4305 matches found
Avaya IP Office Customer Call Reporter ImageUpload.ashx file upload
Added: 10/22/2012 CVE: CVE-2012-3811 BID: 54225 OSVDB: 83399 Background Avaya IP Office is a unified communications solution for mobile workforce. Problem The ImageUpload.ashx script allows unauthenticated users to upload arbitrary script files to the webserver. The script files can then be...
Adobe Flash Player OpenType Font Integer Overflow
Added: 08/27/2012 CVE: CVE-2012-1535 BID: 55009 OSVDB: 84607 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem Adobe Flash Player 11.3.300.270 and earlier on Windows is vulnerable to remote code execution via an integer overflow...
HP Data Protector Express Opcode 0x320 Overflow
Added: 07/23/2012 CVE: CVE-2012-0121 BID: 52431 OSVDB: 80102 Background HP Data Protector Express is a backup and recovery solution for single machines and small networks. Problem A stack overflow vulnerability exists in dpwindtb.dll. Validation of parameters to Opcode 0x320 requests are not...
Apple QuickTime TeXML Style Element Parsing Buffer Overflow
Added: 07/09/2012 CVE: CVE-2012-0663 BID: 53571 OSVDB: 81934 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.1 and earlier versions are vulnerable to buffer overflow when parsing XML elements within a TeXML file. The QuickTime3GPP.qtx QuickTime...
iTunes m3u Playlist Overflow
Added: 07/03/2012 CVE: CVE-2012-0677 BID: 53933 OSVDB: 82897 Background iTunes is a free media player for multiple platforms. Problem iTunes does not properly validate parameters for EXTINF: directives in m3u files. This results in an exploitable stack overflow. Resolution Upgrade to iTunes 10.6....
Internet Explorer Same ID Property vulnerability
Added: 06/22/2012 CVE: CVE-2012-1875 BID: 53847 OSVDB: 82865 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A vulnerability in Internet Explorer allows command execution when a user opens a specially crafted web page which causes...
Sunway ForceControl SNMP NetDBServer Data Chunk Copy Buffer Overflow
Added: 02/22/2012 BID: 49747 OSVDB: 75798 Background Sunway ForceControl is a Chinese SCADA/HMI software application widely used in China to help run weapons systems, utilities and chemical plants. It is also used to a lesser extent in other countries, including the US. SNMP NetDBServer is one of...
HP Diagnostics Server magentservice.exe Integer Wrap
Added: 01/26/2012 CVE: CVE-2011-4789 BID: 51398 OSVDB: 78309 Background HP Diagnostics software monitors application transaction health in traditional, virtualized and cloud environments. Problem A vulnerability exists in the way the magentservice.exe service handles network requests. Subtraction...
Symantec Alert Management System AMSSendAlertAck Buffer Overflow
Added: 12/01/2011 CVE: CVE-2010-0110 BID: 45936 OSVDB: 72623 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. It includes an Intel Alert Handler service hndlrsvc.exe. This service handles messages forwarded to it by the Alert Originator Manager...
Netzip Classic ZIP file parsing buffer overflow
Added: 11/04/2011 BID: 46059 Background Netzip Classic is a Windows utility for downloading and decompressing files. Problem A buffer overflow vulnerability allows command execution when a user opens a specially crafted ZIP file and double-clicks on the file contained in it. Resolution Do not use...
Sunway ForceControl SNMP NetDBServer Signed Integer Buffer Overflow
Added: 09/29/2011 BID: 49747 OSVDB: 75798 Background Sunway ForceControl is a Chinese SCADA/HMI software application widely used in China to help run weapons systems, utilities and chemical plants. It is also used to a lesser extent in other countries, including the US. SNMP NetDBServer is one of...
RealNetworks RealPlayer QCP Parsing
Added: 09/12/2011 CVE: CVE-2011-2950 BID: 49172 OSVDB: 74549 Background RealPlayer is a media player application which can play back various multimedia file formats, including QCP audio files. The QCP file format is frequently used to provide ring tones and to record voice for cellular telephones...
