4300 matches found
Tivoli Provisioning Manager for OS Deployment HTTP server buffer overflow
Added: 01/28/2008 CVE: CVE-2008-0401 BID: 27387 OSVDB: 40481 Background Tivoli Provisioning Manager for OS Deployment is a product which facilitates remote operating system installation and management. Problem A buffer overflow vulnerability in the HTTP server which comes with Tivoli Provisioning...
Microsoft DirectX SAMI parser buffer overflow
Added: 01/22/2008 CVE: CVE-2007-3901 BID: 26789 OSVDB: 39126 Background DirectX is a feature of the Windows operating system used for streaming media. Problem A buffer overflow vulnerability in DirectX allows command execution when a user opens a specially crafted SAMI file in Windows Media Playe...
Lotus Domino Web Access ActiveX control dwa7w.dll buffer overflow
Added: 12/31/2007 CVE: CVE-2007-4474 BID: 26972 OSVDB: 40954 Background Lotus Domino Web Access provides capabilities similar to those of the Lotus Notes client, delivered through a web browser. Problem A buffer overflow vulnerability in the Lotus Domino Web Access ActiveX control in the dwa7w.dl...
QuickTime RTSP Content-Type header buffer overflow
Added: 11/30/2007 CVE: CVE-2007-6166 BID: 26549 OSVDB: 40876 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow vulnerability in QuickTime allows command execution when a user opens an RTSP stream containing a specially crafted Content-Type header...
BrightStor ARCserve Backup LGServer rxrLogin buffer overflow
Added: 11/01/2007 CVE: CVE-2007-5003 BID: 24348 OSVDB: 41353 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem A buffer overflow vulnerability in the rxrLogin function allows remote...
Microsoft Visual Basic VBP file buffer overflow
Added: 10/05/2007 CVE: CVE-2007-4776 BID: 25629 OSVDB: 36936 Background Microsoft Visual Basic is a development tool for building Windows applications. Problem A buffer overflow vulnerability in Microsoft Visual Basic allows command execution when a user opens a specially crafted Visual Basic...
Symantec Norton NavComUI ActiveX control vulnerability
Added: 09/20/2007 CVE: CVE-2007-2955 BID: 24983 OSVDB: 36477 Background The Symantec Norton product suite includes antivirus, firewall, and other security functions. Problem Vulnerabilities in the AxSysListView32 and AxSysListView32OAA ActiveX controls, implemented by the NavComUI.dll library...
CA eTrust Intrusion Detection CallCode ActiveX vulnerability
Added: 08/09/2007 CVE: CVE-2007-3302 BID: 25050 OSVDB: 37698 Background CA eTrust Intrusion Detection includes the CallCode Caller.dll ActiveX control. Problem The CallCode ActiveX control is incorrectly marked safe for scripting. This ActiveX control contains scriptable functions which, if a use...
CA eTrust Intrusion Detection CallCode ActiveX vulnerability
Added: 08/09/2007 CVE: CVE-2007-3302 BID: 25050 OSVDB: 37698 Background CA eTrust Intrusion Detection includes the CallCode Caller.dll ActiveX control. Problem The CallCode ActiveX control is incorrectly marked safe for scripting. This ActiveX control contains scriptable functions which, if a use...
Yahoo! Widgets ActiveX control GetComponentVersion buffer overflow
Added: 08/03/2007 CVE: CVE-2007-4034 BID: 25086 OSVDB: 37705 Background Yahoo! Widgets is desktop software which runs any number of small, real-time, Internet applications called widgets. Problem A buffer overflow vulnerability in the YDPCTL ActiveX Control allows command execution when a user...
Yahoo! Widgets ActiveX control GetComponentVersion buffer overflow
Added: 08/03/2007 CVE: CVE-2007-4034 BID: 25086 OSVDB: 37705 Background Yahoo! Widgets is desktop software which runs any number of small, real-time, Internet applications called widgets. Problem A buffer overflow vulnerability in the YDPCTL ActiveX Control allows command execution when a user...
Ipswitch IMail Server IMAP SEARCH buffer overflow
Added: 07/27/2007 CVE: CVE-2007-3925 BID: 24962 OSVDB: 36219 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service could allow an authenticated attacker to execute arbitrary commands by sending a specially crafted SEARCH command...
