Lucene search
K
SaintMost viewed

4305 matches found

Saint
Saint
•added 2011/12/09 12:0 a.m.•25 views

Trend Micro InterScan Web Security Suite Local Privilege Escalation

Added: 12/09/2011 BID: 50380 OSVDB: 76637 Background Trend Micro InterScan Web Security Suite is an application which dynamically defends against web-based attacks at the Internet gateway. Problem Trend Micro InterScan Web Security Suite is vulnerable to local privilege escalation vulnerability...

8.4AI score
Exploits0
Saint
Saint
•added 2011/10/31 12:0 a.m.•25 views

Symantec IM Manager IMAdminLDAPConfig.asp SQL injection

Added: 10/31/2011 CVE: CVE-2011-0553 BID: 49738 OSVDB: 75984 Background Symantec IM Manager is a solution for managing and securing instant-messaging traffic in an enterprise. Problem An SQL injection vulnerability in IMAdminLDAPConfig.asp allows remote, authenticated attackers to execute arbitra...

7.5CVSS7.8AI score0.01854EPSS
Exploits4
Saint
Saint
•added 2011/07/14 12:0 a.m.•25 views

Crack OS X 10.7 Hashes

Added: 07/14/2011 Background This tool attempts to crack the passwords retreived by the "Mac OS X Hash grab" exploit tool. Acounts are cracked using dictionaries/Commonpwlong.txt Limitations An existing macosxhashgrab.out file must exist in the /exploits directory. Platforms Mac OS X...

0.3AI score
Exploits0
Saint
Saint
•added 2011/07/08 12:0 a.m.•25 views

Citrix Provisioning Services OpCode 40020010 Stack Overflow

Added: 07/08/2011 BID: 45914 OSVDB: 70597 Background Citrix Provisioning Services dynamically provisions virtual servers to simplify and streamline server management, while reducing software rollout risk. Problem Citrix Provisioning Service 5.6 and prior are vulnerable to a remotely exploitable...

1.3AI score
Exploits0
Saint
Saint
•added 2011/06/30 12:0 a.m.•25 views

IBM Lotus Notes LZH Attachment Viewer Stack Buffer Overflow

Added: 06/30/2011 CVE: CVE-2011-1213 BID: 48018 OSVDB: 72706 Background Lotus Notes is the client for Lotus Domino servers. Problem IBM Lotus Notes File Viewer is vulnerable to remote code execution as a result of a stack buffer overflow while parsing headers of LZH files. A remote, unauthenticat...

9.3CVSS7.4AI score0.32961EPSS
Exploits10
Saint
Saint
•added 2011/04/01 12:0 a.m.•25 views

RealFlex RealWin FC_RFUSER_FCS_LOGIN Buffer Overflow

Added: 04/01/2011 CVE: CVE-2011-1563 BID: 46937 Background RealWin is a Supervisory Control and Data Acquisition SCADA server which is distributed by DATAC. Problem A buffer overflow vulnerability in RealWin Server allows remote attackers to execute arbitrary commands by sending a long, specially...

10CVSS7.6AI score0.74638EPSS
Exploits15
Saint
Saint
•added 2011/03/03 12:0 a.m.•25 views

HP Data Protector Client agent EXEC_SETUP code execution

Added: 03/03/2011 CVE: CVE-2011-0922 BID: 46234 OSVDB: 72525 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem The backup agent provided by the Data Protector Backup Client Service may be instructed to execute a setup file from...

10CVSS6.6AI score0.64219EPSS
Exploits20
Saint
Saint
•added 2011/02/16 12:0 a.m.•25 views

Ipswitch TFTP Server Directory Traversal

Added: 02/16/2011 BID: 50890 OSVDB: 77455 Background Ipswitch makes software for businesses to manage networks, securely transfer files, and communicate via e-mail. They also provide some free network tools, including a TFTP server. Problem The Ipswitch TFTP Server version 1.0.0.24 has a director...

