Lotus Notes Attachment Viewer UUE file buffer overflow

Added: 02/21/2006 CVE: CVE-2005-2618 BID: 16576 OSVDB: 23065 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the attachment viewer in the Lotus Notes e-mail client allows command execution when a user opens a specially crafted UUE file. Resolution Upgra...

Mozilla Firefox QueryInterface method memory corruption

Added: 02/10/2006 CVE: CVE-2006-0295 BID: 16476 OSVDB: 22893 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A memory corruption in the QueryInterface method of the Location and Navigator objects leads to command execution. Resolution Upgrade to...

Arkeia Type 77 Request buffer overflow

Added: 01/24/2006 CVE: CVE-2005-0491 BID: 12594 OSVDB: 14011 Background The Arkeia network backup software includes a daemon program called arkeiad which listens for connections on TCP port 617. Problem A buffer overflow in the processing of type 77 requests sent to the arkeiad listener allows...

Eudora WorldMail IMAP LIST command buffer overflow

Added: 12/30/2005 CVE: CVE-2005-4267 BID: 15980 OSVDB: 22097 Background Eudora WorldMail is an e-mail server for Windows. Problem A long IMAP command ending with a close brace character could result in a buffer overflow, leading to remote command execution. Resolution Upgrade to a version of Eudo...

Computer Associates License Service GETCONFIG buffer overflow

Added: 12/14/2005 CVE: CVE-2005-0581 BID: 12705 OSVDB: 14389 Background The License service comes with most Computer Associates products and exchanges license information over ports 10202/tcp and 10203/tcp. Problem A buffer overflow vulnerability exists in the processing of GETCONFIG messages...

Disk Savvy Enterprise long URI in GET request buffer overflow

Added: 03/16/2017 CVE: CVE-2017-6187 BID: 96401 Background Disk Savvy Enterprise is a disk space usage analyzer. Problem A buffer overflow in the built-in web server in Disk Savvy Enterprise could allow remote code execution when handling a long URI in a GET request. Resolution Contact the vendor...

NETGEAR ReadyNAS Surveillance Command Execution

Added: 08/30/2016 CVE: CVE-2016-5674 BID: 92318 Background NETGEAR ReadyNAS Surveillance combines their storage and switching solution NETGEAR ReadyNAS Network Attached Storage system with network video recording software from NUUO to provide an affordable surveillance solution for small...

Centreon web interface command injection

Added: 02/29/2016 Background Centreon is a suite of enterprise monitoring products written in PHP. Problem A command injection vulnerability in the Centreon web interface allows remote attackers to execute arbitrary commands by sending a specially crafted useralias parameter in a POST request. Th...

FortiOS Fortimanager_Access SSH account backdoor

Added: 01/25/2016 CVE: CVE-2016-1909 Background FortiOS is the operating system used by FortiGate network security appliances. Problem An undocumented account can be used to gain unauthorized access to the appliance. Resolution Upgrade to FortiOS 4.1.11, 4.2.16, 4.3.17, 5.0.8, 5.2.0, 5.4.0, or...

TWiki View Script debugenableplugins Request Parameter Vulnerability

Added: 03/30/2015 CVE: CVE-2014-7236 BID: 70372 OSVDB: 112977 Background TWiki is a web-based collaboration platform written in PERL. Problem The TWiki view script does not properly sanitize the debugenableplugins parameter before using it. Resolution Upgrade to TWiki-6.0.1 or higher, or apply th...

F5 rsync daemon ConfigSync interface cmi module vulnerability

Added: 09/02/2014 CVE: CVE-2014-2927 BID: 69461 OSVDB: 110595 Background F5 BIG-IP is a suite of security, availability and acceleration products. Problem When configured to support failover, multiple BIG-IP products are vulnerable to an unauthenticated rsync access vulnerability that can be...

FreePBX Framework Module view.functions.php Remote Code Execution

Added: 04/03/2014 CVE: CVE-2014-1903 BID: 65509 OSVDB: 103240 Background FreePBX is an open source telephony front-end, which has an easy to use graphical user interface that controls and manages Asterisk. Problem The Framework module of FreePBX is vulnerable to remote code execution as a result ...

