4305 matches found
Microsoft DirectX SAMI parser buffer overflow
Added: 01/22/2008 CVE: CVE-2007-3901 BID: 26789 OSVDB: 39126 Background DirectX is a feature of the Windows operating system used for streaming media. Problem A buffer overflow vulnerability in DirectX allows command execution when a user opens a specially crafted SAMI file in Windows Media Playe...
Microsoft Excel rtAFDesc record invalid pointer access
Added: 01/17/2008 CVE: CVE-2008-0081 BID: 27305 OSVDB: 40344 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms. Problem Microsoft Excel references an uninitialized pointer if a spreadsheet contains an improperly placed...
Lotus Notes WPD attachment viewer buffer overflow
Added: 01/03/2008 CVE: CVE-2007-5910 BID: 26175 OSVDB: 40783 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the KeyView Viewer included in Lotus Notes allows command execution when a user views a specially crafted WordPerfect WPD attachment. Resolution...
Lotus Domino Web Access ActiveX control dwa7w.dll buffer overflow
Added: 12/31/2007 CVE: CVE-2007-4474 BID: 26972 OSVDB: 40954 Background Lotus Domino Web Access provides capabilities similar to those of the Lotus Notes client, delivered through a web browser. Problem A buffer overflow vulnerability in the Lotus Domino Web Access ActiveX control in the dwa7w.dl...
Microsoft Message Queuing queue name buffer overflow
Added: 12/12/2007 CVE: CVE-2007-3039 BID: 26797 OSVDB: 39123 Background Microsoft Message Queuing allows applications which may be running at different times to communicate across a network. Problem A buffer overflow vulnerability in the Microsoft Message Queuing service allows remote attackers t...
EMC NetWorker Remote Exec service subcmd buffer overflow
Added: 11/09/2007 CVE: CVE-2007-3618 BID: 25375 OSVDB: 39744 Background EMC NetWorker is a centralized data backup solution. Problem A buffer overflow vulnerability in the Remote Exec service nsrexecd.exe allows remote attackers to execute arbitrary commands by sending a long, invalid subcmd to a...
Borland Interbase ibserver.exe create buffer overflow
Added: 07/26/2007 CVE: CVE-2007-3566 BID: 25048 OSVDB: 38602 Background Borland Interbase is a database solution for Windows, Linux, and Solaris platforms. Problem A buffer overflow in the database service, ibserver.exe , allows remote attackers to execute arbitrary commands by sending a speciall...
Borland Interbase ibserver.exe create buffer overflow
Added: 07/26/2007 CVE: CVE-2007-3566 BID: 25048 OSVDB: 38602 Background Borland Interbase is a database solution for Windows, Linux, and Solaris platforms. Problem A buffer overflow in the database service, ibserver.exe, allows remote attackers to execute arbitrary commands by sending a specially...
Linux kernel ptrace privilege elevation vulnerability
Added: 06/27/2007 CVE: CVE-2003-0127 BID: 7112 OSVDB: 4565 Background ptrace is a Linux system call which enables a parent process to observe and control another process. Problem Due to a failure by the kernel to restrict trace permissions, a local attacker could gain root privileges by attaching...
Solaris loadable kernel module directory traversal
Added: 06/22/2007 CVE: CVE-2004-1767 BID: 9477 OSVDB: 15128 Background Loadable kernel modules are programs which can be dynamically loaded into the kernel. Problem A directory traversal vulnerability in the vfsgetvfssw function in the Solaris kernel allows unprivileged users to load their own...
Yahoo Messenger Webcam Viewer ActiveX control buffer overflow
Added: 06/08/2007 CVE: CVE-2007-3148 BID: 24355 OSVDB: 37081 Background Yahoo! Messenger is an instant messaging application. It includes the Webcam Viewer ActiveX control which is provided by ywcvwr.dll. Problem A buffer overflow vulnerability in the Yahoo! Messenger Webcam Viewer ActiveX contro...
Microsoft Excel Named Graph record buffer overflow
Added: 05/24/2007 CVE: CVE-2007-0215 BID: 23760 OSVDB: 34393 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms. Problem A buffer overflow vulnerability in Microsoft Excel allows command execution when a user opens a speciall...
