Lucene search
K
SaintMost viewed

4305 matches found

Saint
Saint
•added 2010/01/20 12:0 a.m.•29 views

Internet Explorer Eventparam use-after-free vulnerability

Added: 01/20/2010 CVE: CVE-2010-0249 BID: 37815 OSVDB: 61697 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A vulnerability in the Eventparam function can cause Internet Explorer's HTML engine to access memory that has already be...

9.3CVSS8.7AI score0.91885EPSS
Exploits16
Saint
Saint
•added 2010/01/08 12:0 a.m.•29 views

HP OpenView Application Recovery Manager MSG_PROTOCOL buffer overflow

Added: 01/08/2010 CVE: CVE-2009-3844 BID: 37250 OSVDB: 60852 Background HP OpenView Application Recovery Manager is a backup solution for business application data. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...

10CVSS7.7AI score0.74063EPSS
Exploits10
Saint
Saint
•added 2009/12/07 12:0 a.m.•29 views

VideoLAN VLC Media Player MP4_BoxDumpStructure Buffer Overflow

Added: 12/07/2009 BID: 36439 OSVDB: 58217 Background VLC media player is a media player supporting various audio and video formats for multiple platforms. Problem A buffer overflow vulnerability exists in VideoLAN VLC media player due to an error when an overly deep box structure in ".mp4" files....

0.9AI score
Exploits0
Saint
Saint
•added 2009/11/13 12:0 a.m.•29 views

InterSystems Cache HTTP Stack Buffer Overflow

Added: 11/13/2009 Background InterSystems Cache is a high-performance object database that also enables rapid Web application development. Problem Intersystems Cache is vulnerable to a HTTP stack buffer overflow as a result of a specially crafted parameter to the UtilConfigHome.csp page. Resoluti...

2.2AI score
Exploits0
Saint
Saint
•added 2009/11/06 12:0 a.m.•29 views

Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow

Added: 11/06/2009 CVE: CVE-2009-3031 BID: 36698 OSVDB: 59597 Background Symantec Altiris Deployment Solution provides tools to deploy software on desktops and servers. Problem A stack buffer overflow vulnerability in the AeXNSConsoleUtilities.dll ActiveX control allows remote attackers to execute...

9.3CVSS7.7AI score0.45435EPSS
Exploits16
Saint
Saint
•added 2009/10/16 12:0 a.m.•29 views

IBM Installation Manager iim URI Handling Code Execution

Added: 10/16/2009 CVE: CVE-2009-3518 BID: 36549 OSVDB: 58420 Background IBM Installation Manager IIM is a software tool that helps to install, update, modify, and uninstall packages. Problem When IIM is installed it registers the application IBMIM.exe as the iim:// scheme handler, so when an iim:...

9.3CVSS6.7AI score0.05477EPSS
Exploits5
Saint
Saint
•added 2009/08/24 12:0 a.m.•29 views

Microsoft Office Web Components OWC.Spreadsheet BorderAround vulnerability

Added: 08/24/2009 CVE: CVE-2009-2496 BID: 35991 OSVDB: 56915 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A heap corruption vulnerability in the OWC10.Spreadsheet ActiveX control allows command execution when a user opens a web...

9.3CVSS6.6AI score0.29462EPSS
Exploits4
Saint
Saint
•added 2009/08/24 12:0 a.m.•29 views

Visual Studio Active Template Library object type mismatch vulnerability

Added: 08/24/2009 CVE: CVE-2009-2494 BID: 35982 OSVDB: 56910 Background Microsoft Visual Studio is a product to assist with software development in the Windows operating system. Visual Studio uses Microsoft Active Template Library ATL, which is a set of template-based C++ classes, to help simplif...

10CVSS6.3AI score0.42329EPSS
Exploits6
Saint
Saint
•added 2009/07/13 12:0 a.m.•29 views

Motorola Timbuktu PlughNTCommand named pipe string buffer overflow

Added: 07/13/2009 CVE: CVE-2009-1394 BID: 35496 OSVDB: 55436 Background Motorola Timbuktu is remote control software for Windows and Mac. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted character string to the...

