Lucene search
+L
SaintMost viewed

4305 matches found

saint
saint
•added 2010/04/27 12:0 a.m.•33 views

RealNetworks Helix Server AgentX receive_agentx Stack Buffer Overflow

Added: 04/27/2010 CVE: CVE-2010-1318 BID: 39564 OSVDB: 63919 Background RealNetworks Helix Server is a media server supporting multiple formats and platforms. Problem A stack buffer overflow vulnerability exists in RealNetworks Helix Server due to a boundary error in the AgentX::receiveagentx...

10CVSS7.7AI score0.58051EPSS
Exploits12
saint
saint
•added 2010/04/14 12:0 a.m.•33 views

Windows Media Unicast Service transport information packet buffer overflow

Added: 04/14/2010 CVE: CVE-2010-0478 Background The Windows Media Unicast Service is the part of Windows Media Services which allows streaming media to be sent to a specific user. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially...

9.3CVSS7.4AI score0.63024EPSS
Exploits10
saint
saint
•added 2010/03/22 12:0 a.m.•33 views

Open and Compact FTP Server Long Password Buffer Overflow

Added: 03/22/2010 Background Open and Compact FTP Server Open-FTPD is a Windows-based compact FTP server. Problem A buffer overflow vulnerability allows command execution as a result of an overly long password. Resolution Upgrade to a version newer than 1.2 when it becomes available, or use a...

1.1AI score
Exploits0
saint
saint
•added 2010/02/12 12:0 a.m.•33 views

Microsoft PowerPoint OEPlaceholderAtom placementId memory corruption

Added: 02/12/2010 CVE: CVE-2010-0031 BID: 38103 OSVDB: 62237 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability allows command execution when a user opens a PowerPoint file containing an...

9.3CVSS6.4AI score0.21221EPSS
Exploits6
saint
saint
•added 2009/11/20 12:0 a.m.•33 views

IBM Tivoli Storage Manager Client CAD Service Buffer Overflow

Added: 11/20/2009 CVE: CVE-2009-3853 OSVDB: 59632 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon CAD on port 1582/TCP. Problem The vulnerability is caused by an input validation error in t...

9.3CVSS6.5AI score0.36717EPSS
Exploits8
saint
saint
•added 2009/10/16 12:0 a.m.•33 views

IBM Installation Manager iim URI Handling Code Execution

Added: 10/16/2009 CVE: CVE-2009-3518 BID: 36549 OSVDB: 58420 Background IBM Installation Manager IIM is a software tool that helps to install, update, modify, and uninstall packages. Problem When IIM is installed it registers the application IBMIM.exe as the iim:// scheme handler, so when an iim:...

9.3CVSS6.7AI score0.05477EPSS
Exploits5
saint
saint
•added 2009/09/16 12:0 a.m.•33 views

Safari WebKit floating point number buffer overflow

Added: 09/16/2009 CVE: CVE-2009-2195 BID: 36023 OSVDB: 56988 Background Safari is a web browser for Mac OS X and Windows. Safari is built upon the WebKit browser engine. Problem A buffer overflow vulnerability in WebKit allows command execution when a user loads a page which contains a specially...

9.3CVSS9AI score0.13294EPSS
Exploits4
saint
saint
•added 2009/08/05 12:0 a.m.•33 views

MS Office Word malformed Sprm record buffer overflow

Added: 08/05/2009 CVE: CVE-2009-0565 BID: 35190 OSVDB: 54960 Background Microsoft Office Word is Microsoft's word processing software, released as a component of Microsoft Office suite. Problem A buffer overflow in Microsoft Office Word allows remote command execution when a specially crafted Wor...

9.3CVSS7.8AI score0.40503EPSS
Exploits8
saint
saint
•added 2009/08/05 12:0 a.m.•33 views

MS Office Word malformed Sprm record buffer overflow

Added: 08/05/2009 CVE: CVE-2009-0565 BID: 35190 OSVDB: 54960 Background Microsoft Office Word is Microsoft's word processing software, released as a component of Microsoft Office suite. Problem A buffer overflow in Microsoft Office Word allows remote command execution when a specially crafted Wor...

