Lucene search
+L
SaintMost viewed

4305 matches found

saint
saint
•added 2008/10/07 12:0 a.m.•36 views

Microsoft Rich Textbox ActiveX control SaveFile vulnerability

Added: 10/07/2008 CVE: CVE-2008-0237 BID: 27201 OSVDB: 40234 Background Microsoft Rich Textbox is an ActiveX control which comes with Visual Basic and allows creation of formatted text in RTF files. It is located in the Richtx32.ocx file. Problem The SaveFile method in the Rich Textbox ActiveX...

6.8CVSS6AI score0.20466EPSS
Exploits5
saint
saint
•added 2008/09/19 12:0 a.m.•36 views

Microsoft PowerPoint Viewer picture index CString object integer overflow

Added: 09/19/2008 CVE: CVE-2008-0120 BID: 30552 OSVDB: 47406 Background Microsoft PowerPoint Viewer 2003 is a free tool which allows viewing of Microsoft PowerPoint presentations without requiring Microsoft PowerPoint itself. Problem An integer overflow vulnerability in the handling of CString...

9.3CVSS6.6AI score0.31932EPSS
Exploits5
saint
saint
•added 2008/09/08 12:0 a.m.•36 views

Novell iPrint Client nipplib.dll ActiveX buffer overflow

Added: 09/08/2008 CVE: CVE-2008-2436 BID: 30986 OSVDB: 47897 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem A buffer overflow vulnerability in the...

9.3CVSS6.8AI score0.04883EPSS
Exploits5
saint
saint
•added 2008/08/27 12:0 a.m.•36 views

FlashGet FTP PWD buffer overflow

Added: 08/27/2008 CVE: CVE-2008-4321 BID: 30685 OSVDB: 47457 Background FlashGet is an FTP client formerly known as JetCar. Problem A buffer overflow in FlashGet allows command execution when a user connects to an FTP server which sends a specially crafted PWD response. Resolution Use a different...

9.3CVSS7AI score0.05737EPSS
Exploits5
saint
saint
•added 2008/08/13 12:0 a.m.•36 views

Internet Explorer print preview argument validation vulnerability

Added: 08/13/2008 CVE: CVE-2008-2259 BID: 30612 OSVDB: 47414 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A flaw in the handling of validation of arguments by the print preview function in Internet Explorer allows command...

9.3CVSS6.2AI score0.3008EPSS
Exploits5
saint
saint
•added 2008/08/13 12:0 a.m.•36 views

CoolPlayer m3u playlist processing filename buffer overflow

Added: 08/13/2008 CVE: CVE-2008-3408 BID: 30418 OSVDB: 47194 Background CoolPlayer is a free audio player for Windows platforms. Problem A buffer overflow vulnerability in CoolPlayer allows command execution when a user opens an m3u playlist file containing a specially crafted filename. Resolutio...

6.8CVSS7AI score0.09665EPSS
Exploits5
saint
saint
•added 2008/07/02 12:0 a.m.•36 views

HP OpenView Network Node Manager connectedNodes.ovpl command execution

Added: 07/02/2008 CVE: CVE-2005-2773 BID: 14662 OSVDB: 19057 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A command injection vulnerability in the connectedNodes.ovpl CGI script allows remote attackers to execute arbitrary comman...

9.8CVSS9.9AI score0.7409EPSS
Exploits9
saint
saint
•added 2008/04/18 12:0 a.m.•36 views

HP Openview Network Node Manager Ovalarmsrv buffer overflow

Added: 04/18/2008 CVE: CVE-2008-3544 BID: 28668 OSVDB: 50076 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in the Ovalarmsrv service in Network Node Manager allows remote attackers to execute...

9CVSS7.6AI score0.18043EPSS
Exploits5
saint
saint
•added 2008/03/18 12:0 a.m.•36 views

RealNetworks Helix Server RTSP Proxy-Require heap overflow

Added: 03/18/2008 CVE: CVE-2008-5911 BID: 33059 Background RealNetworks Helix Server is a media server supporting multiple formats and platforms. Problem A heap overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted Proxy-Require header i...