7.3AI score
Exploits0
Saint
Saint
•added 2011/02/16 12:0 a.m.•25 views

Ipswitch TFTP Server Directory Traversal

Added: 02/16/2011 BID: 50890 OSVDB: 77455 Background Ipswitch makes software for businesses to manage networks, securely transfer files, and communicate via e-mail. They also provide some free network tools, including a TFTP server. Problem The Ipswitch TFTP Server version 1.0.0.24 has a director...

0.7AI score
Exploits0
Saint
Saint
•added 2011/01/10 12:0 a.m.•25 views

HP Photo Creations audio.Record ActiveX Stack Buffer Overflow

Added: 01/10/2011 BID: 45631 Background HP Photo Creations is free software that lets the user create photo books, calendars, collages, greeting cards and other keepsakes that can be printed or shipped to the user. HP Photo Creations installs and registers the audio.Record ActiveX control which...

0.8AI score
Exploits0
Saint
Saint
•added 2011/01/04 12:0 a.m.•25 views

SQL injection authentication bypass

Added: 01/04/2011 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to manipulate the authentication query via a...

1AI score
Exploits0
Saint
Saint
•added 2010/12/28 12:0 a.m.•25 views

HP Power Manager formLogin buffer overflow

Added: 12/28/2010 CVE: CVE-2010-4113 OSVDB: 69969 Background HP Power Manager is a web-based application that enables administrators to manage an HP UPS from a browser-based management console. Problem A buffer overflow vulnerability in the Administration interface allows remote attackers to...

9.3CVSS7.8AI score0.09722EPSS
Exploits4
Saint
Saint
•added 2010/12/10 12:0 a.m.•25 views

Disk Pulse Server GetServerInfo buffer overflow

Added: 12/10/2010 BID: 43919 Background Disk Pulse is a disk change monitoring solution. Problem A buffer overflow vulnerability in Disk Pulse Server allows remote attackers to execute arbitrary commands by sending a specially crafted GetServerInfo request to port 9120/TCP. Resolution Upgrade to ...

3.2AI score
Exploits0
Saint
Saint
•added 2010/04/08 12:0 a.m.•25 views

Easy FTP Server MKD command buffer overflow

Added: 04/08/2010 BID: 38102 OSVDB: 62134 Background UplusFTP formerly Easy FTP Server is a free FTP server for Windows platforms. Problem A buffer overflow vulnerability allows remote, authenticated attackers to execute arbitrary commands by sending a MKD command with a specially crafted argumen...

8.6AI score
Exploits0
Saint
Saint
•added 2010/01/29 12:0 a.m.•25 views

HP OpenView Storage Data Protector Cell Manager buffer overflow

Added: 01/29/2010 Background HP Data Protector is an automated data backup solution. Problem A buffer overflow vulnerability in HP OpenView Storage Data Protector allows remote attackers to execute arbitrary commands by sending a specially crafted request to the Cell Manager service. Resolution...

2.2AI score
Exploits0
Saint
Saint
•added 2009/12/07 12:0 a.m.•25 views

VideoLAN VLC Media Player MP4_BoxDumpStructure Buffer Overflow

Added: 12/07/2009 BID: 36439 OSVDB: 58217 Background VLC media player is a media player supporting various audio and video formats for multiple platforms. Problem A buffer overflow vulnerability exists in VideoLAN VLC media player due to an error when an overly deep box structure in ".mp4" files....

0.9AI score
Exploits0
Saint
Saint
•added 2009/11/27 12:0 a.m.•25 views

Symantec AeXNSConsoleUtilities RunCmd buffer overflow

Added: 11/27/2009 CVE: CVE-2009-3033 BID: 37092 OSVDB: 60496 Background Symantec Altiris Deployment Solution provides tools to deploy software on desktops and servers. Problem A buffer overflow vulnerability in the AeXNSConsoleUtilities ActiveX control allows command execution when a user loads a...

