Internet Explorer WinINet credential reflection vulnerability

Added: 05/04/2009 CVE: CVE-2009-0550 BID: 34439 OSVDB: 53619 Background The Windows Internet WinINet application programming interface API provides applications with an implementation of standard protocols such as FTP and HTTP. Problem An NTLM credential reflection vulnerability allows a remote w...

Adobe Acrobat JavaScript getIcon method buffer overflow

Added: 03/27/2009 CVE: CVE-2009-0927 BID: 34169 Background Adobe Acrobat is software for creating PDF documents. Adobe Reader is free software for viewing PDF documents. Problem A buffer overflow vulnerability allows command execution when a user opens a PDF file which calls the JavaScript getIco...

Fujitsu SystemcastWizard Lite PXE service buffer overflow

Added: 03/03/2009 CVE: CVE-2009-0270 BID: 33342 OSVDB: 51486 Background SystemcastWizard Lite is support software for the setup of Primequest systems. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted datagram to the...

Oracle Database OLAP component ODCITABLESTART buffer overflow

Added: 02/06/2009 CVE: CVE-2008-3974 BID: 33177 OSVDB: 51347 Background The Online Analytical Processing OLAP component of Oracle Database is a set of stored procedures used for multi-dimensional analytical queries. Problem A buffer overflow vulnerability in the ODCITABLESTART function allows...

SNMPc Network Manager SNMP TRAP community string buffer overflow

Added: 07/21/2008 CVE: CVE-2008-2214 BID: 28990 OSVDB: 44885 Background SNMPc Network Manager is a distributed network management and monitoring solution. Problem A buffer overflow vulnerability in SNMPc Network Manager allows remote attackers to execute arbitrary commands by sending an SNMP TRAP...

Microsoft Office Drawing Shapes memory corruption vulnerability

Added: 04/04/2008 CVE: CVE-2008-0118 BID: 28146 OSVDB: 42709 Background Microsoft Office is a package which provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. Problem A memory corruption vulnerability allows command...

Oracle XDB component PITRIG_TRUNCATE buffer overflow

Added: 02/01/2008 CVE: CVE-2008-0339 BID: 27229 OSVDB: 40300 Background The PITRIGTRUNCATE function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGTRUNCATE function allows remote, authenticated attackers to...

Oracle XDB component PITRIG_DROPMETADATA buffer overflow

Added: 11/23/2007 CVE: CVE-2007-4517 BID: 26374 OSVDB: 39918 Background The PITRIGDROPMETADATA function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGDROPMETADATA function allows remote, authenticated...

ClamAV milter popen command injection

Added: 09/06/2007 CVE: CVE-2007-4560 BID: 25439 OSVDB: 36909 Background ClamAV is an open-source anti-virus toolkit. clamav-milter is a derivative of ClamAV for e-mail servers running Sendmail. Problem An insecure call to the popen function in clamav-milter, when running in black hole mode, allow...

Internet Explorer tblinf32.dll ActiveX IObjectsafety vulnerability

Added: 08/17/2007 CVE: CVE-2007-2216 BID: 25289 OSVDB: 36396 Background The IObjectsafety interface provides methods to get and set safety options for objects which support untrusted clients. Problem The tblinf32.dll ActiveX control implements IObjectsafety incorrectly, allowing execution of code...

Novell Client 4.91 SP4 nwspool.dll buffer overflow

Added: 08/10/2007 CVE: CVE-2007-6701 BID: 25092 OSVDB: 37319 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem The nwspool.dll library in Novell Client is affected by buffer overflow vulnerabilities in several different functions, allowing remote...

LANDesk Management Suite Alert Service buffer overflow

Added: 04/23/2007 CVE: CVE-2007-1674 BID: 23483 OSVDB: 34964 Background LANDesk Management Suite automates systems and security management tasks across a network. It runs an Alert Service which listens for communication on port 65535/UDP. Problem A buffer overflow vulnerability in the Alert Servi...

