Lucene search
K
SaintMost viewed

4305 matches found

Saint
Saint
added 2009/01/30 12:0 a.m.28 views

Microsoft Office OCX ActiveX controls OpenWebFile program execution

Added: 01/30/2009 BID: 33243 Background Microsoft Office OCX is a suite of ActiveX document containers to create, open, edit, and print Microsoft Office files. Problem A vulnerability in multiple Office OCX ActiveX controls allows a web page to execute remote programs using the OpenWebFile method...

7.5AI score
Exploits0
Saint
Saint
added 2009/01/20 12:0 a.m.28 views

Oracle Secure Backup login.php rbtool command injection

Added: 01/20/2009 CVE: CVE-2008-5448 BID: 33177 OSVDB: 51342 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command injection vulnerability in the Oracle Secure Backup web interface allows a remote attacker to execute arbitrary...

10CVSS7.3AI score0.3857EPSS
Exploits9
Saint
Saint
added 2009/01/14 12:0 a.m.28 views

HP OpenView Network Node Manager getcvdata.exe parameter string buffer overflow

Added: 01/14/2009 CVE: CVE-2008-0067 BID: 33147 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending an HTTP request for the getcvdata.exe C...

10CVSS7.8AI score0.63419EPSS
Exploits19
Saint
Saint
added 2009/01/13 12:0 a.m.28 views

Opera file URI buffer overflow

Added: 01/13/2009 CVE: CVE-2008-5178 BID: 32323 OSVDB: 49882 Background Opera is a web browser which is available for multiple platforms. Problem A buffer overflow vulnerability allows command execution when a user opens a long, specially crafted file:// URI. Resolution Upgrade to Opera 9.63 or...

9.3CVSS6.8AI score0.31509EPSS
Exploits6
Saint
Saint
added 2009/01/09 12:0 a.m.28 views

HP OpenView Network Node Manager Toolbar.exe CGI buffer overflow

Added: 01/09/2009 CVE: CVE-2008-0067 BID: 33147 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by requesting the Toolbar.exe CGI program with a...

10CVSS7.7AI score0.63419EPSS
Exploits19
Saint
Saint
added 2008/12/19 12:0 a.m.28 views

Visual FoxPro vfp6r.dll ActiveX Control DoCmd command execution

Added: 12/19/2008 CVE: CVE-2008-0236 BID: 27205 OSVDB: 40380 Background Visual FoxPro is a tool for developing database applications. Problem The vfp6r.dll ActiveX control allows command execution when a user opens a web page which uses the DoCmd method. Resolution Set the kill bit for class ID...

5.8CVSS6.5AI score0.17384EPSS
Exploits5
Saint
Saint
added 2008/12/18 12:0 a.m.28 views

Microsoft Excel TXO and OBJ record parsing memory corruption

Added: 12/18/2008 CVE: CVE-2008-4265 BID: 32618 OSVDB: 50556 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A memory corruption vulnerability allows command execution when a user opens an Excel...

9.3CVSS6.5AI score0.2465EPSS
Exploits5
Saint
Saint
added 2008/12/04 12:0 a.m.28 views

VLC media player TY file parse_master buffer overflow

Added: 12/04/2008 CVE: CVE-2008-4654 BID: 31813 OSVDB: 49181 Background VLC media player is a media player supporting various audio and video formats for multiple platforms. Problem A buffer overflow vulnerability in the parsemaster function in the Ty demux plugin allows command execution when a...

9.3CVSS6.8AI score0.57547EPSS
Exploits8
Saint
Saint
added 2008/11/28 12:0 a.m.28 views

GoodTech SSH Server SFTP buffer overflow

Added: 11/28/2008 CVE: CVE-2008-4726 BID: 31879 OSVDB: 49249 Background GoodTech SSH Server is an SSH Server providing secure remote console, secure file transfer, and secure port forwarding capabilities for Windows platforms. Problem Buffer overflow vulnerabilities in GoodTech SSH Server allow...

