4305 matches found
Trend Micro ServerProtect TMregChange buffer overflow
Added: 09/27/2007 CVE: CVE-2007-4731 OSVDB: 45878 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the TMregChange function in the TMreg.dll library allows remote attackers to execute arbitrary commands by sending specially crafted da...
Trend Micro OfficeScan session cookie buffer overflow
Added: 07/20/2007 CVE: CVE-2007-3454 BID: 24641 OSVDB: 36629 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability in the CGIOCommon.dll shared library allows remote attackers to execute arbitrary commands by sending ...
RealPlayer SMIL file wallclock buffer overflow
Added: 06/29/2007 CVE: CVE-2007-3410 BID: 24658 OSVDB: 37374 Background RealPlayer includes support for Synchronized Multimedia Integration Language SMIL files. Problem A buffer overflow vulnerability in the wallclock function could allow command execution upon opening a specially crafted SMIL...
Windows Animated Cursor Header buffer overflow
Added: 04/05/2007 CVE: CVE-2007-0038 BID: 23194 OSVDB: 33629 Background Animated cursor .ani files contain animated graphics for icons and cursors. Problem A buffer overflow in Windows allows command execution when opening a specially crafted .ani file containing large file headers. Resolution...
System V login argument array buffer overflow
Added: 03/30/2007 CVE: CVE-2001-0797 BID: 3681 OSVDB: 690 Background The login program is used by various applications for authentication to the system. Problem The login program dervied from System V is affected by a buffer overflow vulnerability when processing a long argument array. A remote...
QuickTime rtsp src URL buffer overflow
Added: 01/04/2007 CVE: CVE-2007-0015 BID: 21829 OSVDB: 31023 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow in QuickTime allows command execution when a user opens a specially crafted QTL file containing a long src parameter starting with rtsp:/...
MailEnable POP PASS command buffer overflow
Added: 12/28/2006 CVE: CVE-2006-6605 BID: 21645 OSVDB: 32341 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. Problem A buffer overflow vulnerability in MailEnable allows remote, unauthenticated attackers to execute arbitrary commands by sending a long,...
Oracle Security Component sys.pbsde buffer overflow
Added: 11/07/2006 CVE: CVE-2005-3438 BID: 15134 OSVDB: 20612 Background pbsde is a package of stored procedures which is part of the base installation of Oracle Database. Problem A buffer overflow in the sys.pbsde.init procedure allows database users to execute arbitrary commands. Resolution Appl...
Mozilla Firefox JavaScript Navigator object vulnerability
Added: 08/14/2006 CVE: CVE-2006-3677 BID: 19192 OSVDB: 27559 Background When used in a web page, Java references properties of the window.navigator object as it starts up in Firefox or SeaMonkey. Problem If a web page replaces the navigator object before starting Java, then the page could cause t...
Microsoft SQL Server Hello buffer overflow
Added: 08/07/2006 CVE: CVE-2002-1123 BID: 5411 OSVDB: 10132 Background Microsoft SQL Server is a database server package for Windows platforms. Problem Microsoft SQL Server 2000 is affected by a buffer overflow vulnerability in the code which handles user authentication. This allows a remote...
ViRobot Server web interface addschup buffer overflow
Added: 07/28/2006 CVE: CVE-2005-2041 BID: 13964 OSVDB: 17320 Background ViRobot Linux Server includes a web-based control interface. Problem A buffer overflow in the addschup CGI program included in the ViRobot Linux Server allows remote attackers to write arbitrary commands into the root crontab...
7-Zip ARJ archive handling buffer overflow
Added: 06/09/2006 CVE: CVE-2005-3051 BID: 14925 OSVDB: 19639 Background 7-Zip is a free file archiver for Windows platforms. Problem A buffer overflow vulnerability in 7-Zip could allow code execution when a specially crafted ARJ file is opened. Resolution Upgrade to 7-Zip 4.27 beta or higher...
Novell GroupWise Messenger Accept-Language buffer overflow
Added: 04/20/2006 CVE: CVE-2006-0992 BID: 17503 OSVDB: 24617 Background Novell GroupWise includes the Messaging Agent which offers an HTTP service on port 8300/TCP. Problem A buffer overflow in the Messaging Agent allows remote attackers to execute commands by sending a long, specially crafted...
