Lucene search
K
SaintMost viewed

4305 matches found

Saint
Saint
•added 2012/05/17 12:0 a.m.•27 views

SolarWinds Storage Manager SQL Injection

Added: 05/17/2012 BID: 51639 OSVDB: 81634 Background SolarWinds Storage Manager is agentless heterogeneous monitoring and reporting of the performance and capacity of physical and virtual storage infrastructure. It delivers visibility and insight into how your storage infrastructure maps to your...

0.7AI score
Exploits0
Saint
Saint
•added 2012/03/06 12:0 a.m.•27 views

Sysax SSH Username Remote Code Execution

Added: 03/06/2012 BID: 52190 OSVDB: 79689 Background Sysax Multi Server is a Secure FTP Server and SSH2 Secure Shell Server combined into a single product. It simultaneously supports remote access and file transfer using FTP, FTPS, SFTP, Telnet, and Secure Shell. It also supports web based file...

7.8AI score
Exploits0
Saint
Saint
•added 2012/02/20 12:0 a.m.•27 views

HP OpenView Network Node Manager OVBuildPath Overflow

Added: 02/20/2012 CVE: CVE-2011-3167 BID: 50471 OSVDB: 76775 Background HP OpenView Network Node Manager NNM is a network monitoring solution based on SNMP. Problem User supplied data from the NNM web interface is passed to the OVBuildPath function in ov.dll. This function contains a stack overfl...

10CVSS6.9AI score0.66402EPSS
Exploits8
Saint
Saint
•added 2012/01/12 12:0 a.m.•27 views

Microsoft PowerPoint Floating Point Techno-color Time Bandit vulnerability

Added: 01/12/2012 CVE: CVE-2011-0655 BID: 47252 OSVDB: 71771 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem The vulnerability is caused when PowerPoint reads an invalid record in a specially crafted PowerPoint file. A remote attack...

9.3CVSS6.6AI score0.22593EPSS
Exploits5
Saint
Saint
•added 2012/01/10 12:0 a.m.•27 views

CoCSoft Stream Down Stack Overflow

Added: 01/10/2012 CVE: CVE-2011-5052 BID: 51190 OSVDB: 78043 Background CoCSoft Stream Down is a streaming media download tool. Problem The CoCSoft Stream Down HTTP client implementation in version 6.8 and prior does not properly validate HTTP responses. This vulnerability may allow an attacker t...

6.8CVSS6.3AI score0.30074EPSS
Exploits6
Saint
Saint
•added 2012/01/05 12:0 a.m.•27 views

Blue Coat BCAAA Windows Service Stack Buffer Overflow

Added: 01/05/2012 BID: 47618 OSVDB: 72095 Background Blue Coat Authentication and Authorization Agent BCAAA is installed on a domain server and acts as an intermediary between a Blue Coat ProxySG and the domain. Problem The BCAAA Windows Service is vulnerable to a stack-based buffer overflow...

1AI score
Exploits0
Saint
Saint
•added 2011/12/12 12:0 a.m.•27 views

VanDyke AbsoluteFTP FTP Client LIST Overflow

Added: 12/12/2011 BID: 50614 OSVDB: 77105 Background VanDyke AbsoluteFTP is a popular free FTP client. AbsoluteFTP was replaced by SecureFX in 1998, and support for AbsoluteFTP ended in 2007. Problem The AbsoluteFTP client contains a buffer overflow vulnerability when parsing file and directory...

7.8AI score
Exploits0
Saint
Saint
•added 2011/10/17 12:0 a.m.•27 views

Microsoft Forefront Unified Access Gateway Java Applet Signed Code Execution

Added: 10/17/2011 CVE: CVE-2011-1969 BID: 49983 OSVDB: 76236 Background Microsoft Forefront Unified Access Gateway UAG is a reverse proxy and VPN solution. Problem End users of UAG must install a signed Java applet via MicrosoftClient.jar. This applet loads unsigned Java classes, which may allow ...

