Microsoft Color Management Module profile tag buffer overflow

Added: 11/30/2007 CVE: CVE-2005-1219 BID: 14214 OSVDB: 17830 Background The Microsoft Color Management Module helps programs achieve consistent display of colors. International Color Consortium ICC profiles are used to ensure that colors are represented accurately to users. Problem A buffer...

Oracle XDB component PITRIG_DROPMETADATA buffer overflow

Added: 11/23/2007 CVE: CVE-2007-4517 BID: 26374 OSVDB: 39918 Background The PITRIGDROPMETADATA function is included in the XDB.XDBPITRIGPKG package which is included with Oracle Database. Problem A buffer overflow vulnerability in the PITRIGDROPMETADATA function allows remote, authenticated...

RealPlayer ActiveX control playlist name buffer overflow

Added: 10/25/2007 CVE: CVE-2007-5601 BID: 26130 OSVDB: 41430 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem The RealPlayer Database Component MPAMedia.dll is affected by a buffer overflow...

BrightStor ARCserve Message Engine opnum 0x10d buffer overflow

Added: 10/18/2007 CVE: CVE-2007-5327 BID: 26015 OSVDB: 41369 Background CA ARCserve Bac kup formerly BrightStor ARCserve Backup is a backup and recovery solution. It runs a Message Engine RPC service on port 6504/TCP by default. Problem A buffer overflow in BrightStor ARCserve Backup allows remot...

VMware vielib.dll StartProcess command execution

Added: 09/25/2007 CVE: CVE-2007-4058 BID: 25118 OSVDB: 42078 Background VMware is a suite of products supporting the creation and operation of virtual machines, which are self-contained, independent guest operating systems running within a host operating system. Problem The StartProcess function ...

VMware vielib.dll StartProcess command execution

Added: 09/25/2007 CVE: CVE-2007-4058 BID: 25118 OSVDB: 42078 Background VMware is a suite of products supporting the creation and operation of virtual machines , which are self-contained, independent guest operating systems running within a host operating system. Problem The StartProcess function...

Ipswitch IMail IMAP SUBSCRIBE command buffer overflow

Added: 08/02/2007 CVE: CVE-2007-3927 BID: 24962 OSVDB: 36222 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service could allow an authenticated attacker to execute arbitrary commands by sending a specially crafted SUBSCRIBE command...

Windows MDAC RDS.Dataspace ActiveX control vulnerability

Added: 07/16/2007 CVE: CVE-2006-0003 BID: 17462 OSVDB: 24517 Background Microsoft Data Access Components MDAC enable Universal Data Access in Windows applications deployed over a network. Problem A cross-zone scripting vulnerability in the RDS.Dataspace ActiveX control in MDAC allows command...

Trend Micro ServerProtect EarthAgent RPC buffer overflow

Added: 05/16/2007 CVE: CVE-2007-2508 BID: 23866 OSVDB: 35789 Background Trend Micro ServerProtect is a virus scanner for servers. It includes the EarthAgent daemon which listens for connections on port 3628/TCP. Problem A buffer overflow vulnerability in the EarthAgent daemon allows remote...

Microsoft Step-by-Step Interactive Training bookmark buffer overflow

Added: 05/04/2007 CVE: CVE-2006-3448 BID: 22484 OSVDB: 31883 Background Microsoft Step-by-Step Interactive Training is the engine used by various training programs. Problem A buffer overflow vulnerability in Microsoft Step-by-Step Interactive Training allows command execution when a specially...

BrightStor ARCserve Media Server SUN RPC buffer overflow

Added: 05/03/2007 CVE: CVE-2007-2139 BID: 23635 OSVDB: 34127 Background CA ARCserve Backup formerly BrightStor ARCserve Backup is a backup and recovery solution. ARCserve Media Server is a component which comes with ARCserve Backup. Problem ARCserve Media Server is affected by multiple buffer...

Oracle Database Advanced Replication component DBMS_SNAP_INTERNAL overflow

Added: 04/25/2007 CVE: CVE-2007-2116 BID: 23532 OSVDB: 39933 Background Package DBMSSNAPINTERNAL of schema SYS is an Advanced Replication component used internally by Oracle Database. Problem A buffer overflow vulnerability in DBMSSNAPINTERNAL allows remote attackers to execute arbitrary commands...

