7T Interactive Graphical SCADA System dc.exe Directory Traversal

Added: 06/03/2011 CVE: CVE-2011-1566 BID: 46936 OSVDB: 72349 Background 7-Technologies Interactive Graphical SCADA System IGSS is a Supervisory Control and Data Acquisition SCADA solution used mainly in Denmark and the US. Problem An input validation error in the Data Collector service dc.exe whe...

7-Technologies Interactive Graphical SCADA System Remote Code Execution

Added: 04/17/2011 CVE: CVE-2011-1567 BID: 46936 Background 7-Technologies Interactive Graphical SCADA System IGSS is a SCADA solution used mainly in Denmark and the US. Problem 7T IGSS server contains multiple stack overflows, a format string vulnerability, a remote command execution vulnerabilit...

Oracle Virtual Server Agent Command Injection

Added: 11/26/2010 CVE: CVE-2010-3582 BID: 44031 Background Oracle VM software provides virtualization technology that allows running multiple instances of x86 virtual computers simultaneously within the host operating system. It supports many Oracle and non-Oracle based systems such as Windows,...

Adobe Shockwave Director rcsL Chunk Remote Code Execution

Added: 11/04/2010 CVE: CVE-2010-3653 BID: 44291 OSVDB: 68803 Background Adobe Shockwave is a multimedia player used to add animation and interactivity to web pages. It allows Adobe Director applications to be published on the Internet and viewed in a web browser on any computer which has the...

Adobe Reader authplay.dll newfunction Memory Corruption

Added: 06/17/2010 CVE: CVE-2010-1297 BID: 40586 OSVDB: 65141 Background Adobe Reader is free software for viewing PDF documents. Problem A memory corruption vulnerability in authplay.dll provided with Adobe Reader 9.3.2 and earlier 9.x versions allows command execution when a user opens a special...

IBM Cognos Express Server Backdoor Account Remote Code Execution

Added: 05/25/2010 CVE: CVE-2010-0557 BID: 38084 OSVDB: 62118 Background IBM Cognos Express is an integrated business intelligence BI and planning solution which delivers the essential reporting, analysis, dashboard, scorecard, planning, budgeting and forecasting capabilities that midsize companie...

Adobe Reader media.newPlayer Use-After-Free Code Execution

Added: 12/23/2009 CVE: CVE-2009-4324 BID: 37331 OSVDB: 60980 Background Adobe Reader is free software for viewing PDF documents. Problem This issue is caused by a use-after-free error within the "Doc.Media.newPlayer" JavaScript function, which could be exploited by attackers to execute arbitrary...

Adobe Flash Player authplay.dll vulnerability

Added: 08/26/2009 CVE: CVE-2009-1862 BID: 35759 OSVDB: 56282 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem A vulnerability in authplay.dll in Adobe Flash Player allows command execution when a user opens a specially crafted...

Microsoft Office Web Components OWC.Spreadsheet BorderAround vulnerability

Added: 08/24/2009 CVE: CVE-2009-2496 BID: 35991 OSVDB: 56915 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A heap corruption vulnerability in the OWC10.Spreadsheet ActiveX control allows command execution when a user opens a web...

Microsoft PowerPoint Legacy Format Scheme record buffer overflow

Added: 06/26/2009 CVE: CVE-2009-0226 BID: 34881 OSVDB: 54385 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A buffer overflow vulnerability in Microsoft PowerPoint allows command execution when a user opens a PowerPoint 4.0 stream...

Microsoft Excel SST record code execution

Added: 04/23/2009 CVE: CVE-2009-0238 BID: 33870 OSVDB: 52695 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A vulnerability in Microsoft Excel allows command execution when a user opens a spreadshee...

Internet Explorer XML data binding memory corruption

Added: 12/12/2008 CVE: CVE-2008-4844 BID: 32721 OSVDB: 50622 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A data binding error allows command execution when a user loads specially crafted XML code containing nested SPAN tags,...

DNS zone transfer

Added: 09/24/2008 CVE: CVE-1999-0532 OSVDB: 492 Background A DNS zone transfer is the process by which a secondary name server copies all DNS records for a domain from a primary name server. Problem If DNS zone transfers are not restricted, they can allow attackers to enumerate hosts in a domain...