9.3CVSS7AI score0.17309EPSS
Exploits4
Saint
Saint
•added 2011/09/26 12:0 a.m.•27 views

Computech Wordlist Builder DIC File Buffer Overflow

Added: 09/26/2011 BID: 47113 Background Computech Wordlist Builder is a simple utility that generates sorted wordlists based on contents of documents. Problem A stack overflow condition exists in Wordlist Builder 1.0 due the use of a fixed-length buffer used to read words from the .DIC file...

0.2AI score
Exploits0
Saint
Saint
•added 2011/09/07 12:0 a.m.•27 views

MPlayer SAMI Subtitle File Overflow

Added: 09/07/2011 BID: 49149 OSVDB: 74604 Background MPlayer is an open source media player with support for many operating systems. Problem MPlayer does not properly validate the contents of Synchronized Accessible Media Interchange SAMI caption files. If a video references a malformed SAMI file...

0.1AI score
Exploits0
Saint
Saint
•added 2011/08/22 12:0 a.m.•27 views

Mozilla Firefox OBJECT mChannel Use-After-Free

Added: 08/22/2011 CVE: CVE-2011-0065 BID: 47659 OSVDB: 72085 Background Firefox is a freely available web browser for multiple platforms including Windows, Linux, and Mac OS. Problem A use-after-free vulnerability allows command execution when a user loads a specially crafted web page that causes...

10CVSS9.7AI score0.73655EPSS
Exploits10
Saint
Saint
•added 2011/08/08 12:0 a.m.•27 views

Oracle Java Runtime Environment Insecure File Loading

Added: 08/08/2011 OSVDB: 74330 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The Java Runtime Environment provides the minimum requirements for executing a Java application; it consists of the Java...

8AI score
Exploits0
Saint
Saint
•added 2011/07/29 12:0 a.m.•27 views

Java RMI Services Default Configuration Remote Loading

Added: 07/29/2011 Background The Java Remote Method Invocation RMI system allows an object running in one Java virtual machine to invoke methods on an object running in another Java virtual machine. RMI provides for remote communication between programs written in the Java programming language...

0.6AI score
Exploits0
Saint
Saint
•added 2011/07/08 12:0 a.m.•27 views

Citrix Provisioning Services OpCode 40020010 Stack Overflow

Added: 07/08/2011 BID: 45914 OSVDB: 70597 Background Citrix Provisioning Services dynamically provisions virtual servers to simplify and streamline server management, while reducing software rollout risk. Problem Citrix Provisioning Service 5.6 and prior are vulnerable to a remotely exploitable...

1.3AI score
Exploits0
Saint
Saint
•added 2011/04/11 12:0 a.m.•27 views

RealFlex RealWin FC_SCRIPT_FCS_STARTPROG Buffer Overflow

Added: 04/11/2011 CVE: CVE-2011-1563 BID: 46937 Background RealWin is a Supervisory Control and Data Acquisition SCADA server which is distributed by DATAC. Problem A buffer overflow vulnerability in RealWin Server allows remote attackers to execute arbitrary commands by sending a long, specially...

10CVSS7.7AI score0.74638EPSS
Exploits15
Saint
Saint
•added 2011/03/23 12:0 a.m.•27 views

Cisco Secure Desktop CSDWebInstaller code exec

Added: 03/23/2011 CVE: CVE-2011-0926 BID: 46536 OSVDB: 63809 Background Cisco Secure Desktop is an endpoint security management product that consists of several components, such as Prelogin Assessment/Policies, Host Scan, Cache Cleaner, Secure Desktop Vault, etc. Problem Cisco Secure Desktop...

9.3CVSS6.3AI score0.06812EPSS
Exploits4
Saint
Saint
•added 2011/03/03 12:0 a.m.•27 views

HP Data Protector Client agent EXEC_SETUP code execution

Added: 03/03/2011 CVE: CVE-2011-0922 BID: 46234 OSVDB: 72525 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem The backup agent provided by the Data Protector Backup Client Service may be instructed to execute a setup file from...