9.3CVSS7.7AI score0.33281EPSS
Exploits8
Saint
Saint
•added 2009/04/20 12:0 a.m.•29 views

Microsoft PowerPoint invalid object reference vulnerability

Added: 04/20/2009 CVE: CVE-2009-0556 BID: 34351 OSVDB: 53182 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability in Microsoft PowerPoint allows command execution when an invalid object is referenced...

9.3CVSS6.5AI score0.67539EPSS
Exploits5
Saint
Saint
•added 2009/04/17 12:0 a.m.•29 views

Microsoft WordPad Word 97 text converter XST buffer overflow

Added: 04/17/2009 CVE: CVE-2008-4841 BID: 32718 OSVDB: 50567 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability allows command execution when WordPad is used to open a Word 97...

9.3CVSS6.7AI score0.4303EPSS
Exploits6
Saint
Saint
•added 2009/04/17 12:0 a.m.•29 views

Microsoft WordPad Word 97 text converter XST buffer overflow

Added: 04/17/2009 CVE: CVE-2008-4841 BID: 32718 OSVDB: 50567 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability allows command execution when WordPad is used to open a Word 97...

9.3CVSS6.7AI score0.4303EPSS
Exploits6
Saint
Saint
•added 2009/03/29 12:0 a.m.•29 views

SAP GUI SAPBExCommonResources ActiveX Command Execution

Added: 03/29/2009 Background The SAP GUI is the GUI client in SAP's 3-tier architecture of database, application server and client. The SAP GUI family is available for Windows, Java, and HTML/Internet Transaction Server ITS environment. SAP GUI for Windows registers the...

0.2AI score
Exploits0
Saint
Saint
•added 2009/03/23 12:0 a.m.•29 views

HP OpenView Network Node Manager OpenView5.exe buffer overflow

Added: 03/23/2009 CVE: CVE-2008-0067 BID: 33147 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in the OpenView5.exe CGI program allows remote attackers to execute arbitrary commands. Resolution Apply...

10CVSS7.5AI score0.63419EPSS
Exploits19
Saint
Saint
•added 2009/03/04 12:0 a.m.•29 views

Orbit Downloader Connecting log message buffer overflow

Added: 03/04/2009 CVE: CVE-2009-0187 BID: 33894 OSVDB: 52294 Background Orbit Downloader is a download manager supporting various protocols. Problem A buffer overflow vulnerability when constructing "Connecting" log messages allows command execution when a user loads an HTTP URL with a long,...

9.3CVSS6.8AI score0.39984EPSS
Exploits8
Saint
Saint
•added 2009/01/20 12:0 a.m.•29 views

Oracle Secure Backup login.php rbtool command injection

Added: 01/20/2009 CVE: CVE-2008-5448 BID: 33177 OSVDB: 51342 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command injection vulnerability in the Oracle Secure Backup web interface allows a remote attacker to execute arbitrary...

10CVSS7.3AI score0.3857EPSS
Exploits9
Saint
Saint
•added 2008/11/10 12:0 a.m.•29 views

Adobe PageMaker key strings buffer overflow

Added: 11/10/2008 CVE: CVE-2007-6432 BID: 31999 OSVDB: 50055 Background Adobe PageMaker is page layout software. Problem A buffer overflow vulnerability in AldFs32.dll allows command execution when a user opens a specially crafted PMD file. Resolution See the solution referenced in APSA08-10...

9.3CVSS6.7AI score0.08402EPSS
Exploits4
Saint
Saint
•added 2008/10/17 12:0 a.m.•29 views

Openwsman HTTP Basic Authentication buffer overflow

Added: 10/17/2008 CVE: CVE-2008-2234 BID: 30694 OSVDB: 47534 Background Openwsman is an open-source implementation of the Web Services Management specification. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted HTTP Basic...

