Windows Media Player plugin EMBED buffer overflow

Added: 02/16/2006 CVE: CVE-2006-0005 BID: 16644 OSVDB: 23132 Background The Windows Media Player plug-in allows the processing of embedded media from inside other applications, such as web browsers. Problem A buffer overflow in the Windows Media Player plug-in allows remote command execution when...

Mozilla Firefox QueryInterface method memory corruption

Added: 02/10/2006 CVE: CVE-2006-0295 BID: 16476 OSVDB: 22893 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A memory corruption in the QueryInterface method of the Location and Navigator objects leads to command execution. Resolution Upgrade to...

Microsoft IIS 5.0 printer ISAPI extension buffer overflow

Added: 02/08/2006 CVE: CVE-2001-0241 BID: 2674 OSVDB: 3323 Background Microsoft IIS web servers include ISAPI extensions which are invoked in the server process to handle requests of a given type. Problem The ISAPI extension which handles requests for file names ending in .printer is affected by ...

Microsoft SQL Server 2000 resolution service buffer overflow

Added: 02/05/2006 CVE: CVE-2002-0649 BID: 5310 OSVDB: 4577 Background Microsoft SQL Server is a database server package for Windows platforms. SQL Server 2000 introduced the SQL Server Resolution Service, which runs on port 1434/UDP and identifies the port on which each SQL Server instance runs...

Windows WMF handling vulnerability

Added: 12/30/2005 CVE: CVE-2005-4560 BID: 16074 OSVDB: 21987 Background A Windows Metafile WMF image is a 16-bit metafile format that can contain both vector information and bitmap information. Problem A flaw in the way specially crafted WMF images are handled can allow arbitrary command executio...

Novell eDirectory iMonitor buffer overflow

Added: 11/29/2005 CVE: CVE-2005-2551 BID: 14548 OSVDB: 18703 Background iMonitor is a web service which is a component of Novell eDirectory. Problem A buffer overflow when processing long HTTP or HTTPS requests leads to remote command execution. Resolution Upgrade to eDirectory 8.7.3 IR7 or highe...

MiniShare 1.4.1 HEAD method buffer overflow

Added: 12/21/2018 Background MiniShare is a Windows program that allows sharing of files without additional services or software. Problem MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP HEAD request. Resolution MiniShare is deprecated. References...

ABRT/sosreport privilege elevation

Added: 12/14/2015 CVE: CVE-2015-5287 Background The Automatic Bug Reporting Tool ABRT is an application that runs as a daemon on some Linux systems. ABRT collects relevant crash data when another application crashes and can report it to a relevant issue tracker for analysis. After saving some...

Seagate Central unauthenticated file upload

Added: 06/09/2015 Background Seagate Central is a personal cloud storage device which can be connected to a wireless router. Problem Seagate Central has no root password, allowing unauthenticated users to upload arbitrary files via PHP. This can be leveraged to execute arbitrary commands by...

Seagate Central unauthenticated file upload

Added: 06/09/2015 Background Seagate Central is a personal cloud storage device which can be connected to a wireless router. Problem Seagate Central has no root password, allowing unauthenticated users to upload arbitrary files via PHP. This can be leveraged to execute arbitrary commands by...

Seagate Central unauthenticated file upload

Added: 06/09/2015 Background Seagate Central is a personal cloud storage device which can be connected to a wireless router. Problem Seagate Central has no root password, allowing unauthenticated users to upload arbitrary files via PHP. This can be leveraged to execute arbitrary commands by...

Kolibri WebServer HTTP POST Request Handling Remote Stack Buffer Overflow

Added: 10/10/2014 CVE: CVE-2014-5289 BID: 69263 OSVDB: 110142 Background SENKAS Kolibri Webserver is a free very simple web server for Microsoft Windows that supports serving static web content. Problem Kolibri Webserver is vulnerable to a stack buffer overflow as a result of failure to properly...

Firefox crypto.generateCRMFRequest command execution

Added: 08/21/2014 CVE: CVE-2013-1710 BID: 61900 OSVDB: 96019 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A vulnerability in the implementation of the crypto.generateCRMFRequest javascript method allows command execution...