HP Data Protector Backup Client Service opcode 42 directory traversal

Added: 01/28/2014 CVE: CVE-2013-6194 BID: 64647 OSVDB: 101630 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem A vulnerability in the Backup Client Service OmniInet.exe allows remote, unauthenticated attackers to write files t...

HP ProCurve Manager SNAC UpdateCertificatesServlet FileName Vulnerability

Added: 10/03/2013 CVE: CVE-2013-4812 BID: 62348 OSVDB: 97155 Background HP ProCurve Manager PCM is a secure, advanced Windows-based network management platform that allows administrators to configure, update, monitor, and troubleshoot ProCurve devices centrally. Problem The SNAC registration serv...

WPAD Listener

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, browsers are...

HP LoadRunner micWebAjax.dll ActiveX NotifyEvent Method Vulnerability

Added: 09/30/2013 CVE: CVE-2013-2368 BID: 61436 OSVDB: 95639 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the micWebAjax ActiveX control. Problem HP LoadRunner before 11.52 is vulnerable to remote code execution due to failure to sanitize user-suppli...

Internet Explorer HTML Rendering Engine onLoseCapture Use-After-Free Vulnerability

Added: 09/25/2013 CVE: CVE-2013-3893 BID: 62453 OSVDB: 97380 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer 6 through 11 contain a use-after-free vulnerability in the SetMouseCapture implementation in...

Internet Explorer HTML Rendering Engine onLoseCapture Use-After-Free Vulnerability

Added: 09/25/2013 CVE: CVE-2013-3893 BID: 62453 OSVDB: 97380 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer 6 through 11 contain a use-after-free vulnerability in the SetMouseCapture implementation in...

PineApp Mail-SeCure ldapsyncnow.php command injection

Added: 08/14/2013 BID: 61474 OSVDB: 95781 Background PineApp Mail-SeCure is an e-mail security appliance which provides perimeter security protection to stop threats prior to their penetration of the customer's network, as well as post-perimeter anti-spam content inspection. Problem A vulnerabili...

PineApp Mail-SeCure test_li_connection.php Command Injection

Added: 08/08/2013 BID: 61477 OSVDB: 95782 Background PineApp Mail-SeCure is an e-mail security appliance which provides perimeter security protection to stop threats prior to their penetration of the customer's network, as well as post-perimeter anti-spam content inspection. Problem PineApp...

QuickTime Movie File dref Atom Handling Buffer Overflow

Added: 08/01/2013 CVE: CVE-2013-1017 BID: 60097 OSVDB: 93625 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime before 7.7.4 is vulnerable to remote code execution due to a failure to perform appropriate validation of user supplied input. A remote...

HP Data Protector CRS Opcode 211 Stack Buffer Overflow

Added: 07/24/2013 CVE: CVE-2013-2333 BID: 60309 OSVDB: 93867 Background HP Data Protector is an automated data backup solution. Problem A buffer overflow vulnerability in crs.exe when handling requests with opcode 211 allows remote attackers to execute arbitrary commands. Resolution Apply a patch...

Novell ZENworks Mobile Management DUSAP.php Language Parameter Vulnerability

Added: 07/18/2013 CVE: CVE-2013-1082 BID: 60179 OSVDB: 91118 Background ZENworks Mobile Management ZMM offers centralized management tools that are useful for deploying new mobile devices in the workforce, whether those devices are company-issued or privately owned. ZMM ensures that users have th...

Internet Explorer textNode Style Computation Use After Free Vulnerability

Added: 06/17/2013 CVE: CVE-2013-1311 BID: 59752 OSVDB: 93296 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Internet Explorer 8 is vulnerable to remote code execution as a result of memory corruption when computations on the...

Novell ZENworks Mobile Management MDM.php Language Parameter Vulnerability

Added: 06/15/2013 CVE: CVE-2013-1081 BID: 58402 OSVDB: 91119 Background ZENworks Mobile Management ZMM offers centralized management tools that are useful for deploying new mobile devices in the workforce, whether those devices are company-issued or privately owned. ZMM ensures that users have th...