Motorola Timbuktu login request buffer overflow

Added: 05/15/2008 CVE: CVE-2007-4221 BID: 25454 OSVDB: 40124 Background Motorola Timbuktu is remote control software for Windows and Mac. It runs a service which listens for connections on port 407/TCP or 407/UDP. Problem A buffer overflow vulnerability when processing login requests allows remot...

Trend Micro OfficeScan client ActiveX control buffer overflow

Added: 02/21/2007 CVE: CVE-2007-0325 BID: 22585 OSVDB: 33040 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem The OfficeScan Web-Deployment SetupINICtrl ActiveX control, which is vulnerable to buffer overflows in multiple methods, is...

Microsoft Client Service for NetWare tree name buffer overflow

Added: 11/16/2006 CVE: CVE-2006-4688 BID: 20984 OSVDB: 30260 Background The Client Service for NetWare, also known as the Gateway Service for NetWare, allows Windows users to access NetWare file, print, and directory services. It is available with Microsoft Windows operating systems but is not...

Samba call_trans2open buffer overflow

Added: 06/02/2006 CVE: CVE-2003-0201 BID: 7294 OSVDB: 4469 Background Samba is a software package which implements the SMB protocol on a variety of platforms, providing compatibility with Windows systems. Problem A buffer overflow in the calltrans2open function allows anonymous remote attackers t...

FreeSSHd key exchange buffer overflow

Added: 05/17/2006 CVE: CVE-2006-2407 BID: 17958 OSVDB: 25463 Background freeSSHd is a free SSH server based on WeOnlyDo wodSSHServer. Problem wodSSHServer and its derivatives, including freeSSHd, are affected by a buffer overflow vulnerability in the key exchange algorithm. A remote attacker can...

Windows LSASS buffer overflow

Added: 04/04/2006 CVE: CVE-2003-0533 BID: 10108 OSVDB: 5248 Background The Local Security Authority Subsystem Service LSASS provides an interface for managing local security, domain authentication, and Active Directory processes. Problem A buffer overflow in the DsRolepInitializeLog function in t...

op5 Monitor Nacoma command execution

Added: 07/01/2016 Background op5 Monitor is an open-source monitoring solution written in PHP. Problem The commandtest.php script in the Nacoma component of op5 Monitor can be used to execute arbitrary operating system commands. Resolution Upgrade to op5 Monitor 7.2.0 or higher. References...

HP Data Protector Windows Unauthenticated Remote Code Execution

Added: 02/18/2015 CVE: CVE-2014-2623 BID: 68672 OSVDB: 109069 Background HP Data Protector is a backup solution for enterprise and distributed environments. Data Protector Manager listens on port 5555/TCP. Problem HP Data Protector is vulnerable to remote unauthenticated arbitrary command executi...

Firefox crypto.generateCRMFRequest command execution

Added: 08/21/2014 CVE: CVE-2013-1710 BID: 61900 OSVDB: 96019 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A vulnerability in the implementation of the crypto.generateCRMFRequest javascript method allows command execution...

Adobe Pixel Shader

Added: 06/24/2014 CVE: CVE-2014-0515 BID: 67092 OSVDB: 106347 Background The Adobe Flash plugin provides flash content rendering for web browsers. Problem A buffer overflow exists due to an error in processing SWF files. The vulnerable function exists in the the DisplayShader class and can be...

HP SiteScope APIBSMIntegrationImpl runOMAgentCommand SOAP Request Vulnerability

Added: 10/30/2013 CVE: CVE-2013-2367 BID: 61506 OSVDB: 95824 Background HP SiteScope is an agentless software application used to monitor the availability and performance of distributed IT infrastructures including servers, operating systems, network and Internet services, applications and...

Mozilla Firefox XMLSerializer serializeToStream Use-after-free Vulnerability

Added: 10/17/2013 CVE: CVE-2013-0753 BID: 57209 OSVDB: 89021 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem Mozilla Firefox prior to 18.0 contains a use-after-free error in the XMLSerializer when the serializeToStream meth...

Internet Explorer Use-After-Free Memory Corruption (MS13-055)

Added: 10/09/2013 CVE: CVE-2013-3163 BID: 60975 OSVDB: 94981 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer contains a use-after-free error which can lead to memory corruption in such a way as to allow...