Lotus Domino IMAP CRAM-MD5 authentication buffer overflow

Added: 04/23/2007 CVE: CVE-2007-1675 BID: 23172 OSVDB: 34091 Background IBM Lotus Domino is a messaging and collaboration solution for multiple platforms. Problem A buffer overflow vulnerability in the CRAM-MD5 authentication function in the Lotus Domino IMAP service allows remote attackers to...

System V login argument array buffer overflow

Added: 03/30/2007 CVE: CVE-2001-0797 BID: 3681 OSVDB: 690 Background The login program is used by various applications for authentication to the system. Problem The login program dervied from System V is affected by a buffer overflow vulnerability when processing a long argument array. A remote...

NetMail WebAdmin username buffer overflow

Added: 03/16/2007 CVE: CVE-2007-1350 BID: 22857 OSVDB: 33886 Background Novell NetMail WebAdmin is a web-based administration interface which runs an HTTP server on port 89/TCP. Problem A buffer overflow vulnerability in Novell NetMail WebAdmin allows remote attackers to execute arbitrary command...

Trend Micro ServerProtect ENG_SetRealTimeScanConfigInfo buffer overflow

Added: 03/07/2007 CVE: CVE-2007-1070 BID: 22639 OSVDB: 33042 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the ENGSetRealTimeScanConfigInfo function allows remote attackers to execute arbitrary commands by sending a specially craft...

Microsoft Help Workshop .HPJ file HLP field buffer overflow

Added: 01/26/2007 CVE: CVE-2007-0427 BID: 22135 OSVDB: 31899 Background Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product. Problem A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user...

Microsoft PowerPoint malformed data record vulnerability

Added: 01/17/2007 CVE: CVE-2006-3876 BID: 20322 OSVDB: 29447 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem Improper handling of malformed Data records in PowerPoint files allows command execution. Resolution Apply the patch...

Microsoft Excel PALETTE record buffer overflow

Added: 01/11/2007 CVE: CVE-2007-0031 BID: 21922 OSVDB: 31258 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms. Problem A buffer overflow vulnerability in Microsoft Excel allows command execution when a user opens a speciall...

BrightStor ARCserve Backup Tape Engine ReserveGroup buffer overflow

Added: 12/26/2006 CVE: CVE-2006-6076 BID: 21221 OSVDB: 30637 Background The BrightStor ARCserve Backup server includes a Backup Tape Engine feature which allows use of tape drives for storage. Problem A buffer overflow vulnerability in the RPC ReserveGroup function allows remote attackers to...

BrightStor ARCserve Backup Tape Engine ReserveGroup buffer overflow

Added: 12/26/2006 CVE: CVE-2006-6076 BID: 21221 OSVDB: 30637 Background The BrightStor ARCserve Backup server includes a Backup Tape Engine feature which allows use of tape drives for storage. Problem A buffer overflow vulnerability in the RPC ReserveGroup function allows remote attackers to...

Microsoft IIS ASP chunked encoding buffer overflow

Added: 11/10/2006 CVE: CVE-2002-0079 BID: 4485 OSVDB: 768 Background Microsoft IIS web servers include ISAPI extensions which are invoked in the server process to handle requests of a given type. Problem A buffer overflow in the ASP ISAPI filter allows remote attackers to execute arbitrary comman...

Serv-U FTP Server MDTM timezone buffer overflow

Added: 10/27/2006 CVE: CVE-2004-0330 BID: 9751 OSVDB: 4073 Background Serv-U FTP Server supports the MDTM command which allows users to modify the time stamp on files. Problem A buffer overflow in Serv-U FTP Server allows remote authenticated attackers to execute arbitrary commands by sending the...

BrightStor ARCserve discovery service ASBRDCST.DLL buffer overflow

Added: 10/19/2006 CVE: CVE-2006-5143 BID: 20365 OSVDB: 29534 Background The BrightStor ARCserve Backup server includes a discovery service which listens on ports 41523/TCP and 41524/UDP. Problem A buffer overflow vulnerability in the ASBRDCST.DLL library allows remote attackers to execute arbitra...

Windows RASMAN registry corruption vulnerability

Added: 07/28/2006 CVE: CVE-2006-2371 BID: 18358 OSVDB: 26436 Background The Routing and Remote Access Service RRAS allows a Windows computer to act as a router, dial-up access server, VPN server, or network address translator. The Remote Access Connection Manager RASMAN service handles the detail...

