4304 matches found
HP Data Protector Express DtbClsLogin function buffer overflow
Added: 10/07/2010 CVE: CVE-2010-3007 BID: 43105 OSVDB: 67973 Background HP Data Protector Express is a backup and recovery solution for single machines and small networks. Problem A buffer overflow vulnerability in dpwindtb.dll in the DtbClsLogin function allows remote attackers to execute...
Oracle Secure Backup Administration property_box.php Other Variable Command Injection
Added: 09/29/2010 CVE: CVE-2010-0899 BID: 41616 OSVDB: 66333 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command injection vulnerability in the Oracle Secure Backup web interface allows remote attackers to execute arbitrary...
Lotus Domino nrouter.exe iCalendar MAILTO buffer overflow
Added: 09/24/2010 CVE: CVE-2010-3407 BID: 43219 OSVDB: 68040 Background IBM Lotus Domino is a messaging and collaboration solution for multiple platforms. Problem A buffer overflow in the nrouter.exe service allows remote attackers to execute arbitrary commands by sending an iCalendar message...
CA XOsoft Control Service entry_point.aspx Remote Code Execution
Added: 06/07/2010 CVE: CVE-2010-1223 BID: 39238 OSVDB: 63611 Background CA XOsoft is storage and recovery management software that includes applications for combined business continuity and disaster recovery. The CA XOsoft product family includes CA XOsoft Replication, CA XOsoft High Availability...
HP OpenView Network Node Manager getnnmdata.exe CGI MaxAge buffer overflow
Added: 05/21/2010 CVE: CVE-2010-1553 BID: 40070 OSVDB: 64976 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in Network Node Manager allows remote attackers to execute arbitrary commands by sending a...
Orbital Viewer buffer overflow
Added: 03/24/2010 CVE: CVE-2010-0688 BID: 38436 OSVDB: 62580 Background Orbital Viewer is a program for viewing atomic and molecular orbitals. Problem A buffer overflow vulnerability in Orbital Viewer allows command execution when a user opens a specially crafted .orb file. Resolution Do not open...
Open and Compact FTP Server Long Password Buffer Overflow
Added: 03/22/2010 Background Open and Compact FTP Server Open-FTPD is a Windows-based compact FTP server. Problem A buffer overflow vulnerability allows command execution as a result of an overly long password. Resolution Upgrade to a version newer than 1.2 when it becomes available, or use a...
Microsoft Excel DbOrParamQry memory corruption
Added: 03/11/2010 CVE: CVE-2010-0264 BID: 38555 OSVDB: 62823 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A memory corruption vulnerability in Microsoft Excel allows command execution when a user...
Lotus Domino Web Access ActiveX control InstallBrowserHelperDll buffer overflow
Added: 03/05/2010 BID: 38457 OSVDB: 62612 Background Lotus Domino Web Access provides capabilities similar to those of the Lotus Notes client, delivered through a web browser. It includes an ActiveX control implemented in inotes6w.dll, dwa7w.dll, dwa8w.dll, and dwa85w.dll. Problem A buffer overfl...
Wireshark LWRES dissector buffer overflow
Added: 02/17/2010 CVE: CVE-2010-0304 BID: 37985 OSVDB: 61987 Background Wireshark is a network packet analyzer. Problem A buffer overflow vulnerability in the LWRES dissector allows command execution when a user sends a specially crafted datagram over a network which is being analyzed by Wireshar...
HP OpenView Network Node Manager ovalarm.exe Accept-Language buffer overflow
Added: 12/22/2009 CVE: CVE-2009-4179 BID: 37261 OSVDB: 60930 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow in the ovalarm.exe CGI program allows command execution when an attacker sends an HTTP request to this...
HP OpenView Network Node Manager ovalarm.exe Accept-Language buffer overflow
Added: 12/22/2009 CVE: CVE-2009-4179 BID: 37261 OSVDB: 60930 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow in the ovalarm.exe CGI program allows command execution when an attacker sends an HTTP request to this...