9.3CVSS6.8AI score0.39967EPSS
Exploits10
Saint
Saint
•added 2009/11/20 12:0 a.m.•25 views

IBM Tivoli Storage Manager Client CAD Service Buffer Overflow

Added: 11/20/2009 CVE: CVE-2009-3853 OSVDB: 59632 Background IBM Tivoli Storage Manager TSM provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon CAD on port 1582/TCP. Problem The vulnerability is caused by an input validation error in t...

9.3CVSS6.5AI score0.36717EPSS
Exploits8
Saint
Saint
•added 2009/11/16 12:0 a.m.•25 views

EasyMail IMAP4 ActiveX Control LicenseKey buffer overflow

Added: 11/16/2009 OSVDB: 59938 Background QuikSoft EasyMail Objects is a set of ActiveX controls which provide e-mail functionality. QuikSoft EasyMail Objects is included with Oracle Document Capture among other products. Problem A buffer overflow vulnerability in the EasyMail IMAP4 ActiveX...

0.2AI score
Exploits0
Saint
Saint
•added 2009/10/21 12:0 a.m.•25 views

HP LoadRunner XUpload ActiveX control MakeHttpRequest file download

Added: 10/21/2009 CVE: CVE-2009-3693 BID: 36550 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the XUpload.ocx ActiveX control for performing file exchanges. Problem The MakeHttpRequest method in the XUpload.ocx ActiveX control can be used to download...

9.3CVSS7AI score0.4158EPSS
Exploits9
Saint
Saint
•added 2009/09/01 12:0 a.m.•25 views

Oracle Secure Backup property_box.php type parameter command execution

Added: 09/01/2009 CVE: CVE-2009-1978 BID: 35678 OSVDB: 55904 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command execution vulnerability in the Oracle Secure Backup web interface allows remote attackers to execute arbitrary...

9CVSS7.2AI score0.64694EPSS
Exploits13
Saint
Saint
•added 2009/06/04 12:0 a.m.•25 views

Find Metadata

Added: 06/04/2009 Background This tool searches the Internet for PDF and Microsoft Office files in the given domain, and extracts the metadata from those files. This metadata often contains the names or aliases of the document's authors or contributors, which can be used to guess valid e-mail...

1.7AI score
Exploits0
Saint
Saint
•added 2009/05/14 12:0 a.m.•25 views

Microsoft PowerPoint Legacy File Format Printer driver buffer overflow

Added: 05/14/2009 CVE: CVE-2009-0227 BID: 34882 OSVDB: 54384 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A buffer overflow vulnerability in the Legacy File Format conversion filter PP4X322.dll allows command execution when a use...

9.3CVSS6.6AI score0.35721EPSS
Exploits5
Saint
Saint
•added 2009/05/05 12:0 a.m.•25 views

Symantec Alert Management System Intel Alert Originator Service msgsys.exe buffer overflow

Added: 05/05/2009 CVE: CVE-2009-1430 BID: 34674 OSVDB: 54159 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. The Intel Alert Originator IAO service is a component of AMS2. The msgsys.exe process is a preprocessor for the IAO service and listens on TCP...

9.3CVSS7.8AI score0.55088EPSS
Exploits9
Saint
Saint
•added 2009/04/01 12:0 a.m.•25 views

IBM Access Support ActiveX GetXMLValue buffer overflow

Added: 04/01/2009 CVE: CVE-2009-0215 BID: 34228 OSVDB: 52958 Background The IBM Access Support ActiveX control is used to collect system information. It comes with certain IBM and Lenovo computer systems. Problem A buffer overflow vulnerability allows command execution when a user loads a page...