10CVSS6.6AI score0.64219EPSS
Exploits20
Saint
Saint
•added 2010/12/10 12:0 a.m.•27 views

Disk Pulse Server GetServerInfo buffer overflow

Added: 12/10/2010 BID: 43919 Background Disk Pulse is a disk change monitoring solution. Problem A buffer overflow vulnerability in Disk Pulse Server allows remote attackers to execute arbitrary commands by sending a specially crafted GetServerInfo request to port 9120/TCP. Resolution Upgrade to ...

8.7AI score
Exploits0
Saint
Saint
•added 2010/11/24 12:0 a.m.•27 views

Novell iPrint Client ActiveX Control GetDriverSettings buffer overflow

Added: 11/24/2010 CVE: CVE-2010-4321 BID: 44966 OSVDB: 69357 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Client ActiveX control named ienipp.ocx. Problem A buffer overflow vulnerability in the Novell iPrint...

9.3CVSS6.8AI score0.32951EPSS
Exploits11
Saint
Saint
•added 2010/08/23 12:0 a.m.•27 views

ARP Spoof

Added: 08/23/2010 Background The Address Resolution Protocol ARP is used to resolve IP addresses into the hardware addresses which are used for delivering packets on a local network. Problem It is possible to send a computer a forged ARP reply, which is then stored in that computer's cache. This...

6.7AI score
Exploits0
Saint
Saint
•added 2010/07/01 12:0 a.m.•27 views

HP OpenView Network Node Manager snmpviewer.exe CGI Stack Buffer Overflow

Added: 07/01/2010 CVE: CVE-2010-1552 BID: 40068 OSVDB: 64975 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability in HP Openview NNM allows remote attackers to execute arbitrary commands by sending...

10CVSS7.7AI score0.68892EPSS
Exploits9
Saint
Saint
•added 2010/06/07 12:0 a.m.•27 views

CA XOsoft Control Service entry_point.aspx Remote Code Execution

Added: 06/07/2010 CVE: CVE-2010-1223 BID: 39238 OSVDB: 63611 Background CA XOsoft is storage and recovery management software that includes applications for combined business continuity and disaster recovery. The CA XOsoft product family includes CA XOsoft Replication, CA XOsoft High Availability...

10CVSS7.5AI score0.16755EPSS
Exploits5
Saint
Saint
•added 2010/05/28 12:0 a.m.•27 views

Apple Safari parent.close() Invalid Pointer Code Execution

Added: 05/28/2010 CVE: CVE-2010-1939 BID: 39990 OSVDB: 64482 Background Safari is a web browser for Mac OS X and Windows. Problem Apple Safari 4.0.5 for Windows and probably earlier allows remote attackers to execute arbitrary code by enticing the user to open a crafted HTML document. The crafted...

7.6CVSS6.9AI score0.14708EPSS
Exploits5
Saint
Saint
•added 2010/03/09 12:0 a.m.•27 views

Cross-site scripting cookie theft

Added: 03/09/2010 Background Many web sites include scripts , which are lists of commands which, when executed in sequence, provide some enhancement to a web page. Web browsers are able to recognize scripts in web pages by the tag and handle them accordingly. Problem By sending an HTTP request...

6.8AI score
Exploits0
Saint
Saint
•added 2010/02/16 12:0 a.m.•27 views

Eureka Email POP3 Error Stack Buffer Overflow

Added: 02/16/2010 CVE: CVE-2009-3837 OSVDB: 59262 Background Eureka Email is an e-mail client with built-in junk e-mail filtering. Problem A malicious POP3 mail server can send a long error message to the Eureka Email client, causing a stack buffer overflow. Resolution Upgrade when a fix becomes...

9.3CVSS6.5AI score0.32071EPSS
Exploits8
Saint
Saint
•added 2010/01/28 12:0 a.m.•27 views

Novell iPrint Client ienipp.ocx persistence parameter parsing buffer overflow

Added: 01/28/2010 CVE: CVE-2009-1569 BID: 37242 OSVDB: 60804 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem A buffer overflow in ienipp.ocx allows command...

