4305 matches found
Lotus Expeditor cai URI handler command injection
Added: 06/20/2008 CVE: CVE-2008-1965 BID: 28926 OSVDB: 44868 Background Lotus Expeditor is a desktop integration framework used by Lotus products including Lotus Symphony. Problem Lotus Expeditor registers a handler for cai: URIs which passes arbitrary arguments to rcplauncher.exe. This allows...
Adobe Photoshop Album Starter Edition BMP image header buffer overflow
Added: 05/08/2008 CVE: CVE-2008-1765 BID: 28874 OSVDB: 44579 Background Adobe Photoshop Album Starter Edition is free software for editing and sharing photos. Problem A buffer overflow vulnerability in Adobe Photoshop Album Starter Edition allows command execution when a user opens a BMP image fi...
Microsoft Excel conditional formatting vulnerability
Added: 03/14/2008 CVE: CVE-2008-0117 BID: 28170 OSVDB: 42731 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A vulnerability in Microsoft Excel allows command execution when a user opens a file...
Veritas Storage Foundation Administrator service buffer overflow
Added: 03/03/2008 CVE: CVE-2008-0638 BID: 25778 OSVDB: 41978 Background Veritas Storage Foundation is an online storage management solution. An Administrator service, implemented by vxsvc.exe, listens on port 3207 by default. Problem A buffer overflow vulnerability in the Administrator service...
MacroVision InstallShield Update Service DownloadAndExecute buffer overflow
Added: 01/04/2008 CVE: CVE-2007-6654 BID: 27013 OSVDB: 39980 Background MacroVision InstallShield is software for creating installers or software packages. Problem A buffer overflow in the DownloadAndExecute function in the Update Service ActiveX control allows command execution when a user loads...
ACDSee XPM file section string buffer overflow
Added: 12/14/2007 CVE: CVE-2007-6009 BID: 26554 OSVDB: 45278 Background ACDSee is a suite of products for viewing and organizing photos. Problem A buffer overflow vulnerability in the IDX.apl, IDEACDStd.apl, IDPSP.apl, and AMLHA.apl plug-ins could allow command execution when a user opens an XPM...
Lotus Notes Lotus 1-2-3 file viewer buffer overflow
Added: 12/07/2007 CVE: CVE-2007-6593 BID: 26604 OSVDB: 40796 Background Lotus Notes is the client for Lotus Domino servers. Lotus Notes uses the Autonomy KeyView library to process files in the Lotus Worksheet File format WKS used by Lotus 1-2-3. Problem A buffer overflow vulnerability in the...
RealPlayer ActiveX control playlist name buffer overflow
Added: 10/25/2007 CVE: CVE-2007-5601 BID: 26130 OSVDB: 41430 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem The RealPlayer Database Component MPAMedia.dll is affected by a buffer overflow...
Kodak Image Viewer TIFF image handling vulnerability
Added: 10/15/2007 CVE: CVE-2007-2217 BID: 25909 OSVDB: 37627 Background The Windows Kodak Image Viewer is a utility for rendering various image formats. It is included in Windows 2000, and may also be present on newer versions of Windows if a computer was upgraded from Windows 2000. Problem A...
Microsoft Visual Basic VBP file buffer overflow
Added: 10/05/2007 CVE: CVE-2007-4776 BID: 25629 OSVDB: 36936 Background Microsoft Visual Basic is a development tool for building Windows applications. Problem A buffer overflow vulnerability in Microsoft Visual Basic allows command execution when a user opens a specially crafted Visual Basic...
Trend Micro ServerProtect TMregChange buffer overflow
Added: 09/27/2007 CVE: CVE-2007-4731 OSVDB: 45878 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the TMregChange function in the TMreg.dll library allows remote attackers to execute arbitrary commands by sending specially crafted da...
Symantec Norton NavComUI ActiveX control vulnerability
Added: 09/20/2007 CVE: CVE-2007-2955 BID: 24983 OSVDB: 36477 Background The Symantec Norton product suite includes antivirus, firewall, and other security functions. Problem Vulnerabilities in the AxSysListView32 and AxSysListView32OAA ActiveX controls, implemented by the NavComUI.dll library...