9CVSS7.6AI score0.44252EPSS
Exploits6
Saint
Saint
added 2008/11/21 12:0 a.m.28 views

LPViewer ActiveX Control url property buffer overflow

Added: 11/21/2008 CVE: CVE-2008-4384 BID: 31604 OSVDB: 48946 Background The LPViewer ActiveX Control installs with the iseemedia ZOOM control viewer and allows viewing of images created with iseemedia software. Problem A buffer overflow vulnerability allows command execution when a user opens a w...

9.3CVSS6.7AI score0.28706EPSS
Exploits8
Saint
Saint
added 2008/10/30 12:0 a.m.28 views

Cyrus IMAP pop3d popsubfolders buffer overflow

Added: 10/30/2008 CVE: CVE-2006-2502 BID: 18056 OSVDB: 25853 Background Cyrus IMAP is an open-source IMAP, POP3, and KPOP server. The popsubfolders configuration option allows POP3 users to access subfolders by specifying the subfolder name when logging in. Problem When the popsubfolders...

5.1CVSS7.9AI score0.53333EPSS
Exploits12
Saint
Saint
added 2008/10/07 12:0 a.m.28 views

Read Address Book

Added: 10/07/2008 Background This tool attempts to gather e-mail addresses from Outlook and Outlook Express address book files .WAB, .PAB on the target. Limitations A connection to the target is required to run this tool. Recent versions of Microsoft Outlook no longer store address books locally ...

0.9AI score
Exploits0
Saint
Saint
added 2008/09/09 12:0 a.m.28 views

Windows Media Encoder 9 wmex.dll ActiveX buffer overflow

Added: 09/09/2008 CVE: CVE-2008-3008 BID: 31065 OSVDB: 47962 Background Windows Media Encoder is a tool for content producers to capture and compress audio and video content. Windows Media Encoder 9 installs the wmex.dll ActiveX control. Problem A buffer overflow vulnerability in the wmex.dll...

9.3CVSS6.8AI score0.54553EPSS
Exploits9
Saint
Saint
added 2008/09/03 12:0 a.m.28 views

Microsoft Visual Studio MaskedEdit ActiveX buffer overflow

Added: 09/03/2008 CVE: CVE-2008-3704 BID: 30674 OSVDB: 47475 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem A buffer overflow in the MaskedEdit ActiveX control allows command execution when a user loads a web page which...

9.3CVSS6.8AI score0.55917EPSS
Exploits9
Saint
Saint
added 2008/08/13 12:0 a.m.28 views

CoolPlayer m3u playlist processing filename buffer overflow

Added: 08/13/2008 CVE: CVE-2008-3408 BID: 30418 OSVDB: 47194 Background CoolPlayer is a free audio player for Windows platforms. Problem A buffer overflow vulnerability in CoolPlayer allows command execution when a user opens an m3u playlist file containing a specially crafted filename. Resolutio...

6.8CVSS6.9AI score0.09665EPSS
Exploits5
Saint
Saint
added 2008/08/01 12:0 a.m.28 views

RealPlayer rjbdll.dll ActiveX Control file import buffer overflow

Added: 08/01/2008 CVE: CVE-2008-3066 BID: 30379 OSVDB: 48286 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem A buffer overflow vulnerability in an ActiveX control in rjbdll.dll allows command...

9.3CVSS6.8AI score0.09721EPSS
Exploits5
Saint
Saint
added 2008/07/18 12:0 a.m.28 views

Alt-N SecurityGateway username buffer overflow

Added: 07/18/2008 CVE: CVE-2008-4193 BID: 29457 OSVDB: 45854 Background Alt-N SecurityGateway is an e-mail spam firewall for Exchange and SMTP servers. Problem A buffer overflow vulnerability in the web administration interface allows remote attackers to execute arbitrary commands by sending an...