9.3CVSS6.7AI score0.36309EPSS
Exploits9
Saint
Saint
•added 2009/03/31 12:0 a.m.•25 views

Symantec AppStream Client LaunchObj ActiveX Control installAppMgr vulnerability

Added: 03/31/2009 CVE: CVE-2008-4388 BID: 33247 OSVDB: 51410 Background Symantec AppStream is an application deployment framework. Problem The LaunchObj ActiveX control exposes the installAppMgr method, which can be used to download and execute arbitrary code. This could allow command execution...

9.3CVSS7AI score0.37721EPSS
Exploits9
Saint
Saint
•added 2009/02/25 12:0 a.m.•25 views

Oracle 9i Release 2 XDB HTTP Pass Overflow

Added: 02/25/2009 CVE: CVE-2003-0727 BID: 8375 OSVDB: 2449 Background Oracle 9i release 2 includes the XDB HTTP service which by default listens on port 8080. Problem A buffer overflow vulnerability in the parsing of credentials passed to the server allows remote attackers to execute arbitrary...

2.1CVSS7.5AI score0.68395EPSS
Exploits26
Saint
Saint
•added 2009/02/20 12:0 a.m.•25 views

UltraVNC ClientConnection integer overflow

Added: 02/20/2009 CVE: CVE-2009-0388 BID: 33568 Background UltraVNC is free software for remote desktop access. Problem Multiple integer overflow vulnerabilities in the ClientConnection class allow command execution when a user connects to a VNC server which sends a message with a large length...

10CVSS7AI score0.13334EPSS
Exploits11
Saint
Saint
•added 2009/02/04 12:0 a.m.•25 views

Free Download Manager Remote Control Server HTTP Authorization buffer overflow

Added: 02/04/2009 CVE: CVE-2009-0183 BID: 33554 OSVDB: 51745 Background Free Download Manager is a download accelerator and manager for Windows systems. Problem A buffer overflow vulnerability in the Free Download Manager Remote Control Server allows remote attackers to execute arbitrary commands...

10CVSS7.8AI score0.66526EPSS
Exploits13
Saint
Saint
•added 2009/01/09 12:0 a.m.•25 views

HP OpenView Network Node Manager Toolbar.exe CGI buffer overflow

Added: 01/09/2009 CVE: CVE-2008-0067 BID: 33147 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by requesting the Toolbar.exe CGI program with a...

10CVSS7.8AI score0.63419EPSS
Exploits19
Saint
Saint
•added 2008/09/24 12:0 a.m.•25 views

DNS zone transfer

Added: 09/24/2008 CVE: CVE-1999-0532 OSVDB: 492 Background A DNS zone transfer is the process by which a secondary name server copies all DNS records for a domain from a primary name server. Problem If DNS zone transfers are not restricted, they can allow attackers to enumerate hosts in a domain...

6.2AI score0.68535EPSS
Exploits7
Saint
Saint
•added 2008/08/11 12:0 a.m.•25 views

CA ARCserve Backup LGServer handshake buffer overflow

Added: 08/11/2008 CVE: CVE-2008-3175 BID: 30472 OSVDB: 47545 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem A buffer overflow vulnerability in the LGServer.exe server process...

10CVSS7.8AI score0.144EPSS
Exploits5
Saint
Saint
•added 2008/06/25 12:0 a.m.•25 views

Novell iPrint Client ienipp.ocx ActiveX control buffer overflow

Added: 06/25/2008 CVE: CVE-2008-2908 BID: 29736 OSVDB: 46194 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem Multiple buffer overflow vulnerabilities in the...

9.3CVSS7.1AI score0.35423EPSS
Exploits7
Saint
Saint
•added 2008/05/27 12:0 a.m.•25 views

CA ARCserve Backup xdr_rwsstring buffer overflow

Added: 05/27/2008 CVE: CVE-2008-2242 BID: 29283 OSVDB: 45368 Background CA ARCserve Backup formerly BrightStor ARCserve Backup is a backup and recovery solution. It runs several services which use the SUN Remote Procedure Call SUN-RPC protocol. SUN-RPC messages are defined using the External Data...

