Lucene search
+L
SaintMost viewed

4305 matches found

saint
saint
•added 2010/01/20 12:0 a.m.•37 views

Adobe Illustrator EPS File DSC Comment Buffer Overflow

Added: 01/20/2010 CVE: CVE-2009-4195 BID: 37192 OSVDB: 60632 Background Adobe Illustrator software is a comprehensive vector graphics environment for creative professionals that is used for both drawing and typographical work. Illustrator supports several vector file formats including AI, CDR, PD...

9.3CVSS6.8AI score0.70684EPSS
Exploits8
saint
saint
•added 2010/01/12 12:0 a.m.•37 views

Novell iPrint Client ienipp.ocx target-frame buffer overflow

Added: 01/12/2010 CVE: CVE-2009-1568 BID: 37242 OSVDB: 60803 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem A buffer overflow in ienipp.ocx allows command...

9.3CVSS6.8AI score0.32168EPSS
Exploits9
saint
saint
•added 2009/11/06 12:0 a.m.•37 views

Java Runtime Environment HsbParser.getSoundBank Stack Buffer Overflow

Added: 11/06/2009 CVE: CVE-2009-3867 BID: 36881 OSVDB: 59711 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java...

9.3CVSS7.4AI score0.73376EPSS
Exploits11
saint
saint
•added 2009/07/24 12:0 a.m.•37 views

Novell Client NetIdentity Agent XTIERRPCPIPE pointer dereference vulnerability

Added: 07/24/2009 CVE: CVE-2009-1350 BID: 34400 OSVDB: 53351 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem A vulnerability in the xtagent.exe program allows remote, authenticated attackers to execute arbitrary commands by sending a specially crafted...

10CVSS7AI score0.65934EPSS
Exploits7
saint
saint
•added 2009/06/30 12:0 a.m.•37 views

Unisys Business Information Server mnet.exe buffer overflow

Added: 06/30/2009 CVE: CVE-2009-1628 BID: 35494 OSVDB: 55435 Background The Unisys Business Information Server is an information management solution which provides data access across an enterprise. It includes the mnet.exe program which listens for connections on ports 3985/TCP and 3986/TCP...

10CVSS7.5AI score0.05244EPSS
Exploits4
saint
saint
•added 2009/06/05 12:0 a.m.•37 views

Novell GroupWise Internet Agent e-mail address buffer overflow

Added: 06/05/2009 CVE: CVE-2009-1636 BID: 35064 OSVDB: 54645 Background Novell GroupWise is an e-mail and collaboration product suite. Problem A buffer overflow vulnerability allows a remote attacker to execute arbitrary commands by sending a message containing a specially crafted e-mail address ...

10CVSS7.7AI score0.08435EPSS
Exploits5
saint
saint
•added 2009/06/03 12:0 a.m.•37 views

Microsoft DirectX DirectShow QuickTime movie parsing vulnerability

Added: 06/03/2009 CVE: CVE-2009-1537 BID: 35139 OSVDB: 54797 Background DirectX is a feature of the Windows operating system used for streaming media. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation and rendering. Problem A command execution...

9.3CVSS6.3AI score0.51207EPSS
Exploits7
saint
saint
•added 2009/05/14 12:0 a.m.•37 views

Microsoft PowerPoint Legacy File Format Master Page buffer overflow

Added: 05/14/2009 CVE: CVE-2009-1137 BID: 34876 OSVDB: 54381 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A buffer overflow vulnerability in the Legacy File Format conversion filter PP4X322.dll allows command execution when a use...

9.3CVSS6.6AI score0.31632EPSS
Exploits5
saint
saint
•added 2009/04/20 12:0 a.m.•37 views

Microsoft PowerPoint invalid object reference vulnerability

Added: 04/20/2009 CVE: CVE-2009-0556 BID: 34351 OSVDB: 53182 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability in Microsoft PowerPoint allows command execution when an invalid object is referenced...

9.3CVSS6.5AI score0.67539EPSS
Exploits5
saint
saint
•added 2009/01/08 12:0 a.m.•37 views

Microsoft Works WkImgSrv.dll ActiveX Control WksPictureInterface vulnerability

Added: 01/08/2009 CVE: CVE-2008-1898 BID: 28820 OSVDB: 44458 Background Microsoft Works is a suite of productivity tools for home users. Problem The WkImgSrv.dll ActiveX control included in Microsoft Works allows command execution when a user loads a web page which instantiates the control with a...

