Lucene search
K
SaintMost viewed

4305 matches found

Saint
Saint
•added 2010/12/23 12:0 a.m.•30 views

Cisco IOS HTTP exec path command execution

Added: 12/23/2010 CVE: CVE-2000-0945 BID: 1846 OSVDB: 444 Background The Cisco Internetwork Operating System IOS is the operating system used by Cisco routers. Problem A remote attacker could execute arbitrary commands through HTTP requests by requesting a path beginning with /exec. Resolution Se...

10CVSS7.6AI score0.72575EPSS
Exploits6
Saint
Saint
•added 2010/12/14 12:0 a.m.•30 views

Microsoft Office FlashPix Image Converter Dictionary property buffer overflow

Added: 12/14/2010 CVE: CVE-2010-3951 BID: 45278 OSVDB: 69808 Background Microsoft Office is a package that provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. The suite ships with a set of image processing helper libraries...

9.3CVSS7.7AI score0.25106EPSS
Exploits4
Saint
Saint
•added 2010/09/30 12:0 a.m.•30 views

Oracle Secure Backup Administration property_box.php objectname command injection

Added: 09/30/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 66340 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A vulnerability in the propertybox.php script allows remote attackers to inject arbitrary commands via the objectname paramete...

9CVSS6.6AI score0.02243EPSS
Exploits12
Saint
Saint
•added 2010/09/20 12:0 a.m.•30 views

Apple QuickTime QTPlugin.ocx _Marshaled_pUnk Code Execution

Added: 09/20/2010 CVE: CVE-2010-1818 BID: 42841 OSVDB: 67705 Background Apple QuickTime is a media player for Windows and Mac OS platforms. Problem An input validation error in Apple QuickTime 7.6.7 and earlier versions allows remote attackers to execute arbitrary code by enticing the user to ope...

9.3CVSS7.3AI score0.42668EPSS
Exploits9
Saint
Saint
•added 2010/08/23 12:0 a.m.•30 views

HP OpenView NNM getnnmdata.exe CGI ICount Parameter Buffer Overflow

Added: 08/23/2010 CVE: CVE-2010-1554 BID: 40071 OSVDB: 64976 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in Network Node Manager allows remote attackers to execute arbitrary commands by sending a...

10CVSS7.7AI score0.67786EPSS
Exploits13
Saint
Saint
•added 2010/08/19 12:0 a.m.•30 views

Microsoft Office Excel PivotTable Cache Data Record Handling Overflow

Added: 08/19/2010 CVE: CVE-2010-2562 BID: 42199 OSVDB: 66991 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem Microsoft Excel is vulnerable to a stack buffer overflow due to a logic error when parsing...

9.3CVSS6.6AI score0.17612EPSS
Exploits4
Saint
Saint
•added 2010/07/23 12:0 a.m.•30 views

Automatic Drive-by Download

Added: 07/23/2010 Background This tool waits for client connections, and then gathers information about the operating system and installed software on the client. Next, it chooses the latest and most reliable client exploit for the client's operating system and installed software, and delivers th...

1.3AI score
Exploits0
Saint
Saint
•added 2010/07/12 12:0 a.m.•30 views

Novell iManager EnteredClassName buffer overflow

Added: 07/12/2010 CVE: CVE-2010-1929 BID: 40480 OSVDB: 65737 Background Novell iManager is a web-based management interface for other Novell products. Problem A buffer overflow vulnerability in jclient.dll allows remote attackers to execute arbitrary commands by sending a specially crafted...

9CVSS7.8AI score0.16097EPSS
Exploits10
Saint
Saint
•added 2010/07/12 12:0 a.m.•30 views

Novell iManager EnteredClassName buffer overflow

Added: 07/12/2010 CVE: CVE-2010-1929 BID: 40480 OSVDB: 65737 Background Novell iManager is a web-based management interface for other Novell products. Problem A buffer overflow vulnerability in jclient.dll allows remote attackers to execute arbitrary commands by sending a specially crafted...