TWiki Search.pm shell command injection
Added: 04/06/2006 CVE: CVE-2004-1037 BID: 11674 OSVDB: 11714 Background TWiki is a web-based collaboration platform written in PERL. Problem The Search.pm module does not sufficiently check search strings for illegal characters, allowing remote attackers to execute commands using search strings...
Internet Explorer createTextRange memory corruption
Added: 03/28/2006 CVE: CVE-2006-1359 BID: 17196 OSVDB: 24050 Background The createTextRange dynamic HTML method creates a text range object for an HTML element. Problem A flaw in the handling of unexpected createTextRange method calls by certain HTML objects could result in command execution...
IMail IMAP FETCH command buffer overflow
Added: 03/15/2006 CVE: CVE-2005-3526 BID: 17063 OSVDB: 23796 Background IMail is a mail server for Windows including SMTP, IMAP, and LDAP services. Problem A buffer overflow vulnerability in IMail allows remote authenticated attackers to execute arbitrary commands by sending a specially crafted...
Lotus Notes Attachment Viewer UUE file buffer overflow
Added: 02/21/2006 CVE: CVE-2005-2618 BID: 16576 OSVDB: 23065 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the attachment viewer in the Lotus Notes e-mail client allows command execution when a user opens a specially crafted UUE file. Resolution Upgra...
Microsoft IIS .HTR ISAPI chunked encoding buffer overflow
Added: 02/17/2006 CVE: CVE-2002-0364 BID: 4855 OSVDB: 5316 Background Microsoft IIS web servers include ISAPI extensions which are invoked in the server process to handle requests of a given type. Problem A heap overflow in IIS 4.0 and 5.0 when processing chunked encoding transfers of HTR request...
Citrix Program Neighborhood name buffer overflow
Added: 02/01/2006 CVE: CVE-2005-3652 BID: 15907 OSVDB: 21816 Background Citrix Presentation Server, formerly Citrix MetaFrame, allows applications to be deployed across a network to various client platforms, including Windows, Unix, Macintosh, DOS, and OS/2. The Program Neighborhood Agent running...
Computer Associates License Service GETCONFIG buffer overflow
Added: 12/14/2005 CVE: CVE-2005-0581 BID: 12705 OSVDB: 14389 Background The License service comes with most Computer Associates products and exchanges license information over ports 10202/tcp and 10203/tcp. Problem A buffer overflow vulnerability exists in the processing of GETCONFIG messages...
MailEnable IMAP mailbox name buffer overflow
Added: 11/29/2005 CVE: CVE-2005-3690 BID: 15492 OSVDB: 20929 Background MailEnable is a mail server for Windows platforms. The standard edition supports the SMTP and POP3 protocols. MailEnable Professional and MailEnable Enterprise also support IMAP and HTTPMail. Problem A buffer overflow in the...
NUUO NVR Unauthenticated Remote Code Execution
Added: 12/11/2018 Background NUUO is a surveillance solution provider. Problem The upgradehandle.php on NUUO NVRsolo, NVRsolo Plus, and NVRmini 2 devices allows remote command execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command. Resolution Upgrade to the...
Centreon web interface command injection
Added: 02/29/2016 Background Centreon is a suite of enterprise monitoring products written in PHP. Problem A command injection vulnerability in the Centreon web interface allows remote attackers to execute arbitrary commands by sending a specially crafted useralias parameter in a POST request. Th...
Mac OS X rsh Environment Variables Privilege Elevation
Added: 10/15/2015 CVE: CVE-2015-5889 Background The remotecmds component of Apple Mac OS X contains an rsh binary program that allows a user to execute commands on another computer across a computer network. Problem The rsh binary in the remotecmds component of Mac OS X versions prior to 10.11...