9.3CVSS6.8AI score0.37524EPSS
Exploits9
Saint
Saint
•added 2010/01/22 12:0 a.m.•27 views

HP Power Manager formExportDataLogs buffer overflow

Added: 01/22/2010 CVE: CVE-2009-3999 BID: 37867 OSVDB: 61848 Background HP Power Manager is a web-based application that enables administrators to manage an HP UPS from a browser-based management console. Problem A buffer overflow vulnerability HP Power Manager allows remote attackers to execute...

10CVSS6.9AI score0.71807EPSS
Exploits11
Saint
Saint
•added 2009/11/27 12:0 a.m.•27 views

Symantec AeXNSConsoleUtilities RunCmd buffer overflow

Added: 11/27/2009 CVE: CVE-2009-3033 BID: 37092 OSVDB: 60496 Background Symantec Altiris Deployment Solution provides tools to deploy software on desktops and servers. Problem A buffer overflow vulnerability in the AeXNSConsoleUtilities ActiveX control allows command execution when a user loads a...

9.3CVSS6.9AI score0.39967EPSS
Exploits10
Saint
Saint
•added 2009/08/27 12:0 a.m.•27 views

Microsoft Office Web Components DataSourceControl ActiveX Control memory allocation

Added: 08/27/2009 CVE: CVE-2009-0562 BID: 35990 OSVDB: 56914 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A heap memory corruption vulnerability in the OWC10.DataSourceControl ActiveX control allows command execution when a use...

9.3CVSS6.5AI score0.2565EPSS
Exploits4
Saint
Saint
•added 2009/08/03 12:0 a.m.•27 views

Easy Chat Server Authentication Request Buffer Overflow

Added: 08/03/2009 Background Easy Chat Server is a web-based chat server for Microsoft Windows. Problem The server is vulnerable to a remote buffer-overflow attack which can be triggered by sending a specially crafted password parameter to chat.ghp. Resolution Easy Chat Server 2.2 and earlier are...

0.8AI score
Exploits0
Saint
Saint
•added 2009/07/13 12:0 a.m.•27 views

Motorola Timbuktu PlughNTCommand named pipe string buffer overflow

Added: 07/13/2009 CVE: CVE-2009-1394 BID: 35496 OSVDB: 55436 Background Motorola Timbuktu is remote control software for Windows and Mac. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted character string to the...

9.3CVSS7.7AI score0.33281EPSS
Exploits8
Saint
Saint
•added 2009/05/12 12:0 a.m.•27 views

Adobe Reader Javascript API spell.customDictonaryOpen memory corruption

Added: 05/12/2009 CVE: CVE-2009-1493 BID: 34740 OSVDB: 54129 Background Adobe Reader is free software for viewing PDF documents. Problem A memory corruption vulnerability in the Javascript API in Adobe Reader allows command execution when a user opens a specially crafted PDF file which calls the...

6.8CVSS6.5AI score0.21826EPSS
Exploits5
Saint
Saint
•added 2009/05/12 12:0 a.m.•27 views

Adobe Reader Javascript API spell.customDictonaryOpen memory corruption

Added: 05/12/2009 CVE: CVE-2009-1493 BID: 34740 OSVDB: 54129 Background Adobe Reader is free software for viewing PDF documents. Problem A memory corruption vulnerability in the Javascript API in Adobe Reader allows command execution when a user opens a specially crafted PDF file which calls the...

6.8CVSS6.5AI score0.21826EPSS
Exploits5
Saint
Saint
•added 2009/03/26 12:0 a.m.•27 views

HP OpenView Network Node Manager OvOSLocale cookie buffer overflow

Added: 03/26/2009 CVE: CVE-2009-0920 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted OvOSLocale cookie in an...