9CVSS7.8AI score0.16097EPSS
Exploits10
Saint
Saint
•added 2010/07/08 12:0 a.m.•30 views

Microsoft Excel DBQueryExt record parsing vulnerability

Added: 07/08/2010 CVE: CVE-2010-1253 BID: 40531 OSVDB: 65228 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A vulnerability in Microsoft Excel allows command execution when a user opens a spreadshee...

9.3CVSS6.4AI score0.25692EPSS
Exploits4
Saint
Saint
•added 2010/05/21 12:0 a.m.•30 views

HP OpenView Network Node Manager getnnmdata.exe CGI MaxAge buffer overflow

Added: 05/21/2010 CVE: CVE-2010-1553 BID: 40070 OSVDB: 64976 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in Network Node Manager allows remote attackers to execute arbitrary commands by sending a...

10CVSS7.7AI score0.72168EPSS
Exploits14
Saint
Saint
•added 2010/05/07 12:0 a.m.•30 views

Microsoft Visio DXF file insertion buffer overflow

Added: 05/07/2010 CVE: CVE-2010-1681 BID: 39836 Background Microsoft Visio is a component of the Microsoft Office suite which provides the capability to produce diagrams. Problem A buffer overflow vulnerability allows command execution when a user inserts a specially crafted DXF file into a Visio...

7.6CVSS6.7AI score0.67309EPSS
Exploits11
Saint
Saint
•added 2010/04/30 12:0 a.m.•30 views

Microsoft Publisher File Conversion Textbox buffer overflow

Added: 04/30/2010 CVE: CVE-2010-0479 BID: 39347 OSVDB: 63748 Background Microsoft Office Publisher, part of the Microsoft Office suite, is a product for creating publications and marketing materials. Problem A buffer overflow vulnerability allows command execution when a user loads a Publisher 97...

9.3CVSS6.7AI score0.23415EPSS
Exploits5
Saint
Saint
•added 2010/04/02 12:0 a.m.•30 views

Internet Explorer iepeers.dll use-after-free vulnerability

Added: 04/02/2010 CVE: CVE-2010-0806 BID: 38615 OSVDB: 62810 Background The iepeers.dll component of Internet Explorer provides support for Web Folders and printing. Problem A vulnerability in iepeers.dll allows a specially crafted web page to cause a pointer to be used after it has been freed,...

9.3CVSS6.4AI score0.82172EPSS
Exploits15
Saint
Saint
•added 2010/03/24 12:0 a.m.•30 views

Orbital Viewer buffer overflow

Added: 03/24/2010 CVE: CVE-2010-0688 BID: 38436 OSVDB: 62580 Background Orbital Viewer is a program for viewing atomic and molecular orbitals. Problem A buffer overflow vulnerability in Orbital Viewer allows command execution when a user opens a specially crafted .orb file. Resolution Do not open...

9.3CVSS6.8AI score0.37895EPSS
Exploits13
Saint
Saint
•added 2010/03/04 12:0 a.m.•30 views

Microsoft Office PowerPoint Viewer TextBytesAtom Record Buffer Overflow

Added: 03/04/2010 CVE: CVE-2010-0033 BID: 38107 OSVDB: 62241 Background Microsoft PowerPoint Viewer 2003 is a free tool which allows viewing of Microsoft PowerPoint presentations without requiring Microsoft PowerPoint itself. Problem A stack overflow vulnerability in the handling of TextBytesAtom...

9.3CVSS6.8AI score0.51073EPSS
Exploits8
Saint
Saint
•added 2010/02/16 12:0 a.m.•30 views

Eureka Email POP3 Error Stack Buffer Overflow

Added: 02/16/2010 CVE: CVE-2009-3837 OSVDB: 59262 Background Eureka Email is an e-mail client with built-in junk e-mail filtering. Problem A malicious POP3 mail server can send a long error message to the Eureka Email client, causing a stack buffer overflow. Resolution Upgrade when a fix becomes...