7.5CVSS8AI score0.04318EPSS
Exploits5
Saint
Saint
•added 2008/09/24 12:0 a.m.•29 views

Find e-mail addresses

Added: 09/24/2008 Background E-mail addresses in a given domain can often be found using publicly available information such as Internet search engines, network registrars, and public key servers. This tool attempts to provide a list of e-mail addresses using these resources. Limitations Many...

2.3AI score
Exploits0
Saint
Saint
•added 2008/09/12 12:0 a.m.•29 views

TFTP Server error packet buffer overflow

Added: 09/12/2008 CVE: CVE-2008-2161 BID: 29111 OSVDB: 44904 Background TFTP Server is an open source server implementation of the tftp protocol for multiple platforms. Problem A buffer overflow vulnerability in the handling of error packets allows remote attackers to execute arbitrary commands...

10CVSS10AI score0.65284EPSS
Exploits6
Saint
Saint
•added 2008/09/03 12:0 a.m.•29 views

Microsoft Visual Studio MaskedEdit ActiveX buffer overflow

Added: 09/03/2008 CVE: CVE-2008-3704 BID: 30674 OSVDB: 47475 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem A buffer overflow in the MaskedEdit ActiveX control allows command execution when a user loads a web page which...

9.3CVSS6.8AI score0.55917EPSS
Exploits9
Saint
Saint
•added 2008/08/22 12:0 a.m.•29 views

WebEx Meeting Manager atucfobj.dll ActiveX buffer overflow

Added: 08/22/2008 CVE: CVE-2008-3558 BID: 30578 OSVDB: 47344 Background The WebEx Meeting Manager is automatically installed when a user starts or joins a meeting. Problem A buffer overflow vulnerability in the atucfobj.dll ActiveX control allows command execution when a user loads a web page whi...

9.3CVSS6.8AI score0.65391EPSS
Exploits8
Saint
Saint
•added 2008/06/16 12:0 a.m.•29 views

HP StorageWorks Storage Mirroring DoubleTake.exe encoded authentication overflow

Added: 06/16/2008 CVE: CVE-2008-1661 OSVDB: 45924 Background HP StorageWorks is a virtualized storage solution for mid-sized customers. Problem A buffer overflow vulnerability in the DoubleTake.exe process allows remote attackers to execute arbitrary commands by sending a long, specially crafted...

10CVSS7.9AI score0.68962EPSS
Exploits9
Saint
Saint
•added 2008/05/19 12:0 a.m.•29 views

Facebook PhotoUploader ActiveX control ExtractIptc buffer overflow

Added: 05/19/2008 CVE: CVE-2008-0660 BID: 27576 OSVDB: 41073 Background Facebook PhotoUploader is an ActiveX control which allows uploading of photos to the Facebook web site. It uses the Aurigma ImageUploader product. Problem A buffer overflow vulnerability in Facebook PhotoUploader allows comma...

9.3CVSS6.9AI score0.37762EPSS
Exploits5
Saint
Saint
•added 2008/05/09 12:0 a.m.•29 views

Informix Dynamic Server sqlexec password argument buffer overflow

Added: 05/09/2008 CVE: CVE-2008-0727 BID: 28198 OSVDB: 42701 Background Informix Dynamic Server is a database solution from IBM. The oninit.exe process listens for connections on port 1526/TCP. Problem The oninit.exe process does not sufficiently check the length of command-line arguments passed ...

8.5CVSS7AI score0.05248EPSS
Exploits5
Saint
Saint
•added 2008/03/18 12:0 a.m.•29 views

RealNetworks Helix Server RTSP Proxy-Require heap overflow

Added: 03/18/2008 CVE: CVE-2008-5911 BID: 33059 Background RealNetworks Helix Server is a media server supporting multiple formats and platforms. Problem A heap overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted Proxy-Require header i...