BrightStor ARCserve Discovery service 9b command buffer overflow

Added: 12/08/2006 CVE: CVE-2006-6379 BID: 21502 OSVDB: 30775 Background The BrightStor ARCserve Backup server includes a discovery service which listens on ports 41523/TCP and 41524/UDP. Problem A buffer overflow vulnerability in the ASBRDCST.DLL library allows remote attackers to execute arbitra...

Serv-U FTP Server MDTM timezone buffer overflow

Added: 10/27/2006 CVE: CVE-2004-0330 BID: 9751 OSVDB: 4073 Background Serv-U FTP Server supports the MDTM command which allows users to modify the time stamp on files. Problem A buffer overflow in Serv-U FTP Server allows remote authenticated attackers to execute arbitrary commands by sending the...

BrightStor ARCserve discovery service ASBRDCST.DLL buffer overflow

Added: 10/19/2006 CVE: CVE-2006-5143 BID: 20365 OSVDB: 29534 Background The BrightStor ARCserve Backup server includes a discovery service which listens on ports 41523/TCP and 41524/UDP. Problem A buffer overflow vulnerability in the ASBRDCST.DLL library allows remote attackers to execute arbitra...

Microsoft SQL Server Hello buffer overflow

Added: 08/07/2006 CVE: CVE-2002-1123 BID: 5411 OSVDB: 10132 Background Microsoft SQL Server is a database server package for Windows platforms. Problem Microsoft SQL Server 2000 is affected by a buffer overflow vulnerability in the code which handles user authentication. This allows a remote...

Windows RRAS memory corruption vulnerability

Added: 06/30/2006 CVE: CVE-2006-2370 BID: 18325 OSVDB: 26437 Background The Routing and Remote Access Service RRAS allows a Windows computer to act as a router, dial-up access server, VPN server, or network address translator. Problem A buffer overflow in RRAS allows remote attackers to execute...

SpamAssassin spamd vpopmail user vulnerability

Added: 06/09/2006 CVE: CVE-2006-2447 BID: 18290 OSVDB: 26177 Background SpamAssassin identifies spam e-mail using a variety of local and network based tests. spamd is a component of SpamAssassin which allows it to run as a network daemon. Problem When the vpopmail -v and paranoid -P options are...

TWiki Search.pm shell command injection

Added: 04/06/2006 CVE: CVE-2004-1037 BID: 11674 OSVDB: 11714 Background TWiki is a web-based collaboration platform written in PERL. Problem The Search.pm module does not sufficiently check search strings for illegal characters, allowing remote attackers to execute commands using search strings...

Microsoft Visual Studio .dbp and .sln buffer overflow

Added: 03/07/2006 CVE: CVE-2006-1043 BID: 16953 OSVDB: 23711 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem A buffer overflow vulnerability leads to command execution when a specially crafted Database Project .dbp or...

Mercury Mail Transport System Phonebook service buffer overflow

Added: 02/02/2006 CVE: CVE-2005-4411 BID: 16396 OSVDB: 22103 Background Mercury Mail Transport System is a free mail server for Windows and Netware platforms. It includes a Phone Book service which runs on port 105/TCP. Problem A buffer overflow vulnerability in the Phone Book service allows remo...

phpBB viewtopic.php highlight parameter vulnerability

Added: 12/28/2005 CVE: CVE-2005-2086 BID: 14086 OSVDB: 17613 Background phpBB is an open-source bulletin board package written in PHP. Problem This is a variant of an older vulnerability which allows remote command execution by requesting viewtopic.php with a specially crafted highlight parameter...

Aruba ClearPass Policy Manager tipsSimulationUpload command execution

Added: 08/13/2020 CVE: CVE-2020-7115 Background Aruba ClearPass is a network access control solution. Problem A vulnerability in the tipsSimulationUpload.action resource allows remote attackers to execute arbitrary commands by uploading a shared object library in the uploadClientCertFile paramete...

NUUO NVR Unauthenticated Remote Code Execution

Added: 12/11/2018 Background NUUO is a surveillance solution provider. Problem The upgradehandle.php on NUUO NVRsolo, NVRsolo Plus, and NVRmini 2 devices allows remote command execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command. Resolution Upgrade to the...