10CVSS7.6AI score0.06185EPSS
Exploits4
saint
saint
•added 2007/12/07 12:0 a.m.•36 views

Lotus Notes Lotus 1-2-3 file viewer buffer overflow

Added: 12/07/2007 CVE: CVE-2007-6593 BID: 26604 OSVDB: 40796 Background Lotus Notes is the client for Lotus Domino servers. Lotus Notes uses the Autonomy KeyView library to process files in the Lotus Worksheet File format WKS used by Lotus 1-2-3. Problem A buffer overflow vulnerability in the...

8.8CVSS6.8AI score0.06301EPSS
Exploits4
saint
saint
•added 2007/10/25 12:0 a.m.•36 views

RealPlayer ActiveX control playlist name buffer overflow

Added: 10/25/2007 CVE: CVE-2007-5601 BID: 26130 OSVDB: 41430 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem The RealPlayer Database Component MPAMedia.dll is affected by a buffer overflow...

9.3CVSS6.9AI score0.42365EPSS
Exploits9
saint
saint
•added 2007/10/11 12:0 a.m.•36 views

Microsoft SQL Server Distributed Management Objects buffer overflow

Added: 10/11/2007 CVE: CVE-2007-4814 BID: 25594 OSVDB: 38399 Background Microsoft SQL Server includes a Distributed Management Object model which offers a modern, object-oriented alternative to using stored procedures. The Distributed Management Object model is implemented by the sqldmo.dll Activ...

7.5CVSS7.3AI score0.4571EPSS
Exploits5
saint
saint
•added 2007/10/05 12:0 a.m.•36 views

Mercury Mail SMTP AUTH CRAM-MD5 buffer overflow

Added: 10/05/2007 CVE: CVE-2007-4440 BID: 25357 OSVDB: 39669 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem A buffer overflow vulnerability in the SMTP service allows remote attackers to execute arbitrary commands by sending a specially craft...

7.5CVSS7.8AI score0.64513EPSS
Exploits8
saint
saint
•added 2007/09/21 12:0 a.m.•36 views

Trend Micro ServerProtect SpntSvc RPC buffer overflow

Added: 09/21/2007 CVE: CVE-2007-4218 BID: 25395 OSVDB: 39753 Background ServerProtect is a virus scanner for servers. The Trend Micro ServerProtect service SpntSvc.exe handles RPC requests on port 5168/TCP. Problem Buffer overflow vulnerabilities in the Trend Micro ServerProtect service allow...

10CVSS7.7AI score0.13021EPSS
Exploits12
saint
saint
•added 2007/09/20 12:0 a.m.•36 views

Symantec Norton NavComUI ActiveX control vulnerability

Added: 09/20/2007 CVE: CVE-2007-2955 BID: 24983 OSVDB: 36477 Background The Symantec Norton product suite includes antivirus, firewall, and other security functions. Problem Vulnerabilities in the AxSysListView32 and AxSysListView32OAA ActiveX controls, implemented by the NavComUI.dll library...

6.8CVSS6.8AI score0.0405EPSS
Exploits4
saint
saint
•added 2007/08/10 12:0 a.m.•36 views

Novell Client 4.91 SP4 nwspool.dll buffer overflow

Added: 08/10/2007 CVE: CVE-2007-6701 BID: 25092 OSVDB: 37319 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem The nwspool.dll library in Novell Client is affected by buffer overflow vulnerabilities in several different functions, allowing remote...

10CVSS8AI score0.0717EPSS
Exploits6
saint
saint
•added 2007/07/27 12:0 a.m.•36 views

Ipswitch IMail Server IMAP SEARCH buffer overflow

Added: 07/27/2007 CVE: CVE-2007-3925 BID: 24962 OSVDB: 36219 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service could allow an authenticated attacker to execute arbitrary commands by sending a specially crafted SEARCH command...