Trend Micro ServerProtect RPC NTF_SetPagerNotifyConfig buffer overflow
Added: 08/23/2007 CVE: CVE-2007-4218 BID: 25395 OSVDB: 39754 Background ServerProtect is a virus scanner for servers. Problem A buffer overflow in the NTFSetPagerNotifyConfig function within the Notification.dll library allows remote attackers to execute arbitrary commands by sending a specially...
Linux kernel ptrace privilege elevation vulnerability
Added: 06/27/2007 CVE: CVE-2003-0127 BID: 7112 OSVDB: 4565 Background ptrace is a Linux system call which enables a parent process to observe and control another process. Problem Due to a failure by the kernel to restrict trace permissions, a local attacker could gain root privileges by attaching...
Windows Telephony API buffer overflow
Added: 06/12/2007 CVE: CVE-2005-0058 BID: 14518 OSVDB: 18606 Background The Windows Telephony API TAPI provides telecommunications support for Windows applications. Problem A buffer overflow in the Windows Telephony API allows local attackers to execute commands with administrative privileges...
Yahoo Messenger Webcam Viewer ActiveX control buffer overflow
Added: 06/08/2007 CVE: CVE-2007-3148 BID: 24355 OSVDB: 37081 Background Yahoo! Messenger is an instant messaging application. It includes the Webcam Viewer ActiveX control which is provided by ywcvwr.dll. Problem A buffer overflow vulnerability in the Yahoo! Messenger Webcam Viewer ActiveX contro...
CA Console Server username buffer overflow
Added: 05/25/2007 CVE: CVE-2007-2522 BID: 23906 OSVDB: 34585 Background Multiple CA products include the inoweb Console Server which listens for connections on port 12168/TCP. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, speciall...
Adobe Photoshop PNG file handling buffer overflow
Added: 05/17/2007 CVE: CVE-2007-2365 BID: 23698 OSVDB: 35465 Background Adobe Photoshop is an application for editing digital images. Problem A buffer overflow vulnerability in Adobe Photoshop allows command execution when a user opens a specially crafted PNG image file. Resolution Do not open PN...
Microsoft Step-by-Step Interactive Training bookmark buffer overflow
Added: 05/04/2007 CVE: CVE-2006-3448 BID: 22484 OSVDB: 31883 Background Microsoft Step-by-Step Interactive Training is the engine used by various training programs. Problem A buffer overflow vulnerability in Microsoft Step-by-Step Interactive Training allows command execution when a specially...
Yahoo Messenger AudioConf ActiveX control buffer overflow
Added: 04/12/2007 CVE: CVE-2007-1680 BID: 23291 OSVDB: 34319 Background Yahoo! Messenger is an instant messaging application. It includes the AudioConf ActiveX control which is provided by yacscom.dll. Problem A buffer overflow vulnerability in the AudioConf ActiveX control allows command executi...
Trend Micro ServerProtect CMON_NetTestConnection buffer overflow
Added: 02/23/2007 CVE: CVE-2007-1070 BID: 22639 OSVDB: 33042 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the CMONNetTestConnection function allows remote attackers to execute arbitrary commands by sending a specially crafted RPC...
BrightStor ARCserve Message Engine opnum 0x75 buffer overflow
Added: 01/24/2007 CVE: CVE-2007-0169 BID: 22005 OSVDB: 31318 Background The BrightStor ARCserve Backup server runs the Message Engine RPC service on ports 6503/TCP and 6504/TCP by default. Problem A buffer overflow in BrightStor ARCserve Backup allows remote attackers to execute arbitrary command...
BrightStor ARCserve Message Engine opnum 0x2f buffer overflow
Added: 01/19/2007 CVE: CVE-2007-0169 BID: 22005 OSVDB: 31318 Background The BrightStor ARCserve Backup server runs the Message Engine RPC service on ports 6503/TCP and 6504/TCP by default. Problem A buffer overflow in BrightStor ARCserve Backup allows remote attackers to execute arbitrary command...