9.3CVSS6.3AI score0.52033EPSS
Exploits7
saint
saint
•added 2008/12/31 12:0 a.m.•37 views

Mozilla Firefox UTF-8 URL buffer overflow

Added: 12/31/2008 CVE: CVE-2008-0016 BID: 31397 OSVDB: 48780 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A buffer overflow vulnerability in Mozilla Firefox allows command execution when a user follows a link to a specially crafted UTF-8 URL...

10CVSS10AI score0.43921EPSS
Exploits12
saint
saint
•added 2008/12/11 12:0 a.m.•37 views

Windows search-ms protocol handler command execution vulnerability

Added: 12/11/2008 CVE: CVE-2008-4269 BID: 32652 OSVDB: 50566 Background The search-ms protocol allows applications to query the Windows Search index. Problem A vulnerability in Windows allows command execution when a user follows a specially crafted search-ms URL which passes arbitrary arguments ...

8.5CVSS6.4AI score0.20516EPSS
Exploits5
saint
saint
•added 2008/10/31 12:0 a.m.•37 views

Trend Micro OfficeScan CGI programs POST request buffer overflow

Added: 10/31/2008 CVE: CVE-2008-3862 BID: 31859 OSVDB: 49275 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending specially crafted HTTP POST requests ...

10CVSS7.7AI score0.18406EPSS
Exploits6
saint
saint
•added 2008/10/24 12:0 a.m.•37 views

Microsoft Excel formula parsing integer overflow

Added: 10/24/2008 CVE: CVE-2008-4019 BID: 31706 OSVDB: 49078 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem An integer overflow in the REPT function allows command execution when a user loads an Exc...

9.3CVSS6.6AI score0.34415EPSS
Exploits5
saint
saint
•added 2008/10/07 12:0 a.m.•37 views

Microsoft Rich Textbox ActiveX control SaveFile vulnerability

Added: 10/07/2008 CVE: CVE-2008-0237 BID: 27201 OSVDB: 40234 Background Microsoft Rich Textbox is an ActiveX control which comes with Visual Basic and allows creation of formatted text in RTF files. It is located in the Richtx32.ocx file. Problem The SaveFile method in the Rich Textbox ActiveX...

6.8CVSS6AI score0.20466EPSS
Exploits5
saint
saint
•added 2008/09/23 12:0 a.m.•37 views

Trend Micro OfficeScan cgiRecvFile.exe ComputerName buffer overflow

Added: 09/23/2008 CVE: CVE-2008-2437 BID: 31139 OSVDB: 48024 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability in cgiRecvFile.exe allows remote attackers to execute arbitrary commands by sending an HTTP request...

10CVSS7.8AI score0.06673EPSS
Exploits5
saint
saint
•added 2008/09/09 12:0 a.m.•37 views

Windows Media Encoder 9 wmex.dll ActiveX buffer overflow

Added: 09/09/2008 CVE: CVE-2008-3008 BID: 31065 OSVDB: 47962 Background Windows Media Encoder is a tool for content producers to capture and compress audio and video content. Windows Media Encoder 9 installs the wmex.dll ActiveX control. Problem A buffer overflow vulnerability in the wmex.dll...

9.3CVSS6.8AI score0.54553EPSS
Exploits9
saint
saint
•added 2008/07/30 12:0 a.m.•37 views

Apache Tomcat JK Web Server Connector URI worker map buffer overflow

Added: 07/30/2008 CVE: CVE-2007-0774 BID: 22791 OSVDB: 33855 Background Apache Tomcat is a Java web application platform which can run under various types of web servers. The JK Web Server Connector modjk is used for communication between Tomcat and the web server. Problem A buffer overflow in a...

7.5CVSS8AI score0.81513EPSS
Exploits8
saint
saint
•added 2008/07/21 12:0 a.m.•37 views

SNMPc Network Manager SNMP TRAP community string buffer overflow

Added: 07/21/2008 CVE: CVE-2008-2214 BID: 28990 OSVDB: 44885 Background SNMPc Network Manager is a distributed network management and monitoring solution. Problem A buffer overflow vulnerability in SNMPc Network Manager allows remote attackers to execute arbitrary commands by sending an SNMP TRAP...

10CVSS7.8AI score0.08838EPSS
Exploits5
saint
saint
•added 2008/04/04 12:0 a.m.•37 views

Microsoft Office Drawing Shapes memory corruption vulnerability

Added: 04/04/2008 CVE: CVE-2008-0118 BID: 28146 OSVDB: 42709 Background Microsoft Office is a package which provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. Problem A memory corruption vulnerability allows command...

9.3CVSS9.6AI score0.34842EPSS
Exploits5
saint
saint
•added 2008/03/14 12:0 a.m.•37 views

Microsoft Excel conditional formatting vulnerability

Added: 03/14/2008 CVE: CVE-2008-0117 BID: 28170 OSVDB: 42731 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A vulnerability in Microsoft Excel allows command execution when a user opens a file...