Computer Associates License Client PUTOLF buffer overflow

Added: 07/21/2006 CVE: CVE-2005-0582 BID: 12705 OSVDB: 14389 Background The CA License Client comes with most Computer Associates products. It uses ports 10202/tcp and 10203/tcp to exchange product license information. Problem A buffer overflow in the CA License Client allows remote command...

Computer Associates License Client PUTOLF buffer overflow

Added: 07/21/2006 CVE: CVE-2005-0582 BID: 12705 OSVDB: 14389 Background The CA License Client comes with most Computer Associates products. It uses ports 10202/tcp and 10203/tcp to exchange product license information. Problem A buffer overflow in the CA License Client allows remote command...

IIS Unicode Directory Traversal

Added: 07/03/2006 CVE: CVE-2000-0884 BID: 1806 OSVDB: 436 Background Microsoft IIS is a web server for Windows platforms. Problem Microsoft IIS 4.0 and 5.0 allow path validation checks to be bypassed by encoding invalid characters in Unicode. For example, a slash character is represented as %c0%a...

Novell eDirectory iMonitor NDS buffer overflow

Added: 05/30/2006 CVE: CVE-2006-2496 BID: 18026 OSVDB: 25781 Background iMonitor is a web service which is a component of Novell eDirectory. Problem A buffer overflow in iMonitor allows remote attackers to execute arbitrary commands by sending a long, specially crafted URL request in the NDS...

AWStats migrate parameter command injection

Added: 05/11/2006 CVE: CVE-2006-2237 BID: 17844 OSVDB: 25284 Background AWStats is a web application for showing web, FTP, and mail server statistics. Problem AWStats uses the value of the migrate input parameter in a PERL open call without sufficient checks for invalid characters, allowing remot...

AWStats migrate parameter command injection

Added: 05/11/2006 CVE: CVE-2006-2237 BID: 17844 OSVDB: 25284 Background AWStats is a web application for showing web, FTP, and mail server statistics. Problem AWStats uses the value of the migrate input parameter in a PERL open call without sufficient checks for invalid characters, allowing remot...

Internet Explorer DHTML object vulnerability

Added: 04/25/2006 CVE: CVE-2005-0553 BID: 13120 OSVDB: 15465 Background Dynamic HTML DHTML allows the creation of interactive web pages. Problem Race conditions in various DHTML methods could allow command execution when a specially crafted web page is loaded in Internet Explorer. Resolution Appl...

Internet Explorer DHTML object vulnerability

Added: 04/25/2006 CVE: CVE-2005-0553 BID: 13120 OSVDB: 15465 Background Dynamic HTML DHTML allows the creation of interactive web pages. Problem Race conditions in various DHTML methods could allow command execution when a specially crafted web page is loaded in Internet Explorer. Resolution Appl...

Internet Explorer DHTML object vulnerability

Added: 04/25/2006 CVE: CVE-2005-0553 BID: 13120 OSVDB: 15465 Background Dynamic HTML DHTML allows the creation of interactive web pages. Problem Race conditions in various DHTML methods could allow command execution when a specially crafted web page is loaded in Internet Explorer. Resolution Appl...

VERITAS NetBackup vnetd bpspsserver buffer overflow

Added: 04/14/2006 CVE: CVE-2006-0991 BID: 17264 OSVDB: 24170 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem A buffer overflow in bpspsserver allows a remote attacker to execute arbitrary commands by sending a specially crafted Request Service messag...

cachefsd heap overflow

Added: 04/05/2006 CVE: CVE-2002-0033 BID: 4674 OSVDB: 779 Background cachefsd is an RPC service which supports local caching of Network File Systems NFS, thereby improving performance on filesystems mounted from an NFS server. Problem A heap overflow in cachefsd allows remote command execution...

VERITAS NetBackup VMD argument parsing vulnerability

Added: 04/05/2006 CVE: CVE-2006-0989 BID: 17264 OSVDB: 24172 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem Volume Manager Daemon VMD is affected by a buffer overflow vulnerability when parsing arguments to various commands. This vulnerability allow...

