Lucene search
+L
SaintMost viewed

4305 matches found

saint
saint
•added 2011/11/28 12:0 a.m.•32 views

Viscom Software Image Viewer ActiveX TIFMergeMultiFiles Vulnerability

Added: 11/28/2011 BID: 50712 Background Viscom Image Viewer CP is an image viewer ActiveX control that supports many popular image file formats, zoom in, zoom out, panning, auto zoom and auto scrolling when drawing the selection rectangle. Problem The ImageViewer2.OCX ActiveX control in Image...

8.3AI score
Exploits0
saint
saint
•added 2011/09/26 12:0 a.m.•32 views

Freefloat FTPD Invalid Command Overflow

Added: 09/26/2011 BID: 48704 Background Freefloat is a software series developed directly for handheld terminals. Freefloat FTP Server is a free FTP server for various versions of Windows including Windows CE/Pocket PC. Problem Freefloat FTP Server is vulnerable to a stack overflow as a result of...

0.4AI score
Exploits0
saint
saint
•added 2011/09/07 12:0 a.m.•32 views

MPlayer SAMI Subtitle File Overflow

Added: 09/07/2011 BID: 49149 OSVDB: 74604 Background MPlayer is an open source media player with support for many operating systems. Problem MPlayer does not properly validate the contents of Synchronized Accessible Media Interchange SAMI caption files. If a video references a malformed SAMI file...

7.3AI score
Exploits0
saint
saint
•added 2011/08/22 12:0 a.m.•32 views

Mozilla Firefox OBJECT mChannel Use-After-Free

Added: 08/22/2011 CVE: CVE-2011-0065 BID: 47659 OSVDB: 72085 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A use-after-free vulnerability allows command execution when a user loads a specially crafted web page that causes...

10CVSS9.7AI score0.73655EPSS
Exploits10
saint
saint
•added 2011/06/28 12:0 a.m.•32 views

Internet Explorer DOM modification memory corruption

Added: 06/28/2011 CVE: CVE-2011-1256 BID: 48207 OSVDB: 72948 Background The Document Object Model DOM is a convention for interacting with objects in HTML pages. Problem A memory corruption vulnerability in Internet Explorer allows command execution when a user loads a specially crafted web page...

9.3CVSS6.5AI score0.18647EPSS
Exploits8
saint
saint
•added 2011/06/19 12:0 a.m.•32 views

Tom Sawyer GET Extension Factory COM Object Instantiation Memory Corruption

Added: 06/19/2011 CVE: CVE-2011-2217 BID: 48099 Background Tom Sawyer Software produces a variety of data visualization, layout, and analysis tools. Problem Certain ActiveX controls in tsgetxu71ex552.dll and tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client...

9.3CVSS7.1AI score0.41956EPSS
Exploits9
saint
saint
•added 2011/05/27 12:0 a.m.•32 views

Novell ZENworks Asset Management File Upload Traversal

Added: 05/27/2011 CVE: CVE-2010-4229 BID: 47295 OSVDB: 71872 Background Novell ZENworks is a resource management solution consisting of a management server and management agents. Problem The Asset Management module ZAM of ZENworks version 10.3 prior to 10.3.2 and version 11 fail to validate the...

10CVSS6.5AI score0.25428EPSS
Exploits5
saint
saint
•added 2011/05/23 12:0 a.m.•32 views

BarCodeWiz ActiveX LoadProperties Buffer Overflow

Added: 05/23/2011 CVE: CVE-2010-2932 BID: 42097 OSVDB: 66882 Background BarCodeWiz Barcode ActiveX Control is a tool for generating barcodes in Microsoft Office documents, and for Visual Basic, Visual C++, VB.NET, C, or Delphi developer looking to include barcodes in programs. Problem The...

9.3CVSS6.8AI score0.06896EPSS
Exploits5
saint
saint
•added 2011/04/18 12:0 a.m.•32 views

HP OpenView Network Node Manager malformed displayWidth option to jovgraph.exe

Added: 04/18/2011 CVE: CVE-2011-0261 BID: 45762 OSVDB: 70469 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in jovgraph.exe allows remote attackers to execute arbitrary commands by sending an overly...

10CVSS7.7AI score0.1582EPSS
Exploits4
saint
saint
•added 2011/03/14 12:0 a.m.•32 views

Microsoft Remote Desktop Connection Insecure Library Injection

Added: 03/14/2011 CVE: CVE-2011-0029 BID: 46678 OSVDB: 71014 Background The Windows Remote Desktop allows desktop access to one Windows computer from another Windows computer. Problem A library loading vulnerability in the Remote Desktop Client allows arbitrary command execution when a user opens...