9.3CVSS6.5AI score0.32071EPSS
Exploits8
Saint
Saint
•added 2010/02/12 12:0 a.m.•30 views

Microsoft PowerPoint OEPlaceholderAtom placementId memory corruption

Added: 02/12/2010 CVE: CVE-2010-0031 BID: 38103 OSVDB: 62237 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability allows command execution when a user opens a PowerPoint file containing an...

9.3CVSS6.4AI score0.21221EPSS
Exploits6
Saint
Saint
•added 2010/01/08 12:0 a.m.•30 views

HP OpenView Application Recovery Manager MSG_PROTOCOL buffer overflow

Added: 01/08/2010 CVE: CVE-2009-3844 BID: 37250 OSVDB: 60852 Background HP OpenView Application Recovery Manager is a backup solution for business application data. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...

10CVSS7.7AI score0.74063EPSS
Exploits10
Saint
Saint
•added 2009/11/20 12:0 a.m.•30 views

Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution

Added: 11/20/2009 CVE: CVE-2009-2997 BID: 36638 OSVDB: 58926 Background Adobe Reader is free software for viewing PDF documents. Problem A heap memory corruption vulnerability exists in Adobe Acrobat Reader. The vulnerability is due to an input validation error while parsing Universal 3D U3D file...

9.3CVSS9.7AI score0.0837EPSS
Exploits7
Saint
Saint
•added 2009/11/06 12:0 a.m.•30 views

Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow

Added: 11/06/2009 CVE: CVE-2009-3031 BID: 36698 OSVDB: 59597 Background Symantec Altiris Deployment Solution provides tools to deploy software on desktops and servers. Problem A stack buffer overflow vulnerability in the AeXNSConsoleUtilities.dll ActiveX control allows remote attackers to execute...

9.3CVSS7.7AI score0.45435EPSS
Exploits16
Saint
Saint
•added 2009/09/22 12:0 a.m.•31 views

Symantec Altiris eXpress NS SC Download ActiveX control vulnerability

Added: 09/22/2009 BID: 36346 OSVDB: 57893 Background The Altiris eXpress NS SC Download ActiveX control is installed with several products, including Altiris Deployment Solution. Problem The Altiris eXpress NS SC Download ActiveX control allows remote files to be downloaded, saved to arbitrary...

7.4AI score
Exploits0
Saint
Saint
•added 2009/09/11 12:0 a.m.•30 views

Microsoft Excel BIFF format Qsir record memory corruption

Added: 09/11/2009 CVE: CVE-2009-1134 BID: 35246 OSVDB: 54958 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A memory corruption vulnerability allows command execution when a user closes a spreadshee...

9.3CVSS7.8AI score0.35698EPSS
Exploits5
Saint
Saint
•added 2009/09/01 12:0 a.m.•30 views

Oracle Secure Backup property_box.php type parameter command execution

Added: 09/01/2009 CVE: CVE-2009-1978 BID: 35678 OSVDB: 55904 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command execution vulnerability in the Oracle Secure Backup web interface allows remote attackers to execute arbitrary...

9CVSS7.2AI score0.64694EPSS
Exploits13
Saint
Saint
•added 2009/08/24 12:0 a.m.•30 views

Visual Studio Active Template Library object type mismatch vulnerability

Added: 08/24/2009 CVE: CVE-2009-2494 BID: 35982 OSVDB: 56910 Background Microsoft Visual Studio is a product to assist with software development in the Windows operating system. Visual Studio uses Microsoft Active Template Library ATL, which is a set of template-based C++ classes, to help simplif...

