Oracle Secure Backup login.php rbtool command injection

Added: 01/20/2009 CVE: CVE-2008-5448 BID: 33177 OSVDB: 51342 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command injection vulnerability in the Oracle Secure Backup web interface allows a remote attacker to execute arbitrary...

Microsoft Works WkImgSrv.dll ActiveX Control WksPictureInterface vulnerability

Added: 01/08/2009 CVE: CVE-2008-1898 BID: 28820 OSVDB: 44458 Background Microsoft Works is a suite of productivity tools for home users. Problem The WkImgSrv.dll ActiveX control included in Microsoft Works allows command execution when a user loads a web page which instantiates the control with a...

CA ARCserve Backup for Laptops and Desktops LGServer password integer overflow

Added: 11/28/2008 CVE: CVE-2007-5004 BID: 24348 OSVDB: 41352 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem An integer overflow vulnerability allows remote attackers to execute...

Microsoft Visual Studio MaskedEdit ActiveX buffer overflow

Added: 09/03/2008 CVE: CVE-2008-3704 BID: 30674 OSVDB: 47475 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem A buffer overflow in the MaskedEdit ActiveX control allows command execution when a user loads a web page which...

Internet Explorer print preview argument validation vulnerability

Added: 08/13/2008 CVE: CVE-2008-2259 BID: 30612 OSVDB: 47414 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A flaw in the handling of validation of arguments by the print preview function in Internet Explorer allows command...

RealPlayer rjbdll.dll ActiveX Control file import buffer overflow

Added: 08/01/2008 CVE: CVE-2008-3066 BID: 30379 OSVDB: 48286 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem A buffer overflow vulnerability in an ActiveX control in rjbdll.dll allows command...

RealPlayer rjbdll.dll ActiveX Control file import buffer overflow

Added: 08/01/2008 CVE: CVE-2008-3066 BID: 30379 OSVDB: 48286 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem A buffer overflow vulnerability in an ActiveX control in rjbdll.dll allows command...

Novell GroupWise Messenger HTTP response handling buffer overflow

Added: 07/07/2008 CVE: CVE-2008-2703 BID: 29602 OSVDB: 46041 Background GroupWise Messenger is an instant messaging client for Novell GroupWise. Problem Novell GroupWise is affected by a buffer overflow vulnerability which could allow command execution when the client program processes specially...

Novell iPrint Client ienipp.ocx ActiveX control buffer overflow

Added: 06/25/2008 CVE: CVE-2008-2908 BID: 29736 OSVDB: 46194 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem Multiple buffer overflow vulnerabilities in the...

OpenOffice OLE importer DocumentSummaryInformation buffer overflow

Added: 06/20/2008 CVE: CVE-2008-0320 BID: 28819 OSVDB: 44472 Background OpenOffice is a free productivity suite for multiple platforms. OpenOffice includes an importer for Microsoft's Object Linking and Embedding OLE framework. Problem A buffer overflow vulnerability in the OLE importer allows...

IBM Lotus Sametime Community Services Multiplexer buffer overflow

Added: 05/30/2008 CVE: CVE-2008-2499 BID: 29328 OSVDB: 45610 Background IBM Lotus Sametime is enterprise instant messaging and web conferencing software. Problem A buffer overflow vulnerability in the Community Services Multiplexer allows remote attackers to execute arbitrary commands by requesti...

CA ARCserve Backup for Laptops and Desktops LGServer service code execution

Added: 05/07/2008 CVE: CVE-2008-1328 BID: 28616 OSVDB: 44320 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem A buffer overflow vulnerability in BrightStor ARCserve Backup for...

HP Openview Network Node Manager ovwparser.dll buffer overflow

Added: 04/14/2008 CVE: CVE-2008-1697 BID: 28569 OSVDB: 43992 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A vulnerability in ovwparser.dll allows remote attackers to execute arbitrary commands by sending a request for a long,...

rpc.ypupdated command injection vulnerability

Added: 03/28/2008 CVE: CVE-1999-0208 BID: 1749 OSVDB: 11517 Background Network Information Service NIS is a distributed database that allows you to maintain consistent configuration files throughout your network. rpc.ypupdated is an NIS service which is responsible for duplicating information fro...