10CVSS7.8AI score0.74612EPSS
Exploits8
Saint
Saint
added 2008/07/07 12:0 a.m.28 views

Novell GroupWise Messenger HTTP response handling buffer overflow

Added: 07/07/2008 CVE: CVE-2008-2703 BID: 29602 OSVDB: 46041 Background GroupWise Messenger is an instant messaging client for Novell GroupWise. Problem Novell GroupWise is affected by a buffer overflow vulnerability which could allow command execution when the client program processes specially...

10CVSS6.9AI score0.61121EPSS
Exploits7
Saint
Saint
added 2008/06/06 12:0 a.m.28 views

Lotus Notes Applix Graphics viewer BEGIN tag buffer overflow

Added: 06/06/2008 CVE: CVE-2007-5405 BID: 28454 OSVDB: 44194 Background Lotus Notes is the client for Lotus Domino servers. Lotus Notes uses the Autonomy KeyView library to display Applix Graphics .ag attachments. Problem A buffer overflow vulnerability when parsing the initial BEGIN tag in an...

9.3CVSS6.8AI score0.05741EPSS
Exploits4
Saint
Saint
added 2008/05/30 12:0 a.m.28 views

IBM Lotus Sametime Community Services Multiplexer buffer overflow

Added: 05/30/2008 CVE: CVE-2008-2499 BID: 29328 OSVDB: 45610 Background IBM Lotus Sametime is enterprise instant messaging and web conferencing software. Problem A buffer overflow vulnerability in the Community Services Multiplexer allows remote attackers to execute arbitrary commands by requesti...

7.5CVSS7.6AI score0.77466EPSS
Exploits9
Saint
Saint
added 2008/05/30 12:0 a.m.28 views

IBM Lotus Sametime Community Services Multiplexer buffer overflow

Added: 05/30/2008 CVE: CVE-2008-2499 BID: 29328 OSVDB: 45610 Background IBM Lotus Sametime is enterprise instant messaging and web conferencing software. Problem A buffer overflow vulnerability in the Community Services Multiplexer allows remote attackers to execute arbitrary commands by requesti...

7.5CVSS7.6AI score0.77466EPSS
Exploits9
Saint
Saint
added 2008/05/07 12:0 a.m.28 views

CA ARCserve Backup for Laptops and Desktops LGServer service code execution

Added: 05/07/2008 CVE: CVE-2008-1328 BID: 28616 OSVDB: 44320 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem A buffer overflow vulnerability in BrightStor ARCserve Backup for...

9.3CVSS7.7AI score0.23634EPSS
Exploits4
Saint
Saint
added 2008/04/18 12:0 a.m.28 views

HP Openview Network Node Manager Ovalarmsrv buffer overflow

Added: 04/18/2008 CVE: CVE-2008-3544 BID: 28668 OSVDB: 50076 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in the Ovalarmsrv service in Network Node Manager allows remote attackers to execute...

9CVSS7.7AI score0.18043EPSS
Exploits5
Saint
Saint
added 2008/04/07 12:0 a.m.28 views

Cisco Secure ACS UCP CSuserCGI.exe buffer overflow

Added: 04/07/2008 CVE: CVE-2008-0532 BID: 28222 OSVDB: 42961 Background Cisco Secure Access Control Server ACS is a centralized user access control framework which can be used with routers, switches, firewalls, VPNs, and other devices. User Changeable Passwords UCP, a utility implemented by Cisco...

10CVSS7.7AI score0.57136EPSS
Exploits7
Saint
Saint
added 2008/02/19 12:0 a.m.28 views

Microsoft Works File Converter field length buffer overflow

Added: 02/19/2008 CVE: CVE-2008-0108 BID: 27659 OSVDB: 41459 Background The Microsoft Works File Converter allows Microsoft Office to open Microsoft Works files. Problem A buffer overflow vulnerability in the Microsoft Works File Converter allows arbitrary command execution when a user opens a .w...