Borland Interbase ibserver.exe create buffer overflow
Added: 07/26/2007 CVE: CVE-2007-3566 BID: 25048 OSVDB: 38602 Background Borland Interbase is a database solution for Windows, Linux, and Solaris platforms. Problem A buffer overflow in the database service, ibserver.exe, allows remote attackers to execute arbitrary commands by sending a specially...
CA Antivirus engine CAB handling buffer overflow
Added: 06/07/2007 CVE: CVE-2007-2864 BID: 24330 OSVDB: 35245 Background The CA Antivirus engine is included in multiple CA products. Problem A buffer overflow vulnerability in the CA Antivirus engine allows command execution when a CAB file containing a specially crafted "coffFiles" field is...
LANDesk Management Suite Alert Service buffer overflow
Added: 04/23/2007 CVE: CVE-2007-1674 BID: 23483 OSVDB: 34964 Background LANDesk Management Suite automates systems and security management tasks across a network. It runs an Alert Service which listens for communication on port 65535/UDP. Problem A buffer overflow vulnerability in the Alert Servi...
Lotus Domino IMAP CRAM-MD5 authentication buffer overflow
Added: 04/23/2007 CVE: CVE-2007-1675 BID: 23172 OSVDB: 34091 Background IBM Lotus Domino is a messaging and collaboration solution for multiple platforms. Problem A buffer overflow vulnerability in the CRAM-MD5 authentication function in the Lotus Domino IMAP service allows remote attackers to...
MERCUR imapd NTLMSSP
Added: 04/03/2007 CVE: CVE-2007-1578 BID: 23058 OSVDB: 33545 Background MERCUR Messaging Server is an e-mail server supporting the SMTP, POP3, and IMAP protocols for Windows platforms. Problem A buffer overflow vulnerability in MERCUR Messaging Server allows remote attackers to execute arbitrary...
Trend Micro ServerProtect ENG_SendEMail buffer overflow
Added: 03/02/2007 CVE: CVE-2007-1070 BID: 22639 OSVDB: 33042 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the ENGSendEMail function allows remote attackers to execute arbitrary commands by sending a specially crafted RPC request...
BrightStor ARCserve LGServer buffer overflow
Added: 02/02/2007 CVE: CVE-2007-0449 BID: 22342 OSVDB: 31593 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem A buffer overflow vulnerability in BrightStor ARCserve Backup for...
BrightStor ARCserve LGServer buffer overflow
Added: 02/02/2007 CVE: CVE-2007-0449 BID: 22342 OSVDB: 31593 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem A buffer overflow vulnerability in BrightStor ARCserve Backup for...
BrightStor ARCserve Message Engine opnum 0x2f buffer overflow
Added: 01/19/2007 CVE: CVE-2007-0169 BID: 22005 OSVDB: 31318 Background The BrightStor ARCserve Backup server runs the Message Engine RPC service on ports 6503/TCP and 6504/TCP by default. Problem A buffer overflow in BrightStor ARCserve Backup allows remote attackers to execute arbitrary command...
Microsoft Visual Studio 2005 WMI Object Broker vulnerability
Added: 01/15/2007 CVE: CVE-2006-4704 BID: 20843 OSVDB: 30155 Background Microsoft Visual Studio is a product to assist with software development in the Windows operating system. Problem A flaw in the WMI Object Broker ActiveX control allows attackers to bypass security zone restrictions, leading ...
NetMail IMAP APPEND command buffer overflow
Added: 12/29/2006 CVE: CVE-2006-6425 BID: 21723 OSVDB: 31362 Background Novell NetMail is an e-mail and calendaring server application. Problem A buffer overflow in the NetMail IMAP service allows remote, authenticated attackers to execute arbitrary commands by sending a long, specially crafted...
AOL ICQ ActiveX DownloadAgent vulnerability
Added: 12/15/2006 CVE: CVE-2006-5650 BID: 20930 OSVDB: 30220 Background America Online AOL ICQ is a widely used program for communicating with other users on the Internet. Problem The ICQPhone.SipxPhoneManager ActiveX control, which is installed with ICQ, includes a function called DownloadAgent...
MailEnable IMAP SELECT buffer overflow
Added: 12/01/2006 CVE: CVE-2006-6290 BID: 21362 OSVDB: 31698 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. MailEnable Professional and MailEnable Enterprise also include IMAP and HTTPMail services. Problem A buffer overflow vulnerability in the IMAP servic...