Microsoft Excel SLK File Parsing Buffer Overflow
Added: 08/15/2011 CVE: CVE-2011-1276 BID: 48161 OSVDB: 72924 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Office Excel is vulnerable to remote code execution due to improper boundary...
Oracle Java Runtime Environment Insecure File Loading
Added: 08/08/2011 OSVDB: 74330 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java application; it consists of the Java...
Oracle Java Runtime Environment Insecure File Loading
Added: 08/08/2011 OSVDB: 74330 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java application; it consists of the Java...
Mozilla Firefox nsTreeRange Use After Free
Added: 07/27/2011 CVE: CVE-2011-0073 BID: 47663 OSVDB: 72087 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem Mozilla Firefox and SeaMonkey are prone to a remote code execution vulnerability caused by accessing previously...
Mozilla Firefox nsTreeRange Use After Free
Added: 07/27/2011 CVE: CVE-2011-0073 BID: 47663 OSVDB: 72087 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem Mozilla Firefox and SeaMonkey are prone to a remote code execution vulnerability caused by accessing previously...
IBM Lotus Notes LZH Attachment Viewer Stack Buffer Overflow
Added: 06/30/2011 CVE: CVE-2011-1213 BID: 48018 OSVDB: 72706 Background Lotus Notes is the client for Lotus Domino servers. Problem IBM Lotus Notes File Viewer is vulnerable to remote code execution as a result of a stack buffer overflow while parsing headers of LZH files. A remote, unauthenticat...
CA Total Defense UNCWS DeleteReports SQL Injection
Added: 05/12/2011 CVE: CVE-2011-1653 BID: 47355 Background CA Total Defense is a combined host-based anti-virus, anti-spyware, firewall, and IPS solution. Problem CA Total Defense includes a web service management component, which in version r12 prior to SE2, fails to validate certain parameters...
Microsoft Office FlashPix Image Converter Dictionary property buffer overflow
Added: 12/14/2010 CVE: CVE-2010-3951 BID: 45278 OSVDB: 69808 Background Microsoft Office is a package that provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. The suite ships with a set of image processing helper libraries...
Oracle Secure Backup Administration preauth variable command injection
Added: 12/06/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 67128 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A vulnerability in the Administration server allows remote, authenticated attackers to execute arbitrary commands which are...
DATAC RealWin SCADA Server SCPC_INITIALIZE buffer overflow
Added: 11/08/2010 CVE: CVE-2010-4142 BID: 44150 OSVDB: 68812 Background RealWin is a Supervisory Control and Data Acquisition SCADA server which is distributed by DATAC. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...
Oracle Java IE Browser Plugin docbase Parameter Stack Buffer Overflow
Added: 10/15/2010 CVE: CVE-2010-3552 BID: 44023 Background Oracle Java SE and Java for Business are development platforms for developing and deploying Java applications. They include the Java SE Development Kit JDK and the Java Runtime Environment JRE. The JRE provides the minimum requirements fo...
HP OpenView Network Node Manager snmpviewer.exe CGI Stack Buffer Overflow
Added: 07/01/2010 CVE: CVE-2010-1552 BID: 40068 OSVDB: 64975 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability in HP Openview NNM allows remote attackers to execute arbitrary commands by sending...
Internet Explorer Tabular Data Control DataURL memory corruption
Added: 04/22/2010 CVE: CVE-2010-0805 BID: 39025 OSVDB: 63329 Background Tabular Data Control is an ActiveX control which can be used to display data from a delimited text file. Problem A memory corruption vulnerability allows command execution when a user loads a web page which invokes Tabular Da...
Sun Java System Web Server WebDAV OPTIONS request buffer overflow
Added: 02/05/2010 CVE: CVE-2010-0361 BID: 37874 OSVDB: 61851 Background Sun Java System Web Server is a web application server. WebDAV Web-based Distributed Authoring and Versioning is an extension to the HTTP protocol which allows users to edit web server content. Problem A buffer overflow...