BigAnt Messenger Server DUPF Arbitrary File Upload

Added: 04/01/2013 CVE: CVE-2012-6274 BID: 57214 OSVDB: 89342 Background BigAnt Messenger Server offers secure instant messaging, file transfer, voip, video chat, web conferencing and more. Problem BigAnt Server 2.97 and earlier does not require authentication for file uploading, and does not...

Adobe Flash Player SWF Content Regular Expression Heap Overflow

Added: 02/21/2013 CVE: CVE-2013-0634 BID: 57788 OSVDB: 89936 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem The ActiveX version of Adobe Flash Player on Windows is vulnerable to heap buffer overflow because it does not proper...

rsh Excessive Trust Vulnerability

Added: 01/25/2013 CVE: CVE-1999-0515 Background The rsh service allows remote users, using an rsh client, to execute individual shell commands on an rsh server without the need for a password. The rsh process uses the .rhosts file to list trusted hosts those machines allowed to use the service...

CYME ChartFX ActiveX ShowPropertiesDialog pageNumber indexing error

Added: 12/17/2012 BID: 55765 OSVDB: 85894 Background The CYME Power Engineering Software is a suite of applications for power engineers. It includes the ChartFX ActiveX control. Problem An indexing error in ChartFX.ClientServer.Core.dll of the ChartFX ActiveX Control allows command execution when...

Symantec Messaging Gateway Default SSH Password

Added: 10/02/2012 CVE: CVE-2012-3579 BID: 55143 OSVDB: 85028 Background Symantec Messaging Gateway is an email virus protection appliance that also provides antispam protection. Problem Symantec Messaging Gateway versions before 10.0 have a default password for the "support" account, which can be...

Internet Explorer CMshtmlEd execCommand Use After Free

Added: 09/19/2012 CVE: CVE-2012-4969 BID: 55562 OSVDB: 85532 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Internet Explorer does not properly clean up references to objects passed to the execCommand Javascript method. If...

Oracle Outside In XPM Image Processing Stack Overflow

Added: 09/10/2012 Background Oracle Outside In is a suite of software development kits that provides developers with a comprehensive solution to access, transform, and control the contents of over 500 unstructured file formats. Problem In Outside In versions 8.3.5.0 through 8.3.7, the XPM image...

Symantec Web Gateway pbcontrol.php Command Injection

Added: 08/24/2012 CVE: CVE-2012-2953 BID: 54426 OSVDB: 84120 Background Symantec Web Gateway protects organizations against multiple types of Web-based malware and prevents data loss over the Web. Problem Symantec Web Gateway 5.0.x.x before 5.0.3.18 is vulnerable to command injection due to...

Lotus Notes iNotes Attachment_Times ActiveX Overflow

Added: 08/22/2012 CVE: CVE-2012-2175 BID: 53879 OSVDB: 82755 Background Lotus Notes is the client for Lotus Domino servers. iNotes is a web-based alternative to the Notes client. Problem The iNotes ActiveX control does not properly validate the user-supplied values for the attachmenttimes...

Novell iPrint Client GetDriverSettings Realm Parameter Stack Buffer Overflow

Added: 08/10/2012 CVE: CVE-2011-4187 BID: 51926 OSVDB: 78955 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Client ActiveX control named ienipp.ocx. Problem Novell iPrint Client before 5.78 on Windows is...

Internet Explorer COL SPAN Heap Overflow

Added: 08/06/2012 CVE: CVE-2012-1876 BID: 53848 OSVDB: 82866 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Internet Explorer allows websites to utilize Javascript to create dynamic web content. As such, websites can include...

Internet Explorer Same ID Property vulnerability

Added: 06/22/2012 CVE: CVE-2012-1875 BID: 53847 OSVDB: 82865 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A vulnerability in Internet Explorer allows command execution when a user opens a specially crafted web page which causes...

Symantec Web Gateway access_log PHP Injection

Added: 06/11/2012 CVE: CVE-2012-0297 BID: 53444 OSVDB: 82023 Background Symantec Web Gateway protects organizations against multiple types of Web-based malware and prevents data loss over the Web. Problem Symantec Web Gateway fails to properly sanitize user-supplied input passed to...