6.5CVSS7.6AI score0.84673EPSS
Exploits7
saint
saint
•added 2007/06/29 12:0 a.m.•36 views

RealPlayer SMIL file wallclock buffer overflow

Added: 06/29/2007 CVE: CVE-2007-3410 BID: 24658 OSVDB: 37374 Background RealPlayer includes support for Synchronized Multimedia Integration Language SMIL files. Problem A buffer overflow vulnerability in the wallclock function could allow command execution upon opening a specially crafted SMIL...

9.3CVSS6.8AI score0.36069EPSS
Exploits6
saint
saint
•added 2007/05/17 12:0 a.m.•36 views

Adobe Photoshop PNG file handling buffer overflow

Added: 05/17/2007 CVE: CVE-2007-2365 BID: 23698 OSVDB: 35465 Background Adobe Photoshop is an application for editing digital images. Problem A buffer overflow vulnerability in Adobe Photoshop allows command execution when a user opens a specially crafted PNG image file. Resolution Do not open PN...

9.3CVSS6.8AI score0.51052EPSS
Exploits4
saint
saint
•added 2007/05/03 12:0 a.m.•36 views

BrightStor ARCserve Media Server SUN RPC buffer overflow

Added: 05/03/2007 CVE: CVE-2007-2139 BID: 23635 OSVDB: 34127 Background CA ARCserve Backup formerly BrightStor ARCserve Backup is a backup and recovery solution. ARCserve Media Server is a component which comes with ARCserve Backup. Problem ARCserve Media Server is affected by multiple buffer...

10CVSS7.8AI score0.77996EPSS
Exploits8
saint
saint
•added 2007/04/16 12:0 a.m.•36 views

Windows DNS server RPC management interface buffer overflow

Added: 04/16/2007 CVE: CVE-2007-1748 BID: 23470 OSVDB: 34100 Background The Windows DNS service runs an RPC management interface which listens on a dynamically assigned TCP port. Problem A buffer overflow vulnerability in the Windows DNS service allows remote attackers to execute arbitrary comman...

10CVSS9.9AI score0.79128EPSS
Exploits17
saint
saint
•added 2007/04/12 12:0 a.m.•36 views

Yahoo Messenger AudioConf ActiveX control buffer overflow

Added: 04/12/2007 CVE: CVE-2007-1680 BID: 23291 OSVDB: 34319 Background Yahoo! Messenger is an instant messaging application. It includes the AudioConf ActiveX control which is provided by yacscom.dll. Problem A buffer overflow vulnerability in the AudioConf ActiveX control allows command executi...

9.3CVSS6.9AI score0.08375EPSS
Exploits4
saint
saint
•added 2007/04/05 12:0 a.m.•36 views

Windows Animated Cursor Header buffer overflow

Added: 04/05/2007 CVE: CVE-2007-0038 BID: 23194 OSVDB: 33629 Background Animated cursor .ani files contain animated graphics for icons and cursors. Problem A buffer overflow in Windows allows command execution when opening a specially crafted .ani file containing large file headers. Resolution...

9.3CVSS6.7AI score0.7288EPSS
Exploits12
saint
saint
•added 2007/03/02 12:0 a.m.•36 views

Trend Micro ServerProtect ENG_SendEMail buffer overflow

Added: 03/02/2007 CVE: CVE-2007-1070 BID: 22639 OSVDB: 33042 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the ENGSendEMail function allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request...

10CVSS7.7AI score0.73767EPSS
Exploits27
saint
saint
•added 2007/01/11 12:0 a.m.•36 views

Microsoft Excel PALETTE record buffer overflow

Added: 01/11/2007 CVE: CVE-2007-0031 BID: 21922 OSVDB: 31258 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms. Problem A buffer overflow vulnerability in Microsoft Excel allows command execution when a user opens a speciall...