BrightStor ARCserve Backup Tape Engine GetGroupStatus buffer overflow
Added: 12/22/2006 CVE: CVE-2006-6076 BID: 21221 OSVDB: 30637 Background The BrightStor ARCserve Backup server includes a Backup Tape Engine feature which allows use of tape drives for storage. Problem A buffer overflow vulnerability in the RPC GetGroupStatus function allows remote attackers to...
BrightStor ARCserve Message Engine RPC server buffer overflow
Added: 11/09/2006 CVE: CVE-2006-5143 BID: 20365 OSVDB: 29535 Background The BrightStor ARCserve Backup family of products includes a Message Engine which listens for connections on port 6503/TCP. Problem A buffer overflow in the ASCORE.dll library allows remote attackers to execute arbitrary...
BrightStor ARCserve discovery service ASBRDCST.DLL buffer overflow
Added: 10/19/2006 CVE: CVE-2006-5143 BID: 20365 OSVDB: 29534 Background The BrightStor ARCserve Backup server includes a discovery service which listens on ports 41523/TCP and 41524/UDP. Problem A buffer overflow vulnerability in the ASBRDCST.DLL library allows remote attackers to execute arbitra...
Microsoft SSL library PCT buffer overflow
Added: 10/13/2006 CVE: CVE-2003-0719 BID: 10116 OSVDB: 5250 Background The Microsoft Secure Sockets Layer SSL library provides support for a number of secure communication protocols, including the Private Communication Technology PCT protocol. Since PCT has been superceded by SSL 3.0, the Microso...
MERCUR Messaging IMAP LOGIN command buffer overflow
Added: 07/10/2006 CVE: CVE-2006-1255 BID: 17138 OSVDB: 23950 Background MERCUR Messaging 2005 is an e-mail server supporting the SMTP, POP3, and IMAP protocols for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service when processing the LOGIN command allows remote...
MERCUR Messaging IMAP LOGIN command buffer overflow
Added: 07/10/2006 CVE: CVE-2006-1255 BID: 17138 OSVDB: 23950 Background MERCUR Messaging 2005 is an e-mail server supporting the SMTP, POP3, and IMAP protocols for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service when processing the LOGIN command allows remote...
Microsoft Excel URL unicode buffer overflow
Added: 06/21/2006 CVE: CVE-2006-3086 BID: 18500 OSVDB: 26666 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms. Problem A buffer overflow in Excel when processing long URL strings allows command execution when a user clicks ...
Symantec real-time scan service buffer overflow
Added: 06/13/2006 CVE: CVE-2006-2630 BID: 18107 OSVDB: 25846 Background Various Symantec products include a real-time virus scan service. Problem A buffer overflow in the real-time virus scan service allows remote attackers to execute arbitrary commands. Resolution Apply patch SYM06-010. Referenc...
Mozilla Firefox GIF processing buffer overflow
Added: 06/09/2006 CVE: CVE-2005-0399 BID: 12881 OSVDB: 14937 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A heap overflow in Mozilla Firefox when processing GIF images with the obsolete Netscape extension 2 allows command execution when a use...
HP OpenView OmniBack directory traversal
Added: 06/06/2006 CVE: CVE-2001-0311 BID: 11032 OSVDB: 6018 Background HP OpenView is a suite of tools for managing networks. The OmniBack component provides backup and restoration capabilities. Problem A directory traversal vulnerability in the OmniBack service allows a remote attacker to run a...
Novell eDirectory iMonitor NDS buffer overflow
Added: 05/30/2006 CVE: CVE-2006-2496 BID: 18026 OSVDB: 25781 Background iMonitor is a web service which is a component of Novell eDirectory. Problem A buffer overflow in iMonitor allows remote attackers to execute arbitrary commands by sending a long, specially crafted URL request in the NDS...
QuickTime MOV file udta Atom buffer overflow
Added: 05/24/2006 CVE: CVE-2006-1460 BID: 17953 OSVDB: 25509 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow in QuickTime allows command execution by a specially crafted Movie MOV file containing a long udta Atom. Resolution Upgrade to QuickTime...
Windows Metafile rendering buffer overflow
Added: 05/04/2006 CVE: CVE-2004-0209 BID: 11375 OSVDB: 10692 Background A Windows Metafile image is a 16-bit metafile format that can contain both vector information and bitmap information. Problem A buffer overflow in the Windows Graphics Rendering Engine allows command execution when a malforme...