TWiki View Script debugenableplugins Request Parameter Vulnerability
Added: 03/30/2015 CVE: CVE-2014-7236 BID: 70372 OSVDB: 112977 Background TWiki is a web-based collaboration platform written in PERL. Problem The TWiki view script does not properly sanitize the debugenableplugins parameter before using it. Resolution Upgrade to TWiki-6.0.1 or higher, or apply th...
Linux kernel __sock_diag_rcv_msg Netlink message privilege elevation
Added: 05/13/2014 CVE: CVE-2013-1763 BID: 58137 OSVDB: 90604 Background Netlink is a feature of the Linux kernel which allows communication between kernel and user space. Problem An array index error in the sockdiagrcvmsg function in the Linux kernel allows local users to gain root privileges by...
HP Data Protector Backup Client Service opcode 42 directory traversal
Added: 01/28/2014 CVE: CVE-2013-6194 BID: 64647 OSVDB: 101630 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem A vulnerability in the Backup Client Service OmniInet.exe allows remote, unauthenticated attackers to write files t...
HP LoadRunner micWebAjax.dll ActiveX NotifyEvent Method Vulnerability
Added: 09/30/2013 CVE: CVE-2013-2368 BID: 61436 OSVDB: 95639 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the micWebAjax ActiveX control. Problem HP LoadRunner before 11.52 is vulnerable to remote code execution due to failure to sanitize user-suppli...
Windows Crafted Theme File Handling Vulnerability
Added: 09/12/2013 CVE: CVE-2013-0810 BID: 62176 OSVDB: 97136 Background Microsoft Windows themes are a combination of personalization settings that change how the user's desktop looks and sounds. A theme could specify user settings such as the desktop background, window border color, sounds, and...
HP LoadRunner lrFileIOService ActiveX Control WriteFileBinary Input Validation Error
Added: 08/29/2013 CVE: CVE-2013-2370 BID: 61441 OSVDB: 95640 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the lrFileIOService ActiveX control. Problem HP LoadRunner before 11.52 is vulnerable to remote code execution. The lrFileIOService ActiveX...
PineApp Mail-SeCure test_li_connection.php Command Injection
Added: 08/08/2013 BID: 61477 OSVDB: 95782 Background PineApp Mail-SeCure is an e-mail security appliance which provides perimeter security protection to stop threats prior to their penetration of the customer's network, as well as post-perimeter anti-spam content inspection. Problem PineApp...
QuickTime Movie File dref Atom Handling Buffer Overflow
Added: 08/01/2013 CVE: CVE-2013-1017 BID: 60097 OSVDB: 93625 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime before 7.7.4 is vulnerable to remote code execution due to a failure to perform appropriate validation of user supplied input. A remote...
Internet Explorer textNode Style Computation Use After Free Vulnerability
Added: 06/17/2013 CVE: CVE-2013-1311 BID: 59752 OSVDB: 93296 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Internet Explorer 8 is vulnerable to remote code execution as a result of memory corruption when computations on the...
Internet Explorer CMshtmlEd execCommand Use After Free
Added: 09/19/2012 CVE: CVE-2012-4969 BID: 55562 OSVDB: 85532 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Internet Explorer does not properly clean up references to objects passed to the execCommand Javascript method. If...
Oracle Outside In XPM Image Processing Stack Overflow
Added: 09/10/2012 Background Oracle Outside In is a suite of software development kits that provides developers with a comprehensive solution to access, transform, and control the contents of over 500 unstructured file formats. Problem In Outside In versions 8.3.5.0 through 8.3.7, the XPM image...
Adobe Flash Player OpenType Font Integer Overflow
Added: 08/27/2012 CVE: CVE-2012-1535 BID: 55009 OSVDB: 84607 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem Adobe Flash Player 11.3.300.270 and earlier on Windows is vulnerable to remote code execution via an integer overflow...
Symantec Web Gateway pbcontrol.php Command Injection
Added: 08/24/2012 CVE: CVE-2012-2953 BID: 54426 OSVDB: 84120 Background Symantec Web Gateway protects organizations against multiple types of Web-based malware and prevents data loss over the Web. Problem Symantec Web Gateway 5.0.x.x before 5.0.3.18 is vulnerable to command injection due to...
