Freefloat FTP Server USER Command Buffer Overflow

Added: 01/26/2011 BID: 45181 OSVDB: 69621 Background Freefloat is a software series developed directly for handheld terminals. Freefloat FTP Server is a free FTP server for various versions of Windows including Windows CE/Pocket PC. Problem Freefloat FTP Server is vulnerable to a stack overflow a...

CA ARCserve D2D Axis2 default password

Added: 01/26/2011 CVE: CVE-2010-0219 BID: 45625 OSVDB: 70233 Background CA ARCserve D2D is a disk-based backup solution. Problem CA ARCserve D2D deploys Axis2 with default credentials which can be used to gain unauthorized access to the web application server. By then uploading a specially crafte...

Windows Thumbnail View CreateSizedDIBSECTION buffer overflow

Added: 01/14/2011 CVE: CVE-2010-3970 BID: 45662 OSVDB: 70263 Background The shimgvw.dll library is part of the Microsoft Graphics Rendering Engine. Problem A vulnerability in shimgvw.dll allows command execution when Windows renders a thumbnail image which passes a specially crafted biClrUsed...

Novell iPrint Client Browser Plugin embed Tag Parameter Buffer Overflow

Added: 01/03/2011 CVE: CVE-2010-4314 BID: 45301 OSVDB: 66959 Background Novell iPrint is an application which allows users to install and manage printers. Problem A buffer overflow vulnerability in Novell iPrint browser plugin allows command execution when a user loads a web page with an overly...

HP Data Protector Manager MMD Service Stack Buffer Overflow

Added: 12/10/2010 BID: 45128 Background HP Data Protector is a backup solution for enterprise and distributed environments. The Data Protector environment consists of a Cell Manager, backup agents, and backup device servers. The Cell Manager is the central point from which backup agents and devic...

Oracle Secure Backup Administration selector parameter command injection

Added: 11/19/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 67128 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command injection vulnerability allows remote, authenticated attackers to execute arbitrary commands specified in the...

DATAC RealWin SCADA Server SCPC_INITIALIZE buffer overflow

Added: 11/08/2010 CVE: CVE-2010-4142 BID: 44150 OSVDB: 68812 Background RealWin is a Supervisory Control and Data Acquisition SCADA server which is distributed by DATAC. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...

Adobe Shockwave Player Lnam Chunk Processing Buffer Overflow

Added: 11/08/2010 CVE: CVE-2010-3655 BID: 44516 Background Adobe Shockwave is a multimedia player used to add animation and interactivity to web pages. It allows Adobe Director applications to be published on the Internet and viewed in a web browser on any computer which has the Shockwave plug-in...

Microsoft Office Excel RTD Topic String Buffer Overflow

Added: 10/20/2010 CVE: CVE-2010-1246 BID: 40524 OSVDB: 65238 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms. Problem Microsoft Office Excel 2002 is vulnerable to a buffer overflow when parsing Real Time Data RTD Future...

HP Data Protector Express DtbClsLogin function buffer overflow

Added: 10/07/2010 CVE: CVE-2010-3007 BID: 43105 OSVDB: 67973 Background HP Data Protector Express is a backup and recovery solution for single machines and small networks. Problem A buffer overflow vulnerability in dpwindtb.dll in the DtbClsLogin function allows remote attackers to execute...

Adobe Reader CoolType.dll buffer overflow

Added: 09/17/2010 CVE: CVE-2010-2883 BID: 43057 OSVDB: 67849 Background Adobe Reader is free software for viewing PDF documents. Problem A buffer overflow in the CoolType.dll module allows command execution when a user opens a PDF document containing a long, specially crafted field in a SING tabl...

Novell iPrint Client ActiveX control call-back-url buffer overflow

Added: 08/25/2010 CVE: CVE-2010-1527 BID: 42576 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem A buffer overflow vulnerability allows command execution when a...