MicroTik RouterOS SMB buffer overflow

Added: 04/02/2018 CVE: CVE-2018-7445 BID: 103427 Background RouterOS is a Linux-based operating system used by MicroTik devices. Problem A buffer overflow in the SMB service could allow a remote, unauthenticated attacker to execute arbitrary commands. Resolution Upgrade to RouterOS 6.41.3 or...

NETGEAR ReadyNAS Surveillance Command Execution

Added: 08/30/2016 CVE: CVE-2016-5674 BID: 92318 Background NETGEAR ReadyNAS Surveillance combines their storage and switching solution NETGEAR ReadyNAS Network Attached Storage system with network video recording software from NUUO to provide an affordable surveillance solution for small...

Wago Shell

Added: 03/31/2016 Background Wago PLCs are used in Factory and building automation. Wago ethernet PLCs are connected by IP and can be administered remotely. Problem Wago PLC devices use CoDeSyS protocols to program the device. If the programming ports are left open an attacker is able to upload,...

Mac OS X rsh Environment Variables Privilege Elevation

Added: 10/15/2015 CVE: CVE-2015-5889 Background The remotecmds component of Apple Mac OS X contains an rsh binary program that allows a user to execute commands on another computer across a computer network. Problem The rsh binary in the remotecmds component of Mac OS X versions prior to 10.11...

OS X rootpipe privilege elevation

Added: 04/14/2015 CVE: CVE-2015-1130 BID: 73982 OSVDB: 120418 Background OS X is an operating system for Mac computers. Problem The Admin framework in OS X contains a hidden backdoor API which allows local users to gain root privileges. Resolution Upgrade to OS X 10.10.3 or apply security update...

GitList blame resource command injection

Added: 07/14/2014 CVE: CVE-2014-4511 BID: 68253 OSVDB: 108504 Background GitList is a web-based git repository viewer. Problem A vulnerability in GitList allows remote attackers to execute arbitrary commands by sending a specially crafted request for the blame resource. Resolution Upgrade to...

Adobe Pixel Shader

Added: 06/24/2014 CVE: CVE-2014-0515 BID: 67092 OSVDB: 106347 Background The Adobe Flash plugin provides flash content rendering for web browsers. Problem A buffer overflow exists due to an error in processing SWF files. The vulnerable function exists in the the DisplayShader class and can be...

Internet Explorer CMarkup Object Handling Use-after-free Vulnerability

Added: 04/17/2014 CVE: CVE-2014-0322 BID: 65551 OSVDB: 103354 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer 9 and 10 contain a use-after-free vulnerability in the CMarkup component of the MSHTML...

Oracle Java java.awt.image.ByteComponentRaster Overflow

Added: 10/24/2013 CVE: CVE-2013-2473 BID: 60623 OSVDB: 94336 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

Internet Explorer HTML Rendering Engine onLoseCapture Use-After-Free Vulnerability

Added: 09/25/2013 CVE: CVE-2013-3893 BID: 62453 OSVDB: 97380 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer 6 through 11 contain a use-after-free vulnerability in the SetMouseCapture implementation in...

Internet Explorer HTML Rendering Engine onLoseCapture Use-After-Free Vulnerability

Added: 09/25/2013 CVE: CVE-2013-3893 BID: 62453 OSVDB: 97380 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer 6 through 11 contain a use-after-free vulnerability in the SetMouseCapture implementation in...

Oracle Java Serviceability Subcomponent ProviderSkeleton Class Vulnerability

Added: 07/11/2013 CVE: CVE-2013-2460 BID: 60635 OSVDB: 94346 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

Oracle WebCenter Capture ActiveX SetAnnotationFont buffer overflow

Added: 06/26/2013 CVE: CVE-2013-1516 BID: 59112 OSVDB: 92387 Background Oracle WebCenter Capture formerly Oracle Document Capture is a centralized document scanning solution. Problem The Import Server subcomponent of Oracle WebCenter Capture is affected by a buffer overflow vulnerability. The...

WellinTech KingView KingMess.exe Log File Parsing Overflow

Added: 03/22/2013 CVE: CVE-2012-4711 BID: 57909 OSVDB: 89690 Background WellinTech is a China-based company which produces KingView, a Web-based SCADA application for Windows-based control, monitoring, and data collection that is used internationally. Problem WellinTech KingView KingMess.exe is...

