eSignal WinSig.exe long StyleTemplate buffer overflow

Added: 11/21/2011 CVE: CVE-2011-3494 BID: 49600 OSVDB: 75456 Background eSignal is a tool which provides real-time financial and market information. Problem WinSig.exe in eSignal 10.6.2425 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code v...

ACD Systems Fotoslate PLP File ID Parameter Buffer Overflow

Added: 10/24/2011 CVE: CVE-2011-2595 BID: 49558 OSVDB: 75425 Background ACD Systems FotoSlate 4 Photo Print Studio allows users to create contact sheets or wallet sized prints, choose themed frames, and create custom calendars. Problem Fotoslate 4.0 Build 146 is vulnerable to remote code executio...

Microsoft Forefront Unified Access Gateway Java Applet Signed Code Execution

Added: 10/17/2011 CVE: CVE-2011-1969 BID: 49983 OSVDB: 76236 Background Microsoft Forefront Unified Access Gateway UAG is a reverse proxy and VPN solution. Problem End users of UAG must install a signed Java applet via MicrosoftClient.jar. This applet loads unsigned Java classes, which may allow ...

NetSupport Client Handshake Hostname Overflow

Added: 10/11/2011 CVE: CVE-2011-0404 BID: 45728 OSVDB: 70408 Background NetSupport Manager is a remote desktop support solution. Problem The NetSupport client/server communication is carried out over a proprietary communications protocol. This protocol begins with a handshake between the client a...

Wireshark DECT Dissector PCAP File Processing Overflow

Added: 10/11/2011 CVE: CVE-2011-1591 BID: 47392 OSVDB: 71848 Background Wireshark is a network packet analyzer. Problem A buffer overflow vulnerability in the DECT dissector epan/dissectors/packet-dect.c allows command execution via a specially crafted .pcap file. Resolution Upgrade to Wireshark...

Sunway ForceControl SNMP NetDBServer Signed Integer Buffer Overflow

Added: 09/29/2011 BID: 49747 OSVDB: 75798 Background Sunway ForceControl is a Chinese SCADA/HMI software application widely used in China to help run weapons systems, utilities and chemical plants. It is also used to a lesser extent in other countries, including the US. SNMP NetDBServer is one of...

Java RMI Services Default Configuration Remote Loading

Added: 07/29/2011 Background The Java Remote Method Invocation RMI system allows an object running in one Java virtual machine to invoke methods on an object running in another Java virtual machine. RMI provides for remote communication between programs written in the Java programming language...

Java RMI Services Default Configuration Remote Loading

Added: 07/29/2011 Background The Java Remote Method Invocation RMI system allows an object running in one Java virtual machine to invoke methods on an object running in another Java virtual machine. RMI provides for remote communication between programs written in the Java programming language...

Citrix Provisioning Services OpCode 40020010 Stack Overflow

Added: 07/08/2011 BID: 45914 OSVDB: 70597 Background Citrix Provisioning Services dynamically provisions virtual servers to simplify and streamline server management, while reducing software rollout risk. Problem Citrix Provisioning Service 5.6 and prior are vulnerable to a remotely exploitable...

Quest Big Brother Remote File Overwrite

Added: 06/14/2011 BID: 47805 OSVDB: 72347 Background Quest Big Brother is server monitoring package. Problem The 'bbntd.exe' service of the Big Brother server version 4.40 and prior does not properly sanitize user requests and may allow an attacker to upload files using a directory traversal...

HP OpenView Storage Data Protector Backup Client Service GET_FILE Message Processing Overflow

Added: 05/09/2011 CVE: CVE-2011-1729 BID: 47638 OSVDB: 72188 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem A remote code execution vulnerability exists in HP Data Protector Backup Client Service due to a buffer overflow in...

RealFlex RealWin FC_SCRIPT_FCS_STARTPROG Buffer Overflow

Added: 04/11/2011 CVE: CVE-2011-1563 BID: 46937 Background RealWin is a Supervisory Control and Data Acquisition SCADA server which is distributed by DATAC. Problem A buffer overflow vulnerability in RealWin Server allows remote attackers to execute arbitrary commands by sending a long, specially...