9.3CVSS6.8AI score0.41694EPSS
Exploits4
saint
saint
•added 2007/01/04 12:0 a.m.•36 views

QuickTime rtsp src URL buffer overflow

Added: 01/04/2007 CVE: CVE-2007-0015 BID: 21829 OSVDB: 31023 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow in QuickTime allows command execution when a user opens a specially crafted QTL file containing a long src parameter starting with rtsp:/...

6.8CVSS6.8AI score0.48419EPSS
Exploits10
saint
saint
•added 2006/12/26 12:0 a.m.•36 views

BrightStor ARCserve Backup Tape Engine ReserveGroup buffer overflow

Added: 12/26/2006 CVE: CVE-2006-6076 BID: 21221 OSVDB: 30637 Background The BrightStor ARCserve Backup server includes a Backup Tape Engine feature which allows use of tape drives for storage. Problem A buffer overflow vulnerability in the RPC ReserveGroup function allows remote attackers to...

10CVSS7.8AI score0.70215EPSS
Exploits11
saint
saint
•added 2006/12/22 12:0 a.m.•36 views

BrightStor ARCserve Backup Tape Engine GetGroupStatus buffer overflow

Added: 12/22/2006 CVE: CVE-2006-6076 BID: 21221 OSVDB: 30637 Background The BrightStor ARCserve Backup server includes a Backup Tape Engine feature which allows use of tape drives for storage. Problem A buffer overflow vulnerability in the RPC GetGroupStatus function allows remote attackers to...

10CVSS7.7AI score0.70215EPSS
Exploits11
saint
saint
•added 2006/11/09 12:0 a.m.•36 views

BrightStor ARCserve Message Engine RPC server buffer overflow

Added: 11/09/2006 CVE: CVE-2006-5143 BID: 20365 OSVDB: 29535 Background The BrightStor ARCserve Backup family of products includes a Message Engine which listens for connections on port 6503/TCP. Problem A buffer overflow in the ASCORE.dll library allows remote attackers to execute arbitrary...

7.5CVSS7.7AI score0.78513EPSS
Exploits12
saint
saint
•added 2006/09/29 12:0 a.m.•36 views

Internet Explorer WebViewFolderIcon setSlice integer overflow

Added: 09/29/2006 CVE: CVE-2006-3730 BID: 19030 OSVDB: 27110 Background The WebViewFolderIcon ActiveX control provides support for icons in the Windows Explorer Web view. Problem An integer overflow vulnerability in the setSlice method in the WebViewFolderIcon ActiveX control allows remote comman...

9.3CVSS6.8AI score0.63817EPSS
Exploits9
saint
saint
•added 2006/09/29 12:0 a.m.•36 views

Internet Explorer WebViewFolderIcon setSlice integer overflow

Added: 09/29/2006 CVE: CVE-2006-3730 BID: 19030 OSVDB: 27110 Background The WebViewFolderIcon ActiveX control provides support for icons in the Windows Explorer Web view. Problem An integer overflow vulnerability in the setSlice method in the WebViewFolderIcon ActiveX control allows remote comman...

9.3CVSS6.8AI score0.63817EPSS
Exploits9
saint
saint
•added 2006/08/21 12:0 a.m.•36 views

IBM eGatherer ActiveX RunEgatherer buffer overflow

Added: 08/21/2006 CVE: CVE-2006-4221 BID: 19554 OSVDB: 27976 Background The eGatherer ActiveX control is installed with IBM Access Support. Problem A buffer overflow in the eGatherer ActiveX control allows command execution by a web page which sends a long, specially crafted file name to the...

9.3CVSS6.8AI score0.08407EPSS
Exploits10
saint
saint
•added 2006/07/28 12:0 a.m.•36 views

Computer Associates License Service GCR buffer overflow

Added: 07/28/2006 CVE: CVE-2005-0581 BID: 12705 OSVDB: 14389 Background The License service comes with most Computer Associatesproducts and exchanges license information over ports 10202/tcp and 10203/tcp. Problem A buffer overflow vulnerability in the processing of GCR messages allows remote...