HP OpenView NNM getnnmdata.exe CGI ICount Parameter Buffer Overflow

Added: 08/23/2010 CVE: CVE-2010-1554 BID: 40071 OSVDB: 64976 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in Network Node Manager allows remote attackers to execute arbitrary commands by sending a...

Microsoft Office Word RTF Parsing Engine Memory Corruption

Added: 08/12/2010 CVE: CVE-2010-1901 BID: 42132 OSVDB: 66995 Background Microsoft Office Word is Microsoft's word processing software, released as a component of Microsoft Office suite. Problem Microsoft Office Word does not perform sufficient data validation when handling rich text data. When Wo...

Novell iManager EnteredClassName buffer overflow

Added: 07/12/2010 CVE: CVE-2010-1929 BID: 40480 OSVDB: 65737 Background Novell iManager is a web-based management interface for other Novell products. Problem A buffer overflow vulnerability in jclient.dll allows remote attackers to execute arbitrary commands by sending a specially crafted...

Microsoft Excel DBQueryExt record parsing vulnerability

Added: 07/08/2010 CVE: CVE-2010-1253 BID: 40531 OSVDB: 65228 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A vulnerability in Microsoft Excel allows command execution when a user opens a spreadshee...

Novell ZENworks Configuration Management Preboot Service Code Execution

Added: 06/17/2010 BID: 39111 OSVDB: 65361 Background Novell ZENworks Configuration Management is an IT desktop computer management suite that provides the ability to install, configure and administer desktop computers from a centralized location. The product is based on a client/server...

Adobe Reader authplay.dll newfunction Memory Corruption

Added: 06/17/2010 CVE: CVE-2010-1297 BID: 40586 OSVDB: 65141 Background Adobe Reader is free software for viewing PDF documents. Problem A memory corruption vulnerability in authplay.dll provided with Adobe Reader 9.3.2 and earlier 9.x versions allows command execution when a user opens a special...

Informix Dynamic Server librpc.dll credentials length buffer overflow

Added: 06/10/2010 CVE: CVE-2009-2753 BID: 38471 OSVDB: 62783 Background Informix Dynamic Server is a database solution from IBM. It includes a portmapper service which listens for connections on port 36890/TCP and uses librpc.dll. Problem A buffer overflow vulnerability in librpc.dll allows remot...

HP OpenView Network Node Manager getnnmdata.exe CGI Hostname buffer overflow

Added: 05/28/2010 CVE: CVE-2010-1555 BID: 40072 OSVDB: 64976 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in Network Node Manager allows remote attackers to execute arbitrary commands by sending a...

RealNetworks Helix Server AgentX receive_agentx Stack Buffer Overflow

Added: 04/27/2010 CVE: CVE-2010-1318 BID: 39564 OSVDB: 63919 Background RealNetworks Helix Server is a media server supporting multiple formats and platforms. Problem A stack buffer overflow vulnerability exists in RealNetworks Helix Server due to a boundary error in the AgentX::receiveagentx...

HP OpenView Network Node Manager nnmRptConfig.exe CGI Template Buffer Overflow

Added: 01/09/2010 CVE: CVE-2009-3848 BID: 37296 OSVDB: 60926 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability allows remote attackers to execute arbitrary commands by requesting the...

Symantec AeXNSConsoleUtilities RunCmd buffer overflow

Added: 11/27/2009 CVE: CVE-2009-3033 BID: 37092 OSVDB: 60496 Background Symantec Altiris Deployment Solution provides tools to deploy software on desktops and servers. Problem A buffer overflow vulnerability in the AeXNSConsoleUtilities ActiveX control allows command execution when a user loads a...

HP LoadRunner XUpload ActiveX control MakeHttpRequest file download

Added: 10/21/2009 CVE: CVE-2009-3693 BID: 36550 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the XUpload.ocx ActiveX control for performing file exchanges. Problem The MakeHttpRequest method in the XUpload.ocx ActiveX control can be used to download...