Oracle Endeca Server createDataStore method command execution

Added: 09/04/2013 CVE: CVE-2013-3763 BID: 61217 OSVDB: 95269 Background Oracle Endeca Server is a hybrid search-analytical database. Problem A vulnerability in the controlSoapBinding service allows remote attackers to execute arbitrary commands by sending a request for the createDataStore method...

HP LeftHand Virtual SAN Appliance Hydra Service Login Buffer Overflow

Added: 08/20/2013 CVE: CVE-2013-2343 BID: 60884 OSVDB: 94701 Background HP LeftHand Virtual SAN Appliance VSA software is a VMware certified SAN/storage device and virtual appliance that provides complete SAN functionality for VMware Infrastructure without external SAN hardware. Problem HP LeftHa...

HP Data Protector opcode 259 buffer overflow

Added: 07/09/2013 CVE: CVE-2013-2329 BID: 60304 OSVDB: 93863 Background HP Data Protector is an automated data backup solution. Problem A buffer overflow vulnerability when handling requests with opcode 259 allows remote attackers to execute arbitrary commands. Resolution Apply a patch referenced...

HP Data Protector opcode 259 buffer overflow

Added: 07/09/2013 CVE: CVE-2013-2329 BID: 60304 OSVDB: 93863 Background HP Data Protector is an automated data backup solution. Problem A buffer overflow vulnerability when handling requests with opcode 259 allows remote attackers to execute arbitrary commands. Resolution Apply a patch referenced...

Novell ZENworks Control Center file upload vulnerability

Added: 05/03/2013 CVE: CVE-2013-1080 BID: 58668 OSVDB: 91627 Background Novell ZENworks Configuration Management is an IT desktop computer management suite that provides the ability to install, configure and administer desktop computers from a centralized location. The product is based on a...

SonicWall Multiple Products skipSessionCheck Authentication Bypass

Added: 03/18/2013 CVE: CVE-2013-1359 BID: 57445 OSVDB: 89347 Background Dell SonicWALL has several management and reporting solutions which provide a centralized architecture for creating and managing security policies, providing real-time monitoring and alerts, and delivering compliance and usag...

WibuKey Runtime WkWin32.dll module DisplayMessageDialog overflow

Added: 12/27/2012 BID: 56678 OSVDB: 87881 Background WibuKey is a software protection and licensing solution. Problem A vulnerability in the WkWin32.dll ActiveX control in WibuKey Runtime allows command execution when a web page calls the DisplayMessageDialog method with a long, specially crafted...

Symantec Messaging Gateway Default SSH Password

Added: 10/02/2012 CVE: CVE-2012-3579 BID: 55143 OSVDB: 85028 Background Symantec Messaging Gateway is an email virus protection appliance that also provides antispam protection. Problem Symantec Messaging Gateway versions before 10.0 have a default password for the "support" account, which can be...

SAP NetWeaver Dispatcher DiagTraceR3Info Packet Parsing Vulnerability

Added: 06/04/2012 CVE: CVE-2012-2611 OSVDB: 81759 Background SAP Netweaver is a technology platform for building and integrating SAP business applications. Problem SAP Netweaver is vulnerable to a stack buffer overflow when configured with the developer trace level set to 2 or higher. The...

Oracle WebCenter Forms Recognition SSSplitter ActiveX Overwrite

Added: 05/02/2012 CVE: CVE-2012-1710 BID: 53062 OSVDB: 81366 Background Oracle WebCenter Imaging is a combined document management and business process management suite, marketed as a component of the Oracle Fusion Middleware portfolio of products. Oracle Forms Recognition OFR is an intelligent...

Plone Zope SAXutils Command Execution

Added: 01/13/2012 CVE: CVE-2011-3587 BID: 49857 OSVDB: 76105 Background Plone is a free and open source content management system built on top of the Zope application server. Plone can be used for any kind of website, including blogs, internet sites, webshops and internal websites. Problem Plone...

Novell iPrint Client ActiveX Control GetDriverSettings Stack Overflow

Added: 12/23/2011 CVE: CVE-2011-3173 BID: 50367 OSVDB: 76631 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Client ActiveX control named ienipp.ocx. Problem A buffer overflow vulnerability in the ActiveX contr...