Internet Explorer COL SPAN Heap Overflow
Added: 08/06/2012 CVE: CVE-2012-1876 BID: 53848 OSVDB: 82866 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Internet Explorer allows websites to utilize Javascript to create dynamic web content. As such, websites can include...
F5 BIG-IP SSH private key
Added: 07/03/2012 CVE: CVE-2012-1493 BID: 53897 OSVDB: 82780 Background SSH Private keys are used for authentication for many F5 BIG-IP devices. Devices shipped with a default, static key are vulnerable to compromise if the public discovers the key. The private key can be re-used by an attacker t...
Microsoft OLE Object File Handling vulnerability
Added: 06/15/2012 CVE: CVE-2011-3400 BID: 50977 OSVDB: 77663 Background Object Linking and Embedding OLE allows applications to create and edit compound documents. For example, a Microsoft Excel spreadsheet can be embedded within a Microsoft Word application. Problem A vulnerability when handling...
Symantec Web Gateway access_log PHP Injection
Added: 06/11/2012 CVE: CVE-2012-0297 BID: 53444 OSVDB: 82023 Background Symantec Web Gateway protects organizations against multiple types of Web-based malware and prevents data loss over the Web. Problem Symantec Web Gateway fails to properly sanitize user-supplied input passed to...
SolarWinds Storage Manager SQL Injection
Added: 05/17/2012 BID: 51639 OSVDB: 81634 Background SolarWinds Storage Manager is agentless heterogeneous monitoring and reporting of the performance and capacity of physical and virtual storage infrastructure. It delivers visibility and insight into how your storage infrastructure maps to your...
McAfee Virtual Technician MVT.MVTControl ActiveX Control Insecure Method
Added: 05/04/2012 BID: 53304 Background McAfee Virtual Technician is a free automated diagnosis and and problem resolution tool which scans a Windows system to ensure that McAfee products are installed correctly. Problem McAfee Virtual Technician ActiveX control MVT.dll, as provided in McAfee...
Oracle WebCenter Forms Recognition SSSplitter ActiveX Overwrite
Added: 05/02/2012 CVE: CVE-2012-1710 BID: 53062 OSVDB: 81366 Background Oracle WebCenter Imaging is a combined document management and business process management suite, marketed as a component of the Oracle Fusion Middleware portfolio of products. Oracle Forms Recognition OFR is an intelligent...
Cisco Linksys PTZ Internet Video Camera PlayerPT ActiveX Overflow
Added: 04/19/2012 BID: 52673 OSVDB: 80297 Background The Cisco WVC200 Wireless-G PTZ Internet Video Camera sends live video through the Internet to a web browser anywhere in the world. Viewers can access the video stream through an HTTP service, which requires an ActiveX client to be installed in...
Adobe Flash Player MP4 Copyright Statement Overflow
Added: 03/08/2012 CVE: CVE-2012-0754 BID: 52034 OSVDB: 79300 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem Flash Player version prior to 11.1.102.62 do not properly validate the Copyright statement key CPRT in the tag...
Java Web Start initial heap size command injection
Added: 03/02/2012 CVE: CVE-2012-0500 BID: 52015 OSVDB: 79227 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Java Web Start allows arbitrary command-line argument injection through...
Java Web Start initial heap size command injection
Added: 03/02/2012 CVE: CVE-2012-0500 BID: 52015 OSVDB: 79227 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Java Web Start allows arbitrary command-line argument injection through...
HP OpenView Network Node Manager OVBuildPath Overflow
Added: 02/20/2012 CVE: CVE-2011-3167 BID: 50471 OSVDB: 76775 Background HP OpenView Network Node Manager NNM is a network monitoring solution based on SNMP. Problem User supplied data from the NNM web interface is passed to the OVBuildPath function in ov.dll. This function contains a stack overfl...
HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution
Added: 01/26/2012 CVE: CVE-2011-4786 BID: 51396 OSVDB: 78306 Background HP Easy Printer Care Software is a tool to control and monitor up to 20 HP printers. Problem HP Easy Printer Care Software 2.5 and prior versions are vulnerable to remote code execution. The CacheDocumentXMLWithId method from...