9.3CVSS9.5AI score0.33362EPSS
Exploits5
saint
saint
•added 2008/03/03 12:0 a.m.•37 views

Trend Micro OfficeScan Policy Server CGI buffer overflow

Added: 03/03/2008 CVE: CVE-2008-1365 BID: 28020 OSVDB: 42500 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability in the Policy Server for Cisco NAC component allows remote attackers to execute arbitrary commands by...

6.4CVSS7.8AI score0.51111EPSS
Exploits8
saint
saint
•added 2008/03/03 12:0 a.m.•37 views

Trend Micro OfficeScan Policy Server CGI buffer overflow

Added: 03/03/2008 CVE: CVE-2008-1365 BID: 28020 OSVDB: 42500 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability in the Policy Server for Cisco NAC component allows remote attackers to execute arbitrary commands by...

6.4CVSS7.8AI score0.51111EPSS
Exploits8
saint
saint
•added 2008/03/03 12:0 a.m.•37 views

Trend Micro OfficeScan Policy Server CGI buffer overflow

Added: 03/03/2008 CVE: CVE-2008-1365 BID: 28020 OSVDB: 42500 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability in the Policy Server for Cisco NAC component allows remote attackers to execute arbitrary commands by...

6.4CVSS7.9AI score0.51111EPSS
Exploits8
saint
saint
•added 2008/02/22 12:0 a.m.•37 views

Microsoft Works File Converter index table vulnerability

Added: 02/22/2008 CVE: CVE-2008-0105 BID: 27658 OSVDB: 41458 Background The Microsoft Works File Converter allows Microsoft Office to open Microsoft Works files. Problem A buffer overflow vulnerability in the Microsoft Works File Converter allows arbitrary command execution when a user opens a .w...

9.3CVSS6.8AI score0.43757EPSS
Exploits5
saint
saint
•added 2007/12/03 12:0 a.m.•37 views

MIT Kerberos 5 RPC library RPCSEC_GSS buffer overflow

Added: 12/03/2007 CVE: CVE-2007-3999 BID: 25534 OSVDB: 37324 Background Kerberos is a network authentication protocol which provides strong authentication for client/server applications. MIT Kerberos 5 is a free implementation of this protocol. Problem A buffer overflow in the svcauthgssvalidate...

10CVSS9.5AI score0.10997EPSS
Exploits4
saint
saint
•added 2007/11/19 12:0 a.m.•37 views

QuickTime PICT image UncompressedQuickTimeData buffer overflow

Added: 11/19/2007 CVE: CVE-2007-4672 BID: 26344 OSVDB: 38547 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow vulnerability in QuickTime allows command execution when a user opens a specially crafted PICT image containing an invalid...

7.6CVSS6.8AI score0.08053EPSS
Exploits4
saint
saint
•added 2007/09/20 12:0 a.m.•37 views

Symantec Norton NavComUI ActiveX control vulnerability

Added: 09/20/2007 CVE: CVE-2007-2955 BID: 24983 OSVDB: 36477 Background The Symantec Norton product suite includes antivirus, firewall, and other security functions. Problem Vulnerabilities in the AxSysListView32 and AxSysListView32OAA ActiveX controls, implemented by the NavComUI.dll library...

6.8CVSS6.7AI score0.0405EPSS
Exploits4
saint
saint
•added 2007/08/23 12:0 a.m.•37 views

Trend Micro ServerProtect RPC NTF_SetPagerNotifyConfig buffer overflow

Added: 08/23/2007 CVE: CVE-2007-4218 BID: 25395 OSVDB: 39754 Background ServerProtect is a virus scanner for servers. Problem A buffer overflow in the NTFSetPagerNotifyConfig function within the Notification.dll library allows remote attackers to execute arbitrary commands by sending a specially...

10CVSS7.7AI score0.13021EPSS
Exploits12
saint
saint
•added 2007/06/22 12:0 a.m.•37 views

Solaris loadable kernel module directory traversal

Added: 06/22/2007 CVE: CVE-2004-1767 BID: 9477 OSVDB: 15128 Background Loadable kernel modules are programs which can be dynamically loaded into the kernel. Problem A directory traversal vulnerability in the vfsgetvfssw function in the Solaris kernel allows unprivileged users to load their own...

7.2CVSS6.2AI score0.00433EPSS
Exploits4
saint
saint
•added 2007/06/20 12:0 a.m.•37 views

Internet Explorer Content Advisor memory corruption

Added: 06/20/2007 CVE: CVE-2005-0555 BID: 13117 OSVDB: 15466 Background The Content Advisor is used to control what content is viewable in Internet Explorer. Problem A memory corruption vulnerability in the Content Advisor allows command execution when a user loads a specially crafted page in...