10CVSS7.6AI score0.06185EPSS
Exploits4
Saint
Saint
•added 2008/01/11 12:0 a.m.•29 views

BrightStor ARCserve Backup LGServer rxsUseLicenseIni buffer overflow

Added: 01/11/2008 CVE: CVE-2007-3216 BID: 24348 OSVDB: 35329 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem A buffer overflow vulnerability in the rxsUseLicenseIni function allow...

10CVSS7.7AI score0.59193EPSS
Exploits14
Saint
Saint
•added 2007/12/12 12:0 a.m.•29 views

Microsoft Message Queuing queue name buffer overflow

Added: 12/12/2007 CVE: CVE-2007-3039 BID: 26797 OSVDB: 39123 Background Microsoft Message Queuing allows applications which may be running at different times to communicate across a network. Problem A buffer overflow vulnerability in the Microsoft Message Queuing service allows remote attackers t...

9CVSS7.5AI score0.69055EPSS
Exploits13
Saint
Saint
•added 2007/11/21 12:0 a.m.•29 views

Lotus Notes TagAttributeListCopy buffer overflow

Added: 11/21/2007 CVE: CVE-2007-4222 BID: 26200 OSVDB: 40949 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the TagAttributeListCopy function in nnotes.dll could allow command execution when a user receives a specially crafted e-mail message and forwar...

9.3CVSS6.9AI score0.04093EPSS
Exploits5
Saint
Saint
•added 2007/11/21 12:0 a.m.•29 views

Lotus Notes TagAttributeListCopy buffer overflow

Added: 11/21/2007 CVE: CVE-2007-4222 BID: 26200 OSVDB: 40949 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the TagAttributeListCopy function in nnotes.dll could allow command execution when a user receives a specially crafted e-mail message and forwar...

9.3CVSS6.9AI score0.04093EPSS
Exploits5
Saint
Saint
•added 2007/11/19 12:0 a.m.•29 views

Adobe PageMaker MAIPM6.DLL font name buffer overflow

Added: 11/19/2007 CVE: CVE-2007-5169 BID: 25989 OSVDB: 38067 Background Adobe PageMaker is page layout software. Problem A buffer overflow vulnerability in MAIPM6.DLL allows command execution when a user opens a .PMD file containing specially crafted font names. Resolution Apply the update...

9.3CVSS6.7AI score0.10175EPSS
Exploits4
Saint
Saint
•added 2007/10/05 12:0 a.m.•29 views

Mercury Mail SMTP AUTH CRAM-MD5 buffer overflow

Added: 10/05/2007 CVE: CVE-2007-4440 BID: 25357 OSVDB: 39669 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem A buffer overflow vulnerability in the SMTP service allows remote attackers to execute arbitrary commands by sending a specially craft...

7.5CVSS7.9AI score0.64513EPSS
Exploits8
Saint
Saint
•added 2007/10/05 12:0 a.m.•29 views

Mercury Mail SMTP AUTH CRAM-MD5 buffer overflow

Added: 10/05/2007 CVE: CVE-2007-4440 BID: 25357 OSVDB: 39669 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem A buffer overflow vulnerability in the SMTP service allows remote attackers to execute arbitrary commands by sending a specially craft...

7.5CVSS7.8AI score0.64513EPSS
Exploits8
Saint
Saint
•added 2007/09/21 12:0 a.m.•29 views

Trend Micro ServerProtect SpntSvc RPC buffer overflow

Added: 09/21/2007 CVE: CVE-2007-4218 BID: 25395 OSVDB: 39753 Background ServerProtect is a virus scanner for servers. The Trend Micro ServerProtect service SpntSvc.exe handles RPC requests on port 5168/TCP. Problem Buffer overflow vulnerabilities in the Trend Micro ServerProtect service allow...

10CVSS7.7AI score0.13021EPSS
Exploits12
Saint
Saint
•added 2007/08/28 12:0 a.m.•29 views

Snort Back Orifice Pre-Processor buffer overflow

Added: 08/28/2007 CVE: CVE-2005-3252 BID: 15131 OSVDB: 20034 Background Back Orifice is a remote system administration program for Windows. It is commonly installed by attackers or Trojan Horse programs for use as a backdoor. Snort is an open-source intrusion detection system. It includes a Back...