Symantec Backup Exec for Windows Servers scheduler ActiveX buffer overflow

Added: 03/21/2008 CVE: CVE-2007-6016 BID: 26904 OSVDB: 42358 Background Symantec Backup Exec for Windows Servers is a backup and recovery solution for Windows servers. Problem An ActiveX buffer overflow vulnerability in pvcalendar.ocx in the scheduler component of Symantec Backup Exec for Windows...

Symantec Backup Exec for Windows Servers scheduler ActiveX buffer overflow

Added: 03/21/2008 CVE: CVE-2007-6016 BID: 26904 OSVDB: 42358 Background Symantec Backup Exec for Windows Servers is a backup and recovery solution for Windows servers. Problem An ActiveX buffer overflow vulnerability in pvcalendar.ocx in the scheduler component of Symantec Backup Exec for Windows...

Microsoft Works File Converter index table vulnerability

Added: 02/22/2008 CVE: CVE-2008-0105 BID: 27658 OSVDB: 41458 Background The Microsoft Works File Converter allows Microsoft Office to open Microsoft Works files. Problem A buffer overflow vulnerability in the Microsoft Works File Converter allows arbitrary command execution when a user opens a .w...

ASPX Shell

Added: 02/14/2008 Background This exploit does not exploit a vulnerability, but instead creates an aspx page. The page, if placed on an IIS server, establishes a shell connection when requested. Problem N/A Resolution N/A References N/A Limitations The user needs the ability to upload the resulti...

Lotus Notes MIF attachment viewer buffer overflow

Added: 01/30/2008 CVE: CVE-2007-5909 BID: 26175 OSVDB: 40791 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the KeyView Viewer included in Lotus Notes allows command execution when a user views a specially crafted Frame Maker Interchange File MIF...

Lotus Notes MIF attachment viewer buffer overflow

Added: 01/30/2008 CVE: CVE-2007-5909 BID: 26175 OSVDB: 40791 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the KeyView Viewer included in Lotus Notes allows command execution when a user views a specially crafted Frame Maker Interchange File MIF...

MacroVision InstallShield Update Service DownloadAndExecute buffer overflow

Added: 01/04/2008 CVE: CVE-2007-6654 BID: 27013 OSVDB: 39980 Background MacroVision InstallShield is software for creating installers or software packages. Problem A buffer overflow in the DownloadAndExecute function in the Update Service ActiveX control allows command execution when a user loads...

QuickTime RTSP Content-Type header buffer overflow

Added: 11/30/2007 CVE: CVE-2007-6166 BID: 26549 OSVDB: 40876 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow vulnerability in QuickTime allows command execution when a user opens an RTSP stream containing a specially crafted Content-Type header...

Lotus Notes TagAttributeListCopy buffer overflow

Added: 11/21/2007 CVE: CVE-2007-4222 BID: 26200 OSVDB: 40949 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the TagAttributeListCopy function in nnotes.dll could allow command execution when a user receives a specially crafted e-mail message and forwar...

EMC NetWorker Remote Exec service subcmd buffer overflow

Added: 11/09/2007 CVE: CVE-2007-3618 BID: 25375 OSVDB: 39744 Background EMC NetWorker is a centralized data backup solution. Problem A buffer overflow vulnerability in the Remote Exec service nsrexecd.exe allows remote attackers to execute arbitrary commands by sending a long, invalid subcmd to a...

Lotus Domino IMAP mailbox name buffer overflow

Added: 11/02/2007 CVE: CVE-2007-3510 BID: 26176 OSVDB: 40953 Background IBM Lotus Domino is a messaging and collaboration solution for multiple platforms. Problem A buffer overflow vulnerability in Lotus Domino could allow a remote, authenticated attacker to execute arbitrary commands by sending ...

Windows IE7 URI Handler command execution through Firefox

Added: 10/19/2007 CVE: CVE-2007-3896 BID: 25945 OSVDB: 41090 Background The shell32.dll library provides functions which handle interaction between Internet Explorer and the Windows shell. Problem The version of the shell32.dll library installed with Internet Explorer 7 does not properly validate...

Kodak Image Viewer TIFF image handling vulnerability

Added: 10/15/2007 CVE: CVE-2007-2217 BID: 25909 OSVDB: 37627 Background The Windows Kodak Image Viewer is a utility for rendering various image formats. It is included in Windows 2000, and may also be present on newer versions of Windows if a computer was upgraded from Windows 2000. Problem A...