9.3CVSS7.7AI score0.0716EPSS
Exploits4
saint
saint
•added 2011/02/23 12:0 a.m.•32 views

Symantec Alert Management System Intel Alert Handler modem string buffer overflow

Added: 02/23/2011 CVE: CVE-2010-0110 BID: 45936 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. It includes an Intel Alert Handler service hndlrsvc.exe. This service handles messages forwarded to it by the Alert Originator Manager, which listens on po...

7.9CVSS7.6AI score0.0513EPSS
Exploits12
saint
saint
•added 2011/01/24 12:0 a.m.•32 views

HP OpenView Network Node Manager nnmRptConfig.exe schd_select1 Remote Code Execution

Added: 01/24/2011 CVE: CVE-2011-0269 BID: 45762 OSVDB: 70473 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability allows remote attackers to execute arbitrary commands by requesting the...

10CVSS7.7AI score0.16546EPSS
Exploits4
saint
saint
•added 2011/01/03 12:0 a.m.•32 views

Novell iPrint Client Browser Plugin embed Tag Parameter Buffer Overflow

Added: 01/03/2011 CVE: CVE-2010-4314 BID: 45301 OSVDB: 66959 Background Novell iPrint is an application which allows users to install and manage printers. Problem A buffer overflow vulnerability in Novell iPrint browser plugin allows command execution when a user loads a web page with an overly...

9.3CVSS9AI score0.03118EPSS
Exploits4
saint
saint
•added 2010/12/23 12:0 a.m.•32 views

Cisco IOS HTTP exec path command execution

Added: 12/23/2010 CVE: CVE-2000-0945 BID: 1846 OSVDB: 444 Background The Cisco Internetwork Operating System IOS is the operating system used by Cisco routers. Problem A remote attacker could execute arbitrary commands through HTTP requests by requesting a path beginning with /exec. Resolution Se...

10CVSS7.5AI score0.72575EPSS
Exploits6
saint
saint
•added 2010/12/22 12:0 a.m.•32 views

SAP Crystal Reports PrintControl.dll ServerResourceVersion buffer overflow

Added: 12/22/2010 CVE: CVE-2010-2590 BID: 45387 OSVDB: 69917 Background SAP Crystal Reports allows developers to design interactive reports from virtually any data source. Problem A buffer overflow vulnerability in the PrintControl.dll ActiveX control allows command execution when a user loads a...

9.3CVSS6.8AI score0.46776EPSS
Exploits9
saint
saint
•added 2010/12/14 12:0 a.m.•32 views

Microsoft Office FlashPix Image Converter Dictionary property buffer overflow

Added: 12/14/2010 CVE: CVE-2010-3951 BID: 45278 OSVDB: 69808 Background Microsoft Office is a package that provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. The suite ships with a set of image processing helper libraries...

9.3CVSS7.7AI score0.25106EPSS
Exploits4
saint
saint
•added 2010/10/22 12:0 a.m.•32 views

RealNetworks RealPlayer CDDA URI Uninitialized Pointer Code Execution

Added: 10/22/2010 CVE: CVE-2010-3747 BID: 44144 OSVDB: 68673 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem CDDA cdda:// is a protocol used to locate media files on Compact Disc Digital Audio...

9.3CVSS7.1AI score0.35352EPSS
Exploits9
saint
saint
•added 2010/10/15 12:0 a.m.•32 views

Oracle Java IE Browser Plugin docbase Parameter Stack Buffer Overflow

Added: 10/15/2010 CVE: CVE-2010-3552 BID: 44023 Background Oracle Java SE and Java for Business are development platforms for developing and deploying Java applications. They include the Java SE Development Kit JDK and the Java Runtime Environment JRE. The JRE provides the minimum requirements fo...

10CVSS9.6AI score0.8074EPSS
Exploits8
saint
saint
•added 2010/09/24 12:0 a.m.•32 views

Lotus Domino nrouter.exe iCalendar MAILTO buffer overflow

Added: 09/24/2010 CVE: CVE-2010-3407 BID: 43219 OSVDB: 68040 Background IBM Lotus Domino is a messaging and collaboration solution for multiple platforms. Problem A buffer overflow in the nrouter.exe service allows remote attackers to execute arbitrary commands by sending an iCalendar message...

9.3CVSS7.8AI score0.41475EPSS
Exploits9
saint
saint
•added 2010/08/23 12:0 a.m.•32 views

HP OpenView NNM getnnmdata.exe CGI ICount Parameter Buffer Overflow

Added: 08/23/2010 CVE: CVE-2010-1554 BID: 40071 OSVDB: 64976 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in Network Node Manager allows remote attackers to execute arbitrary commands by sending a...