9.3CVSS7.8AI score0.40503EPSS
Exploits8
saint
saint
•added 2009/07/13 12:0 a.m.•33 views

Motorola Timbuktu PlughNTCommand named pipe string buffer overflow

Added: 07/13/2009 CVE: CVE-2009-1394 BID: 35496 OSVDB: 55436 Background Motorola Timbuktu is remote control software for Windows and Mac. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted character string to the...

9.3CVSS7.7AI score0.33281EPSS
Exploits8
saint
saint
•added 2009/06/26 12:0 a.m.•33 views

Microsoft PowerPoint Legacy Format Scheme record buffer overflow

Added: 06/26/2009 CVE: CVE-2009-0226 BID: 34881 OSVDB: 54385 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A buffer overflow vulnerability in Microsoft PowerPoint allows command execution when a user opens a PowerPoint 4.0 stream...

9.3CVSS6.6AI score0.34794EPSS
Exploits5
saint
saint
•added 2009/05/29 12:0 a.m.•33 views

Adobe Reader Javascript API getAnnots method vulnerability

Added: 05/29/2009 CVE: CVE-2009-1492 BID: 34736 OSVDB: 54130 Background Adobe Reader is free software for viewing PDF documents. Problem A vulnerability in the Javascript API allows command execution when a user opens a PDF file which calls the getAnnots method with specially crafted arguments...

9.3CVSS6.3AI score0.25522EPSS
Exploits5
saint
saint
•added 2009/05/14 12:0 a.m.•33 views

Microsoft PowerPoint Legacy File Format Printer driver buffer overflow

Added: 05/14/2009 CVE: CVE-2009-0227 BID: 34882 OSVDB: 54384 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A buffer overflow vulnerability in the Legacy File Format conversion filter PP4X322.dll allows command execution when a use...

9.3CVSS6.6AI score0.35721EPSS
Exploits5
saint
saint
•added 2009/05/06 12:0 a.m.•33 views

Symantec Alert Management System Intel File Transfer service command execution

Added: 05/06/2009 CVE: CVE-2009-1431 BID: 34675 OSVDB: 54160 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. The Intel File Transfer service is a component of AMS2 which is used to aid communication between the core server and managed clients. It...

9.3CVSS7.1AI score0.08036EPSS
Exploits5
saint
saint
•added 2009/04/23 12:0 a.m.•33 views

Microsoft WordPad Word97 text converter buffer overflow

Added: 04/23/2009 CVE: CVE-2009-0235 BID: 34470 OSVDB: 53664 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability in the Word 97 text converter allows command execution when a use...

9.3CVSS6.7AI score0.33616EPSS
Exploits5
saint
saint
•added 2009/04/10 12:0 a.m.•33 views

SQL injection

Added: 04/10/2009 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to inject arbitrary SQL commands via a speciall...

7.8AI score
Exploits0
saint
saint
•added 2009/02/20 12:0 a.m.•33 views

UltraVNC ClientConnection integer overflow

Added: 02/20/2009 CVE: CVE-2009-0388 BID: 33568 Background UltraVNC is free software for remote desktop access. Problem Multiple integer overflow vulnerabilities in the ClientConnection class allow command execution when a user connects to a VNC server which sends a message with a large length...

10CVSS7AI score0.13334EPSS
Exploits11
saint
saint
•added 2008/12/24 12:0 a.m.•33 views

Computer Associates License Service invalid command buffer overflow

Added: 12/24/2008 CVE: CVE-2005-0581 BID: 12705 OSVDB: 14389 Background The License service comes with most Computer Associatesproducts and exchanges license information over ports 10202/tcp and 10203/tcp. Problem A buffer overflow vulnerability allows a remote attacker to execute arbitrary...

