDB: 60803 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem A buffer overflow in ienipp.ocx allows command...
Windows Print Spooler EnumeratePrintShares buffer overflow
Added: 06/16/2009 CVE: CVE-2009-0228 BID: 35206 Background The Windows Print Spooler manages the printing process on Windows operating systems. Problem A buffer overflow vulnerability in the EnumeratePrintShares function in the Windows Print Spooler service allows arbitrary command execution when...
Tivoli Storage Manager heap corruption
Added: 03/12/2009 CVE: CVE-2008-4563 BID: 34077 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. Problem A heap overflow allows remote attackers to execute arbitrary commands. Resolution Apply the workaround or solution...
Java Runtime Environment JAR manifest Main Class buffer overflow
Added: 02/26/2009 CVE: CVE-2008-5354 BID: 32608 OSVDB: 50499 Background Java Runtime Environment JRE allows end users to run Java applications. Problem A buffer overflow vulnerability in JRE allows command execution when a user opens a JAR archive containing a manifest file with a specially craft...
Adobe Photoshop Album Starter Edition BMP image header buffer overflow
Added: 05/08/2008 CVE: CVE-2008-1765 BID: 28874 OSVDB: 44579 Background Adobe Photoshop Album Starter Edition is free software for editing and sharing photos. Problem A buffer overflow vulnerability in Adobe Photoshop Album Starter Edition allows command execution when a user opens a BMP image fi...
Adobe Photoshop Album Starter Edition BMP image header buffer overflow
Added: 05/08/2008 CVE: CVE-2008-1765 BID: 28874 OSVDB: 44579 Background Adobe Photoshop Album Starter Edition is free software for editing and sharing photos. Problem A buffer overflow vulnerability in Adobe Photoshop Album Starter Edition allows command execution when a user opens a BMP image fi...
Windows GDI EMF filename buffer overflow
Added: 04/09/2008 CVE: CVE-2008-1087 BID: 28570 OSVDB: 44215 Background The Windows Graphics Device Interface GDI interacts with graphics device drivers on behalf of applications. Problem A buffer overflow in Windows GDI allows command execution when a user opens a specially crafted EMF file...
Windows GDI EMF filename buffer overflow
Added: 04/09/2008 CVE: CVE-2008-1087 BID: 28570 OSVDB: 44215 Background The Windows Graphics Device Interface GDI interacts with graphics device drivers on behalf of applications. Problem A buffer overflow in Windows GDI allows command execution when a user opens a specially crafted EMF file...
Microsoft Office Drawing Shapes memory corruption vulnerability
Added: 04/04/2008 CVE: CVE-2008-0118 BID: 28146 OSVDB: 42709 Background Microsoft Office is a package which provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. Problem A memory corruption vulnerability allows command...
Lotus Notes Lotus 1-2-3 file viewer buffer overflow
Added: 12/07/2007 CVE: CVE-2007-6593 BID: 26604 OSVDB: 40796 Background Lotus Notes is the client for Lotus Domino servers. Lotus Notes uses the Autonomy KeyView library to process files in the Lotus Worksheet File format WKS used by Lotus 1-2-3. Problem A buffer overflow vulnerability in the...
Microsoft Agent crafted URL vulnerability
Added: 09/11/2007 CVE: CVE-2007-3040 BID: 25566 OSVDB: 36934 Background Microsoft Agent is a component of the Windows operating system designed to make using a computer easier through enriched user interaction. Problem A vulnerability in Microsoft Agent allows command execution when a user loads ...
Solaris telnetd authentication bypass
Added: 02/16/2007 CVE: CVE-2007-0882 BID: 22512 OSVDB: 31881 Background The Telnet service allows remote users to authenticate to a system and use an interactive command shell. The Telnet service is implemented by the Telnet daemon, telnetd. Problem The telnetd program in Solaris 10 and 11...
Windows Task Scheduler buffer overflow
Added: 09/05/2006 CVE: CVE-2004-0212 BID: 10708 OSVDB: 7798 Background The Windows Task Scheduler is used to schedule commands to run at specified times. Problem A buffer overflow vulnerability in the Task Scheduler could allow command execution when a specially crafted .job file is processed...
Windows compressed folders buffer overflow
Added: 05/15/2006 CVE: CVE-2004-0575 BID: 11382 OSVDB: 10695 Background Microsoft Windows XP and Windows Server 2003 include the ability to natively handle ZIP files. Problem A buffer overflow when handling compressed folders allows command execution when a specially crafted ZIP file is opened by...