Visual Studio Active Template Library object type mismatch vulnerability

Added: 08/24/2009 CVE: CVE-2009-2494 BID: 35982 OSVDB: 56910 Background Microsoft Visual Studio is a product to assist with software development in the Windows operating system. Visual Studio uses Microsoft Active Template Library ATL, which is a set of template-based C++ classes, to help simplif...

Mozilla Firefox JIT Escape Function Memory Corruption

Added: 07/13/2009 CVE: CVE-2009-2477 BID: 35660 OSVDB: 55846 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A memory corruption vulnerability in Mozilla Firefox in the way it handles JIT escape function calls allows arbitrary code injection and...

Microsoft DirectShow Video Streaming ActiveX IMPEG2TuneRequest Overflow

Added: 07/07/2009 CVE: CVE-2008-0015 BID: 35558 OSVDB: 55651 Background DirectX is a feature of the Windows operating system used for streaming media. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation and rendering. Problem A stack buffer overfl...

Unisys Business Information Server mnet.exe buffer overflow

Added: 06/30/2009 CVE: CVE-2009-1628 BID: 35494 OSVDB: 55435 Background The Unisys Business Information Server is an information management solution which provides data access across an enterprise. It includes the mnet.exe program which listens for connections on ports 3985/TCP and 3986/TCP...

Unisys Business Information Server mnet.exe buffer overflow

Added: 06/30/2009 CVE: CVE-2009-1628 BID: 35494 OSVDB: 55435 Background The Unisys Business Information Server is an information management solution which provides data access across an enterprise. It includes the mnet.exe program which listens for connections on ports 3985/TCP and 3986/TCP...

Novell GroupWise Internet Agent e-mail address buffer overflow

Added: 06/05/2009 CVE: CVE-2009-1636 BID: 35064 OSVDB: 54645 Background Novell GroupWise is an e-mail and collaboration product suite. Problem A buffer overflow vulnerability allows a remote attacker to execute arbitrary commands by sending a message containing a specially crafted e-mail address ...

Novell GroupWise Internet Agent e-mail address buffer overflow

Added: 06/05/2009 CVE: CVE-2009-1636 BID: 35064 OSVDB: 54645 Background Novell GroupWise is an e-mail and collaboration product suite. Problem A buffer overflow vulnerability allows a remote attacker to execute arbitrary commands by sending a message containing a specially crafted e-mail address ...

Microsoft PowerPoint 2000 CurrentUserAtom buffer overflow

Added: 05/21/2009 CVE: CVE-2009-1131 BID: 34841 OSVDB: 54393 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A buffer overflow vulnerability in Microsoft PowerPoint allows command execution when a user opens a presentation containin...

Microsoft WordPad Word97 text converter buffer overflow

Added: 04/23/2009 CVE: CVE-2009-0235 BID: 34470 OSVDB: 53664 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability in the Word 97 text converter allows command execution when a use...

Tivoli Storage Manager heap corruption

Added: 03/12/2009 CVE: CVE-2008-4563 BID: 34077 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. Problem A heap overflow allows remote attackers to execute arbitrary commands. Resolution Apply the workaround or solution...

Tivoli Storage Manager heap corruption

Added: 03/12/2009 CVE: CVE-2008-4563 BID: 34077 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. Problem A heap overflow allows remote attackers to execute arbitrary commands. Resolution Apply the workaround or solution...

Oracle Secure Backup login.php rbtool command injection

Added: 01/20/2009 CVE: CVE-2008-5448 BID: 33177 OSVDB: 51342 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command injection vulnerability in the Oracle Secure Backup web interface allows a remote attacker to execute arbitrary...

HP OpenView Network Node Manager Toolbar.exe CGI buffer overflow

Added: 01/09/2009 CVE: CVE-2008-0067 BID: 33147 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by requesting the Toolbar.exe CGI program with a...

Microsoft Works WkImgSrv.dll ActiveX Control WksPictureInterface vulnerability

Added: 01/08/2009 CVE: CVE-2008-1898 BID: 28820 OSVDB: 44458 Background Microsoft Works is a suite of productivity tools for home users. Problem The WkImgSrv.dll ActiveX control included in Microsoft Works allows command execution when a user loads a web page which instantiates the control with a...

