HP Application Lifecycle Management ActiveX Control Arbitrary File Overwrite

Added: 10/09/2012 BID: 55272 OSVDB: 85059 Background HP Application Lifecycle Management ALM is a software product designed to manage the application lifecycle from requirements through readiness for delivery from a single repository, providing a consistent user experience and customizable...

IBM Lotus Notes URL Handler Command Execution

Added: 09/07/2012 CVE: CVE-2012-2174 BID: 54070 OSVDB: 83063 Background Lotus Notes is the client for Lotus Domino servers. Problem Lotus Notes 8.5.3 and earlier is vulnerable to remote code execution when handling a specially crafted URL. A remote attacker can pass the -RPARAMS command line...

Lotus Notes iNotes Attachment_Times ActiveX Overflow

Added: 08/22/2012 CVE: CVE-2012-2175 BID: 53879 OSVDB: 82755 Background Lotus Notes is the client for Lotus Domino servers. iNotes is a web-based alternative to the Notes client. Problem The iNotes ActiveX control does not properly validate the user-supplied values for the attachmenttimes...

McAfee Virtual Technician MVT.MVTControl ActiveX Control Insecure Method

Added: 05/04/2012 BID: 53304 Background McAfee Virtual Technician is a free automated diagnosis and and problem resolution tool which scans a Windows system to ensure that McAfee products are installed correctly. Problem McAfee Virtual Technician ActiveX control MVT.dll, as provided in McAfee...

McAfee Virtual Technician MVT.MVTControl ActiveX Control Insecure Method

Added: 05/04/2012 BID: 53304 Background McAfee Virtual Technician is a free automated diagnosis and and problem resolution tool which scans a Windows system to ensure that McAfee products are installed correctly. Problem McAfee Virtual Technician ActiveX control MVT.dll, as provided in McAfee...

Novell ZENworks Configuration Management Preboot Service Opcode 6c Vulnerability

Added: 04/06/2012 CVE: CVE-2011-3176 BID: 52659 OSVDB: 80231 Background Novell ZENworks Configuration Management is an IT desktop computer management suite that provides the ability to install, configure and administer desktop computers from a centralized location. The product is based on a...

BroadWin WebAccess SCADA Client ActiveX Format String

Added: 12/12/2011 OSVDB: 74897 Background BroadWin WebAccess is a web-based SCADA reporting and control solution. Problem BroadWin WebAccess installs an ActiveX Control in the user's browser. The OcxSpool function of this control accepts a parameter that is evaluated using a format string. A form...

Netzip Classic ZIP file parsing buffer overflow

Added: 11/04/2011 BID: 46059 Background Netzip Classic is a Windows utility for downloading and decompressing files. Problem A buffer overflow vulnerability allows command execution when a user opens a specially crafted ZIP file and double-clicks on the file contained in it. Resolution Do not use...

Java RMI Services Default Configuration Remote Loading

Added: 07/29/2011 Background The Java Remote Method Invocation RMI system allows an object running in one Java virtual machine to invoke methods on an object running in another Java virtual machine. RMI provides for remote communication between programs written in the Java programming language...

McAfee Firewall Reporter isValidClient Authentication Bypass

Added: 06/03/2011 BID: 47306 OSVDB: 71842 Background McAfee Firewall Reporter is an enterprise-class security event management SEM reporting solution. Problem McAfee Firewall Reporter versions 5.1.0.6 through 5.1.0.12 are vulnerable to an authentication bypass that may allow remote attackers to...

Zend Server Java Bridge Remote Code Execution

Added: 04/08/2011 BID: 47060 OSVDB: 71420 Background Zend Server is an enterprise web application server for hosting PHP applications. Problem The Zend Server Java Bridge allows PHP applications to execute methods in Java classes. The Java Bridge does not validate that requests to execute Java co...

AOL Desktop .rtx File Buffer Overflow

Added: 03/18/2011 BID: 46129 OSVDB: 70741 Background AOL Desktop is an internet suite that integrates a web browser, media player, and IM client. Problem A heap overflow vulnerability exists in the Rich Text file parser of AOL Desktop 9.x. In documents with HTML links, the parser does not properl...