Cisco Secure Desktop CSDWebInstaller code exec

Added: 03/23/2011 CVE: CVE-2011-0926 BID: 46536 OSVDB: 63809 Background Cisco Secure Desktop is an endpoint security management product that consists of several components, such as Prelogin Assessment/Policies, Host Scan, Cache Cleaner, Secure Desktop Vault, etc. Problem Cisco Secure Desktop...

EnterpriseDB PostgreSQL Plus Advanced Server DBA Management Server Authentication Bypass

Added: 03/21/2011 BID: 46662 Background Postgres Plus Advanced Server is an enterprise database solution. It includes several productivity tools, such as Migration Studio, Postgres Studio, DBA Management Server, and DBA Monitoring Console. Problem An authentication bypass vulnerability exists in...

Microsoft Remote Desktop Connection Insecure Library Injection

Added: 03/14/2011 CVE: CVE-2011-0029 BID: 46678 OSVDB: 71014 Background The Windows Remote Desktop allows desktop access to one Windows computer from another Windows computer. Problem A library loading vulnerability in the Remote Desktop Client allows arbitrary command execution when a user opens...

Symantec Alert Management System Intel Alert Handler modem string buffer overflow

Added: 02/23/2011 CVE: CVE-2010-0110 BID: 45936 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. It includes an Intel Alert Handler service hndlrsvc.exe. This service handles messages forwarded to it by the Alert Originator Manager, which listens on po...

Microsoft Windows Fax Cover Page Editor Double Free Memory Corruption Vulnerability

Added: 02/14/2011 CVE: CVE-2010-4701 BID: 45942 Background The Microsoft Windows Fax Service allows a Windows system to act as a fax server. One of the tools within the Windows Fax Service suite is the Fax Cover Page Editor fxscover.exe, which allows users to create their own customized cover...

WebEx WRF Player buffer overflow

Added: 02/10/2011 CVE: CVE-2010-3269 BID: 46075 Background The WebEx Recording Format WRF is used to save recordings of WebEx meetings to a file. The WebEx WRF Player allows users to play a WRF file. Problem A buffer overflow vulnerability in the WebEx WRF Player allows command execution when a...

HP OpenView Network Node Manager nnmRptConfig.exe schd_select1 Remote Code Execution

Added: 01/24/2011 CVE: CVE-2011-0269 BID: 45762 OSVDB: 70473 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability allows remote attackers to execute arbitrary commands by requesting the...

HP OpenView Network Node Manager nnmRptConfig.exe nameParams text1 Buffer Overflow

Added: 01/20/2011 CVE: CVE-2011-0268 BID: 45762 OSVDB: 70473 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability allows remote attackers to execute arbitrary commands by requesting the...

Windows Thumbnail View CreateSizedDIBSECTION buffer overflow

Added: 01/14/2011 CVE: CVE-2010-3970 BID: 45662 OSVDB: 70263 Background The shimgvw.dll library is part of the Microsoft Graphics Rendering Engine. Problem A vulnerability in shimgvw.dll allows command execution when Windows renders a thumbnail image which passes a specially crafted biClrUsed...

Microsoft Office FlashPix Image Converter Dictionary property buffer overflow

Added: 12/14/2010 CVE: CVE-2010-3951 BID: 45278 OSVDB: 69808 Background Microsoft Office is a package that provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. The suite ships with a set of image processing helper libraries...

Oracle Secure Backup Administration selector parameter command injection

Added: 11/19/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 67128 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command injection vulnerability allows remote, authenticated attackers to execute arbitrary commands specified in the...

Oracle Secure Backup Administration property_box.php Other Variable Command Injection

Added: 09/29/2010 CVE: CVE-2010-0899 BID: 41616 OSVDB: 66333 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command injection vulnerability in the Oracle Secure Backup web interface allows remote attackers to execute arbitrary...

Apple QuickTime QTPlugin.ocx _Marshaled_pUnk Code Execution

Added: 09/20/2010 CVE: CVE-2010-1818 BID: 42841 OSVDB: 67705 Background Apple QuickTime is a media player for Windows and Mac OS platforms. Problem An input validation error in Apple QuickTime 7.6.7 and earlier versions allows remote attackers to execute arbitrary code by enticing the user to ope...