GitList blame resource command injection

Added: 07/14/2014 CVE: CVE-2014-4511 BID: 68253 OSVDB: 108504 Background GitList is a web-based git repository viewer. Problem A vulnerability in GitList allows remote attackers to execute arbitrary commands by sending a specially crafted request for the blame resource. Resolution Upgrade to...

FreePBX Framework Module view.functions.php Remote Code Execution

Added: 04/03/2014 CVE: CVE-2014-1903 BID: 65509 OSVDB: 103240 Background FreePBX is an open source telephony front-end, which has an easy to use graphical user interface that controls and manages Asterisk. Problem The Framework module of FreePBX is vulnerable to remote code execution as a result ...

vTiger CRM AddEmailAttachment arbitrary file upload

Added: 01/10/2014 CVE: CVE-2013-3214 BID: 61558 OSVDB: 95902 Background vTiger CRM is a customer relationship management application written in PHP. Problem An arbitrary file upload vulnerability when handling SOAP AddEmailAttachment requests allows remote attackers to execute arbitrary commands ...

HP SiteScope APIBSMIntegrationImpl runOMAgentCommand SOAP Request Vulnerability

Added: 10/30/2013 CVE: CVE-2013-2367 BID: 61506 OSVDB: 95824 Background HP SiteScope is an agentless software application used to monitor the availability and performance of distributed IT infrastructures including servers, operating systems, network and Internet services, applications and...

Internet Explorer CCaret UpdateScreenCaret Memory Corruption

Added: 10/03/2013 CVE: CVE-2013-3205 BID: 62208 OSVDB: 97094 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer contains a use-after-free error that is triggered when handling a CCaret object. The...

HP LoadRunner micWebAjax.dll ActiveX NotifyEvent Method Vulnerability

Added: 09/30/2013 CVE: CVE-2013-2368 BID: 61436 OSVDB: 95639 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the micWebAjax ActiveX control. Problem HP LoadRunner before 11.52 is vulnerable to remote code execution due to failure to sanitize user-suppli...

HP LoadRunner micWebAjax.dll ActiveX NotifyEvent Method Vulnerability

Added: 09/30/2013 CVE: CVE-2013-2368 BID: 61436 OSVDB: 95639 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the micWebAjax ActiveX control. Problem HP LoadRunner before 11.52 is vulnerable to remote code execution due to failure to sanitize user-suppli...

HP LeftHand Virtual SAN Appliance Hydra Service Login Buffer Overflow

Added: 08/20/2013 CVE: CVE-2013-2343 BID: 60884 OSVDB: 94701 Background HP LeftHand Virtual SAN Appliance VSA software is a VMware certified SAN/storage device and virtual appliance that provides complete SAN functionality for VMware Infrastructure without external SAN hardware. Problem HP LeftHa...

PineApp Mail-SeCure test_li_connection.php Command Injection

Added: 08/08/2013 BID: 61477 OSVDB: 95782 Background PineApp Mail-SeCure is an e-mail security appliance which provides perimeter security protection to stop threats prior to their penetration of the customer's network, as well as post-perimeter anti-spam content inspection. Problem PineApp...

Novell iPrint Client IPP Response URI handling buffer overflow

Added: 07/05/2013 CVE: CVE-2013-1091 BID: 59612 OSVDB: 92938 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem A buffer overflow vulnerability within the handling...

Oracle WebCenter Capture ActiveX SetAnnotationFont buffer overflow

Added: 06/26/2013 CVE: CVE-2013-1516 BID: 59112 OSVDB: 92387 Background Oracle WebCenter Capture formerly Oracle Document Capture is a centralized document scanning solution. Problem The Import Server subcomponent of Oracle WebCenter Capture is affected by a buffer overflow vulnerability. The...

SonicWall Multiple Products skipSessionCheck Authentication Bypass

Added: 03/18/2013 CVE: CVE-2013-1359 BID: 57445 OSVDB: 89347 Background Dell SonicWALL has several management and reporting solutions which provide a centralized architecture for creating and managing security policies, providing real-time monitoring and alerts, and delivering compliance and usag...