IBM Tivoli Storage Manager Client CAD Service Buffer Overflow
Added: 11/20/2009 CVE: CVE-2009-3853 OSVDB: 59632 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon CAD on port 1582/TCP. Problem The vulnerability is caused by an input validation error in t...
Microsoft Office Art Property Table Memory Corruption
Added: 10/22/2009 CVE: CVE-2009-2528 BID: 36650 OSVDB: 58869 Background Microsoft Office is a package that provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. MS Office XP 2002 and MS Office 2000 use the Microsoft Windows...
Safari WebKit floating point number buffer overflow
Added: 09/16/2009 CVE: CVE-2009-2195 BID: 36023 OSVDB: 56988 Background Safari is a web browser for Mac OS X and Windows. Safari is built upon the WebKit browser engine. Problem A buffer overflow vulnerability in WebKit allows command execution when a user loads a page which contains a specially...
Microsoft Office Web Components OWC.Spreadsheet BorderAround vulnerability
Added: 08/24/2009 CVE: CVE-2009-2496 BID: 35991 OSVDB: 56915 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A heap corruption vulnerability in the OWC10.Spreadsheet ActiveX control allows command execution when a user opens a web...
MS Office Word malformed Sprm record buffer overflow
Added: 08/05/2009 CVE: CVE-2009-0565 BID: 35190 OSVDB: 54960 Background Microsoft Office Word is Microsoft's word processing software, released as a component of Microsoft Office suite. Problem A buffer overflow in Microsoft Office Word allows remote command execution when a specially crafted Wor...
Motorola Timbuktu PlughNTCommand named pipe string buffer overflow
Added: 07/13/2009 CVE: CVE-2009-1394 BID: 35496 OSVDB: 55436 Background Motorola Timbuktu is remote control software for Windows and Mac. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted character string to the...
Microsoft PowerPoint Legacy Format Scheme record buffer overflow
Added: 06/26/2009 CVE: CVE-2009-0226 BID: 34881 OSVDB: 54385 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A buffer overflow vulnerability in Microsoft PowerPoint allows command execution when a user opens a PowerPoint 4.0 stream...
Adobe Reader Javascript API getAnnots method vulnerability
Added: 05/29/2009 CVE: CVE-2009-1492 BID: 34736 OSVDB: 54130 Background Adobe Reader is free software for viewing PDF documents. Problem A vulnerability in the Javascript API allows command execution when a user opens a PDF file which calls the getAnnots method with specially crafted arguments...
Windows GDI Privilege Elevation
Added: 05/25/2009 CVE: CVE-2006-5758 BID: 20940 OSVDB: 30214 Background The Graphics Rendering Engine in Microsoft Windows 2000 and Windows XP maps GDI Kernel structures on a global shared memory section that is created with insecure permissions. Problem Users with local access can remap the shar...
Windows GDI Privilege Elevation
Added: 05/25/2009 CVE: CVE-2006-5758 BID: 20940 OSVDB: 30214 Background The Graphics Rendering Engine in Microsoft Windows 2000 and Windows XP maps GDI Kernel structures on a global shared memory section that is created with insecure permissions. Problem Users with local access can remap the shar...
Microsoft PowerPoint 2000 CurrentUserAtom buffer overflow
Added: 05/21/2009 CVE: CVE-2009-1131 BID: 34841 OSVDB: 54393 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A buffer overflow vulnerability in Microsoft PowerPoint allows command execution when a user opens a presentation containin...
Microsoft PowerPoint Legacy File Format Master Page buffer overflow
Added: 05/14/2009 CVE: CVE-2009-1137 BID: 34876 OSVDB: 54381 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A buffer overflow vulnerability in the Legacy File Format conversion filter PP4X322.dll allows command execution when a use...
Symantec Alert Management System Intel File Transfer service command execution
Added: 05/06/2009 CVE: CVE-2009-1431 BID: 34675 OSVDB: 54160 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. The Intel File Transfer service is a component of AMS2 which is used to aid communication between the core server and managed clients. It...