Windows Workstation service NetpManageIPCConnect buffer overflow
Added: 11/27/2006 CVE: CVE-2006-4691 BID: 20985 OSVDB: 30263 Background The Windows Workstation service routes network requests for file or printer resources. Problem A buffer overflow in the NetpManageIPCConnect function in the Windows Workstation service allows command execution when a domain...
Oracle Security Component sys.pbsde buffer overflow
Added: 11/07/2006 CVE: CVE-2005-3438 BID: 15134 OSVDB: 20612 Background pbsde is a package of stored procedures which is part of the base installation of Oracle Database. Problem A buffer overflow in the sys.pbsde.init procedure allows database users to execute arbitrary commands. Resolution Appl...
Novell eDirectory iMonitor HTTP redirection buffer overflow
Added: 10/26/2006 CVE: CVE-2006-5478 BID: 20655 OSVDB: 29993 Background iMonitor is a web service which is a component of Novell eDirectory. Problem iMonitor allows remote command execution by sending specially crafted HTTP header data in a request for certain URLs, which results in a buffer...
IMail SMTP RCPT TO buffer overflow
Added: 09/29/2006 CVE: CVE-2006-4379 BID: 19885 OSVDB: 28576 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow vulnerability in the SMTP daemon allows remote command execution by sending a RCPT TO argument containing a long string between @ and : characters...
MailEnable SMTP AUTH LOGIN buffer overflow
Added: 06/30/2006 CVE: CVE-2005-1781 BID: 13772 OSVDB: 16851 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. MailEnable Professional and MailEnable Enterprise also include IMAP and HTTPMail services. Problem The SMTP service in MailEnable is affected by a...
Internet Explorer Javaprxy.dll heap overflow
Added: 06/05/2006 CVE: CVE-2005-2087 BID: 14087 OSVDB: 17680 Background Windows operating systems use the Component Object Model COM to allow various program components to be run within different applications. One such object, the JView Profiler Javaprxy.dll, is a debugger interface for Microsoft...
Outlook Express NNTP LIST buffer overflow
Added: 05/04/2006 CVE: CVE-2005-1213 BID: 13951 OSVDB: 17306 Background Outlook Express is a free e-mail client which is included in Windows operating systems. Problem A buffer overflow in Outlook Express allows command execution when processing responses from NNTP servers to LIST commands...
Internet Explorer IFRAME buffer overflow
Added: 05/03/2006 CVE: CVE-2004-1050 BID: 11515 OSVDB: 11337 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A buffer overflow when processing the name attribute in an IFRAME tag allows command execution when a malformed web page ...
BrightStor ARCserve Backup discovery service buffer overflow
Added: 04/19/2006 CVE: CVE-2005-2535 BID: 12536 OSVDB: 13814 Background The BrightStor ARCserve Backup server includes a discovery service which listens on ports 41523/TCP and 41524/UDP. Problem A buffer overflow in the discovery service allows remote attackers to execute arbitrary commands...
BakBone NetVault remote heap overflow
Added: 03/24/2006 CVE: CVE-2005-1009 BID: 12967 OSVDB: 15234 Background BakBone NetVault is a distributed data backup and restore solution for UNIX and Windows networks. Problem A heap overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...
WS_FTP MKD command buffer overflow
Added: 03/10/2006 CVE: CVE-2004-1135 BID: 11772 OSVDB: 12509 Background WSFTP Server is an FTP server for Windows platforms. Problem A buffer overflow vulnerability in the MKD command could allow an attacker to execute commands on the server. If the anonymous FTP account is enabled, the attacker...
Windows NetDDE buffer overflow
Added: 02/24/2006 CVE: CVE-2004-0206 BID: 11372 OSVDB: 10689 Background Network Dynamic Data Exchange NetDDE is a Windows service which allows two applications to communicate with each other over a network. Problem A buffer overflow in the NetDDE service could allow a remote, anonymous attacker t...
Lotus Notes Attachment Viewer UUE file buffer overflow
Added: 02/21/2006 CVE: CVE-2005-2618 BID: 16576 OSVDB: 23065 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the attachment viewer in the Lotus Notes e-mail client allows command execution when a user opens a specially crafted UUE file. Resolution Upgra...