10CVSS6.3AI score0.42329EPSS
Exploits6
Saint
Saint
•added 2009/08/05 12:0 a.m.•30 views

MS Office Word malformed Sprm record buffer overflow

Added: 08/05/2009 CVE: CVE-2009-0565 BID: 35190 OSVDB: 54960 Background Microsoft Office Word is Microsoft's word processing software, released as a component of Microsoft Office suite. Problem A buffer overflow in Microsoft Office Word allows remote command execution when a specially crafted Wor...

9.3CVSS7.8AI score0.40503EPSS
Exploits8
Saint
Saint
•added 2009/07/24 12:0 a.m.•30 views

Novell Client NetIdentity Agent XTIERRPCPIPE pointer dereference vulnerability

Added: 07/24/2009 CVE: CVE-2009-1350 BID: 34400 OSVDB: 53351 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem A vulnerability in the xtagent.exe program allows remote, authenticated attackers to execute arbitrary commands by sending a specially crafted...

10CVSS7.1AI score0.65934EPSS
Exploits7
Saint
Saint
•added 2009/07/13 12:0 a.m.•30 views

Mozilla Firefox JIT Escape Function Memory Corruption

Added: 07/13/2009 CVE: CVE-2009-2477 BID: 35660 OSVDB: 55846 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A memory corruption vulnerability in Mozilla Firefox in the way it handles JIT escape function calls allows arbitrary code injection and...

9.3CVSS9.8AI score0.42689EPSS
Exploits9
Saint
Saint
•added 2009/07/13 12:0 a.m.•30 views

Mozilla Firefox JIT Escape Function Memory Corruption

Added: 07/13/2009 CVE: CVE-2009-2477 BID: 35660 OSVDB: 55846 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A memory corruption vulnerability in Mozilla Firefox in the way it handles JIT escape function calls allows arbitrary code injection and...

9.3CVSS9.8AI score0.42689EPSS
Exploits9
Saint
Saint
•added 2009/07/13 12:0 a.m.•30 views

Motorola Timbuktu PlughNTCommand named pipe string buffer overflow

Added: 07/13/2009 CVE: CVE-2009-1394 BID: 35496 OSVDB: 55436 Background Motorola Timbuktu is remote control software for Windows and Mac. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted character string to the...

9.3CVSS7.7AI score0.33281EPSS
Exploits8
Saint
Saint
•added 2009/05/11 12:0 a.m.•30 views

Tivoli Storage Manager Client dsmagent.exe NodeName buffer overflow

Added: 05/11/2009 CVE: CVE-2008-4828 BID: 34803 OSVDB: 54232 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon CAD on ports 1581/TCP and 1582/TCP. The Client Acceptor Daemon, upon receiving a...

10CVSS7.9AI score0.71468EPSS
Exploits8
Saint
Saint
•added 2009/05/11 12:0 a.m.•30 views

Tivoli Storage Manager Client dsmagent.exe NodeName buffer overflow

Added: 05/11/2009 CVE: CVE-2008-4828 BID: 34803 OSVDB: 54232 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon CAD on ports 1581/TCP and 1582/TCP. The Client Acceptor Daemon, upon receiving a...

10CVSS7.9AI score0.71468EPSS
Exploits8
Saint
Saint
•added 2009/04/20 12:0 a.m.•30 views

Microsoft PowerPoint invalid object reference vulnerability

Added: 04/20/2009 CVE: CVE-2009-0556 BID: 34351 OSVDB: 53182 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability in Microsoft PowerPoint allows command execution when an invalid object is referenced...

9.3CVSS6.5AI score0.67539EPSS
Exploits5
Saint
Saint
•added 2009/04/17 12:0 a.m.•30 views

Microsoft WordPad Word 97 text converter XST buffer overflow

Added: 04/17/2009 CVE: CVE-2008-4841 BID: 32718 OSVDB: 50567 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability allows command execution when WordPad is used to open a Word 97...