10CVSS7.7AI score0.67786EPSS
Exploits13
saint
saint
•added 2010/08/05 12:0 a.m.•32 views

Apple QuickTime Streaming Debug Error Logging Buffer Overflow

Added: 08/05/2010 BID: 41962 OSVDB: 66636 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime is vulnerable to a stack buffer overflow in QuickTimeStreaming.qtx when processing specially crafted SMIL files. The crafted SMIL files contain an invalid and...

7.7AI score
Exploits0
saint
saint
•added 2010/06/07 12:0 a.m.•32 views

CA XOsoft Control Service entry_point.aspx Remote Code Execution

Added: 06/07/2010 CVE: CVE-2010-1223 BID: 39238 OSVDB: 63611 Background CA XOsoft is storage and recovery management software that includes applications for combined business continuity and disaster recovery. The CA XOsoft product family includes CA XOsoft Replication, CA XOsoft High Availability...

10CVSS7.5AI score0.16755EPSS
Exploits5
saint
saint
•added 2010/05/21 12:0 a.m.•32 views

HP OpenView Network Node Manager getnnmdata.exe CGI MaxAge buffer overflow

Added: 05/21/2010 CVE: CVE-2010-1553 BID: 40070 OSVDB: 64976 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in Network Node Manager allows remote attackers to execute arbitrary commands by sending a...

10CVSS7.7AI score0.72168EPSS
Exploits14
saint
saint
•added 2010/04/14 12:0 a.m.•32 views

Windows Media Unicast Service transport information packet buffer overflow

Added: 04/14/2010 CVE: CVE-2010-0478 Background The Windows Media Unicast Service is the part of Windows Media Services which allows streaming media to be sent to a specific user. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially...

9.3CVSS7.4AI score0.63024EPSS
Exploits10
saint
saint
•added 2010/03/24 12:0 a.m.•32 views

Orbital Viewer buffer overflow

Added: 03/24/2010 CVE: CVE-2010-0688 BID: 38436 OSVDB: 62580 Background Orbital Viewer is a program for viewing atomic and molecular orbitals. Problem A buffer overflow vulnerability in Orbital Viewer allows command execution when a user opens a specially crafted .orb file. Resolution Do not open...

9.3CVSS6.8AI score0.37895EPSS
Exploits13
saint
saint
•added 2010/02/17 12:0 a.m.•32 views

Wireshark LWRES dissector buffer overflow

Added: 02/17/2010 CVE: CVE-2010-0304 BID: 37985 OSVDB: 61987 Background Wireshark is a network packet analyzer. Problem A buffer overflow vulnerability in the LWRES dissector allows command execution when a user sends a specially crafted datagram over a network which is being analyzed by Wireshar...

7.5CVSS6.7AI score0.73666EPSS
Exploits12
saint
saint
•added 2009/12/22 12:0 a.m.•32 views

HP OpenView Network Node Manager ovalarm.exe Accept-Language buffer overflow

Added: 12/22/2009 CVE: CVE-2009-4179 BID: 37261 OSVDB: 60930 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow in the ovalarm.exe CGI program allows command execution when an attacker sends an HTTP request to this...

10CVSS6.9AI score0.66973EPSS
Exploits8
saint
saint
•added 2009/11/20 12:0 a.m.•32 views

Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution

Added: 11/20/2009 CVE: CVE-2009-2997 BID: 36638 OSVDB: 58926 Background Adobe Reader is free software for viewing PDF documents. Problem A heap memory corruption vulnerability exists in Adobe Acrobat Reader. The vulnerability is due to an input validation error while parsing Universal 3D U3D file...

9.3CVSS9.8AI score0.0837EPSS
Exploits7
saint
saint
•added 2009/10/22 12:0 a.m.•32 views

Microsoft Office Art Property Table Memory Corruption

Added: 10/22/2009 CVE: CVE-2009-2528 BID: 36650 OSVDB: 58869 Background Microsoft Office is a package that provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. MS Office XP 2002 and MS Office 2000 use the Microsoft Windows...

9.3CVSS8.4AI score0.20452EPSS
Exploits5
saint
saint
•added 2009/10/22 12:0 a.m.•32 views

Microsoft Office Art Property Table Memory Corruption

Added: 10/22/2009 CVE: CVE-2009-2528 BID: 36650 OSVDB: 58869 Background Microsoft Office is a package that provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. MS Office XP 2002 and MS Office 2000 use the Microsoft Windows...