ARP Spoof

Added: 08/23/2010 Background The Address Resolution Protocol ARP is used to resolve IP addresses into the hardware addresses which are used for delivering packets on a local network. Problem It is possible to send a computer a forged ARP reply, which is then stored in that computer's cache. This...

Novell iManager EnteredClassName buffer overflow

Added: 07/12/2010 CVE: CVE-2010-1929 BID: 40480 OSVDB: 65737 Background Novell iManager is a web-based management interface for other Novell products. Problem A buffer overflow vulnerability in jclient.dll allows remote attackers to execute arbitrary commands by sending a specially crafted...

HP OpenView Network Node Manager snmpviewer.exe CGI Stack Buffer Overflow

Added: 07/01/2010 CVE: CVE-2010-1552 BID: 40068 OSVDB: 64975 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability in HP Openview NNM allows remote attackers to execute arbitrary commands by sending...

HP OpenView Network Node Manager snmpviewer.exe CGI Stack Buffer Overflow

Added: 07/01/2010 CVE: CVE-2010-1552 BID: 40068 OSVDB: 64975 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability in HP Openview NNM allows remote attackers to execute arbitrary commands by sending...

TweakFS Zip Utility for FSX filename buffer overflow

Added: 06/24/2010 CVE: CVE-2010-1458 BID: 39565 OSVDB: 63899 Background The TweakFS Zip Utility is included in the TweakFS Flight Simulator X Utilities. Problem A buffer overflow vulnerability in the TweakFS Zip Utility allows command execution when a user opens a ZIP archive containing a long,...

HP OpenView Network Node Manager getnnmdata.exe CGI MaxAge buffer overflow

Added: 05/21/2010 CVE: CVE-2010-1553 BID: 40070 OSVDB: 64976 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in Network Node Manager allows remote attackers to execute arbitrary commands by sending a...

Internet Explorer iepeers.dll use-after-free vulnerability

Added: 04/02/2010 CVE: CVE-2010-0806 BID: 38615 OSVDB: 62810 Background The iepeers.dll component of Internet Explorer provides support for Web Folders and printing. Problem A vulnerability in iepeers.dll allows a specially crafted web page to cause a pointer to be used after it has been freed,...

Eureka Email POP3 Error Stack Buffer Overflow

Added: 02/16/2010 CVE: CVE-2009-3837 OSVDB: 59262 Background Eureka Email is an e-mail client with built-in junk e-mail filtering. Problem A malicious POP3 mail server can send a long error message to the Eureka Email client, causing a stack buffer overflow. Resolution Upgrade when a fix becomes...

Novell iPrint Client ienipp.ocx persistence parameter parsing buffer overflow

Added: 01/28/2010 CVE: CVE-2009-1569 BID: 37242 OSVDB: 60804 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem A buffer overflow in ienipp.ocx allows command...

HP Power Manager formExportDataLogs buffer overflow

Added: 01/22/2010 CVE: CVE-2009-3999 BID: 37867 OSVDB: 61848 Background HP Power Manager is a web-based application that enables administrators to manage an HP UPS from a browser-based management console. Problem A buffer overflow vulnerability HP Power Manager allows remote attackers to execute...

Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow

Added: 11/06/2009 CVE: CVE-2009-3031 BID: 36698 OSVDB: 59597 Background Symantec Altiris Deployment Solution provides tools to deploy software on desktops and servers. Problem A stack buffer overflow vulnerability in the AeXNSConsoleUtilities.dll ActiveX control allows remote attackers to execute...

Symantec Multiple Products AeXNSConsoleUtilities Buffer Overflow

Added: 11/06/2009 CVE: CVE-2009-3031 BID: 36698 OSVDB: 59597 Background Symantec Altiris Deployment Solution provides tools to deploy software on desktops and servers. Problem A stack buffer overflow vulnerability in the AeXNSConsoleUtilities.dll ActiveX control allows remote attackers to execute...