4.6CVSS7.5AI score0.46344EPSS
Exploits24
saint
saint
•added 2008/12/11 12:0 a.m.•33 views

Internet Explorer embed tag src extension buffer overflow

Added: 12/11/2008 CVE: CVE-2008-4261 BID: 32595 OSVDB: 50610 Background The HTML embed tag allows developers to embed plug-ins in web pages. Problem A vulnerability in Internet Explorer allows command execution when a user loads a page containing an embed tag with a src attribute containing a...

9.3CVSS6.3AI score0.29709EPSS
Exploits4
saint
saint
•added 2008/10/17 12:0 a.m.•33 views

Openwsman HTTP Basic Authentication buffer overflow

Added: 10/17/2008 CVE: CVE-2008-2234 BID: 30694 OSVDB: 47534 Background Openwsman is an open-source implementation of the Web Services Management specification. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted HTTP Basic...

7.5CVSS8AI score0.04318EPSS
Exploits5
saint
saint
•added 2008/10/15 12:0 a.m.•33 views

Microsoft Host Integration Server SNA RPC authentication bypass

Added: 10/15/2008 CVE: CVE-2008-3466 BID: 31620 OSVDB: 49068 Background Microsoft Host Integration Server is an enabling technology which allows integration of applications and data with new Windows solutions. Problem A vulnerability in Microsoft Host Integration Server allows remote...

10CVSS6.9AI score0.77741EPSS
Exploits9
saint
saint
•added 2008/09/24 12:0 a.m.•33 views

Microsoft Excel FORMAT record array index memory corruption

Added: 09/24/2008 CVE: CVE-2008-3005 BID: 30639 OSVDB: 47408 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A memory corruption vulnerability allows command execution when a user opens a spreadsheet...

9.3CVSS6.5AI score0.31934EPSS
Exploits5
saint
saint
•added 2008/09/23 12:0 a.m.•33 views

Trend Micro OfficeScan cgiRecvFile.exe ComputerName buffer overflow

Added: 09/23/2008 CVE: CVE-2008-2437 BID: 31139 OSVDB: 48024 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability in cgiRecvFile.exe allows remote attackers to execute arbitrary commands by sending an HTTP request...

10CVSS7.8AI score0.06673EPSS
Exploits5
saint
saint
•added 2008/09/16 12:0 a.m.•33 views

Novell iPrint ActiveX control GetDriverFile buffer overflow

Added: 09/16/2008 CVE: CVE-2008-2431 BID: 30813 OSVDB: 51684 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint ActiveX control named ienipp.ocx. Problem A buffer overflow vulnerability in the Novell iPrint Active...

9.3CVSS6.7AI score0.51053EPSS
Exploits6
saint
saint
•added 2008/07/02 12:0 a.m.•34 views

HP OpenView Network Node Manager connectedNodes.ovpl command execution

Added: 07/02/2008 CVE: CVE-2005-2773 BID: 14662 OSVDB: 19057 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A command injection vulnerability in the connectedNodes.ovpl CGI script allows remote attackers to execute arbitrary comman...

9.8CVSS9.9AI score0.7409EPSS
Exploits9
saint
saint
•added 2008/06/20 12:0 a.m.•33 views

OpenOffice OLE importer DocumentSummaryInformation buffer overflow

Added: 06/20/2008 CVE: CVE-2008-0320 BID: 28819 OSVDB: 44472 Background OpenOffice is a free productivity suite for multiple platforms. OpenOffice includes an importer for Microsoft's Object Linking and Embedding OLE framework. Problem A buffer overflow vulnerability in the OLE importer allows...

9.3CVSS7.8AI score0.57015EPSS
Exploits10
saint
saint
•added 2008/05/27 12:0 a.m.•33 views

CA ARCserve Backup xdr_rwsstring buffer overflow

Added: 05/27/2008 CVE: CVE-2008-2242 BID: 29283 OSVDB: 45368 Background CA ARCserve Backup formerly BrightStor ARCserve Backup is a backup and recovery solution. It runs several services which use the SUN Remote Procedure Call SUN-RPC protocol. SUN-RPC messages are defined using the External Data...