9.3CVSS7.4AI score0.20452EPSS
Exploits5
saint
saint
•added 2009/09/16 12:0 a.m.•32 views

Safari WebKit floating point number buffer overflow

Added: 09/16/2009 CVE: CVE-2009-2195 BID: 36023 OSVDB: 56988 Background Safari is a web browser for Mac OS X and Windows. Safari is built upon the WebKit browser engine. Problem A buffer overflow vulnerability in WebKit allows command execution when a user loads a page which contains a specially...

9.3CVSS9AI score0.13294EPSS
Exploits4
saint
saint
•added 2009/07/13 12:0 a.m.•32 views

Motorola Timbuktu PlughNTCommand named pipe string buffer overflow

Added: 07/13/2009 CVE: CVE-2009-1394 BID: 35496 OSVDB: 55436 Background Motorola Timbuktu is remote control software for Windows and Mac. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted character string to the...

9.3CVSS7.8AI score0.33281EPSS
Exploits8
saint
saint
•added 2009/07/06 12:0 a.m.•32 views

Apple iTunes itms: URL buffer overflow

Added: 07/06/2009 CVE: CVE-2009-0950 BID: 35157 OSVDB: 54833 Background iTunes is a free media player for multiple platforms. Problem A buffer overflow vulnerability allows command execution when a user opens a specially crafted itms:// URL. Resolution Upgrade to iTunes 8.2 or higher. References...

9.3CVSS6.8AI score0.28815EPSS
Exploits21
saint
saint
•added 2009/06/30 12:0 a.m.•32 views

Unisys Business Information Server mnet.exe buffer overflow

Added: 06/30/2009 CVE: CVE-2009-1628 BID: 35494 OSVDB: 55435 Background The Unisys Business Information Server is an information management solution which provides data access across an enterprise. It includes the mnet.exe program which listens for connections on ports 3985/TCP and 3986/TCP...

10CVSS7.6AI score0.05244EPSS
Exploits4
saint
saint
•added 2009/05/25 12:0 a.m.•32 views

Windows GDI Privilege Elevation

Added: 05/25/2009 CVE: CVE-2006-5758 BID: 20940 OSVDB: 30214 Background The Graphics Rendering Engine in Microsoft Windows 2000 and Windows XP maps GDI Kernel structures on a global shared memory section that is created with insecure permissions. Problem Users with local access can remap the shar...

7.2CVSS6.2AI score0.06325EPSS
Exploits6
saint
saint
•added 2009/05/21 12:0 a.m.•32 views

Microsoft PowerPoint 2000 CurrentUserAtom buffer overflow

Added: 05/21/2009 CVE: CVE-2009-1131 BID: 34841 OSVDB: 54393 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A buffer overflow vulnerability in Microsoft PowerPoint allows command execution when a user opens a presentation containin...

9.3CVSS6.8AI score0.35927EPSS
Exploits5
saint
saint
•added 2009/04/23 12:0 a.m.•32 views

Microsoft WordPad Word97 text converter buffer overflow

Added: 04/23/2009 CVE: CVE-2009-0235 BID: 34470 OSVDB: 53664 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability in the Word 97 text converter allows command execution when a use...

9.3CVSS6.7AI score0.33616EPSS
Exploits5
saint
saint
•added 2009/04/07 12:0 a.m.•32 views

SAPgui EAI WebViewer3D ActiveX control SaveViewToSessionFile buffer overflow

Added: 04/07/2009 CVE: CVE-2007-4475 BID: 34310 OSVDB: 53066 Background SAPgui for Windows registers the EAI WebViewer3D ActiveX control. Problem A buffer overflow vulnerability in the EAI WebViewer3D ActiveX control allows command execution when a user loads a web page which invokes the...

9.3CVSS6.8AI score0.40307EPSS
Exploits8
saint
saint
•added 2009/04/07 12:0 a.m.•32 views

SAPgui EAI WebViewer3D ActiveX control SaveViewToSessionFile buffer overflow

Added: 04/07/2009 CVE: CVE-2007-4475 BID: 34310 OSVDB: 53066 Background SAPgui for Windows registers the EAI WebViewer3D ActiveX control. Problem A buffer overflow vulnerability in the EAI WebViewer3D ActiveX control allows command execution when a user loads a web page which invokes the...

9.3CVSS6.8AI score0.40307EPSS
Exploits8
saint
saint
•added 2009/02/26 12:0 a.m.•32 views

Java Runtime Environment JAR manifest Main Class buffer overflow

Added: 02/26/2009 CVE: CVE-2008-5354 BID: 32608 OSVDB: 50499 Background Java Runtime Environment JRE allows end users to run Java applications. Problem A buffer overflow vulnerability in JRE allows command execution when a user opens a JAR archive containing a manifest file with a specially craft...