7.5CVSS7.8AI score0.58357EPSS
Exploits4
saint
saint
•added 2007/05/04 12:0 a.m.•37 views

Microsoft Step-by-Step Interactive Training bookmark buffer overflow

Added: 05/04/2007 CVE: CVE-2006-3448 BID: 22484 OSVDB: 31883 Background Microsoft Step-by-Step Interactive Training is the engine used by various training programs. Problem A buffer overflow vulnerability in Microsoft Step-by-Step Interactive Training allows command execution when a specially...

9.3CVSS6.9AI score0.36671EPSS
Exploits4
saint
saint
•added 2007/03/30 12:0 a.m.•37 views

System V login argument array buffer overflow

Added: 03/30/2007 CVE: CVE-2001-0797 BID: 3681 OSVDB: 690 Background The login program is used by various applications for authentication to the system. Problem The login program dervied from System V is affected by a buffer overflow vulnerability when processing a long argument array. A remote...

10CVSS7.7AI score0.88836EPSS
Exploits27
saint
saint
•added 2007/03/12 12:0 a.m.•37 views

snmpXdmid buffer overflow

Added: 03/12/2007 CVE: CVE-2001-0236 BID: 2417 OSVDB: 546 Background The SNMP to DMI mapper daemon snmpXdmid translates Simple Network Management Protocol SNMP events to Desktop Management Interface DMI indications and vice-versa. Problem snmpXdmid is affected by a buffer overflow vulnerability...

10CVSS7.4AI score0.72036EPSS
Exploits6
saint
saint
•added 2007/02/21 12:0 a.m.•37 views

Trend Micro OfficeScan client ActiveX control buffer overflow

Added: 02/21/2007 CVE: CVE-2007-0325 BID: 22585 OSVDB: 33040 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem The OfficeScan Web-Deployment SetupINICtrl ActiveX control, which is vulnerable to buffer overflows in multiple methods, is...

9.3CVSS6.6AI score0.34006EPSS
Exploits6
saint
saint
•added 2006/10/12 12:0 a.m.•37 views

Microsoft PowerPoint NamedShows record code execution

Added: 10/12/2006 CVE: CVE-2006-4694 BID: 20226 OSVDB: 29259 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem Improper handling of malformed NamedShows records in PowerPoint files allows command execution. Resolution Apply the patch...

9.3CVSS6.4AI score0.12458EPSS
Exploits4
saint
saint
•added 2006/07/28 12:0 a.m.•37 views

Windows RASMAN registry corruption vulnerability

Added: 07/28/2006 CVE: CVE-2006-2371 BID: 18358 OSVDB: 26436 Background The Routing and Remote Access Service RRAS allows a Windows computer to act as a router, dial-up access server, VPN server, or network address translator. The Remote Access Connection Manager RASMAN service handles the detail...

7.5CVSS7.5AI score0.21943EPSS
Exploits6
saint
saint
•added 2006/07/28 12:0 a.m.•37 views

Computer Associates License Service GCR buffer overflow

Added: 07/28/2006 CVE: CVE-2005-0581 BID: 12705 OSVDB: 14389 Background The License service comes with most Computer Associatesproducts and exchanges license information over ports 10202/tcp and 10203/tcp. Problem A buffer overflow vulnerability in the processing of GCR messages allows remote...

4.6CVSS7.3AI score0.46344EPSS
Exploits24
saint
saint
•added 2006/07/06 12:0 a.m.•37 views

IMail LDAP buffer overflow

Added: 07/06/2006 CVE: CVE-2004-0297 BID: 9682 OSVDB: 3984 Background IMail is an e-mail server for Windows platforms. It includes a service which implements the Lightweight Directory Access Protocol LDAP. Problem A buffer overflow in IMail's LDAP service allows a remote attacker to overwrite the...

10CVSS7.2AI score0.68129EPSS
Exploits8
saint
saint
•added 2006/06/09 12:0 a.m.•37 views

Mozilla Firefox GIF processing buffer overflow

Added: 06/09/2006 CVE: CVE-2005-0399 BID: 12881 OSVDB: 14937 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A heap overflow in Mozilla Firefox when processing GIF images with the obsolete Netscape extension 2 allows command execution when a use...