7.5CVSS7.8AI score0.14716EPSS
Exploits9
saint
saint
•added 2008/05/09 12:0 a.m.•33 views

Informix Dynamic Server sqlexec password argument buffer overflow

Added: 05/09/2008 CVE: CVE-2008-0727 BID: 28198 OSVDB: 42701 Background Informix Dynamic Server is a database solution from IBM. The oninit.exe process listens for connections on port 1526/TCP. Problem The oninit.exe process does not sufficiently check the length of command-line arguments passed ...

8.5CVSS7AI score0.05248EPSS
Exploits5
saint
saint
•added 2008/04/18 12:0 a.m.•33 views

HP Openview Network Node Manager Ovalarmsrv buffer overflow

Added: 04/18/2008 CVE: CVE-2008-3544 BID: 28668 OSVDB: 50076 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in the Ovalarmsrv service in Network Node Manager allows remote attackers to execute...

9CVSS7.6AI score0.18043EPSS
Exploits5
saint
saint
•added 2008/03/21 12:0 a.m.•33 views

Symantec Backup Exec for Windows Servers scheduler ActiveX buffer overflow

Added: 03/21/2008 CVE: CVE-2007-6016 BID: 26904 OSVDB: 42358 Background Symantec Backup Exec for Windows Servers is a backup and recovery solution for Windows servers. Problem An ActiveX buffer overflow vulnerability in pvcalendar.ocx in the scheduler component of Symantec Backup Exec for Windows...

9.3CVSS6.9AI score0.50419EPSS
Exploits8
saint
saint
•added 2008/03/14 12:0 a.m.•33 views

Microsoft Excel conditional formatting vulnerability

Added: 03/14/2008 CVE: CVE-2008-0117 BID: 28170 OSVDB: 42731 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A vulnerability in Microsoft Excel allows command execution when a user opens a file...

9.3CVSS9.5AI score0.33362EPSS
Exploits5
saint
saint
•added 2008/01/16 12:0 a.m.•33 views

MySQL MaxDB cons.exe command injection

Added: 01/16/2008 CVE: CVE-2008-0244 BID: 27206 OSVDB: 40210 Background MaxDB is a SAP-certified open-source database developed by MySQL. Problem The MaxDB server handles the execsdbinfo command by invoking the cons.exe program through a system call without sufficiently checking the arguments for...

10CVSS6.9AI score0.80311EPSS
Exploits8
saint
saint
•added 2007/12/31 12:0 a.m.•33 views

Lotus Domino Web Access ActiveX control dwa7w.dll buffer overflow

Added: 12/31/2007 CVE: CVE-2007-4474 BID: 26972 OSVDB: 40954 Background Lotus Domino Web Access provides capabilities similar to those of the Lotus Notes client, delivered through a web browser. Problem A buffer overflow vulnerability in the Lotus Domino Web Access ActiveX control in the dwa7w.dl...

9.3CVSS6.8AI score0.44184EPSS
Exploits25
saint
saint
•added 2007/10/25 12:0 a.m.•33 views

RealPlayer ActiveX control playlist name buffer overflow

Added: 10/25/2007 CVE: CVE-2007-5601 BID: 26130 OSVDB: 41430 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem The RealPlayer Database Component MPAMedia.dll is affected by a buffer overflow...

9.3CVSS6.8AI score0.42365EPSS
Exploits9
saint
saint
•added 2007/09/30 12:0 a.m.•33 views

Microsoft Visual Studio PDWizard.ocx ActiveX vulnerability

Added: 09/30/2007 CVE: CVE-2007-4891 BID: 25638 OSVDB: 37106 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem ActiveX controls contained in the PDWizard.ocx file in Microsoft Visual Studio 6.0 expose the StartProcess metho...