IBM Lotus Quickr QP2 ActiveX Overflow

Added: 05/31/2012 CVE: CVE-2012-2176 BID: 53678 OSVDB: 82166 Background IBM Lotus Quickr is a team collaboration solution that provides teams with a data repository, and interfaces with Lotus Notes, Sametime, Symphony, and more. Problem The Lotus Quickr client installs several ActiveX controls on...

Firefox AttributeChildRemoved Use After Free

Added: 05/21/2012 CVE: CVE-2011-3659 BID: 51755 OSVDB: 78736 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem In Firefox version prior to 3.6.26, and 4.0 through 9.0, when removing child objects from the DOM tree, the remove...

WebCalendar Pre-Auth PHP Code Execution

Added: 05/18/2012 CVE: CVE-2012-1495 BID: 53207 OSVDB: 80097 Background WebCalendar is a PHP-based calendar application that can be configured as a single-user calendar, a multi-user calendar for groups of users, or as an event calendar viewable by visitors. Problem WebCalendar fails to properly...

SolarWinds Storage Manager SQL Injection

Added: 05/17/2012 BID: 51639 OSVDB: 81634 Background SolarWinds Storage Manager is agentless heterogeneous monitoring and reporting of the performance and capacity of physical and virtual storage infrastructure. It delivers visibility and insight into how your storage infrastructure maps to your...

VideoLAN VLC Media Player MMS URI Stack Overflow

Added: 05/09/2012 CVE: CVE-2012-1775 BID: 53391 OSVDB: 80188 Background VLC media player is a media player supporting various audio and video formats for multiple platforms. Problem VLC Player versions 2.0.0 and lower do not properly validate the hostname when accessing MMS URIs. An overly long...

McAfee Virtual Technician MVT.MVTControl ActiveX Control Insecure Method

Added: 05/04/2012 BID: 53304 Background McAfee Virtual Technician is a free automated diagnosis and and problem resolution tool which scans a Windows system to ensure that McAfee products are installed correctly. Problem McAfee Virtual Technician ActiveX control MVT.dll, as provided in McAfee...

Cisco Linksys PTZ Internet Video Camera PlayerPT ActiveX Overflow

Added: 04/19/2012 BID: 52673 OSVDB: 80297 Background The Cisco WVC200 Wireless-G PTZ Internet Video Camera sends live video through the Internet to a web browser anywhere in the world. Viewers can access the video stream through an HTTP service, which requires an ActiveX client to be installed in...

Java Web Start initial heap size command injection

Added: 03/02/2012 CVE: CVE-2012-0500 BID: 52015 OSVDB: 79227 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Java Web Start allows arbitrary command-line argument injection through...

Java Web Start initial heap size command injection

Added: 03/02/2012 CVE: CVE-2012-0500 BID: 52015 OSVDB: 79227 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Java Web Start allows arbitrary command-line argument injection through...

Symantec pcAnywhere Host Services Login Overflow

Added: 02/13/2012 CVE: CVE-2011-3478 BID: 51592 OSVDB: 78532 Background Symantec pcAnywhere is a suite of remote connectivity applications that allow users of a system to access their system remotely. Problem A stack overflow exist in the pcAnywhere Host Service when parsing login names. An...

HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution

Added: 01/26/2012 CVE: CVE-2011-4786 BID: 51396 OSVDB: 78306 Background HP Easy Printer Care Software is a tool to control and monitor up to 20 HP printers. Problem HP Easy Printer Care Software 2.5 and prior versions are vulnerable to remote code execution. The CacheDocumentXMLWithId method from...

HP Diagnostics Server magentservice.exe Integer Wrap

Added: 01/26/2012 CVE: CVE-2011-4789 BID: 51398 OSVDB: 78309 Background HP Diagnostics software monitors application transaction health in traditional, virtualized and cloud environments. Problem A vulnerability exists in the way the magentservice.exe service handles network requests. Subtraction...