9.3CVSS7.9AI score0.04798EPSS
Exploits5
saint
saint
•added 2009/02/25 12:0 a.m.•32 views

Oracle 9i Release 2 XDB HTTP Pass Overflow

Added: 02/25/2009 CVE: CVE-2003-0727 BID: 8375 OSVDB: 2449 Background Oracle 9i release 2 includes the XDB HTTP service which by default listens on port 8080. Problem A buffer overflow vulnerability in the parsing of credentials passed to the server allows remote attackers to execute arbitrary...

2.1CVSS7.5AI score0.68395EPSS
Exploits26
saint
saint
•added 2009/02/23 12:0 a.m.•32 views

Internet Explorer deleted object memory corruption

Added: 02/23/2009 CVE: CVE-2009-0075 BID: 33627 OSVDB: 51839 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A memory corruption vulnerability allows command execution when a user opens a specially crafted web page which causes a...

9.3CVSS6.3AI score0.85277EPSS
Exploits9
saint
saint
•added 2009/01/28 12:0 a.m.•32 views

Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH buffer overflow

Added: 01/28/2009 CVE: CVE-2008-5444 BID: 33177 OSVDB: 51340 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A buffer overflow vulnerability in Oracle Secure Backup when handling the NDMP protocol allows remote attackers to execute...

10CVSS7.4AI score0.60625EPSS
Exploits7
saint
saint
•added 2009/01/14 12:0 a.m.•32 views

HP OpenView Network Node Manager getcvdata.exe parameter string buffer overflow

Added: 01/14/2009 CVE: CVE-2008-0067 BID: 33147 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending an HTTP request for the getcvdata.exe C...

10CVSS7.8AI score0.63419EPSS
Exploits19
saint
saint
•added 2008/12/31 12:0 a.m.•32 views

Mozilla Firefox UTF-8 URL buffer overflow

Added: 12/31/2008 CVE: CVE-2008-0016 BID: 31397 OSVDB: 48780 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A buffer overflow vulnerability in Mozilla Firefox allows command execution when a user follows a link to a specially crafted UTF-8 URL...

10CVSS10AI score0.43921EPSS
Exploits12
saint
saint
•added 2008/12/24 12:0 a.m.•32 views

Computer Associates License Service invalid command buffer overflow

Added: 12/24/2008 CVE: CVE-2005-0581 BID: 12705 OSVDB: 14389 Background The License service comes with most Computer Associatesproducts and exchanges license information over ports 10202/tcp and 10203/tcp. Problem A buffer overflow vulnerability allows a remote attacker to execute arbitrary...

4.6CVSS7.5AI score0.46344EPSS
Exploits24
saint
saint
•added 2008/12/12 12:0 a.m.•32 views

Internet Explorer XML data binding memory corruption

Added: 12/12/2008 CVE: CVE-2008-4844 BID: 32721 OSVDB: 50622 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A data binding error allows command execution when a user loads specially crafted XML code containing nested SPAN tags,...

9.3CVSS7.5AI score0.66513EPSS
Exploits10
saint
saint
•added 2008/12/01 12:0 a.m.•32 views

VLC media player RealText subtitle file ParseRealText buffer overflow

Added: 12/01/2008 CVE: CVE-2008-5036 BID: 32125 OSVDB: 49809 Background VLC media player is a media player supporting various audio and video formats for multiple platforms. Problem A buffer overflow vulnerability in the ParseRealText function allows command execution when a user opens a media fi...

9.3CVSS6.8AI score0.41444EPSS
Exploits10
saint
saint
•added 2008/10/24 12:0 a.m.•32 views

Microsoft Excel formula parsing integer overflow

Added: 10/24/2008 CVE: CVE-2008-4019 BID: 31706 OSVDB: 49078 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem An integer overflow in the REPT function allows command execution when a user loads an Exc...

9.3CVSS6.6AI score0.34415EPSS
Exploits5
saint
saint
•added 2008/10/07 12:0 a.m.•32 views

Microsoft Rich Textbox ActiveX control SaveFile vulnerability

Added: 10/07/2008 CVE: CVE-2008-0237 BID: 27201 OSVDB: 40234 Background Microsoft Rich Textbox is an ActiveX control which comes with Visual Basic and allows creation of formatted text in RTF files. It is located in the Richtx32.ocx file. Problem The SaveFile method in the Rich Textbox ActiveX...

6.8CVSS6AI score0.20466EPSS
Exploits5
Total number of security vulnerabilities4305