7.5CVSS7.8AI score0.83621EPSS
Exploits12
Saint
Saint
•added 2007/07/09 12:0 a.m.•29 views

Trend Micro ServerProtect SpntSvc.exe CreateBinding buffer overflow

Added: 07/09/2007 CVE: CVE-2007-2508 BID: 23868 OSVDB: 35790 Background Trend Micro ServerProtect is a virus scanner for servers. It includes the SpntSvc.exe daemon which listens for connections on port 5168/TCP. Problem A buffer overflow vulnerability in the CAgRpcClient::CreateBinding function ...

10CVSS7.7AI score0.77194EPSS
Exploits18
Saint
Saint
•added 2007/06/12 12:0 a.m.•29 views

Windows Telephony API buffer overflow

Added: 06/12/2007 CVE: CVE-2005-0058 BID: 14518 OSVDB: 18606 Background The Windows Telephony API TAPI provides telecommunications support for Windows applications. Problem A buffer overflow in the Windows Telephony API allows local attackers to execute commands with administrative privileges...

7.5CVSS7AI score0.50047EPSS
Exploits5
Saint
Saint
•added 2007/05/11 12:0 a.m.•29 views

McAfee ePolicy Orchestrator SiteManager ExportSiteList buffer overflow

Added: 05/11/2007 CVE: CVE-2007-1498 BID: 22952 OSVDB: 33796 Background ePolicy Orchestrator is a centralized security configuration and monitoring application. It includes the SiteManager ActiveX control which is implemented by sitemanager.dll. Problem A buffer overflow vulnerability in the...

9.3CVSS6.9AI score0.07729EPSS
Exploits8
Saint
Saint
•added 2007/04/16 12:0 a.m.•29 views

Windows DNS server RPC management interface buffer overflow

Added: 04/16/2007 CVE: CVE-2007-1748 BID: 23470 OSVDB: 34100 Background The Windows DNS service runs an RPC management interface which listens on a dynamically assigned TCP port. Problem A buffer overflow vulnerability in the Windows DNS service allows remote attackers to execute arbitrary comman...

10CVSS9.8AI score0.79128EPSS
Exploits17
Saint
Saint
•added 2007/03/27 12:0 a.m.•29 views

MERCUR imapd SUBSCRIBE command buffer overflow

Added: 03/27/2007 CVE: CVE-2007-1579 BID: 23050 OSVDB: 33546 Background MERCUR Messaging Server is an e-mail server supporting the SMTP, POP3, and IMAP protocols for Windows platforms. Problem A buffer overflow vulnerability allows remote, authenticated attackers to execute arbitrary commands by...

10CVSS7.5AI score0.56209EPSS
Exploits5
Saint
Saint
•added 2006/12/01 12:0 a.m.•29 views

MailEnable IMAP SELECT buffer overflow

Added: 12/01/2006 CVE: CVE-2006-6290 BID: 21362 OSVDB: 31698 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. MailEnable Professional and MailEnable Enterprise also include IMAP and HTTPMail services. Problem A buffer overflow vulnerability in the IMAP servic...

6.5CVSS7.5AI score0.03171EPSS
Exploits4
Saint
Saint
•added 2006/10/06 12:0 a.m.•29 views

Microsoft Message Queuing buffer overflow

Added: 10/06/2006 CVE: CVE-2005-0059 BID: 13112 OSVDB: 15458 Background Microsoft Message Queuing allows applications which may be running at different times to communicate across a network. Problem A buffer overflow in Microsoft Message Queuing allows remote attackers to execute arbitrary...