9.3CVSS6.7AI score0.4303EPSS
Exploits6
Saint
Saint
•added 2009/03/31 12:0 a.m.•30 views

Symantec AppStream Client LaunchObj ActiveX Control installAppMgr vulnerability

Added: 03/31/2009 CVE: CVE-2008-4388 BID: 33247 OSVDB: 51410 Background Symantec AppStream is an application deployment framework. Problem The LaunchObj ActiveX control exposes the installAppMgr method, which can be used to download and execute arbitrary code. This could allow command execution...

9.3CVSS6.9AI score0.37721EPSS
Exploits9
Saint
Saint
•added 2009/03/10 12:0 a.m.•30 views

Winamp skin file MAKI script buffer overflow

Added: 03/10/2009 BID: 34009 Background Winamp is a media player for Windows. Problem A buffer overflow in Winamp allows command execution when a user opens a skin file containing a compiled MAKI script with a specially crafted string having an incorrect length field. Resolution Upgrade to Winamp...

0.6AI score
Exploits0
Saint
Saint
•added 2009/03/04 12:0 a.m.•30 views

Orbit Downloader Connecting log message buffer overflow

Added: 03/04/2009 CVE: CVE-2009-0187 BID: 33894 OSVDB: 52294 Background Orbit Downloader is a download manager supporting various protocols. Problem A buffer overflow vulnerability when constructing "Connecting" log messages allows command execution when a user loads an HTTP URL with a long,...

9.3CVSS6.8AI score0.39984EPSS
Exploits8
Saint
Saint
•added 2009/01/20 12:0 a.m.•30 views

Oracle Secure Backup login.php rbtool command injection

Added: 01/20/2009 CVE: CVE-2008-5448 BID: 33177 OSVDB: 51342 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command injection vulnerability in the Oracle Secure Backup web interface allows a remote attacker to execute arbitrary...

10CVSS7.3AI score0.3857EPSS
Exploits9
Saint
Saint
•added 2009/01/13 12:0 a.m.•30 views

Opera file URI buffer overflow

Added: 01/13/2009 CVE: CVE-2008-5178 BID: 32323 OSVDB: 49882 Background Opera is a web browser which is available for multiple platforms. Problem A buffer overflow vulnerability allows command execution when a user opens a long, specially crafted file:// URI. Resolution Upgrade to Opera 9.63 or...

9.3CVSS6.8AI score0.31509EPSS
Exploits6
Saint
Saint
•added 2008/11/21 12:0 a.m.•30 views

LPViewer ActiveX Control url property buffer overflow

Added: 11/21/2008 CVE: CVE-2008-4384 BID: 31604 OSVDB: 48946 Background The LPViewer ActiveX Control installs with the iseemedia ZOOM control viewer and allows viewing of images created with iseemedia software. Problem A buffer overflow vulnerability allows command execution when a user opens a w...

9.3CVSS6.8AI score0.28706EPSS
Exploits8
Saint
Saint
•added 2008/11/10 12:0 a.m.•30 views

Adobe PageMaker key strings buffer overflow

Added: 11/10/2008 CVE: CVE-2007-6432 BID: 31999 OSVDB: 50055 Background Adobe PageMaker is page layout software. Problem A buffer overflow vulnerability in AldFs32.dll allows command execution when a user opens a specially crafted PMD file. Resolution See the solution referenced in APSA08-10...

9.3CVSS6.7AI score0.08402EPSS
Exploits4
Saint
Saint
•added 2008/10/15 12:0 a.m.•30 views

Microsoft Host Integration Server SNA RPC authentication bypass

Added: 10/15/2008 CVE: CVE-2008-3466 BID: 31620 OSVDB: 49068 Background Microsoft Host Integration Server is an enabling technology which allows integration of applications and data with new Windows solutions. Problem A vulnerability in Microsoft Host Integration Server allows remote...