Cisco Security Agent Management Center Code Execution

Added: 03/17/2011 CVE: CVE-2011-0364 BID: 65436 OSVDB: 70884 Background Cisco Security Agent Management Center is the server component of Cisco's Security Agent endpoint IPS solution. It is responsible for collecting event log information from endpoints and distributing rules updates. Problem The...

Microsoft Remote Desktop Connection Insecure Library Injection

Added: 03/14/2011 CVE: CVE-2011-0029 BID: 46678 OSVDB: 71014 Background The Windows Remote Desktop allows desktop access to one Windows computer from another Windows computer. Problem A library loading vulnerability in the Remote Desktop Client allows arbitrary command execution when a user opens...

Ipswitch TFTP Server Directory Traversal

Added: 02/16/2011 BID: 50890 OSVDB: 77455 Background Ipswitch makes software for businesses to manage networks, securely transfer files, and communicate via e-mail. They also provide some free network tools, including a TFTP server. Problem The Ipswitch TFTP Server version 1.0.0.24 has a director...

Symantec Alert Management System PIN number buffer overflow

Added: 02/03/2011 CVE: CVE-2010-0110 BID: 45936 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. It includes an Intel Alert Handler service hndlrsvc.exe. This service handles messages forwarded to it by the Alert Originator Manager, which listens on po...

HP OpenView Network Node Manager nnmRptConfig.exe nameParams text1 Buffer Overflow

Added: 01/20/2011 CVE: CVE-2011-0268 BID: 45762 OSVDB: 70473 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A stack buffer overflow vulnerability allows remote attackers to execute arbitrary commands by requesting the...

HP Data Protector Manager MMD Service Stack Buffer Overflow

Added: 12/10/2010 BID: 45128 Background HP Data Protector is a backup solution for enterprise and distributed environments. The Data Protector environment consists of a Cell Manager, backup agents, and backup device servers. The Cell Manager is the central point from which backup agents and devic...

Adobe Shockwave Director rcsL Chunk Remote Code Execution

Added: 11/04/2010 CVE: CVE-2010-3653 BID: 44291 OSVDB: 68803 Background Adobe Shockwave is a multimedia player used to add animation and interactivity to web pages. It allows Adobe Director applications to be published on the Internet and viewed in a web browser on any computer which has the...

Oracle Secure Backup Administration property_box.php Other Variable Command Injection

Added: 09/29/2010 CVE: CVE-2010-0899 BID: 41616 OSVDB: 66333 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command injection vulnerability in the Oracle Secure Backup web interface allows remote attackers to execute arbitrary...

Microsoft Windows Movie Maker MediaClipString Buffer Overflow

Added: 08/27/2010 CVE: CVE-2010-2564 BID: 42268 OSVDB: 66986 Background Windows Movie Maker is software for creating and editing home movies. Problem A buffer overflow vulnerability when parsing MediaClipString data allows command execution when a user opens a specially crafted .MSWMM file...

Microsoft Outlook SMB Attachment ATTACH_BY_REFERENCE vulnerability

Added: 07/16/2010 CVE: CVE-2010-0266 BID: 41446 OSVDB: 66296 Background Microsoft Outlook is an e-mail client which also provides calendar, scheduling, contact management, and information sharing capabilities. Problem A vulnerability in Microsoft Outlook allows command execution when a user opens...

HP OpenView Network Node Manager ovwebsnmpsrv.exe buffer overflow via jovgraph.exe

Added: 06/23/2010 CVE: CVE-2009-4181 BID: 37261 OSVDB: 60932 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability in ovwebsnmpsrv.exe allows remote attackers to execute arbitrary commands by sending...

Windows Media Unicast Service transport information packet buffer overflow

Added: 04/14/2010 CVE: CVE-2010-0478 Background The Windows Media Unicast Service is the part of Windows Media Services which allows streaming media to be sent to a specific user. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially...

Orbital Viewer buffer overflow

Added: 03/24/2010 CVE: CVE-2010-0688 BID: 38436 OSVDB: 62580 Background Orbital Viewer is a program for viewing atomic and molecular orbitals. Problem A buffer overflow vulnerability in Orbital Viewer allows command execution when a user opens a specially crafted .orb file. Resolution Do not open...