MailEnable IMAP command buffer overflow
Added: 01/24/2006 CVE: CVE-2004-2501 BID: 11755 OSVDB: 12135 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. MailEnable Professional and MailEnable Enterprise also include IMAP and HTTPMail services. Problem A buffer overflow in the IMAP service allows an...
MailEnable IMAP command buffer overflow
Added: 01/24/2006 CVE: CVE-2004-2501 BID: 11755 OSVDB: 12135 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. MailEnable Professional and MailEnable Enterprise also include IMAP and HTTPMail services. Problem A buffer overflow in the IMAP service allows an...
Computer Associates License Service GETCONFIG buffer overflow
Added: 12/14/2005 CVE: CVE-2005-0581 BID: 12705 OSVDB: 14389 Background The License service comes with most Computer Associates products and exchanges license information over ports 10202/tcp and 10203/tcp. Problem A buffer overflow vulnerability exists in the processing of GETCONFIG messages...
VERITAS NetBackup Volume Manager Daemon buffer overflow
Added: 12/04/2005 CVE: CVE-2005-3116 BID: 15353 OSVDB: 20674 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The Volume Manager Daemon VMD has an error in its shared library allowing for a buffer overflow. A specially crafted request sent to port...
vBulletin subWidgets command execution
Added: 09/02/2020 Background vBulletin is a commercial web bulletin board application written in PHP using MySQL. Problem An incomplete fix for a previously reported vulnerability allows a remote attacker to execute arbitrary commands by sending a POST request for the widgettabbedcontainertabpane...
Seagate Central unauthenticated file upload
Added: 06/09/2015 Background Seagate Central is a personal cloud storage device which can be connected to a wireless router. Problem Seagate Central has no root password, allowing unauthenticated users to upload arbitrary files via PHP. This can be leveraged to execute arbitrary commands by...
Firefox crypto.generateCRMFRequest command execution
Added: 08/21/2014 CVE: CVE-2013-1710 BID: 61900 OSVDB: 96019 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A vulnerability in the implementation of the crypto.generateCRMFRequest javascript method allows command execution...
GitList blame resource command injection
Added: 07/14/2014 CVE: CVE-2014-4511 BID: 68253 OSVDB: 108504 Background GitList is a web-based git repository viewer. Problem A vulnerability in GitList allows remote attackers to execute arbitrary commands by sending a specially crafted request for the blame resource. Resolution Upgrade to...
Internet Explorer Use-After-Free Memory Corruption (MS13-055)
Added: 10/09/2013 CVE: CVE-2013-3163 BID: 60975 OSVDB: 94981 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Microsoft Internet Explorer contains a use-after-free error which can lead to memory corruption in such a way as to allow...
HP LoadRunner micWebAjax.dll ActiveX NotifyEvent Method Vulnerability
Added: 09/30/2013 CVE: CVE-2013-2368 BID: 61436 OSVDB: 95639 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the micWebAjax ActiveX control. Problem HP LoadRunner before 11.52 is vulnerable to remote code execution due to failure to sanitize user-suppli...
WPAD Listener
Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, browsers are...
HP LeftHand Virtual SAN Appliance Hydra Service Login Buffer Overflow
Added: 08/20/2013 CVE: CVE-2013-2343 BID: 60884 OSVDB: 94701 Background HP LeftHand Virtual SAN Appliance VSA software is a VMware certified SAN/storage device and virtual appliance that provides complete SAN functionality for VMware Infrastructure without external SAN hardware. Problem HP LeftHa...
PineApp Mail-SeCure test_li_connection.php Command Injection
Added: 08/08/2013 BID: 61477 OSVDB: 95782 Background PineApp Mail-SeCure is an e-mail security appliance which provides perimeter security protection to stop threats prior to their penetration of the customer's network, as well as post-perimeter anti-spam content inspection. Problem PineApp...
Novell iPrint Client IPP Response URI handling buffer overflow
Added: 07/05/2013 CVE: CVE-2013-1091 BID: 59612 OSVDB: 92938 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem A buffer overflow vulnerability within the handling...