VMware OVF Tool Format String

Added: 03/15/2013 CVE: CVE-2012-3569 BID: 56468 OSVDB: 87117 Background VMware is a suite of products supporting the creation and operation of virtual machines, which are self-contained, independent guest operating systems running within a host operating system. Problem The Windows variants of...

EMC NetWorker nsrd Format String

Added: 09/27/2012 CVE: CVE-2012-2288 BID: 55330 OSVDB: 85116 Background EMC NetWorker is a centralized data backup solution. Problem In NetWorker versions 7.6.3 through 8.0, the nsrd RPC service is vulnerable to a format string vulnerability. Resolution NetWorker 7 users should apply EMC NetWorke...

Oracle Business Transaction Management FlashTunnelService WriteToFile Vulnerability

Added: 08/17/2012 BID: 54839 Background Oracle Business Transaction Management BTM is a component of several Oracle Enterprise Manager Management Packs, including WebLogic Server Management Pack Enterprise Edition. Oracle BTM provides capability in three key areas: transaction visibility,...

Apple QuickTime QTVRStringAtom stringLength Parameter QTVR Movie File Handling

Added: 07/16/2012 CVE: CVE-2012-0667 BID: 53583 OSVDB: 81938 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.1 and earlier versions are vulnerable to remote code execution if the user is persuaded to open a specially crafted QTVR movie file. Th...

Apple QuickTime QTVRStringAtom stringLength Parameter QTVR Movie File Handling

Added: 07/16/2012 CVE: CVE-2012-0667 BID: 53583 OSVDB: 81938 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.1 and earlier versions are vulnerable to remote code execution if the user is persuaded to open a specially crafted QTVR movie file. Th...

Apple QuickTime TeXML Style Element Parsing Buffer Overflow

Added: 07/09/2012 CVE: CVE-2012-0663 BID: 53571 OSVDB: 81934 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.1 and earlier versions are vulnerable to buffer overflow when parsing XML elements within a TeXML file. The QuickTime3GPP.qtx QuickTime...

iTunes m3u Playlist Overflow

Added: 07/03/2012 CVE: CVE-2012-0677 BID: 53933 OSVDB: 82897 Background iTunes is a free media player for multiple platforms. Problem iTunes does not properly validate parameters for EXTINF: directives in m3u files. This results in an exploitable stack overflow. Resolution Upgrade to iTunes 10.6....

Browser Find toolbar phishing attack

Added: 02/25/2012 Background This tool serves a page claiming to be a list of stolen passwords. When a user sees this list, the most common response is to validate the claim by opening a Find box Ctrl-F and searching for his or her own password. The tool intercepts the Ctrl-F keypress and opens a...

Microsoft PowerPoint Floating Point Techno-color Time Bandit vulnerability

Added: 01/12/2012 CVE: CVE-2011-0655 BID: 47252 OSVDB: 71771 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem The vulnerability is caused when PowerPoint reads an invalid record in a specially crafted PowerPoint file. A remote attack...

Chrome Password Grabber

Added: 01/10/2012 Background This tool grabs the saved passwords in the Chrome browser of the target's logged in user. Limitations Password Hash Grabber works on Windows targets. A connection to the target is required to run this tool. The target must have the .NET runtime 2.0 or higher. Platform...

Microsys Promotic PmTrendViewer ActiveX Control SaveCfg Stack Buffer Overflow

Added: 12/23/2011 OSVDB: 76396 Background Microsys Promotic is a SCADA object software tool for creating applications that monitor, control and display technological processes in various industrial areas. Promotic includes support for a web interface designed for Microsoft Windows. Problem Micros...

Trend Micro InterScan Web Security Suite Local Privilege Escalation

Added: 12/09/2011 BID: 50380 OSVDB: 76637 Background Trend Micro InterScan Web Security Suite is an application which dynamically defends against web-based attacks at the Internet gateway. Problem Trend Micro InterScan Web Security Suite is vulnerable to local privilege escalation vulnerability...

Microsoft Excel Substream Parsing Integer Overflow

Added: 11/08/2011 CVE: CVE-2011-0097 OSVDB: 71758 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Excel 2007 versions lacking the patch KB2464583 detailed in Microsoft Security Advisory...