9.3CVSS6.8AI score0.52632EPSS
Exploits5
Saint
Saint
added 2008/02/15 12:0 a.m.28 views

BrightStor ARCserve Backup LGServer directory traversal

Added: 02/15/2008 CVE: CVE-2007-5005 BID: 24348 OSVDB: 41350 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem A directory traversal vulnerability in rxRPC.dll in the...

10CVSS6.9AI score0.0524EPSS
Exploits5
Saint
Saint
added 2008/02/14 12:0 a.m.28 views

ASPX Shell

Added: 02/14/2008 Background This exploit does not exploit a vulnerability, but instead creates an aspx page. The page, if placed on an IIS server, establishes a shell connection when requested. Problem N/A Resolution N/A References N/A Limitations The user needs the ability to upload the resulti...

7.2AI score
Exploits0
Saint
Saint
added 2008/02/14 12:0 a.m.28 views

ASPX Shell

Added: 02/14/2008 Background This exploit does not exploit a vulnerability, but instead creates an aspx page. The page, if placed on an IIS server, establishes a shell connection when requested. Problem N/A Resolution N/A References N/A Limitations The user needs the ability to upload the resulti...

1.1AI score
Exploits0
Saint
Saint
added 2008/02/11 12:0 a.m.28 views

Firebird username buffer overflow

Added: 02/11/2008 CVE: CVE-2008-0467 BID: 27467 OSVDB: 40924 Background Firebird is a freely available relational database which is available for multiple platforms. Problem A buffer overflow vulnerability in Firebird allows remote, unauthenticated attackers to execute arbitrary commands by sendi...

10CVSS7.7AI score0.06438EPSS
Exploits4
Saint
Saint
added 2008/01/30 12:0 a.m.28 views

Lotus Notes MIF attachment viewer buffer overflow

Added: 01/30/2008 CVE: CVE-2007-5909 BID: 26175 OSVDB: 40791 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the KeyView Viewer included in Lotus Notes allows command execution when a user views a specially crafted Frame Maker Interchange File MIF...

9.3CVSS6.9AI score0.20906EPSS
Exploits5
Saint
Saint
added 2008/01/11 12:0 a.m.28 views

BrightStor ARCserve Backup LGServer rxsUseLicenseIni buffer overflow

Added: 01/11/2008 CVE: CVE-2007-3216 BID: 24348 OSVDB: 35329 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem A buffer overflow vulnerability in the rxsUseLicenseIni function allow...

10CVSS7.7AI score0.59193EPSS
Exploits14
Saint
Saint
added 2007/12/31 12:0 a.m.28 views

Lotus Domino Web Access ActiveX control dwa7w.dll buffer overflow

Added: 12/31/2007 CVE: CVE-2007-4474 BID: 26972 OSVDB: 40954 Background Lotus Domino Web Access provides capabilities similar to those of the Lotus Notes client, delivered through a web browser. Problem A buffer overflow vulnerability in the Lotus Domino Web Access ActiveX control in the dwa7w.dl...

9.3CVSS6.8AI score0.44184EPSS
Exploits25
Saint
Saint
added 2007/11/30 12:0 a.m.28 views

Microsoft Color Management Module profile tag buffer overflow

Added: 11/30/2007 CVE: CVE-2005-1219 BID: 14214 OSVDB: 17830 Background The Microsoft Color Management Module helps programs achieve consistent display of colors. International Color Consortium ICC profiles are used to ensure that colors are represented accurately to users. Problem A buffer...

7.5CVSS6.8AI score0.49922EPSS
Exploits4
Saint
Saint
added 2007/11/19 12:0 a.m.28 views

QuickTime PICT image UncompressedQuickTimeData buffer overflow

Added: 11/19/2007 CVE: CVE-2007-4672 BID: 26344 OSVDB: 38547 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow vulnerability in QuickTime allows command execution when a user opens a specially crafted PICT image containing an invalid...