McAfee ePolicy Orchestrator SiteManager ExportSiteList buffer overflow
Added: 05/11/2007 CVE: CVE-2007-1498 BID: 22952 OSVDB: 33796 Background ePolicy Orchestrator is a centralized security configuration and monitoring application. It includes the SiteManager ActiveX control which is implemented by sitemanager.dll. Problem A buffer overflow vulnerability in the...
Mercury IMAP data continuation buffer overflow
Added: 03/22/2007 CVE: CVE-2007-1373 OSVDB: 33883 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem A buffer overflow vulnerability in the Mercury IMAP service when processing data continuation specifiers allows remote attackers to execute...
Trend Micro ServerProtect ENG_SetRealTimeScanConfigInfo buffer overflow
Added: 03/07/2007 CVE: CVE-2007-1070 BID: 22639 OSVDB: 33042 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the ENGSetRealTimeScanConfigInfo function allows remote attackers to execute arbitrary commands by sending a specially craft...
BrightStor ARCserve Backup Tape Engine ReserveGroup buffer overflow
Added: 12/26/2006 CVE: CVE-2006-6076 BID: 21221 OSVDB: 30637 Background The BrightStor ARCserve Backup server includes a Backup Tape Engine feature which allows use of tape drives for storage. Problem A buffer overflow vulnerability in the RPC ReserveGroup function allows remote attackers to...
3Com TFTP server Transporting Mode buffer overflow
Added: 12/08/2006 CVE: CVE-2006-6183 BID: 21301 OSVDB: 30758 Background 3CTftpSvc by 3Com is a freeware implementation of the TFTP protocol for Windows. Problem A buffer overflow vulnerability in the 3Com TFTP server allows remote attackers to execute arbitrary commands by sending a long, special...
Novell eDirectory iMonitor HTTP redirection buffer overflow
Added: 10/26/2006 CVE: CVE-2006-5478 BID: 20655 OSVDB: 29993 Background iMonitor is a web service which is a component of Novell eDirectory. Problem iMonitor allows remote command execution by sending specially crafted HTTP header data in a request for certain URLs, which results in a buffer...
Oracle Spatial component SDO_CS.TRANSFORM_LAYER buffer overflow
Added: 10/26/2006 CVE: CVE-2006-5344 BID: 20588 OSVDB: 31462 Background The Oracle Spatial formerly SDO component of Oracle Database provides a set of functions which process multi-dimensional data. Problem A buffer overflow in the Oracle Spatial component allows an attacker with EXECUTE privileg...
McAfee HTTP header processing buffer overflow
Added: 10/06/2006 CVE: CVE-2006-5156 BID: 20288 OSVDB: 29421 Background McAfee ePolicy Orchestrator and Protection Pilot are centralized security management products. These products include an HTTP server implemented by the NAISERV.exe program. Problem A buffer overflow vulnerability in the McAfe...
MySQL MaxDB WebDBM database name buffer overflow
Added: 09/06/2006 CVE: CVE-2006-4305 BID: 19660 OSVDB: 28300 Background MaxDB is a SAP-certified open-source database developed by MySQL. Problem A buffer overflow in MaxDB allows remote attackers to execute arbitrary commands by sending a long database name from a WebDBM client. Resolution Upgra...
Mozilla Firefox JavaScript Navigator object vulnerability
Added: 08/14/2006 CVE: CVE-2006-3677 BID: 19192 OSVDB: 27559 Background When used in a web page, Java references properties of the window.navigator object as it starts up in Firefox or SeaMonkey. Problem If a web page replaces the navigator object before starting Java, then the page could cause t...
BrightStor ARCserve Universal Agent buffer overflow
Added: 08/07/2006 CVE: CVE-2005-1018 BID: 13102 OSVDB: 15471 Background The BrightStor ARCserve Backup family of products includes a Universal Agent which listens for connections on port 6050/TCP. Problem A buffer overflow in the Universal Agent allows remote attackers to execute arbitrary comman...
ViRobot Server web interface addschup buffer overflow
Added: 07/28/2006 CVE: CVE-2005-2041 BID: 13964 OSVDB: 17320 Background ViRobot Linux Server includes a web-based control interface. Problem A buffer overflow in the addschup CGI program included in the ViRobot Linux Server allows remote attackers to write arbitrary commands into the root crontab...