Wireshark DECT Dissector PCAP File Processing Overflow

Added: 10/11/2011 CVE: CVE-2011-1591 BID: 47392 OSVDB: 71848 Background Wireshark is a network packet analyzer. Problem A buffer overflow vulnerability in the DECT dissector epan/dissectors/packet-dect.c allows command execution via a specially crafted .pcap file. Resolution Upgrade to Wireshark...

NetSupport Client Handshake Hostname Overflow

Added: 10/11/2011 CVE: CVE-2011-0404 BID: 45728 OSVDB: 70408 Background NetSupport Manager is a remote desktop support solution. Problem The NetSupport client/server communication is carried out over a proprietary communications protocol. This protocol begins with a handshake between the client a...

MPlayer SAMI Subtitle File Overflow

Added: 09/07/2011 BID: 49149 OSVDB: 74604 Background MPlayer is an open source media player with support for many operating systems. Problem MPlayer does not properly validate the contents of Synchronized Accessible Media Interchange SAMI caption files. If a video references a malformed SAMI file...

Oracle Java Runtime Environment Insecure File Loading

Added: 08/08/2011 OSVDB: 74330 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java application; it consists of the Java...

Internet Explorer DOM modification memory corruption

Added: 06/28/2011 CVE: CVE-2011-1256 BID: 48207 OSVDB: 72948 Background The Document Object Model DOM is a convention for interacting with objects in HTML pages. Problem A memory corruption vulnerability in Internet Explorer allows command execution when a user loads a specially crafted web page...

McAfee Firewall Reporter isValidClient Authentication Bypass

Added: 06/03/2011 BID: 47306 OSVDB: 71842 Background McAfee Firewall Reporter is an enterprise-class security event management SEM reporting solution. Problem McAfee Firewall Reporter versions 5.1.0.6 through 5.1.0.12 are vulnerable to an authentication bypass that may allow remote attackers to...

CA Total Defense UNCWS SQL Injection

Added: 05/02/2011 CVE: CVE-2011-1653 BID: 47355 Background CA Total Defense is a combined host-based anti-virus, anti-spyware, firewall, and IPS solution. Problem CA Total Defense includes a web service management component, which in version r12 prior to SE2, fails to validate certain parameters...

RealFlex RealWin FC_SCRIPT_FCS_STARTPROG Buffer Overflow

Added: 04/11/2011 CVE: CVE-2011-1563 BID: 46937 Background RealWin is a Supervisory Control and Data Acquisition SCADA server which is distributed by DATAC. Problem A buffer overflow vulnerability in RealWin Server allows remote attackers to execute arbitrary commands by sending a long, specially...

RealFlex RealWin FC_SCRIPT_FCS_STARTPROG Buffer Overflow

Added: 04/11/2011 CVE: CVE-2011-1563 BID: 46937 Background RealWin is a Supervisory Control and Data Acquisition SCADA server which is distributed by DATAC. Problem A buffer overflow vulnerability in RealWin Server allows remote attackers to execute arbitrary commands by sending a long, specially...

Microsoft Office Groove Insecure Library Loading

Added: 03/28/2011 CVE: CVE-2010-3146 BID: 42695 OSVDB: 67484 Background Microsoft Office Groove is a collaboration-based software application that allows teams and organizations to work together regardless of physical or network location. Problem Microsoft Office Groove has a vulnerability due to...

Microsoft Office Groove Insecure Library Loading

Added: 03/28/2011 CVE: CVE-2010-3146 BID: 42695 OSVDB: 67484 Background Microsoft Office Groove is a collaboration-based software application that allows teams and organizations to work together regardless of physical or network location. Problem Microsoft Office Groove has a vulnerability due to...

Cisco Security Agent Management Center Code Execution

Added: 03/17/2011 CVE: CVE-2011-0364 BID: 65436 OSVDB: 70884 Background Cisco Security Agent Management Center is the server component of Cisco's Security Agent endpoint IPS solution. It is responsible for collecting event log information from endpoints and distributing rules updates. Problem The...