5.1CVSS6.8AI score0.15116EPSS
Exploits4
saint
saint
•added 2006/06/02 12:0 a.m.•37 views

Samba call_trans2open buffer overflow

Added: 06/02/2006 CVE: CVE-2003-0201 BID: 7294 OSVDB: 4469 Background Samba is a software package which implements the SMB protocol on a variety of platforms, providing compatibility with Windows systems. Problem A buffer overflow in the calltrans2open function allows anonymous remote attackers t...

10CVSS7.4AI score0.84502EPSS
Exploits23
saint
saint
•added 2006/05/17 12:0 a.m.•37 views

SHOUTcast filename format string vulnerability

Added: 05/17/2006 CVE: CVE-2004-1373 BID: 12096 OSVDB: 12585 Background SHOUTcast is a streaming audio server based on Winamp. Problem A format string vulnerability in SHOUTcast allows remote attackers to execute commands by requesting a MP3 filename containing format string characters such as %n...

7.5CVSS6.9AI score0.70066EPSS
Exploits8
saint
saint
•added 2006/04/07 12:0 a.m.•37 views

VERITAS Backup Exec Agent Browser hostname buffer overflow

Added: 04/07/2006 CVE: CVE-2004-1172 BID: 11974 OSVDB: 12418 Background VERITAS Backup Exec for Windows is a data backup and recovery solution. Problem A buffer overflow in the VERITAS Backup Exec Agent Browser allows a remote attacker to execute commands by sending a long, specially crafted...

10CVSS7.2AI score0.81791EPSS
Exploits7
saint
saint
•added 2006/02/24 12:0 a.m.•37 views

Internet Explorer COM object instantiation vulnerability

Added: 02/24/2006 CVE: CVE-2005-1990 BID: 14511 OSVDB: 18612 Background Windows operating systems use the Component Object Model COM to allow various program components to be run within different applications. Problem Improper instantiation of certain COM objects as ActiveX controls by Internet...

5.1CVSS6.9AI score0.48513EPSS
Exploits4
saint
saint
•added 2006/02/10 12:0 a.m.•37 views

Mozilla Firefox QueryInterface method memory corruption

Added: 02/10/2006 CVE: CVE-2006-0295 BID: 16476 OSVDB: 22893 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A memory corruption in the QueryInterface method of the Location and Navigator objects leads to command execution. Resolution Upgrade to...

5.1CVSS6.7AI score0.70741EPSS
Exploits16
saint
saint
•added 2006/02/10 12:0 a.m.•37 views

Mozilla Firefox QueryInterface method memory corruption

Added: 02/10/2006 CVE: CVE-2006-0295 BID: 16476 OSVDB: 22893 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A memory corruption in the QueryInterface method of the Location and Navigator objects leads to command execution. Resolution Upgrade to...

5.1CVSS6.7AI score0.70741EPSS
Exploits16
saint
saint
•added 2006/02/01 12:0 a.m.•37 views

Citrix Program Neighborhood name buffer overflow

Added: 02/01/2006 CVE: CVE-2005-3652 BID: 15907 OSVDB: 21816 Background Citrix Presentation Server, formerly Citrix MetaFrame, allows applications to be deployed across a network to various client platforms, including Windows, Unix, Macintosh, DOS, and OS/2. The Program Neighborhood Agent running...

7.5CVSS6.8AI score0.15967EPSS
Exploits4
saint
saint
•added 2005/12/30 12:0 a.m.•37 views

Windows WMF handling vulnerability

Added: 12/30/2005 CVE: CVE-2005-4560 BID: 16074 OSVDB: 21987 Background A Windows Metafile WMF image is a 16-bit metafile format that can contain both vector information and bitmap information. Problem A flaw in the way specially crafted WMF images are handled can allow arbitrary command executio...

7.5CVSS6.3AI score0.86476EPSS
Exploits14
saint
saint
•added 2005/12/30 12:0 a.m.•37 views

Eudora WorldMail IMAP LIST command buffer overflow

Added: 12/30/2005 CVE: CVE-2005-4267 BID: 15980 OSVDB: 22097 Background Eudora WorldMail is an e-mail server for Windows. Problem A long IMAP command ending with a close brace character could result in a buffer overflow, leading to remote command execution. Resolution Upgrade to a version of Eudo...

7.5CVSS6.8AI score0.66803EPSS
Exploits10
saint
saint
•added 2005/11/30 12:0 a.m.•37 views

VERITAS NetBackup Java Administration Console format string vulnerability

Added: 11/30/2005 CVE: CVE-2005-2715 BID: 15079 OSVDB: 19949 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The bpjava-msvc component of the Java Administration Console in Veritas NetBackup 4.5 through 6.0 is affected by a format string vulnerabilit...

10CVSS6.5AI score0.60356EPSS
Exploits6
Total number of security vulnerabilities4305