Windows RRAS memory corruption vulnerability
Added: 06/30/2006 CVE: CVE-2006-2370 BID: 18325 OSVDB: 26437 Background The Routing and Remote Access Service RRAS allows a Windows computer to act as a router, dial-up access server, VPN server, or network address translator. Problem A buffer overflow in RRAS allows remote attackers to execute...
Symantec real-time scan service buffer overflow
Added: 06/13/2006 CVE: CVE-2006-2630 BID: 18107 OSVDB: 25846 Background Various Symantec products include a real-time virus scan service. Problem A buffer overflow in the real-time virus scan service allows remote attackers to execute arbitrary commands. Resolution Apply patch SYM06-010. Referenc...
Internet Explorer Javaprxy.dll heap overflow
Added: 06/05/2006 CVE: CVE-2005-2087 BID: 14087 OSVDB: 17680 Background Windows operating systems use the Component Object Model COM to allow various program components to be run within different applications. One such object, the JView Profiler Javaprxy.dll, is a debugger interface for Microsoft...
SHOUTcast filename format string vulnerability
Added: 05/17/2006 CVE: CVE-2004-1373 BID: 12096 OSVDB: 12585 Background SHOUTcast is a streaming audio server based on Winamp. Problem A format string vulnerability in SHOUTcast allows remote attackers to execute commands by requesting a MP3 filename containing format string characters such as %n...
Windows compressed folders buffer overflow
Added: 05/15/2006 CVE: CVE-2004-0575 BID: 11382 OSVDB: 10695 Background Microsoft Windows XP and Windows Server 2003 include the ability to natively handle ZIP files. Problem A buffer overflow when handling compressed folders allows command execution when a specially crafted ZIP file is opened by...
Outlook Express NNTP LIST buffer overflow
Added: 05/04/2006 CVE: CVE-2005-1213 BID: 13951 OSVDB: 17306 Background Outlook Express is a free e-mail client which is included in Windows operating systems. Problem A buffer overflow in Outlook Express allows command execution when processing responses from NNTP servers to LIST commands...
Novell GroupWise Messenger Accept-Language buffer overflow
Added: 04/20/2006 CVE: CVE-2006-0992 BID: 17503 OSVDB: 24617 Background Novell GroupWise includes the Messaging Agent which offers an HTTP service on port 8300/TCP. Problem A buffer overflow in the Messaging Agent allows remote attackers to execute commands by sending a long, specially crafted...
Novell GroupWise Messenger Accept-Language buffer overflow
Added: 04/20/2006 CVE: CVE-2006-0992 BID: 17503 OSVDB: 24617 Background Novell GroupWise includes the Messaging Agent which offers an HTTP service on port 8300/TCP. Problem A buffer overflow in the Messaging Agent allows remote attackers to execute commands by sending a long, specially crafted...
TWiki Search.pm shell command injection
Added: 04/06/2006 CVE: CVE-2004-1037 BID: 11674 OSVDB: 11714 Background TWiki is a web-based collaboration platform written in PERL. Problem The Search.pm module does not sufficiently check search strings for illegal characters, allowing remote attackers to execute commands using search strings...
Internet Explorer isComponentInstalled buffer overflow
Added: 03/16/2006 CVE: CVE-2006-1016 BID: 16870 OSVDB: 31647 Background The isComponentInstalled method allows scripts to determine which components are installed. Problem Internet Explorer is affected by a buffer overflow in the isComponentInstalled method which can lead to remote command...
WS_FTP MKD command buffer overflow
Added: 03/10/2006 CVE: CVE-2004-1135 BID: 11772 OSVDB: 12509 Background WSFTP Server is an FTP server for Windows platforms. Problem A buffer overflow vulnerability in the MKD command could allow an attacker to execute commands on the server. If the anonymous FTP account is enabled, the attacker...
Safari archive metadata command execution
Added: 02/24/2006 CVE: CVE-2006-0848 BID: 16736 OSVDB: 23366 Background The Safari web browser supports explicit binding, which allows a file to override the default application for its file type. Safe files are files such as pictures, movies, and archives which are opened automatically when...
Windows NetDDE buffer overflow
Added: 02/24/2006 CVE: CVE-2004-0206 BID: 11372 OSVDB: 10689 Background Network Dynamic Data Exchange NetDDE is a Windows service which allows two applications to communicate with each other over a network. Problem A buffer overflow in the NetDDE service could allow a remote, anonymous attacker t...