Internet Explorer createTextRange memory corruption

Added: 03/28/2006 CVE: CVE-2006-1359 BID: 17196 OSVDB: 24050 Background The createTextRange dynamic HTML method creates a text range object for an HTML element. Problem A flaw in the handling of unexpected createTextRange method calls by certain HTML objects could result in command execution...

Novell ZENworks Remote Management authentication buffer overflow

Added: 03/02/2006 CVE: CVE-2005-1543 BID: 13678 OSVDB: 16698 Background Novell ZENworks is a resource management solution consisting of a management server and management agents. Problem The Novell ZENworks Remote Management service is affected by a buffer overflow when processing authentication...

Novell ZENworks Remote Management authentication buffer overflow

Added: 03/02/2006 CVE: CVE-2005-1543 BID: 13678 OSVDB: 16698 Background Novell ZENworks is a resource management solution consisting of a management server and management agents. Problem The Novell ZENworks Remote Management service is affected by a buffer overflow when processing authentication...

Lotus Notes HTML Speed Reader URL buffer overflow

Added: 02/17/2006 CVE: CVE-2005-2618 BID: 16576 OSVDB: 23068 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the HTML Speed Reader component of the Lotus Notes e-mail client allows command execution by a specially crafted e-mail message containing a lon...

AWStats configdir parameter command execution

Added: 02/14/2006 CVE: CVE-2005-0116 BID: 12298 OSVDB: 13002 Background AWStats is a web application for showing web, FTP, and mail server statistics. Problem Insufficient validation of the configdir parameter before being used in a PERL open call leads to remote command execution. Resolution...

Mercury Mail Transport System Phonebook service buffer overflow

Added: 02/02/2006 CVE: CVE-2005-4411 BID: 16396 OSVDB: 22103 Background Mercury Mail Transport System is a free mail server for Windows and Netware platforms. It includes a Phone Book service which runs on port 105/TCP. Problem A buffer overflow vulnerability in the Phone Book service allows remo...

Computer Associates License Service GETCONFIG buffer overflow

Added: 12/14/2005 CVE: CVE-2005-0581 BID: 12705 OSVDB: 14389 Background The License service comes with most Computer Associates products and exchanges license information over ports 10202/tcp and 10203/tcp. Problem A buffer overflow vulnerability exists in the processing of GETCONFIG messages...

Oracle Enterprise Manager Agent buffer overflow

Added: 11/30/2005 CVE: CVE-2005-3460 BID: 15146 OSVDB: 20664 Background Oracle Application Server 10g includes the emagent.exe program which listens for connections on port 1830/TCP by default. Problem A buffer overflow vulnerability in emagent.exe could allow a remote attacker to execute arbitra...

MailEnable IMAP mailbox name buffer overflow

Added: 11/29/2005 CVE: CVE-2005-3690 BID: 15492 OSVDB: 20929 Background MailEnable is a mail server for Windows platforms. The standard edition supports the SMTP and POP3 protocols. MailEnable Professional and MailEnable Enterprise also support IMAP and HTTPMail. Problem A buffer overflow in the...

Hummingbird InetD LPD buffer overflow

Added: 11/29/2005 CVE: CVE-2005-1815 BID: 13788 OSVDB: 16957 Background Hummingbird InetD implements common UNIX services on Windows platforms. Problem The Hummingbird InetD LPD service is affected by a buffer overflow which allows remote command execution. Resolution Apply the patch. References...

Unraid webGui remote code execution

Added: 04/30/2020 CVE: CVE-2020-5847 Background Unraid is a network-attached storage operating system. It runs a web-based graphical user interface webGui written in PHP. Problem The Unraid webGui uses the PHP extract function to load all GET parameters into the application as variables, allowing...

Alcatel OmniVista remote command execution

Added: 12/31/2019 Background Alcatel OmniVista is a graphical interface to Alcatel OmniPCX, a common VoIP solution. Problem Directory traversal and insecure upload vulnerabilities allow a remote attacker to upload and execute arbitrary PHP code. Resolution Upgrade to OmniVista 8770 version 4.1.12...

Joomla Object Injection

Added: 10/24/2019 Background Joomla is a content management system written in PHP. Problem An object injection vulnerability in Joomla could allow a remote, unauthenticated attacker to execute arbitrary commands on the server. This vulnerability has been nicknamed "Rusty Joomla". Resolution Upgra...