4.6CVSS7.3AI score0.46344EPSS
Exploits24
saint
saint
•added 2006/07/21 12:0 a.m.•36 views

Computer Associates License Client PUTOLF buffer overflow

Added: 07/21/2006 CVE: CVE-2005-0582 BID: 12705 OSVDB: 14389 Background The CA License Client comes with most Computer Associates products. It uses ports 10202/tcp and 10203/tcp to exchange product license information. Problem A buffer overflow in the CA License Client allows remote command...

10CVSS7.1AI score0.3702EPSS
Exploits4
saint
saint
•added 2006/07/17 12:0 a.m.•36 views

sipXtapi Cseq header buffer overflow

Added: 07/17/2006 CVE: CVE-2006-3524 BID: 18906 OSVDB: 27122 Background The Session Initiation Protocol SIP is a signaling protocol for a variety of uses, including instant messanging and Voice over Internet Protocol. sipXtapi is a client library for SIP-based user agents. It is included in Pingt...

7.5CVSS7.5AI score0.66993EPSS
Exploits14
saint
saint
•added 2006/06/30 12:0 a.m.•36 views

Windows RRAS memory corruption vulnerability

Added: 06/30/2006 CVE: CVE-2006-2370 BID: 18325 OSVDB: 26437 Background The Routing and Remote Access Service RRAS allows a Windows computer to act as a router, dial-up access server, VPN server, or network address translator. Problem A buffer overflow in RRAS allows remote attackers to execute...

7.5CVSS9.8AI score0.72969EPSS
Exploits18
saint
saint
•added 2006/04/19 12:0 a.m.•36 views

BrightStor ARCserve Backup discovery service buffer overflow

Added: 04/19/2006 CVE: CVE-2005-2535 BID: 12536 OSVDB: 13814 Background The BrightStor ARCserve Backup server includes a discovery service which listens on ports 41523/TCP and 41524/UDP. Problem A buffer overflow in the discovery service allows remote attackers to execute arbitrary commands...

7.5CVSS7.7AI score0.80866EPSS
Exploits8
saint
saint
•added 2006/04/05 12:0 a.m.•36 views

VERITAS NetBackup VMD argument parsing vulnerability

Added: 04/05/2006 CVE: CVE-2006-0989 BID: 17264 OSVDB: 24172 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem Volume Manager Daemon VMD is affected by a buffer overflow vulnerability when parsing arguments to various commands. This vulnerability allow...

9CVSS7.2AI score0.07927EPSS
Exploits4
saint
saint
•added 2006/02/14 12:0 a.m.•36 views

AWStats configdir parameter command execution

Added: 02/14/2006 CVE: CVE-2005-0116 BID: 12298 OSVDB: 13002 Background AWStats is a web application for showing web, FTP, and mail server statistics. Problem Insufficient validation of the configdir parameter before being used in a PERL open call leads to remote command execution. Resolution...

7.5CVSS6.6AI score0.74941EPSS
Exploits11
saint
saint
•added 2006/02/10 12:0 a.m.•36 views

Microsoft WINS replication service pointer corruption

Added: 02/10/2006 CVE: CVE-2004-1080 BID: 11763 OSVDB: 12378 Background The Windows Internet Naming Service WINS maps Netbios names to IP addresses. The WINS replication service runs on port 42/TCP and allows WINS servers to share Netbios name information with other WINS servers. Problem The WINS...

10CVSS6.2AI score0.81699EPSS
Exploits8
saint
saint
•added 2006/02/10 12:0 a.m.•36 views

Microsoft WINS replication service pointer corruption

Added: 02/10/2006 CVE: CVE-2004-1080 BID: 11763 OSVDB: 12378 Background The Windows Internet Naming Service WINS maps Netbios names to IP addresses. The WINS replication service runs on port 42/TCP and allows WINS servers to share Netbios name information with other WINS servers. Problem The WINS...