Microsoft Agent crafted URL vulnerability

Added: 09/11/2007 CVE: CVE-2007-3040 BID: 25566 OSVDB: 36934 Background Microsoft Agent is a component of the Windows operating system designed to make using a computer easier through enriched user interaction. Problem A vulnerability in Microsoft Agent allows command execution when a user loads ...

RSA Authentication Agent for Web for IIS chunked encoding overflow

Added: 07/13/2007 CVE: CVE-2005-1471 BID: 13524 OSVDB: 16164 Background RSA Authentication Agent For Web for IIS provides access control for applications on IIS web servers. Problem A heap overflow vulnerability when using chunked transfer-encoding allows remote attackers to execute arbitrary...

Trend Micro ServerProtect SpntSvc.exe CreateBinding buffer overflow

Added: 07/09/2007 CVE: CVE-2007-2508 BID: 23868 OSVDB: 35790 Background Trend Micro ServerProtect is a virus scanner for servers. It includes the SpntSvc.exe daemon which listens for connections on port 5168/TCP. Problem A buffer overflow vulnerability in the CAgRpcClient::CreateBinding function ...

Yahoo Messenger Webcam Viewer ActiveX control buffer overflow

Added: 06/08/2007 CVE: CVE-2007-3148 BID: 24355 OSVDB: 37081 Background Yahoo! Messenger is an instant messaging application. It includes the Webcam Viewer ActiveX control which is provided by ywcvwr.dll. Problem A buffer overflow vulnerability in the Yahoo! Messenger Webcam Viewer ActiveX contro...

CA Console Server username buffer overflow

Added: 05/25/2007 CVE: CVE-2007-2522 BID: 23906 OSVDB: 34585 Background Multiple CA products include the inoweb Console Server which listens for connections on port 12168/TCP. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, speciall...

Adobe Photoshop PNG file handling buffer overflow

Added: 05/17/2007 CVE: CVE-2007-2365 BID: 23698 OSVDB: 35465 Background Adobe Photoshop is an application for editing digital images. Problem A buffer overflow vulnerability in Adobe Photoshop allows command execution when a user opens a specially crafted PNG image file. Resolution Do not open PN...

Novell GroupWise WebAccess base64_decode buffer overflow

Added: 04/25/2007 CVE: CVE-2007-2171 BID: 23556 OSVDB: 35018 Background Novell GroupWise includes a WebAccess service which allows users to access their e-mail using a web browser. Problem A buffer overflow in the base64decode function allows remote attackers to execute arbitrary commands by...

Novell GroupWise WebAccess base64_decode buffer overflow

Added: 04/25/2007 CVE: CVE-2007-2171 BID: 23556 OSVDB: 35018 Background Novell GroupWise includes a WebAccess service which allows users to access their e-mail using a web browser. Problem A buffer overflow in the base64decode function allows remote attackers to execute arbitrary commands by...

NetMail WebAdmin username buffer overflow

Added: 03/16/2007 CVE: CVE-2007-1350 BID: 22857 OSVDB: 33886 Background Novell NetMail WebAdmin is a web-based administration interface which runs an HTTP server on port 89/TCP. Problem A buffer overflow vulnerability in Novell NetMail WebAdmin allows remote attackers to execute arbitrary command...

SupportSoft tgctlsi.dll ActiveX control buffer overflow

Added: 03/15/2007 CVE: CVE-2006-6490 BID: 22564 OSVDB: 33481 Background SupportSoft ActiveX controls are used by third-party products to provide remote technical support. Problem SupportSoft ActiveX controls are affected by multiple buffer overflow vulnerabilities which can lead to command...

HP Mercury LoadRunner mchan.dll buffer overflow

Added: 02/16/2007 CVE: CVE-2007-0446 BID: 22487 OSVDB: 33132 Background HP Mercury LoadRunner is a load testing solution. Problem A buffer overflow in the mchan.dll library allows remote attackers to execute arbitrary commands by sending a packet with a long serveripname field to port 54345/TCP...