7.5CVSS7.7AI score0.7494EPSS
Exploits11
Saint
Saint
•added 2009/03/04 12:0 a.m.•27 views

Orbit Downloader Connecting log message buffer overflow

Added: 03/04/2009 CVE: CVE-2009-0187 BID: 33894 OSVDB: 52294 Background Orbit Downloader is a download manager supporting various protocols. Problem A buffer overflow vulnerability when constructing "Connecting" log messages allows command execution when a user loads an HTTP URL with a long,...

9.3CVSS6.8AI score0.39984EPSS
Exploits8
Saint
Saint
•added 2009/02/25 12:0 a.m.•27 views

Oracle 9i Release 2 XDB FTP Pass Overflow

Added: 02/25/2009 CVE: CVE-2003-0727 BID: 8375 OSVDB: 2449 Background Oracle 9i release 2 includes the XDB FTP service which by default listens on port 2100. Problem A buffer overflow vulnerability in the parsing of credentials passed to the server allows remote attackers to execute arbitrary...

2.1CVSS7.5AI score0.68395EPSS
Exploits26
Saint
Saint
•added 2009/02/25 12:0 a.m.•27 views

Oracle 9i Release 2 XDB FTP Pass Overflow

Added: 02/25/2009 CVE: CVE-2003-0727 BID: 8375 OSVDB: 2449 Background Oracle 9i release 2 includes the XDB FTP service which by default listens on port 2100. Problem A buffer overflow vulnerability in the parsing of credentials passed to the server allows remote attackers to execute arbitrary...

2.1CVSS7.5AI score0.68395EPSS
Exploits26
Saint
Saint
•added 2009/02/20 12:0 a.m.•27 views

UltraVNC ClientConnection integer overflow

Added: 02/20/2009 CVE: CVE-2009-0388 BID: 33568 Background UltraVNC is free software for remote desktop access. Problem Multiple integer overflow vulnerabilities in the ClientConnection class allow command execution when a user connects to a VNC server which sends a message with a large length...

10CVSS7AI score0.13334EPSS
Exploits11
Saint
Saint
•added 2008/12/11 12:0 a.m.•27 views

Internet Explorer embed tag src extension buffer overflow

Added: 12/11/2008 CVE: CVE-2008-4261 BID: 32595 OSVDB: 50610 Background The HTML embed tag allows developers to embed plug-ins in web pages. Problem A vulnerability in Internet Explorer allows command execution when a user loads a page containing an embed tag with a src attribute containing a...

9.3CVSS6.2AI score0.29709EPSS
Exploits4
Saint
Saint
•added 2008/12/04 12:0 a.m.•27 views

VLC media player TY file parse_master buffer overflow

Added: 12/04/2008 CVE: CVE-2008-4654 BID: 31813 OSVDB: 49181 Background VLC media player is a media player supporting various audio and video formats for multiple platforms. Problem A buffer overflow vulnerability in the parsemaster function in the Ty demux plugin allows command execution when a...

9.3CVSS6.8AI score0.57547EPSS
Exploits8
Saint
Saint
•added 2008/10/03 12:0 a.m.•27 views

DATAC RealWin SCADA Server FC_INFOTAG/SET_CONTROL buffer overflow

Added: 10/03/2008 CVE: CVE-2008-4322 BID: 31418 OSVDB: 48606 Background RealWin is a Supervisory Control and Data Acquisition SCADA server which is distributed by DATAC. Problem A buffer overflow vulnerability in RealWin Server allows remote attackers to execute arbitrary commands by sending a...

10CVSS7.7AI score0.64828EPSS
Exploits8
Saint
Saint
•added 2008/09/12 12:0 a.m.•27 views

TFTP Server error packet buffer overflow

Added: 09/12/2008 CVE: CVE-2008-2161 BID: 29111 OSVDB: 44904 Background TFTP Server is an open source server implementation of the tftp protocol for multiple platforms. Problem A buffer overflow vulnerability in the handling of error packets allows remote attackers to execute arbitrary commands...