EMC Captiva QuickScan Pro KeyHelp ActiveX Control JumpURL buffer overflow

Added: 10/02/2009 BID: 36546 OSVDB: 58423 Background EMC Captiva QuickScan Pro is a document capture solution. It includes KeyHelp, a free ActiveX control used for enhancing HTML help systems. Problem A buffer overflow vulnerability in the KeyHelp ActiveX Control allows command execution when a...

Symantec Altiris eXpress NS SC Download ActiveX control vulnerability

Added: 09/22/2009 BID: 36346 OSVDB: 57893 Background The Altiris eXpress NS SC Download ActiveX control is installed with several products, including Altiris Deployment Solution. Problem The Altiris eXpress NS SC Download ActiveX control allows remote files to be downloaded, saved to arbitrary...

Motorola Timbuktu PlughNTCommand named pipe string buffer overflow

Added: 07/13/2009 CVE: CVE-2009-1394 BID: 35496 OSVDB: 55436 Background Motorola Timbuktu is remote control software for Windows and Mac. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted character string to the...

Tivoli Storage Manager Client dsmagent.exe NodeName buffer overflow

Added: 05/11/2009 CVE: CVE-2008-4828 BID: 34803 OSVDB: 54232 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon CAD on ports 1581/TCP and 1582/TCP. The Client Acceptor Daemon, upon receiving a...

Microsoft PowerPoint invalid object reference vulnerability

Added: 04/20/2009 CVE: CVE-2009-0556 BID: 34351 OSVDB: 53182 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability in Microsoft PowerPoint allows command execution when an invalid object is referenced...

Microsoft WordPad Word 97 text converter XST buffer overflow

Added: 04/17/2009 CVE: CVE-2008-4841 BID: 32718 OSVDB: 50567 Background The Microsoft WordPad Word 97 text converter allows Windows users who do not have Microsoft Word to open Word 97 files. Problem A buffer overflow vulnerability allows command execution when WordPad is used to open a Word 97...

Symantec AppStream Client LaunchObj ActiveX Control installAppMgr vulnerability

Added: 03/31/2009 CVE: CVE-2008-4388 BID: 33247 OSVDB: 51410 Background Symantec AppStream is an application deployment framework. Problem The LaunchObj ActiveX control exposes the installAppMgr method, which can be used to download and execute arbitrary code. This could allow command execution...

HP OpenView Network Node Manager OvOSLocale cookie buffer overflow

Added: 03/26/2009 CVE: CVE-2009-0920 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted OvOSLocale cookie in an...

Oracle 9i Release 2 XDB FTP Pass Overflow

Added: 02/25/2009 CVE: CVE-2003-0727 BID: 8375 OSVDB: 2449 Background Oracle 9i release 2 includes the XDB FTP service which by default listens on port 2100. Problem A buffer overflow vulnerability in the parsing of credentials passed to the server allows remote attackers to execute arbitrary...

UltraVNC ClientConnection integer overflow

Added: 02/20/2009 CVE: CVE-2009-0388 BID: 33568 Background UltraVNC is free software for remote desktop access. Problem Multiple integer overflow vulnerabilities in the ClientConnection class allow command execution when a user connects to a VNC server which sends a message with a large length...

Free Download Manager torrent file parsing buffer overflow

Added: 02/17/2009 CVE: CVE-2009-0184 BID: 33555 Background Free Download Manager is a download accelerator and manager for Windows systems. Problem A buffer overflow vulnerability allows command execution when a user opens a torrent file containing a long file name. Resolution Upgrade to version...

Free Download Manager torrent file parsing buffer overflow

Added: 02/17/2009 CVE: CVE-2009-0184 BID: 33555 Background Free Download Manager is a download accelerator and manager for Windows systems. Problem A buffer overflow vulnerability allows command execution when a user opens a torrent file containing a long file name. Resolution Upgrade to version...

Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH buffer overflow

Added: 01/28/2009 CVE: CVE-2008-5444 BID: 33177 OSVDB: 51340 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A buffer overflow vulnerability in Oracle Secure Backup when handling the NDMP protocol allows remote attackers to execute...