Microsoft Office PowerPoint Viewer TextBytesAtom Record Buffer Overflow

Added: 03/04/2010 CVE: CVE-2010-0033 BID: 38107 OSVDB: 62241 Background Microsoft PowerPoint Viewer 2003 is a free tool which allows viewing of Microsoft PowerPoint presentations without requiring Microsoft PowerPoint itself. Problem A stack overflow vulnerability in the handling of TextBytesAtom...

EasyMail IMAP4 ActiveX Control LicenseKey buffer overflow

Added: 11/16/2009 OSVDB: 59938 Background QuikSoft EasyMail Objects is a set of ActiveX controls which provide e-mail functionality. QuikSoft EasyMail Objects is included with Oracle Document Capture among other products. Problem A buffer overflow vulnerability in the EasyMail IMAP4 ActiveX...

Adobe Reader FlateDecode filter TIFF Predictor integer overflow

Added: 10/27/2009 CVE: CVE-2009-3459 BID: 36600 OSVDB: 58729 Background Adobe Reader is free software for viewing PDF documents. Problem An integer overflow in the FlateDecode filter in Adobe Reader allows command execution when a user opens a PDF file containing specially crafted compressed...

Google Apps googleapps.url.mailto handler command injection

Added: 10/13/2009 BID: 36581 Background Google Apps is a web-based productivity suite hosted by Google. Problem Google Apps handles googleapps.url.mailto URLs by passing the URL as a command-line argument to the googleapps.exe program without sufficiently validating the URL. This allows command...

EMC Captiva QuickScan Pro KeyHelp ActiveX Control JumpURL buffer overflow

Added: 10/02/2009 BID: 36546 OSVDB: 58423 Background EMC Captiva QuickScan Pro is a document capture solution. It includes KeyHelp, a free ActiveX control used for enhancing HTML help systems. Problem A buffer overflow vulnerability in the KeyHelp ActiveX Control allows command execution when a...

Unisys Business Information Server mnet.exe buffer overflow

Added: 06/30/2009 CVE: CVE-2009-1628 BID: 35494 OSVDB: 55435 Background The Unisys Business Information Server is an information management solution which provides data access across an enterprise. It includes the mnet.exe program which listens for connections on ports 3985/TCP and 3986/TCP...

Microsoft PowerPoint Legacy File Format Printer driver buffer overflow

Added: 05/14/2009 CVE: CVE-2009-0227 BID: 34882 OSVDB: 54384 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A buffer overflow vulnerability in the Legacy File Format conversion filter PP4X322.dll allows command execution when a use...

Microsoft SQL Server spreplwritetovarbin Buffer Overflow

Added: 04/29/2009 CVE: CVE-2008-5416 BID: 32710 OSVDB: 50917 Background Microsoft SQL Server is a database server package for Windows platforms. Problem A buffer overflow vulnerability in the spreplwritetovarbin stored procedure allows remote, authenticated attackers to execute arbitrary commands...

Flash drive/CD autoplay command execution

Added: 04/07/2009 Background This tool allows you to create a USB flash drive which, when inserted into a Windows computer, prompts a user to run a program which creates a command connection. The program is disguised as the "Open Folder" option in the AutoPlay dialog to entice the user to run it...

Orbit Downloader Connecting log message buffer overflow

Added: 03/04/2009 CVE: CVE-2009-0187 BID: 33894 OSVDB: 52294 Background Orbit Downloader is a download manager supporting various protocols. Problem A buffer overflow vulnerability when constructing "Connecting" log messages allows command execution when a user loads an HTTP URL with a long,...

Oracle 9i Release 2 XDB HTTP Pass Overflow

Added: 02/25/2009 CVE: CVE-2003-0727 BID: 8375 OSVDB: 2449 Background Oracle 9i release 2 includes the XDB HTTP service which by default listens on port 8080. Problem A buffer overflow vulnerability in the parsing of credentials passed to the server allows remote attackers to execute arbitrary...

Oracle 9i Release 2 XDB HTTP Pass Overflow

Added: 02/25/2009 CVE: CVE-2003-0727 BID: 8375 OSVDB: 2449 Background Oracle 9i release 2 includes the XDB HTTP service which by default listens on port 8080. Problem A buffer overflow vulnerability in the parsing of credentials passed to the server allows remote attackers to execute arbitrary...