7.6CVSS6.8AI score0.08053EPSS
Exploits4
Saint
Saint
added 2007/11/02 12:0 a.m.28 views

Lotus Domino IMAP mailbox name buffer overflow

Added: 11/02/2007 CVE: CVE-2007-3510 BID: 26176 OSVDB: 40953 Background IBM Lotus Domino is a messaging and collaboration solution for multiple platforms. Problem A buffer overflow vulnerability in Lotus Domino could allow a remote, authenticated attacker to execute arbitrary commands by sending ...

9CVSS7.7AI score0.05033EPSS
Exploits5
Saint
Saint
added 2007/11/01 12:0 a.m.28 views

BrightStor ARCserve Backup LGServer rxrLogin buffer overflow

Added: 11/01/2007 CVE: CVE-2007-5003 BID: 24348 OSVDB: 41353 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem A buffer overflow vulnerability in the rxrLogin function allows remote...

10CVSS7.8AI score0.67204EPSS
Exploits8
Saint
Saint
added 2007/10/26 12:0 a.m.28 views

Tivoli Storage Manager CAD Host header buffer overflow

Added: 10/26/2007 CVE: CVE-2007-4880 BID: 25743 OSVDB: 38161 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon CAD on port 1581/TCP. Problem A buffer overflow vulnerability in Tivoli Storage...

10CVSS7.7AI score0.75945EPSS
Exploits9
Saint
Saint
added 2007/10/26 12:0 a.m.28 views

Tivoli Storage Manager CAD Host header buffer overflow

Added: 10/26/2007 CVE: CVE-2007-4880 BID: 25743 OSVDB: 38161 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon CAD on port 1581/TCP. Problem A buffer overflow vulnerability in Tivoli Storage...

10CVSS7.7AI score0.75945EPSS
Exploits9
Saint
Saint
added 2007/08/16 12:0 a.m.28 views

HP OpenView Operations OVTrace buffer overflow

Added: 08/16/2007 CVE: CVE-2007-3872 BID: 25255 OSVDB: 39527 Background HP OpenView Operations is event management and performance monitoring software. Problem A buffer overflow vulnerability in HP OpenView Operations allows remote attackers to execute arbitrary commands by sending a specially...

6.8CVSS7.7AI score0.30276EPSS
Exploits7
Saint
Saint
added 2007/07/19 12:0 a.m.28 views

Computer Associates Alert Notification Server buffer overflow

Added: 07/19/2007 CVE: CVE-2007-3825 BID: 24947 OSVDB: 36096 Background The Alert Notification Server is included with multiple Computer Associates products to provide notifications to console users. Problem The Alert Notification Server is affected by buffer overflow vulnerabilities in multiple...

9.3CVSS7.8AI score0.1409EPSS
Exploits5
Saint
Saint
added 2007/07/13 12:0 a.m.28 views

RSA Authentication Agent for Web for IIS chunked encoding overflow

Added: 07/13/2007 CVE: CVE-2005-1471 BID: 13524 OSVDB: 16164 Background RSA Authentication Agent For Web for IIS provides access control for applications on IIS web servers. Problem A heap overflow vulnerability when using chunked transfer-encoding allows remote attackers to execute arbitrary...

7.5CVSS7.9AI score0.02634EPSS
Exploits4
Saint
Saint
added 2007/07/09 12:0 a.m.28 views

Snort DCE/RPC preprocessor buffer overflow

Added: 07/09/2007 CVE: CVE-2006-5276 BID: 22616 OSVDB: 32094 Background Snort is an open-source intrusion detection system. It includes a DCE/RPC preprocessor, which reassembles DCE/RPC traffic before it is passed to the intrusion detection engine. Problem A buffer overflow vulnerability in the...