7.5CVSS7.8AI score0.14716EPSS
Exploits9
Saint
Saint
•added 2008/05/19 12:0 a.m.•25 views

Facebook PhotoUploader ActiveX control ExtractIptc buffer overflow

Added: 05/19/2008 CVE: CVE-2008-0660 BID: 27576 OSVDB: 41073 Background Facebook PhotoUploader is an ActiveX control which allows uploading of photos to the Facebook web site. It uses the Aurigma ImageUploader product. Problem A buffer overflow vulnerability in Facebook PhotoUploader allows comma...

9.3CVSS6.9AI score0.37762EPSS
Exploits5
Saint
Saint
•added 2008/05/15 12:0 a.m.•25 views

Motorola Timbuktu login request buffer overflow

Added: 05/15/2008 CVE: CVE-2007-4221 BID: 25454 OSVDB: 40124 Background Motorola Timbuktu is remote control software for Windows and Mac. It runs a service which listens for connections on port 407/TCP or 407/UDP. Problem A buffer overflow vulnerability when processing login requests allows remot...

10CVSS7.9AI score0.06264EPSS
Exploits4
Saint
Saint
•added 2008/05/07 12:0 a.m.•25 views

CA ARCserve Backup for Laptops and Desktops LGServer service code execution

Added: 05/07/2008 CVE: CVE-2008-1328 BID: 28616 OSVDB: 44320 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem A buffer overflow vulnerability in BrightStor ARCserve Backup for...

9.3CVSS7.7AI score0.23634EPSS
Exploits4
Saint
Saint
•added 2008/04/21 12:0 a.m.•25 views

Borland InterBase ibserver.exe Service Attach request buffer overflow

Added: 04/21/2008 CVE: CVE-2008-1910 BID: 28730 OSVDB: 44455 Background Borland Interbase is a database solution for Windows, Linux, and Solaris platforms. Problem A buffer overflow vulnerability in ibserver.exe allows remote attackers to execute arbitrary commands by sending a long, specially...

10CVSS7.9AI score0.07291EPSS
Exploits4
Saint
Saint
•added 2008/03/18 12:0 a.m.•25 views

RealNetworks Helix Server RTSP Proxy-Require heap overflow

Added: 03/18/2008 CVE: CVE-2008-5911 BID: 33059 Background RealNetworks Helix Server is a media server supporting multiple formats and platforms. Problem A heap overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted Proxy-Require header i...

10CVSS7.6AI score0.06185EPSS
Exploits4
Saint
Saint
•added 2008/03/03 12:0 a.m.•25 views

Veritas Storage Foundation Administrator service buffer overflow

Added: 03/03/2008 CVE: CVE-2008-0638 BID: 25778 OSVDB: 41978 Background Veritas Storage Foundation is an online storage management solution. An Administrator service, implemented by vxsvc.exe , listens on port 3207 by default. Problem A buffer overflow vulnerability in the Administrator service...

9.3CVSS7.7AI score0.05957EPSS
Exploits5
Saint
Saint
•added 2008/02/15 12:0 a.m.•25 views

BrightStor ARCserve Backup LGServer directory traversal

Added: 02/15/2008 CVE: CVE-2007-5005 BID: 24348 OSVDB: 41350 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem A directory traversal vulnerability in rxRPC.dll in the...

10CVSS6.9AI score0.0524EPSS
Exploits5
Saint
Saint
•added 2008/02/14 12:0 a.m.•25 views

ASPX Shell

Added: 02/14/2008 Background This exploit does not exploit a vulnerability, but instead creates an aspx page. The page, if placed on an IIS server, establishes a shell connection when requested. Problem N/A Resolution N/A References N/A Limitations The user needs the ability to upload the resulti...