Java Runtime Environment JAR manifest Main Class buffer overflow
Added: 02/26/2009 CVE: CVE-2008-5354 BID: 32608 OSVDB: 50499 Background Java Runtime Environment JRE allows end users to run Java applications. Problem A buffer overflow vulnerability in JRE allows command execution when a user opens a JAR archive containing a manifest file with a specially craft...
Internet Explorer deleted object memory corruption
Added: 02/23/2009 CVE: CVE-2009-0075 BID: 33627 OSVDB: 51839 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A memory corruption vulnerability allows command execution when a user opens a specially crafted web page which causes a...
HP OpenView Network Node Manager getcvdata.exe parameter string buffer overflow
Added: 01/14/2009 CVE: CVE-2008-0067 BID: 33147 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending an HTTP request for the getcvdata.exe C...
Mozilla Firefox UTF-8 URL buffer overflow
Added: 12/31/2008 CVE: CVE-2008-0016 BID: 31397 OSVDB: 48780 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A buffer overflow vulnerability in Mozilla Firefox allows command execution when a user follows a link to a specially crafted UTF-8 URL...
Computer Associates License Service invalid command buffer overflow
Added: 12/24/2008 CVE: CVE-2005-0581 BID: 12705 OSVDB: 14389 Background The License service comes with most Computer Associatesproducts and exchanges license information over ports 10202/tcp and 10203/tcp. Problem A buffer overflow vulnerability allows a remote attacker to execute arbitrary...
Internet Explorer XML data binding memory corruption
Added: 12/12/2008 CVE: CVE-2008-4844 BID: 32721 OSVDB: 50622 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A data binding error allows command execution when a user loads specially crafted XML code containing nested SPAN tags,...
GoodTech SSH Server SFTP buffer overflow
Added: 11/28/2008 CVE: CVE-2008-4726 BID: 31879 OSVDB: 49249 Background GoodTech SSH Server is an SSH Server providing secure remote console, secure file transfer, and secure port forwarding capabilities for Windows platforms. Problem Buffer overflow vulnerabilities in GoodTech SSH Server allow...
Microsoft Excel formula parsing integer overflow
Added: 10/24/2008 CVE: CVE-2008-4019 BID: 31706 OSVDB: 49078 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem An integer overflow in the REPT function allows command execution when a user loads an Exc...
Openwsman HTTP Basic Authentication buffer overflow
Added: 10/17/2008 CVE: CVE-2008-2234 BID: 30694 OSVDB: 47534 Background Openwsman is an open-source implementation of the Web Services Management specification. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted HTTP Basic...
Microsoft Visual Studio MaskedEdit ActiveX buffer overflow
Added: 09/03/2008 CVE: CVE-2008-3704 BID: 30674 OSVDB: 47475 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem A buffer overflow in the MaskedEdit ActiveX control allows command execution when a user loads a web page which...
Microsoft Access Snapshot Viewer file download vulnerability
Added: 07/11/2008 CVE: CVE-2008-2463 BID: 30144 OSVDB: 46749 Background The Snapshot Viewer for Microsoft Access is used to display report snapshots without needing to fully invoke Access. It enables an ActiveX control in snapview.ocx. Problem The Snapshot Viewer ActiveX control allows remote fil...
Microsoft Access Snapshot Viewer file download vulnerability
Added: 07/11/2008 CVE: CVE-2008-2463 BID: 30144 OSVDB: 46749 Background The Snapshot Viewer for Microsoft Access is used to display report snapshots without needing to fully invoke Access. It enables an ActiveX control in snapview.ocx. Problem The Snapshot Viewer ActiveX control allows remote fil...
OpenOffice OLE importer DocumentSummaryInformation buffer overflow
Added: 06/20/2008 CVE: CVE-2008-0320 BID: 28819 OSVDB: 44472 Background OpenOffice is a free productivity suite for multiple platforms. OpenOffice includes an importer for Microsoft's Object Linking and Embedding OLE framework. Problem A buffer overflow vulnerability in the OLE importer allows...