FrontPage fp30reg.dll remote debug buffer overflow
Added: 01/30/2006 CVE: CVE-2003-0822 BID: 9007 OSVDB: 2952 Background Microsoft FrontPage Server Extensions includes a remote debugging function. Problem A buffer overflow in fp30reg.dll leads to a vulnerability in the remote debug function in FrontPage Server Extensions. A remote attacker could...
MailEnable IMAP command buffer overflow
Added: 01/24/2006 CVE: CVE-2004-2501 BID: 11755 OSVDB: 12135 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. MailEnable Professional and MailEnable Enterprise also include IMAP and HTTPMail services. Problem A buffer overflow in the IMAP service allows an...
MySQL MaxDB WebTools special character buffer overflow
Added: 12/22/2005 CVE: CVE-2005-0684 BID: 13368 OSVDB: 15816 Background MaxDB is a SAP-certified open-source database developed by MySQL. The WebTools component offers a set of database tools which are accessible from a web browser. The wahttp program listens on port 9999 and processes HTTP...
Windows password weakness
Added: 12/19/2005 CVE: CVE-1999-0503 Background Passwords are the most commonly used method of authenticating users to a server. The combination of a login name and password is used to verify the identity of a user requesting access, and to determine what parts of the server the user has permissi...
JRun mod_jrun WriteToLog buffer overflow
Added: 12/10/2005 CVE: CVE-2004-0646 BID: 11245 OSVDB: 10546 Background Macromedia JRun is a J2EE application server. modjrun is an Apache module which enables the use of JRun applications through an Apache web server. Problem A buffer overflow vulnerability in modjrun and modjrun20 allows a remo...
MailEnable IMAP W3C Logging Buffer Overflow
Added: 12/03/2005 CVE: CVE-2005-3155 BID: 15006 OSVDB: 19842 Background MailEnable is a mail server for Windows platforms. The standard edition supports the SMTP and POP3 protocols. MailEnable Professional and MailEnable Enterprise also support IMAP and HTTPMail. Problem MailEnable's IMAP service...
VERITAS NetBackup Java Administration Console format string vulnerability
Added: 11/30/2005 CVE: CVE-2005-2715 BID: 15079 OSVDB: 19949 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The bpjava-msvc component of the Java Administration Console in Veritas NetBackup 4.5 through 6.0 is affected by a format string vulnerabilit...
Oracle Enterprise Manager Agent buffer overflow
Added: 11/30/2005 CVE: CVE-2005-3460 BID: 15146 OSVDB: 20664 Background Oracle Application Server 10g includes the emagent.exe program which listens for connections on port 1830/TCP by default. Problem A buffer overflow vulnerability in emagent.exe could allow a remote attacker to execute arbitra...
Apache Struts forced OGNL evaluation
Added: 02/03/2021 Background Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller MVC architecture. Struts uses Object-Graph Navigation Language OGNL to...
Webmin password_change.cgi backdoor
Added: 08/26/2019 Background Webmin is a web-based interface for system administration of Unix systems. The Webmin web server listens by default on port 10000/tcp. Problem A backdoor in Webmin allows a remote attacker to execute arbitrary commands by sending a POST request for passwordchange.cgi...
SAPIDO RB-1732 command injection
Added: 06/28/2019 Background SAPIDO RB-1732 is a wireless router. Problem A vulnerability in the web interface allows remote attackers to execute arbitrary commands by sending a specially crafted request to the formSysCmd resource. Resolution Apply a firmware update which fixes this vulnerability...
McAfee VirusScan Enterprise for Linux authentication token brute force
Added: 12/23/2016 CVE: CVE-2016-8023 BID: 94823 Background McAfee VirusScan Enterprise for Linux is real-time, anti-malware software for Linux. Problem McAfee VirusScan Enterprise for Linux allows remote attackers to execute arbitrary commands by exploiting multiple vulnerabilities, including the...
Apache Continuum saveInstallation.action command execution
Added: 06/15/2016 Background Apache Continuum is a continuous integration server for Java projects. Problem A remote attacker could execute arbitrary commands by sending a POST request to saveInstallation.action with a specially crafted installation.varValue parameter. Resolution Upgrade to a...