1.1AI score
Exploits0
Saint
Saint
•added 2008/02/04 12:0 a.m.•25 views

Winamp Ultravox streaming metadata artist tag buffer overflow

Added: 02/04/2008 CVE: CVE-2008-0065 BID: 27344 OSVDB: 41707 Background Winamp is a media player for Windows. Problem A buffer overflow vulnerability in the inmp3.dll library when parsing Ultravox streaming metadata allows command execution when a user opens a stream containing a long, specially...

10CVSS6.8AI score0.61275EPSS
Exploits8
Saint
Saint
•added 2008/01/11 12:0 a.m.•25 views

BrightStor ARCserve Backup LGServer rxsUseLicenseIni buffer overflow

Added: 01/11/2008 CVE: CVE-2007-3216 BID: 24348 OSVDB: 35329 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem A buffer overflow vulnerability in the rxsUseLicenseIni function allow...

10CVSS7.7AI score0.59193EPSS
Exploits14
Saint
Saint
•added 2007/10/05 12:0 a.m.•25 views

Microsoft Visual Basic VBP file buffer overflow

Added: 10/05/2007 CVE: CVE-2007-4776 BID: 25629 OSVDB: 36936 Background Microsoft Visual Basic is a development tool for building Windows applications. Problem A buffer overflow vulnerability in Microsoft Visual Basic allows command execution when a user opens a specially crafted Visual Basic...

9.3CVSS6.8AI score0.48964EPSS
Exploits7
Saint
Saint
•added 2007/08/28 12:0 a.m.•25 views

Snort Back Orifice Pre-Processor buffer overflow

Added: 08/28/2007 CVE: CVE-2005-3252 BID: 15131 OSVDB: 20034 Background Back Orifice is a remote system administration program for Windows. It is commonly installed by attackers or Trojan Horse programs for use as a backdoor. Snort is an open-source intrusion detection system. It includes a Back...

7.5CVSS7.8AI score0.83621EPSS
Exploits12
Saint
Saint
•added 2007/08/09 12:0 a.m.•25 views

CA eTrust Intrusion Detection CallCode ActiveX vulnerability

Added: 08/09/2007 CVE: CVE-2007-3302 BID: 25050 OSVDB: 37698 Background CA eTrust Intrusion Detection includes the CallCode Caller.dll ActiveX control. Problem The CallCode ActiveX control is incorrectly marked safe for scripting. This ActiveX control contains scriptable functions which, if a use...

9.3CVSS6.5AI score0.10788EPSS
Exploits5
Saint
Saint
•added 2007/08/03 12:0 a.m.•25 views

Yahoo! Widgets ActiveX control GetComponentVersion buffer overflow

Added: 08/03/2007 CVE: CVE-2007-4034 BID: 25086 OSVDB: 37705 Background Yahoo! Widgets is desktop software which runs any number of small, real-time, Internet applications called widgets. Problem A buffer overflow vulnerability in the YDPCTL ActiveX Control allows command execution when a user...

9.3CVSS6.9AI score0.1296EPSS
Exploits6
Saint
Saint
•added 2007/08/03 12:0 a.m.•25 views

Windows rshd buffer overflow

Added: 08/03/2007 CVE: CVE-2007-4006 BID: 25044 OSVDB: 38572 Background The Windows implementation of RSHD is a remote shell daemon which has been adapted to run on Windows platforms. Problem A buffer overflow vulnerability in the Windows implementation of RSHD allows remote attackers to execute...

6.8CVSS7.7AI score0.34481EPSS
Exploits7
Saint
Saint
•added 2007/08/03 12:0 a.m.•25 views

Yahoo! Widgets ActiveX control GetComponentVersion buffer overflow

Added: 08/03/2007 CVE: CVE-2007-4034 BID: 25086 OSVDB: 37705 Background Yahoo! Widgets is desktop software which runs any number of small, real-time, Internet applications called widgets. Problem A buffer overflow vulnerability in the YDPCTL ActiveX Control allows command execution when a user...

9.3CVSS6.9AI score0.1296EPSS
Exploits6
Total number of security vulnerabilities4305