Adobe Photoshop Album Starter Edition BMP image header buffer overflow
Added: 05/08/2008 CVE: CVE-2008-1765 BID: 28874 OSVDB: 44579 Background Adobe Photoshop Album Starter Edition is free software for editing and sharing photos. Problem A buffer overflow vulnerability in Adobe Photoshop Album Starter Edition allows command execution when a user opens a BMP image fi...
Borland InterBase ibserver.exe Service Attach request buffer overflow
Added: 04/21/2008 CVE: CVE-2008-1910 BID: 28730 OSVDB: 44455 Background Borland Interbase is a database solution for Windows, Linux, and Solaris platforms. Problem A buffer overflow vulnerability in ibserver.exe allows remote attackers to execute arbitrary commands by sending a long, specially...
Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX Control overflow
Added: 03/12/2008 CVE: CVE-2006-4695 BID: 28135 OSVDB: 42711 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...
Veritas Storage Foundation Administrator service buffer overflow
Added: 03/03/2008 CVE: CVE-2008-0638 BID: 25778 OSVDB: 41978 Background Veritas Storage Foundation is an online storage management solution. An Administrator service, implemented by vxsvc.exe, listens on port 3207 by default. Problem A buffer overflow vulnerability in the Administrator service...
Microsoft Works File Converter index table vulnerability
Added: 02/22/2008 CVE: CVE-2008-0105 BID: 27658 OSVDB: 41458 Background The Microsoft Works File Converter allows Microsoft Office to open Microsoft Works files. Problem A buffer overflow vulnerability in the Microsoft Works File Converter allows arbitrary command execution when a user opens a .w...
MacroVision InstallShield Update Service DownloadAndExecute buffer overflow
Added: 01/04/2008 CVE: CVE-2007-6654 BID: 27013 OSVDB: 39980 Background MacroVision InstallShield is software for creating installers or software packages. Problem A buffer overflow in the DownloadAndExecute function in the Update Service ActiveX control allows command execution when a user loads...
ACDSee XPM file section string buffer overflow
Added: 12/14/2007 CVE: CVE-2007-6009 BID: 26554 OSVDB: 45278 Background ACDSee is a suite of products for viewing and organizing photos. Problem A buffer overflow vulnerability in the IDX.apl, IDEACDStd.apl, IDPSP.apl, and AMLHA.apl plug-ins could allow command execution when a user opens an XPM...
Lotus Notes Lotus 1-2-3 file viewer buffer overflow
Added: 12/07/2007 CVE: CVE-2007-6593 BID: 26604 OSVDB: 40796 Background Lotus Notes is the client for Lotus Domino servers. Lotus Notes uses the Autonomy KeyView library to process files in the Lotus Worksheet File format WKS used by Lotus 1-2-3. Problem A buffer overflow vulnerability in the...
Kodak Image Viewer TIFF image handling vulnerability
Added: 10/15/2007 CVE: CVE-2007-2217 BID: 25909 OSVDB: 37627 Background The Windows Kodak Image Viewer is a utility for rendering various image formats. It is included in Windows 2000, and may also be present on newer versions of Windows if a computer was upgraded from Windows 2000. Problem A...
Trend Micro ServerProtect TMregChange buffer overflow
Added: 09/27/2007 CVE: CVE-2007-4731 OSVDB: 45878 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the TMregChange function in the TMreg.dll library allows remote attackers to execute arbitrary commands by sending specially crafted da...
Trend Micro ServerProtect RPC NTF_SetPagerNotifyConfig buffer overflow
Added: 08/23/2007 CVE: CVE-2007-4218 BID: 25395 OSVDB: 39754 Background ServerProtect is a virus scanner for servers. Problem A buffer overflow in the NTFSetPagerNotifyConfig function within the Notification.dll library allows remote attackers to execute arbitrary commands by sending a specially...
Trend Micro OfficeScan session cookie buffer overflow
Added: 07/20/2007 CVE: CVE-2007-3454 BID: 24641 OSVDB: 36629 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability in the CGIOCommon.dll shared library allows remote attackers to execute arbitrary commands by sending ...