Adobe Illustrator EPS File DSC Comment Buffer Overflow
Added: 01/20/2010 CVE: CVE-2009-4195 BID: 37192 OSVDB: 60632 Background Adobe Illustrator software is a comprehensive vector graphics environment for creative professionals that is used for both drawing and typographical work. Illustrator supports several vector file formats including AI, CDR, PD...
Adobe Flash Player authplay.dll vulnerability
Added: 08/26/2009 CVE: CVE-2009-1862 BID: 35759 OSVDB: 56282 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem A vulnerability in authplay.dll in Adobe Flash Player allows command execution when a user opens a specially crafted...
Adobe Flash Player authplay.dll vulnerability
Added: 08/26/2009 CVE: CVE-2009-1862 BID: 35759 OSVDB: 56282 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem A vulnerability in authplay.dll in Adobe Flash Player allows command execution when a user opens a specially crafted...
Visual Studio Active Template Library object type mismatch vulnerability
Added: 08/24/2009 CVE: CVE-2009-2494 BID: 35982 OSVDB: 56910 Background Microsoft Visual Studio is a product to assist with software development in the Windows operating system. Visual Studio uses Microsoft Active Template Library ATL, which is a set of template-based C++ classes, to help simplif...
Windows GDI Privilege Elevation
Added: 05/25/2009 CVE: CVE-2006-5758 BID: 20940 OSVDB: 30214 Background The Graphics Rendering Engine in Microsoft Windows 2000 and Windows XP maps GDI Kernel structures on a global shared memory section that is created with insecure permissions. Problem Users with local access can remap the shar...
Windows SMB credential reflection vulnerability
Added: 05/07/2009 CVE: CVE-2008-4037 BID: 7385 OSVDB: 49736 Background The Server Message Block SMB.aspx protocol is a file sharing protocol implemented in Microsoft Windows. NTLM is a challenge/response-based authentication protocol. Problem An NTLM credential reflection vulnerability allows a...
Microsoft WordPad Word97 text converter buffer overflow
Added: 04/23/2009 CVE: CVE-2009-0235 BID: 34470 OSVDB: 53664 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability in the Word 97 text converter allows command execution when a use...
ffdshow URL link buffer overflow
Added: 03/25/2009 CVE: CVE-2008-5381 BID: 32438 OSVDB: 50064 Background ffdshow tryouts also known just as ffdshow is an audio and video decoder for Windows. Problem A buffer overflow vulnerability allows command execution when a user opens a media stream with a long, specially crafted URL link...
Java Runtime Environment JAR manifest Main Class buffer overflow
Added: 02/26/2009 CVE: CVE-2008-5354 BID: 32608 OSVDB: 50499 Background Java Runtime Environment JRE allows end users to run Java applications. Problem A buffer overflow vulnerability in JRE allows command execution when a user opens a JAR archive containing a manifest file with a specially craft...
Visual FoxPro vfp6r.dll ActiveX Control DoCmd command execution
Added: 12/19/2008 CVE: CVE-2008-0236 BID: 27205 OSVDB: 40380 Background Visual FoxPro is a tool for developing database applications. Problem The vfp6r.dll ActiveX control allows command execution when a user opens a web page which uses the DoCmd method. Resolution Set the kill bit for class ID...
Oracle WebLogic Server Apache Connector Transfer-Encoding buffer overflow
Added: 10/31/2008 CVE: CVE-2008-4008 BID: 31683 OSVDB: 49283 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...
DATAC RealWin SCADA Server FC_INFOTAG/SET_CONTROL buffer overflow
Added: 10/03/2008 CVE: CVE-2008-4322 BID: 31418 OSVDB: 48606 Background RealWin is a Supervisory Control and Data Acquisition SCADA server which is distributed by DATAC. Problem A buffer overflow vulnerability in RealWin Server allows remote attackers to execute arbitrary commands by sending a...