10CVSS7.7AI score0.79319EPSS
Exploits15
Saint
Saint
added 2007/07/09 12:0 a.m.28 views

Snort DCE/RPC preprocessor buffer overflow

Added: 07/09/2007 CVE: CVE-2006-5276 BID: 22616 OSVDB: 32094 Background Snort is an open-source intrusion detection system. It includes a DCE/RPC preprocessor, which reassembles DCE/RPC traffic before it is passed to the intrusion detection engine. Problem A buffer overflow vulnerability in the...

10CVSS7.7AI score0.79319EPSS
Exploits15
Saint
Saint
added 2007/06/29 12:0 a.m.28 views

RealPlayer SMIL file wallclock buffer overflow

Added: 06/29/2007 CVE: CVE-2007-3410 BID: 24658 OSVDB: 37374 Background RealPlayer includes support for Synchronized Multimedia Integration Language SMIL files. Problem A buffer overflow vulnerability in the wallclock function could allow command execution upon opening a specially crafted SMIL...

9.3CVSS6.8AI score0.36069EPSS
Exploits6
Saint
Saint
added 2007/06/27 12:0 a.m.28 views

Linux kernel ptrace privilege elevation vulnerability

Added: 06/27/2007 CVE: CVE-2003-0127 BID: 7112 OSVDB: 4565 Background ptrace is a Linux system call which enables a parent process to observe and control another process. Problem Due to a failure by the kernel to restrict trace permissions, a local attacker could gain root privileges by attaching...

7.2CVSS6AI score0.01584EPSS
Exploits5
Saint
Saint
added 2007/06/18 12:0 a.m.28 views

Trend Micro ServerProtect CMON_ActiveUpdate buffer overflow

Added: 06/18/2007 CVE: CVE-2007-1070 BID: 22639 OSVDB: 33042 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the CMONActiveUpdate and CMONActiveRollback functions allows remote attackers to execute arbitrary commands by sending a...

10CVSS7.7AI score0.73767EPSS
Exploits27
Saint
Saint
added 2007/06/07 12:0 a.m.28 views

CA Antivirus engine CAB handling buffer overflow

Added: 06/07/2007 CVE: CVE-2007-2864 BID: 24330 OSVDB: 35245 Background The CA Antivirus engine is included in multiple CA products. Problem A buffer overflow vulnerability in the CA Antivirus engine allows command execution when a CAB file containing a specially crafted "coffFiles" field is...

9.3CVSS6.8AI score0.49647EPSS
Exploits7
Saint
Saint
added 2007/05/11 12:0 a.m.28 views

McAfee ePolicy Orchestrator SiteManager ExportSiteList buffer overflow

Added: 05/11/2007 CVE: CVE-2007-1498 BID: 22952 OSVDB: 33796 Background ePolicy Orchestrator is a centralized security configuration and monitoring application. It includes the SiteManager ActiveX control which is implemented by sitemanager.dll. Problem A buffer overflow vulnerability in the...

9.3CVSS6.9AI score0.07729EPSS
Exploits8
Saint
Saint
added 2007/05/10 12:0 a.m.28 views

ACDSee XPM file handling buffer overflow

Added: 05/10/2007 CVE: CVE-2007-2193 BID: 23620 OSVDB: 35236 Background ACDSee is a suite of products for viewing and organizing photos. Problem A buffer overflow vulnerability in the IDX.apl plug-in allows command execution when a user opens a specially crafted XPM file. Resolution Apply a fix...

9.3CVSS6.9AI score0.3657EPSS
Exploits7
Saint
Saint
added 2007/04/23 12:0 a.m.28 views

Lotus Domino IMAP CRAM-MD5 authentication buffer overflow

Added: 04/23/2007 CVE: CVE-2007-1675 BID: 23172 OSVDB: 34091 Background IBM Lotus Domino is a messaging and collaboration solution for multiple platforms. Problem A buffer overflow vulnerability in the CRAM-MD5 authentication function in the Lotus Domino IMAP service allows remote attackers to...

10CVSS7.9AI score0.6122EPSS
Exploits5
Total number of security vulnerabilities4305