Smart Software Solutions CoDeSys Webserver URI Copying Stack Buffer Overflow

Added: 12/16/2011 CVE: CVE-2011-5007 BID: 50849 OSVDB: 77387 Background Smart Software Solutions GmbH 3S manufactures CoDeSys Web Server, a Supervisory Control and Data Acquisition/Human-Machine Interface SCADA/HMI product. The SCADA Web Server listens on TCP port 8080. Problem The CmpWebServer.d...

Wireshark Lua Untrusted Search Path vulnerability

Added: 11/25/2011 CVE: CVE-2011-3360 BID: 49528 OSVDB: 75347 Background Wireshark is a network packet analyzer. Problem A vulnerability in Wireshark allows execution of arbitrary Lua scripts placed in untrusted directories which are included in Wireshark's search path. Resolution Upgrade to...

Microsoft Forefront Unified Access Gateway Java Applet Signed Code Execution

Added: 10/17/2011 CVE: CVE-2011-1969 BID: 49983 OSVDB: 76236 Background Microsoft Forefront Unified Access Gateway UAG is a reverse proxy and VPN solution. Problem End users of UAG must install a signed Java applet via MicrosoftClient.jar. This applet loads unsigned Java classes, which may allow ...

Firefox sensor.dll Insecure Library Loading

Added: 09/13/2011 CVE: CVE-2011-2980 BID: 49217 OSVDB: 74583 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A library loading vulnerability in Mozilla Firefox and Thunderbird allows arbitrary command execution when a user...

Oracle Java Applet2ClassLoader Vulnerability

Added: 05/05/2011 CVE: CVE-2010-4452 BID: 46388 OSVDB: 71193 Background Java is a programming language that compiles programs to bytecode, which is then executed inside a Java Virtual Machine. This is optimal for applications that must run on various hardware platforms, such as web applets. Probl...

7-Technologies Interactive Graphical SCADA System Remote Code Execution

Added: 04/17/2011 CVE: CVE-2011-1567 BID: 46936 Background 7-Technologies Interactive Graphical SCADA System IGSS is a SCADA solution used mainly in Denmark and the US. Problem 7T IGSS server contains multiple stack overflows, a format string vulnerability, a remote command execution vulnerabilit...

Adobe Reader Flash AVM2 Memory Corruption

Added: 03/30/2011 CVE: CVE-2011-0609 BID: 46860 OSVDB: 71254 Background Adobe Reader is free software for viewing PDF documents. Problem Adobe Reader 9.x is vulnerable to a remote code execution vulnerability as a result of parsing flash content by the bundled Adobe Flash Player. Resolution Updat...

HP Power Manager formLogin buffer overflow

Added: 12/28/2010 CVE: CVE-2010-4113 OSVDB: 69969 Background HP Power Manager is a web-based application that enables administrators to manage an HP UPS from a browser-based management console. Problem A buffer overflow vulnerability in the Administration interface allows remote attackers to...

Oracle Secure Backup Administration property_box.php objectname command injection

Added: 09/30/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 66340 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A vulnerability in the propertybox.php script allows remote attackers to inject arbitrary commands via the objectname paramete...

Lotus Domino nrouter.exe iCalendar MAILTO buffer overflow

Added: 09/24/2010 CVE: CVE-2010-3407 BID: 43219 OSVDB: 68040 Background IBM Lotus Domino is a messaging and collaboration solution for multiple platforms. Problem A buffer overflow in the nrouter.exe service allows remote attackers to execute arbitrary commands by sending an iCalendar message...

Eureka Email POP3 Error Stack Buffer Overflow

Added: 02/16/2010 CVE: CVE-2009-3837 OSVDB: 59262 Background Eureka Email is an e-mail client with built-in junk e-mail filtering. Problem A malicious POP3 mail server can send a long error message to the Eureka Email client, causing a stack buffer overflow. Resolution Upgrade when a fix becomes...

Microsoft Office Web Components OWC.Spreadsheet.9 HTMLURL property overflow

Added: 08/14/2009 CVE: CVE-2009-1534 BID: 35992 OSVDB: 56916 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...