10CVSS6.2AI score0.81699EPSS
Exploits8
saint
saint
•added 2006/02/08 12:0 a.m.•36 views

Microsoft IIS 5.0 printer ISAPI extension buffer overflow

Added: 02/08/2006 CVE: CVE-2001-0241 BID: 2674 OSVDB: 3323 Background Microsoft IIS web servers include ISAPI extensions which are invoked in the server process to handle requests of a given type. Problem The ISAPI extension which handles requests for file names ending in .printer is affected by ...

10CVSS7.5AI score0.87032EPSS
Exploits10
saint
saint
•added 2005/12/22 12:0 a.m.•36 views

VERITAS Backup Exec CONNECT_CLIENT_AUTH buffer overflow

Added: 12/22/2005 CVE: CVE-2005-0773 BID: 14022 OSVDB: 17624 Background VERITAS Backup Exec is a network backup solution for Windows and Netware servers. Problem VERITAS Backup Exec is affected by a buffer overflow when handling CONNECTCLIENTAUTH requests with the Windows user authentication type...

7.5CVSS7.3AI score0.86365EPSS
Exploits9
saint
saint
•added 2005/12/10 12:0 a.m.•36 views

JRun mod_jrun WriteToLog buffer overflow

Added: 12/10/2005 CVE: CVE-2004-0646 BID: 11245 OSVDB: 10546 Background Macromedia JRun is a J2EE application server. modjrun is an Apache module which enables the use of JRun applications through an Apache web server. Problem A buffer overflow vulnerability in modjrun and modjrun20 allows a remo...

10CVSS7.7AI score0.07104EPSS
Exploits4
saint
saint
•added 2005/12/01 12:0 a.m.•36 views

Internet Explorer onload window vulnerability

Added: 12/01/2005 CVE: CVE-2005-1790 BID: 13799 OSVDB: 17094 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Internet Explorer fails to properly initialize the window function when called from an onLoad event in a body tag. This...

2.6CVSS6.2AI score0.83472EPSS
Exploits9
saint
saint
•added 2019/10/24 12:0 a.m.•35 views

Joomla Object Injection

Added: 10/24/2019 Background Joomla is a content management system written in PHP. Problem An object injection vulnerability in Joomla could allow a remote, unauthenticated attacker to execute arbitrary commands on the server. This vulnerability has been nicknamed "Rusty Joomla". Resolution Upgra...

8.3AI score
Exploits0
saint
saint
•added 2019/09/27 12:0 a.m.•35 views

vBulletin remote command execution via the widgetConfig[code] parameter

Added: 09/27/2019 Background vBulletin is a commercial web bulletin board application written in PHP using MySQL. Problem vBulletin allows remote command execution via the widgetConfigcode parameter in an ajax/render/widgetphp routestring request. Resolution Upgrade vBulletin to version higher th...

7.7AI score
Exploits0
saint
saint
•added 2017/09/25 12:0 a.m.•35 views

Trend Micro Control Manager importFile directory traversal

Added: 09/25/2017 BID: 96131 Background Trend Micro Control Manager streamlines administration of Trend Micro security solutions. Problem A directory traversal vulnerability in the importFile.php script allows remote attackers to upload files containing arbitrary PHP script under the document roo...

7.3AI score
Exploits0
saint
saint
•added 2016/12/01 12:0 a.m.•35 views

Disk Savvy Enterprise GET buffer overflow

Added: 12/01/2016 Background Disk Savvy Enterprise is a disk space usage analyzer. Problem A buffer overflow in Disk Savvy Enterprise when handling GET requests could allow remote code execution. Resolution Upgrade to a version higher than 9.1.14 when available. References Limitations Exploit wor...

0.6AI score
Exploits0
saint
saint
•added 2016/07/01 12:0 a.m.•35 views

op5 Monitor Nacoma command execution

Added: 07/01/2016 Background op5 Monitor is an open-source monitoring solution written in PHP. Problem The commandtest.php script in the Nacoma component of op5 Monitor can be used to execute arbitrary operating system commands. Resolution Upgrade to op5 Monitor 7.2.0 or higher. References...

1.2AI score
Exploits0
Total number of security vulnerabilities4305