10CVSS6.9AI score0.77741EPSS
Exploits9
Saint
Saint
•added 2008/09/03 12:0 a.m.•30 views

Microsoft Visual Studio MaskedEdit ActiveX buffer overflow

Added: 09/03/2008 CVE: CVE-2008-3704 BID: 30674 OSVDB: 47475 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem A buffer overflow in the MaskedEdit ActiveX control allows command execution when a user loads a web page which...

9.3CVSS6.8AI score0.55917EPSS
Exploits9
Saint
Saint
•added 2008/08/13 12:0 a.m.•30 views

Internet Explorer print preview argument validation vulnerability

Added: 08/13/2008 CVE: CVE-2008-2259 BID: 30612 OSVDB: 47414 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A flaw in the handling of validation of arguments by the print preview function in Internet Explorer allows command...

9.3CVSS6.2AI score0.3008EPSS
Exploits5
Saint
Saint
•added 2008/07/07 12:0 a.m.•31 views

Orbit Downloader URL Unicode conversion buffer overflow

Added: 07/07/2008 CVE: CVE-2008-1602 BID: 28541 OSVDB: 44036 Background Orbit Downloader is a download manager supporting various protocols. Problem A buffer overflow vulnerability during Unicode conversion in the download failure notification message allows command execution when Orbit Downloade...

10CVSS6.8AI score0.6749EPSS
Exploits10
Saint
Saint
•added 2008/06/20 12:0 a.m.•30 views

Lotus Expeditor cai URI handler command injection

Added: 06/20/2008 CVE: CVE-2008-1965 BID: 28926 OSVDB: 44868 Background Lotus Expeditor is a desktop integration framework used by Lotus products including Lotus Symphony. Problem Lotus Expeditor registers a handler for cai: URIs which passes arbitrary arguments to rcplauncher.exe. This allows...

9.3CVSS6.6AI score0.10675EPSS
Exploits5
Saint
Saint
•added 2008/05/30 12:0 a.m.•30 views

CA ARCserve Backup caloggerd opcode 79 buffer overflow

Added: 05/30/2008 CVE: CVE-2008-2242 BID: 29283 OSVDB: 45368 Background CA ARCserve Backup formerly BrightStor ARCserve Backup is a backup and recovery solution. The logger daemon caloggerd is an RPC service which handles event logs. Problem A buffer overflow vulnerability in caloggerd allows...

7.5CVSS7.7AI score0.14716EPSS
Exploits9
Saint
Saint
•added 2008/05/09 12:0 a.m.•30 views

Informix Dynamic Server sqlexec password argument buffer overflow

Added: 05/09/2008 CVE: CVE-2008-0727 BID: 28198 OSVDB: 42701 Background Informix Dynamic Server is a database solution from IBM. The oninit.exe process listens for connections on port 1526/TCP. Problem The oninit.exe process does not sufficiently check the length of command-line arguments passed ...

8.5CVSS7.1AI score0.05248EPSS
Exploits5
Saint
Saint
•added 2008/03/21 12:0 a.m.•30 views

Symantec Backup Exec for Windows Servers scheduler ActiveX buffer overflow

Added: 03/21/2008 CVE: CVE-2007-6016 BID: 26904 OSVDB: 42358 Background Symantec Backup Exec for Windows Servers is a backup and recovery solution for Windows servers. Problem An ActiveX buffer overflow vulnerability in pvcalendar.ocx in the scheduler component of Symantec Backup Exec for Windows...

9.3CVSS6.9AI score0.50419EPSS
Exploits8
Saint
Saint
•added 2008/02/11 12:0 a.m.•30 views

Yahoo Music Jukebox MediaGrid ActiveX buffer overflow

Added: 02/11/2008 CVE: CVE-2008-0625 BID: 27578 OSVDB: 41051 Background Yahoo! Music Jukebox is a music player capable of playing, ripping, and burning MP3s and CDs, creating and sharing playlists, streaming radio stations, and purchasing music. Problem A buffer overflow vulnerability in the...

4.3CVSS7AI score0.08104EPSS
Exploits5
Total number of security vulnerabilities4305