Windows search-ms protocol handler command execution vulnerability

Added: 12/11/2008 CVE: CVE-2008-4269 BID: 32652 OSVDB: 50566 Background The search-ms protocol allows applications to query the Windows Search index. Problem A vulnerability in Windows allows command execution when a user follows a specially crafted search-ms URL which passes arbitrary arguments ...

Adobe Acrobat util.printf JavaScript function buffer overflow

Added: 11/10/2008 CVE: CVE-2008-2992 BID: 30035 OSVDB: 49520 Background Adobe Acrobat is software for creating PDF documents. Problem A buffer overflow vulnerability allows command execution when a user opens a PDF file which calls the util.printf JavaScript function with a specially crafted form...

Internet Explorer print preview argument validation vulnerability

Added: 08/13/2008 CVE: CVE-2008-2259 BID: 30612 OSVDB: 47414 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A flaw in the handling of validation of arguments by the print preview function in Internet Explorer allows command...

OpenOffice OLE importer DocumentSummaryInformation buffer overflow

Added: 06/20/2008 CVE: CVE-2008-0320 BID: 28819 OSVDB: 44472 Background OpenOffice is a free productivity suite for multiple platforms. OpenOffice includes an importer for Microsoft's Object Linking and Embedding OLE framework. Problem A buffer overflow vulnerability in the OLE importer allows...

Microsoft Office Drawing Shapes memory corruption vulnerability

Added: 04/04/2008 CVE: CVE-2008-0118 BID: 28146 OSVDB: 42709 Background Microsoft Office is a package which provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. Problem A memory corruption vulnerability allows command...

mIRC PRIVMSG hostname buffer overflow

Added: 03/13/2008 CVE: CVE-2008-4449 BID: 31552 OSVDB: 48752 Background mIRC is an Internet Relay Chat IRC client. Problem A buffer overflow in mIRC allows command execution when a user connects to a malicious IRC server which sends a PRIVMSG message with a long, specially crafted hostname...

Yahoo Music Jukebox MediaGrid ActiveX buffer overflow

Added: 02/11/2008 CVE: CVE-2008-0625 BID: 27578 OSVDB: 41051 Background Yahoo! Music Jukebox is a music player capable of playing, ripping, and burning MP3s and CDs, creating and sharing playlists, streaming radio stations, and purchasing music. Problem A buffer overflow vulnerability in the...

Lotus Notes MIF attachment viewer buffer overflow

Added: 01/30/2008 CVE: CVE-2007-5909 BID: 26175 OSVDB: 40791 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the KeyView Viewer included in Lotus Notes allows command execution when a user views a specially crafted Frame Maker Interchange File MIF...

Microsoft DirectX SAMI parser buffer overflow

Added: 01/22/2008 CVE: CVE-2007-3901 BID: 26789 OSVDB: 39126 Background DirectX is a feature of the Windows operating system used for streaming media. Problem A buffer overflow vulnerability in DirectX allows command execution when a user opens a specially crafted SAMI file in Windows Media Playe...

MySQL MaxDB cons.exe command injection

Added: 01/16/2008 CVE: CVE-2008-0244 BID: 27206 OSVDB: 40210 Background MaxDB is a SAP-certified open-source database developed by MySQL. Problem The MaxDB server handles the execsdbinfo command by invoking the cons.exe program through a system call without sufficiently checking the arguments for...

Trend Micro ServerProtect RPCFN_CMON_SetSvcImpersonateUser buffer overflow

Added: 12/28/2007 CVE: CVE-2007-4218 BID: 25395 OSVDB: 39752 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow in the ServerProtect service allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request which is...

Trend Micro ServerProtect RPCFN_CMON_SetSvcImpersonateUser buffer overflow

Added: 12/28/2007 CVE: CVE-2007-4218 BID: 25395 OSVDB: 39752 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow in the ServerProtect service allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request which is...