RealPlayer InternetShortcut URL property buffer overflow

Added: 01/07/2013 CVE: CVE-2012-5691 BID: 56956 OSVDB: 88486 Background RealPlayer is a media player application which can play back various multimedia file formats. Problem A buffer overflow vulnerability in the GetPrivateProfileString function allows command execution when a user opens a...

MySQL FILE privilege elevation

Added: 12/21/2012 CVE: CVE-2012-5613 BID: 56771 OSVDB: 88118 Background MySQL is an open-source database software package available for multiple platforms. Problem A database user who has FILE permission can write arbitrary files to the file system, leading to privilege elevation. Resolution Revo...

MySQL FILE privilege elevation

Added: 12/21/2012 CVE: CVE-2012-5613 BID: 56771 OSVDB: 88118 Background MySQL is an open-source database software package available for multiple platforms. Problem A database user who has FILE permission can write arbitrary files to the file system, leading to privilege elevation. Resolution Revo...

Internet Explorer COL SPAN Heap Overflow

Added: 08/06/2012 CVE: CVE-2012-1876 BID: 53848 OSVDB: 82866 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Internet Explorer allows websites to utilize Javascript to create dynamic web content. As such, websites can include...

HP OpenView Storage Data Protector inet Service EXEC_CMD Remote Overflow

Added: 06/27/2012 CVE: CVE-2011-1866 BID: 48488 OSVDB: 73572 Background HP Data Protector is an automated data backup solution. Problem A buffer overflow vulnerability in omniinet.exe in the inet service of HP OpenView Storage Data Protector allows remote attackers to execute arbitrary commands b...

WebCalendar Pre-Auth PHP Code Execution

Added: 05/18/2012 CVE: CVE-2012-1495 BID: 53207 OSVDB: 80097 Background WebCalendar is a PHP-based calendar application that can be configured as a single-user calendar, a multi-user calendar for groups of users, or as an event calendar viewable by visitors. Problem WebCalendar fails to properly...

Symantec pcAnywhere Host Services Login Overflow

Added: 02/13/2012 CVE: CVE-2011-3478 BID: 51592 OSVDB: 78532 Background Symantec pcAnywhere is a suite of remote connectivity applications that allow users of a system to access their system remotely. Problem A stack overflow exist in the pcAnywhere Host Service when parsing login names. An...

Symantec pcAnywhere Host Services Login Overflow

Added: 02/13/2012 CVE: CVE-2011-3478 BID: 51592 OSVDB: 78532 Background Symantec pcAnywhere is a suite of remote connectivity applications that allow users of a system to access their system remotely. Problem A stack overflow exist in the pcAnywhere Host Service when parsing login names. An...

Oracle Outside In Library OOXML Overflow

Added: 02/03/2012 CVE: CVE-2012-0110 BID: 51452 OSVDB: 78411 Background Oracle Outside In is a a suite of software development kits that allows developers with a comprehensive solution to access, transform, and control the contents of over 500 unstructured file formats. Problem Outside In version...

HP Intelligent Management Center iNodeMngChecker.exe Buffer Overflow

Added: 10/14/2011 CVE: CVE-2011-1867 BID: 48527 OSVDB: 73597 Background HP Intelligent Management Center, also known as HP iNode Management Center, is a comprehensive management platform for delivering integrated, modular network management capabilities. The iNodeMngChecker.exe component listens,...

Oracle Outside In CDR File Parser Stack Buffer Overflow

Added: 08/05/2011 CVE: CVE-2011-2264 BID: 48766 OSVDB: 73912 Background Oracle Outside In is a suite of Software Development Kits SDKs and tools that provide functionality for reading and writing many different file formats. The Outside In SDK is embedded by multiple client and server products th...

Oracle Warehouse Builder SQL Injection

Added: 08/01/2011 CVE: CVE-2011-0799 BID: 47431 OSVDB: 71956 Background Oracle Warehouse Builder OWB is an ETL tool produced by Oracle that offers a graphical environment to build, manage and maintain data integration processes in business intelligence systems. Problem A SQL injection vulnerabili...