Citrix Program Neighborhood name buffer overflow
Added: 02/01/2006 CVE: CVE-2005-3652 BID: 15907 OSVDB: 21816 Background Citrix Presentation Server, formerly Citrix MetaFrame, allows applications to be deployed across a network to various client platforms, including Windows, Unix, Macintosh, DOS, and OS/2. The Program Neighborhood Agent running...
sadmind AUTH_SYS authentication vulnerability
Added: 01/09/2006 CVE: CVE-2003-0722 BID: 8615 OSVDB: 4585 Background sadmind is a service which coordinates distributed system administration operations remotely. The Sun Solstice AdminSuite runs sadmind with the AUTHSYS authentication method by default. Problem The sadmind running with the...
IMail IMAP LOGIN special character vulnerability
Added: 01/04/2006 CVE: CVE-2005-1255 BID: 13727 OSVDB: 16804 Background IMail is a mail server for Windows platforms. It includes SMTP, POP, IMAP, and LDAP services, a web interface, and web calendaring. Problem A remote attacker could execute arbitrary commands by sending a long specially crafte...
VERITAS Backup Exec CONNECT_CLIENT_AUTH buffer overflow
Added: 12/22/2005 CVE: CVE-2005-0773 BID: 14022 OSVDB: 17624 Background VERITAS Backup Exec is a network backup solution for Windows and Netware servers. Problem VERITAS Backup Exec is affected by a buffer overflow when handling CONNECTCLIENTAUTH requests with the Windows user authentication type...
Internet Explorer onload window vulnerability
Added: 12/01/2005 CVE: CVE-2005-1790 BID: 13799 OSVDB: 17094 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Internet Explorer fails to properly initialize the window function when called from an onLoad event in a body tag. This...
Oracle Enterprise Manager Agent buffer overflow
Added: 11/30/2005 CVE: CVE-2005-3460 BID: 15146 OSVDB: 20664 Background Oracle Application Server 10g includes the emagent.exe program which listens for connections on port 1830/TCP by default. Problem A buffer overflow vulnerability in emagent.exe could allow a remote attacker to execute arbitra...
MailEnable IMAP STATUS buffer overflow
Added: 11/29/2005 CVE: CVE-2005-2278 BID: 14243 OSVDB: 17844 Background MailEnable is a mail server for Windows platforms. The standard edition supports the SMTP and POP3 protocols. MailEnable Professional and MailEnable Enterprise also support IMAP and HTTPMail. Problem A buffer overflow in the...
KACE K1000 Remote Code Execution
Added: 04/16/2019 Background KACE Systems Management Appliance manages, secures, and services network-connected devices. Problem A vulnerability in KACE Systems Management Appliance K1000 could allow unauthenticated command execution. Resolution Upgrade to the latest version of your KACE Systems...
HP LoadRunner micWebAjax.dll ActiveX NotifyEvent Method Vulnerability
Added: 09/30/2013 CVE: CVE-2013-2368 BID: 61436 OSVDB: 95639 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the micWebAjax ActiveX control. Problem HP LoadRunner before 11.52 is vulnerable to remote code execution due to failure to sanitize user-suppli...
SAP NetWeaver SOAP RFC SXPG_CALL_SYSTEM Command Execution
Added: 06/03/2013 OSVDB: 93537 Background SAP NetWeaver is a technology platform for building and integrating SAP business applications. Remote Function Call RFC is the standard SAP interface for communication between SAP systems. Transaction SM69 is used to create and maintain external operating...
Foxit Reader Plugin for Firefox URL Filename Stack Buffer Overflow
Added: 01/12/2013 BID: 57174 OSVDB: 89030 Background Foxit Reader is a free PDF reader for Microsoft Windows systems. Problem Foxit Reader plugin for Firefox npFoxitReaderPlugin.dll is vulnerable to remote code execution as a result of failure to check boundary conditions when processing a URL...
Novell NetIQ Privileged User Manager modifyAccounts Security Bypass
Added: 12/07/2012 BID: 56535 OSVDB: 87335 Background Novell NetIQ Privileged User Manager NPUM allows IT administrators to work on systems without exposing superuser administrator or supervisor passwords or root-account credentials to the administrator. Problem NetIQ Privileged User Manager 2.3.1...