Internet Explorer VML integer overflow

Added: 02/07/2007 CVE: CVE-2007-0024 BID: 21930 OSVDB: 31250 Background Vector Markup Language VML is an XML-based format for vector graphics. Problem An integer overflow vulnerability in vgx.dll when processing VML elements in a web page allows arbitrary command execution. Resolution Apply the...

Microsoft Help Workshop .CNT file buffer overflow

Added: 01/31/2007 CVE: CVE-2007-0352 BID: 22100 OSVDB: 31898 Background Microsoft Help Workshop is a standard component of Microsoft Visual Studio and is also available as a standalone product. Problem A buffer overflow vulnerability in Microsoft Help Workshop allows command execution when a user...

Novell NetMail NMAP STOR command buffer overflow

Added: 01/05/2007 CVE: CVE-2006-6424 BID: 21725 OSVDB: 31363 Background Novell NetMail servers include the Network Messaging Application Protocol NMAP service, which listens on port 689/TCP. Problem A buffer overflow in Novell NetMail allows remote attackers to execute arbitrary commands by sendi...

MailEnable IMAP SELECT buffer overflow

Added: 12/01/2006 CVE: CVE-2006-6290 BID: 21362 OSVDB: 31698 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. MailEnable Professional and MailEnable Enterprise also include IMAP and HTTPMail services. Problem A buffer overflow vulnerability in the IMAP servic...

WinZip FileView ActiveX control unsafe method

Added: 11/27/2006 CVE: CVE-2006-5198 BID: 21060 OSVDB: 30433 Background WinZip includes the FileView ActiveX control which provides a user interface similar to the file view pane in Windows Explorer. Problem The FileView ActiveX control is marked "safe for scripting" and exposes several unsafe...

Serv-U FTP Server MDTM timezone buffer overflow

Added: 10/27/2006 CVE: CVE-2004-0330 BID: 9751 OSVDB: 4073 Background Serv-U FTP Server supports the MDTM command which allows users to modify the time stamp on files. Problem A buffer overflow in Serv-U FTP Server allows remote authenticated attackers to execute arbitrary commands by sending the...

Internet Explorer VML rect fill buffer overflow

Added: 09/20/2006 CVE: CVE-2006-4868 BID: 20096 OSVDB: 28946 Background Vector Markup Language VML is an XML-based format for vector graphics. Problem A buffer overflow in Internet Explorer when processing VML code allows remote command execution using a long fill parameter within a rect tag...

IBM eGatherer ActiveX RunEgatherer buffer overflow

Added: 08/21/2006 CVE: CVE-2006-4221 BID: 19554 OSVDB: 27976 Background The eGatherer ActiveX control is installed with IBM Access Support. Problem A buffer overflow in the eGatherer ActiveX control allows command execution by a web page which sends a long, specially crafted file name to the...

MailEnable HTTPMail Authorization header buffer overflow

Added: 06/26/2006 CVE: CVE-2005-1348 BID: 13350 OSVDB: 15737 Background MailEnable is a mail server for Windows platforms. The standard edition supports the SMTP and POP3 protocols. MailEnable Professional and MailEnable Enterprise also support IMAP and HTTPMail. Problem MailEnable's HTTPMail...

SpamAssassin spamd vpopmail user vulnerability

Added: 06/09/2006 CVE: CVE-2006-2447 BID: 18290 OSVDB: 26177 Background SpamAssassin identifies spam e-mail using a variety of local and network based tests. spamd is a component of SpamAssassin which allows it to run as a network daemon. Problem When the vpopmail -v and paranoid -P options are...

7-Zip ARJ archive handling buffer overflow

Added: 06/09/2006 CVE: CVE-2005-3051 BID: 14925 OSVDB: 19639 Background 7-Zip is a free file archiver for Windows platforms. Problem A buffer overflow vulnerability in 7-Zip could allow code execution when a specially crafted ARJ file is opened. Resolution Upgrade to 7-Zip 4.27 beta or higher...

7-Zip ARJ archive handling buffer overflow

Added: 06/09/2006 CVE: CVE-2005-3051 BID: 14925 OSVDB: 19639 Background 7-Zip is a free file archiver for Windows platforms. Problem A buffer overflow vulnerability in 7-Zip could allow code execution when a specially crafted ARJ file is opened. Resolution Upgrade to 7-Zip 4.27 beta or higher...