6.8CVSS6.6AI score0.31003EPSS
Exploits6
saint
saint
•added 2007/09/20 12:0 a.m.•33 views

Symantec Norton NavComUI ActiveX control vulnerability

Added: 09/20/2007 CVE: CVE-2007-2955 BID: 24983 OSVDB: 36477 Background The Symantec Norton product suite includes antivirus, firewall, and other security functions. Problem Vulnerabilities in the AxSysListView32 and AxSysListView32OAA ActiveX controls, implemented by the NavComUI.dll library...

6.8CVSS6.8AI score0.0405EPSS
Exploits4
saint
saint
•added 2007/08/28 12:0 a.m.•33 views

Snort Back Orifice Pre-Processor buffer overflow

Added: 08/28/2007 CVE: CVE-2005-3252 BID: 15131 OSVDB: 20034 Background Back Orifice is a remote system administration program for Windows. It is commonly installed by attackers or Trojan Horse programs for use as a backdoor. Snort is an open-source intrusion detection system. It includes a Back...

7.5CVSS7.8AI score0.83621EPSS
Exploits12
saint
saint
•added 2007/08/09 12:0 a.m.•33 views

CA eTrust Intrusion Detection CallCode ActiveX vulnerability

Added: 08/09/2007 CVE: CVE-2007-3302 BID: 25050 OSVDB: 37698 Background CA eTrust Intrusion Detection includes the CallCode Caller.dll ActiveX control. Problem The CallCode ActiveX control is incorrectly marked safe for scripting. This ActiveX control contains scriptable functions which, if a use...

9.3CVSS6.5AI score0.10788EPSS
Exploits5
saint
saint
•added 2007/08/09 12:0 a.m.•33 views

CA eTrust Intrusion Detection CallCode ActiveX vulnerability

Added: 08/09/2007 CVE: CVE-2007-3302 BID: 25050 OSVDB: 37698 Background CA eTrust Intrusion Detection includes the CallCode Caller.dll ActiveX control. Problem The CallCode ActiveX control is incorrectly marked safe for scripting. This ActiveX control contains scriptable functions which, if a use...

9.3CVSS6.5AI score0.10788EPSS
Exploits5
saint
saint
•added 2007/06/08 12:0 a.m.•33 views

Yahoo Messenger Webcam Viewer ActiveX control buffer overflow

Added: 06/08/2007 CVE: CVE-2007-3148 BID: 24355 OSVDB: 37081 Background Yahoo! Messenger is an instant messaging application. It includes the Webcam Viewer ActiveX control which is provided by ywcvwr.dll. Problem A buffer overflow vulnerability in the Yahoo! Messenger Webcam Viewer ActiveX contro...

9.3CVSS6.7AI score0.12339EPSS
Exploits5
saint
saint
•added 2007/06/07 12:0 a.m.•33 views

CA Antivirus engine CAB handling buffer overflow

Added: 06/07/2007 CVE: CVE-2007-2864 BID: 24330 OSVDB: 35245 Background The CA Antivirus engine is included in multiple CA products. Problem A buffer overflow vulnerability in the CA Antivirus engine allows command execution when a CAB file containing a specially crafted "coffFiles" field is...

9.3CVSS6.8AI score0.49647EPSS
Exploits7
saint
saint
•added 2007/05/03 12:0 a.m.•33 views

BrightStor ARCserve Media Server SUN RPC buffer overflow

Added: 05/03/2007 CVE: CVE-2007-2139 BID: 23635 OSVDB: 34127 Background CA ARCserve Backup formerly BrightStor ARCserve Backup is a backup and recovery solution. ARCserve Media Server is a component which comes with ARCserve Backup. Problem ARCserve Media Server is affected by multiple buffer...