10CVSS7.5AI score0.76803EPSS
Exploits10
Saint
Saint
•added 2006/09/06 12:0 a.m.•29 views

MySQL MaxDB WebDBM database name buffer overflow

Added: 09/06/2006 CVE: CVE-2006-4305 BID: 19660 OSVDB: 28300 Background MaxDB is a SAP-certified open-source database developed by MySQL. Problem A buffer overflow in MaxDB allows remote attackers to execute arbitrary commands by sending a long database name from a WebDBM client. Resolution Upgra...

10CVSS7.8AI score0.70468EPSS
Exploits7
Saint
Saint
•added 2006/08/07 12:0 a.m.•29 views

BrightStor ARCserve Universal Agent buffer overflow

Added: 08/07/2006 CVE: CVE-2005-1018 BID: 13102 OSVDB: 15471 Background The BrightStor ARCserve Backup family of products includes a Universal Agent which listens for connections on port 6050/TCP. Problem A buffer overflow in the Universal Agent allows remote attackers to execute arbitrary comman...

7.5CVSS7.8AI score0.58983EPSS
Exploits7
Saint
Saint
•added 2006/07/10 12:0 a.m.•29 views

MERCUR Messaging IMAP LOGIN command buffer overflow

Added: 07/10/2006 CVE: CVE-2006-1255 BID: 17138 OSVDB: 23950 Background MERCUR Messaging 2005 is an e-mail server supporting the SMTP, POP3, and IMAP protocols for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service when processing the LOGIN command allows remote...

10CVSS7.7AI score0.68147EPSS
Exploits12
Saint
Saint
•added 2006/06/26 12:0 a.m.•29 views

MailEnable HTTPMail Authorization header buffer overflow

Added: 06/26/2006 CVE: CVE-2005-1348 BID: 13350 OSVDB: 15737 Background MailEnable is a mail server for Windows platforms. The standard edition supports the SMTP and POP3 protocols. MailEnable Professional and MailEnable Enterprise also support IMAP and HTTPMail. Problem MailEnable's HTTPMail...

7.5CVSS7.7AI score0.72622EPSS
Exploits6
Saint
Saint
•added 2006/06/16 12:0 a.m.•29 views

Windows Media Player PNG buffer overflow

Added: 06/16/2006 CVE: CVE-2006-0025 BID: 18385 OSVDB: 26430 Background Windows Media Player is an audio and video media player for Windows platforms. Problem A buffer overflow in Windows Media Player allows command execution when a user opens a specially crafted PNG image file. Resolution Apply...

9.3CVSS6.8AI score0.48723EPSS
Exploits5
Saint
Saint
•added 2006/03/24 12:0 a.m.•29 views

Microsoft Jet Database Engine buffer overflow

Added: 03/24/2006 CVE: CVE-2005-0944 BID: 12960 OSVDB: 15187 Background The Microsoft Jet Database Engine provides data access functionality for a number of applications. Problem An input validation vulnerability in the Microsoft Jet Database Engine could lead to command execution when a user ope...

7.5CVSS6.3AI score0.34021EPSS
Exploits4
Saint
Saint
•added 2006/03/15 12:0 a.m.•29 views

IMail IMAP FETCH command buffer overflow

Added: 03/15/2006 CVE: CVE-2005-3526 BID: 17063 OSVDB: 23796 Background IMail is a mail server for Windows including SMTP, IMAP, and LDAP services. Problem A buffer overflow vulnerability in IMail allows remote authenticated attackers to execute arbitrary commands by sending a specially crafted...

6.5CVSS7.7AI score0.07246EPSS
Exploits4
Saint
Saint
•added 2006/03/15 12:0 a.m.•29 views

IMail IMAP FETCH command buffer overflow

Added: 03/15/2006 CVE: CVE-2005-3526 BID: 17063 OSVDB: 23796 Background IMail is a mail server for Windows including SMTP, IMAP, and LDAP services. Problem A buffer overflow vulnerability in IMail allows remote authenticated attackers to execute arbitrary commands by sending a specially crafted...

6.5CVSS7.7AI score0.07246EPSS
Exploits4
Total number of security vulnerabilities4305