10CVSS10AI score0.65284EPSS
Exploits6
Saint
Saint
•added 2008/08/13 12:0 a.m.•27 views

Internet Explorer print preview argument validation vulnerability

Added: 08/13/2008 CVE: CVE-2008-2259 BID: 30612 OSVDB: 47414 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A flaw in the handling of validation of arguments by the print preview function in Internet Explorer allows command...

9.3CVSS6.2AI score0.3008EPSS
Exploits5
Saint
Saint
•added 2008/08/01 12:0 a.m.•27 views

RealPlayer rjbdll.dll ActiveX Control file import buffer overflow

Added: 08/01/2008 CVE: CVE-2008-3066 BID: 30379 OSVDB: 48286 Background RealPlayer and RealOne Player include a number of ActiveX controls allowing functions to be called by scripts embedded in web pages. Problem A buffer overflow vulnerability in an ActiveX control in rjbdll.dll allows command...

9.3CVSS6.8AI score0.09721EPSS
Exploits5
Saint
Saint
•added 2008/07/07 12:0 a.m.•27 views

Novell GroupWise Messenger HTTP response handling buffer overflow

Added: 07/07/2008 CVE: CVE-2008-2703 BID: 29602 OSVDB: 46041 Background GroupWise Messenger is an instant messaging client for Novell GroupWise. Problem Novell GroupWise is affected by a buffer overflow vulnerability which could allow command execution when the client program processes specially...

10CVSS7AI score0.61121EPSS
Exploits7
Saint
Saint
•added 2008/06/25 12:0 a.m.•27 views

Novell iPrint Client ienipp.ocx ActiveX control buffer overflow

Added: 06/25/2008 CVE: CVE-2008-2908 BID: 29736 OSVDB: 46194 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem Multiple buffer overflow vulnerabilities in the...

9.3CVSS7AI score0.35423EPSS
Exploits7
Saint
Saint
•added 2008/04/25 12:0 a.m.•27 views

Borland StarTeam Multicast Service parse_request buffer overflow

Added: 04/25/2008 CVE: CVE-2008-0311 BID: 28602 OSVDB: 44039 Background Borland StarTeam is a software change and configuration management system. Problem A buffer overflow vulnerability in the PGMWebHandler::parserequest function in the StarTeam Multicast Service allows remote attackers to execu...

9.3CVSS7.8AI score0.31024EPSS
Exploits8
Saint
Saint
•added 2008/04/21 12:0 a.m.•27 views

Borland InterBase ibserver.exe Service Attach request buffer overflow

Added: 04/21/2008 CVE: CVE-2008-1910 BID: 28730 OSVDB: 44455 Background Borland Interbase is a database solution for Windows, Linux, and Solaris platforms. Problem A buffer overflow vulnerability in ibserver.exe allows remote attackers to execute arbitrary commands by sending a long, specially...

10CVSS7.9AI score0.07291EPSS
Exploits4
Saint
Saint
•added 2008/03/31 12:0 a.m.•27 views

MDaemon IMAP FETCH command buffer overflow

Added: 03/31/2008 CVE: CVE-2008-1358 BID: 28245 OSVDB: 43111 Background MDaemon is an e-mail server for Windows. Problem A buffer overflow vulnerability in the IMAP service allows authenticated users to execute arbitrary commands by sending a FETCH command with a long BODY. Resolution Upgrade to...

6.5CVSS7.6AI score0.57075EPSS
Exploits7
Saint
Saint
•added 2008/03/28 12:0 a.m.•27 views

rpc.ypupdated command injection vulnerability

Added: 03/28/2008 CVE: CVE-1999-0208 BID: 1749 OSVDB: 11517 Background Network Information Service NIS is a distributed database that allows you to maintain consistent configuration files throughout your network. rpc.ypupdated is an NIS service which is responsible for duplicating information fro...

10CVSS7.7AI score0.12856EPSS
Exploits5
Total number of security vulnerabilities4305