UltraVNC ClientConnection integer overflow

Added: 02/20/2009 CVE: CVE-2009-0388 BID: 33568 Background UltraVNC is free software for remote desktop access. Problem Multiple integer overflow vulnerabilities in the ClientConnection class allow command execution when a user connects to a VNC server which sends a message with a large length...

Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH buffer overflow

Added: 01/28/2009 CVE: CVE-2008-5444 BID: 33177 OSVDB: 51340 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A buffer overflow vulnerability in Oracle Secure Backup when handling the NDMP protocol allows remote attackers to execute...

Norton AntiSpam 2004 SymSpamHelper ActiveX control buffer overflow

Added: 12/24/2008 CVE: CVE-2004-0363 BID: 9916 OSVDB: 6249 Background Norton AntiSpam 2004, which is included in Norton Internet Security 2004, is spam filtering software. Problem A buffer overflow vulnerability in the SymSpamHelper ActiveX control symspam.dll allows command execution when a user...

Norton AntiSpam 2004 SymSpamHelper ActiveX control buffer overflow

Added: 12/24/2008 CVE: CVE-2004-0363 BID: 9916 OSVDB: 6249 Background Norton AntiSpam 2004, which is included in Norton Internet Security 2004, is spam filtering software. Problem A buffer overflow vulnerability in the SymSpamHelper ActiveX control symspam.dll allows command execution when a user...

Internet Explorer XML data binding memory corruption

Added: 12/12/2008 CVE: CVE-2008-4844 BID: 32721 OSVDB: 50622 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A data binding error allows command execution when a user loads specially crafted XML code containing nested SPAN tags,...

CA ARCserve Backup for Laptops and Desktops LGServer password integer overflow

Added: 11/28/2008 CVE: CVE-2007-5004 BID: 24348 OSVDB: 41352 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem An integer overflow vulnerability allows remote attackers to execute...

DATAC RealWin SCADA Server FC_INFOTAG/SET_CONTROL buffer overflow

Added: 10/03/2008 CVE: CVE-2008-4322 BID: 31418 OSVDB: 48606 Background RealWin is a Supervisory Control and Data Acquisition SCADA server which is distributed by DATAC. Problem A buffer overflow vulnerability in RealWin Server allows remote attackers to execute arbitrary commands by sending a...

TFTP Server error packet buffer overflow

Added: 09/12/2008 CVE: CVE-2008-2161 BID: 29111 OSVDB: 44904 Background TFTP Server is an open source server implementation of the tftp protocol for multiple platforms. Problem A buffer overflow vulnerability in the handling of error packets allows remote attackers to execute arbitrary commands...

Borland InterBase ibserver.exe Service Attach request buffer overflow

Added: 04/21/2008 CVE: CVE-2008-1910 BID: 28730 OSVDB: 44455 Background Borland Interbase is a database solution for Windows, Linux, and Solaris platforms. Problem A buffer overflow vulnerability in ibserver.exe allows remote attackers to execute arbitrary commands by sending a long, specially...

MDaemon IMAP FETCH command buffer overflow

Added: 03/31/2008 CVE: CVE-2008-1358 BID: 28245 OSVDB: 43111 Background MDaemon is an e-mail server for Windows. Problem A buffer overflow vulnerability in the IMAP service allows authenticated users to execute arbitrary commands by sending a FETCH command with a long BODY. Resolution Upgrade to...

rpc.ypupdated command injection vulnerability

Added: 03/28/2008 CVE: CVE-1999-0208 BID: 1749 OSVDB: 11517 Background Network Information Service NIS is a distributed database that allows you to maintain consistent configuration files throughout your network. rpc.ypupdated is an NIS service which is responsible for duplicating information fro...

Winamp Ultravox streaming metadata artist tag buffer overflow

Added: 02/04/2008 CVE: CVE-2008-0065 BID: 27344 OSVDB: 41707 Background Winamp is a media player for Windows. Problem A buffer overflow vulnerability in the inmp3.dll library when parsing Ultravox streaming metadata allows command execution when a user opens a stream containing a long, specially...

Tivoli Provisioning Manager for OS Deployment HTTP server buffer overflow

Added: 01/28/2008 CVE: CVE-2008-0401 BID: 27387 OSVDB: 40481 Background Tivoli Provisioning Manager for OS Deployment is a product which facilitates remote operating system installation and management. Problem A buffer overflow vulnerability in the HTTP server which comes with Tivoli Provisioning...