10CVSS7.8AI score0.77996EPSS
Exploits8
saint
saint
•added 2007/05/03 12:0 a.m.•33 views

BrightStor ARCserve Media Server SUN RPC buffer overflow

Added: 05/03/2007 CVE: CVE-2007-2139 BID: 23635 OSVDB: 34127 Background CA ARCserve Backup formerly BrightStor ARCserve Backup is a backup and recovery solution. ARCserve Media Server is a component which comes with ARCserve Backup. Problem ARCserve Media Server is affected by multiple buffer...

10CVSS7.8AI score0.77996EPSS
Exploits8
saint
saint
•added 2007/04/23 12:0 a.m.•33 views

Lotus Domino IMAP CRAM-MD5 authentication buffer overflow

Added: 04/23/2007 CVE: CVE-2007-1675 BID: 23172 OSVDB: 34091 Background IBM Lotus Domino is a messaging and collaboration solution for multiple platforms. Problem A buffer overflow vulnerability in the CRAM-MD5 authentication function in the Lotus Domino IMAP service allows remote attackers to...

10CVSS7.9AI score0.6122EPSS
Exploits5
saint
saint
•added 2007/03/22 12:0 a.m.•33 views

McAfee ePolicy Orchestrator SiteManager ActiveX buffer overflow

Added: 03/22/2007 CVE: CVE-2007-1498 BID: 22952 OSVDB: 33796 Background ePolicy Orchestrator is a centralized security configuration and monitoring application. It includes the SiteManager ActiveX control which is implemented by sitemanager.dll. Problem A buffer overflow vulnerability in the...

9.3CVSS6.9AI score0.07729EPSS
Exploits8
saint
saint
•added 2007/03/12 12:0 a.m.•33 views

snmpXdmid buffer overflow

Added: 03/12/2007 CVE: CVE-2001-0236 BID: 2417 OSVDB: 546 Background The SNMP to DMI mapper daemon snmpXdmid translates Simple Network Management Protocol SNMP events to Desktop Management Interface DMI indications and vice-versa. Problem snmpXdmid is affected by a buffer overflow vulnerability...

10CVSS7.4AI score0.72036EPSS
Exploits6
saint
saint
•added 2007/02/07 12:0 a.m.•33 views

Internet Explorer VML integer overflow

Added: 02/07/2007 CVE: CVE-2007-0024 BID: 21930 OSVDB: 31250 Background Vector Markup Language VML is an XML-based format for vector graphics. Problem An integer overflow vulnerability in vgx.dll when processing VML elements in a web page allows arbitrary command execution. Resolution Apply the...

9.3CVSS6.8AI score0.46488EPSS
Exploits5
saint
saint
•added 2007/01/15 12:0 a.m.•33 views

Microsoft Visual Studio 2005 WMI Object Broker vulnerability

Added: 01/15/2007 CVE: CVE-2006-4704 BID: 20843 OSVDB: 30155 Background Microsoft Visual Studio is a product to assist with software development in the Windows operating system. Problem A flaw in the WMI Object Broker ActiveX control allows attackers to bypass security zone restrictions, leading ...

6.8CVSS6.4AI score0.42846EPSS
Exploits6
saint
saint
•added 2006/12/22 12:0 a.m.•33 views

BrightStor ARCserve Backup Tape Engine GetGroupStatus buffer overflow

Added: 12/22/2006 CVE: CVE-2006-6076 BID: 21221 OSVDB: 30637 Background The BrightStor ARCserve Backup server includes a Backup Tape Engine feature which allows use of tape drives for storage. Problem A buffer overflow vulnerability in the RPC GetGroupStatus function allows remote attackers to...

10CVSS7.7AI score0.70215EPSS
Exploits11
saint
saint
•added 2006/12/01 12:0 a.m.•33 views

Novell Client nwspool.dll buffer overflow

Added: 12/01/2006 CVE: CVE-2006-5854 BID: 21220 OSVDB: 30547 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem The nwspool.dll library in Novell Client is affected by buffer overflows in the EnumPrinters and OpenPrinter functions, allowing remote...

7.5CVSS7.4AI score0.57287EPSS
Exploits15
Total number of security vulnerabilities4305