Citadel SMTP server RCPT TO buffer overflow
Added: 05/12/2008 CVE: CVE-2008-0394 BID: 27376 OSVDB: 40516 Background Citadel is an open-source e-mail and collaboration server. Problem A buffer overflow vulnerability in the makeuserkey function allows remote attackers to execute arbitrary commands by sending a long, specially crafted RCPT TO...
Microsoft Excel rtAFDesc record invalid pointer access
Added: 01/17/2008 CVE: CVE-2008-0081 BID: 27305 OSVDB: 40344 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms. Problem Microsoft Excel references an uninitialized pointer if a spreadsheet contains an improperly placed...
Lotus Notes WPD attachment viewer buffer overflow
Added: 01/03/2008 CVE: CVE-2007-5910 BID: 26175 OSVDB: 40783 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the KeyView Viewer included in Lotus Notes allows command execution when a user views a specially crafted WordPerfect WPD attachment. Resolution...
Adobe PageMaker MAIPM6.DLL font name buffer overflow
Added: 11/19/2007 CVE: CVE-2007-5169 BID: 25989 OSVDB: 38067 Background Adobe PageMaker is page layout software. Problem A buffer overflow vulnerability in MAIPM6.DLL allows command execution when a user opens a .PMD file containing specially crafted font names. Resolution Apply the update...
Internet Explorer tblinf32.dll ActiveX IObjectsafety vulnerability
Added: 08/17/2007 CVE: CVE-2007-2216 BID: 25289 OSVDB: 36396 Background The IObjectsafety interface provides methods to get and set safety options for objects which support untrusted clients. Problem The tblinf32.dll ActiveX control implements IObjectsafety incorrectly, allowing execution of code...
Novell Client 4.91 SP4 nwspool.dll buffer overflow
Added: 08/10/2007 CVE: CVE-2007-6701 BID: 25092 OSVDB: 37319 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem The nwspool.dll library in Novell Client is affected by buffer overflow vulnerabilities in several different functions, allowing remote...
Windows MDAC RDS.Dataspace ActiveX control vulnerability
Added: 07/16/2007 CVE: CVE-2006-0003 BID: 17462 OSVDB: 24517 Background Microsoft Data Access Components MDAC enable Universal Data Access in Windows applications deployed over a network. Problem A cross-zone scripting vulnerability in the RDS.Dataspace ActiveX control in MDAC allows command...
Solaris loadable kernel module directory traversal
Added: 06/22/2007 CVE: CVE-2004-1767 BID: 9477 OSVDB: 15128 Background Loadable kernel modules are programs which can be dynamically loaded into the kernel. Problem A directory traversal vulnerability in the vfsgetvfssw function in the Solaris kernel allows unprivileged users to load their own...
Windows Animated Cursor Header buffer overflow
Added: 04/05/2007 CVE: CVE-2007-0038 BID: 23194 OSVDB: 33629 Background Animated cursor .ani files contain animated graphics for icons and cursors. Problem A buffer overflow in Windows allows command execution when opening a specially crafted .ani file containing large file headers. Resolution...
snmpXdmid buffer overflow
Added: 03/12/2007 CVE: CVE-2001-0236 BID: 2417 OSVDB: 546 Background The SNMP to DMI mapper daemon snmpXdmid translates Simple Network Management Protocol SNMP events to Desktop Management Interface DMI indications and vice-versa. Problem snmpXdmid is affected by a buffer overflow vulnerability...
Solaris telnetd authentication bypass
Added: 02/16/2007 CVE: CVE-2007-0882 BID: 22512 OSVDB: 31881 Background The Telnet service allows remote users to authenticate to a system and use an interactive command shell. The Telnet service is implemented by the Telnet daemon, telnetd. Problem The telnetd program in Solaris 10 and 11...
Microsoft XMLHTTP ActiveX control setRequestHeader vulnerability
Added: 11/17/2006 CVE: CVE-2006-5745 BID: 20915 OSVDB: 30208 Background Microsoft XML Core Services includes the XMLHTTP ActiveX control, which allows web pages to send and receive XML data. Problem A memory corruption vulnerability in the XMLHTTP ActiveX control allows command execution when a...