Lucene search
K
SaintMost viewed

4305 matches found

Saint
Saint
•added 2009/05/06 12:0 a.m.•24 views

Symantec Alert Management System Intel File Transfer service command execution

Added: 05/06/2009 CVE: CVE-2009-1431 BID: 34675 OSVDB: 54160 Background The Symantec Alert Management System 2 AMS2 is used by multiple Symantec products. The Intel File Transfer service is a component of AMS2 which is used to aid communication between the core server and managed clients. It...

9.3CVSS7.1AI score0.08036EPSS
Exploits5
Saint
Saint
•added 2009/04/29 12:0 a.m.•24 views

Microsoft SQL Server spreplwritetovarbin Buffer Overflow

Added: 04/29/2009 CVE: CVE-2008-5416 BID: 32710 OSVDB: 50917 Background Microsoft SQL Server is a database server package for Windows platforms. Problem A buffer overflow vulnerability in the spreplwritetovarbin stored procedure allows remote, authenticated attackers to execute arbitrary commands...

9CVSS10AI score0.87036EPSS
Exploits12
Saint
Saint
•added 2009/04/07 12:0 a.m.•24 views

Flash drive/CD autoplay command execution

Added: 04/07/2009 Background This tool allows you to create a USB flash drive which, when inserted into a Windows computer, prompts a user to run a program which creates a command connection. The program is disguised as the "Open Folder" option in the AutoPlay dialog to entice the user to run it...

7.2AI score
Exploits0
Saint
Saint
•added 2009/04/07 12:0 a.m.•24 views

SAPgui EAI WebViewer3D ActiveX control SaveViewToSessionFile buffer overflow

Added: 04/07/2009 CVE: CVE-2007-4475 BID: 34310 OSVDB: 53066 Background SAPgui for Windows registers the EAI WebViewer3D ActiveX control. Problem A buffer overflow vulnerability in the EAI WebViewer3D ActiveX control allows command execution when a user loads a web page which invokes the...

9.3CVSS6.9AI score0.40307EPSS
Exploits8
Saint
Saint
•added 2009/04/07 12:0 a.m.•24 views

Flash drive/CD autoplay command execution

Added: 04/07/2009 Background This tool allows you to create a USB flash drive which, when inserted into a Windows computer, prompts a user to run a program which creates a command connection. The program is disguised as the "Open Folder" option in the AutoPlay dialog to entice the user to run it...

7.2AI score
Exploits0
Saint
Saint
•added 2009/04/01 12:0 a.m.•24 views

IBM Access Support ActiveX GetXMLValue buffer overflow

Added: 04/01/2009 CVE: CVE-2009-0215 BID: 34228 OSVDB: 52958 Background The IBM Access Support ActiveX control is used to collect system information. It comes with certain IBM and Lenovo computer systems. Problem A buffer overflow vulnerability allows command execution when a user loads a page...

9.3CVSS6.7AI score0.36309EPSS
Exploits9
Saint
Saint
•added 2009/02/23 12:0 a.m.•24 views

Internet Explorer deleted object memory corruption

Added: 02/23/2009 CVE: CVE-2009-0075 BID: 33627 OSVDB: 51839 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A memory corruption vulnerability allows command execution when a user opens a specially crafted web page which causes a...

9.3CVSS6.3AI score0.85277EPSS
Exploits9
Saint
Saint
•added 2009/02/20 12:0 a.m.•24 views

UltraVNC ClientConnection integer overflow

Added: 02/20/2009 CVE: CVE-2009-0388 BID: 33568 Background UltraVNC is free software for remote desktop access. Problem Multiple integer overflow vulnerabilities in the ClientConnection class allow command execution when a user connects to a VNC server which sends a message with a large length...

10CVSS7AI score0.13334EPSS
Exploits11
Saint
Saint
•added 2009/02/04 12:0 a.m.•24 views

Free Download Manager Remote Control Server HTTP Authorization buffer overflow

Added: 02/04/2009 CVE: CVE-2009-0183 BID: 33554 OSVDB: 51745 Background Free Download Manager is a download accelerator and manager for Windows systems. Problem A buffer overflow vulnerability in the Free Download Manager Remote Control Server allows remote attackers to execute arbitrary commands...

10CVSS7.8AI score0.66526EPSS
Exploits13
Saint
Saint
•added 2009/01/28 12:0 a.m.•24 views

Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH buffer overflow

Added: 01/28/2009 CVE: CVE-2008-5444 BID: 33177 OSVDB: 51340 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A buffer overflow vulnerability in Oracle Secure Backup when handling the NDMP protocol allows remote attackers to execute...

10CVSS7.4AI score0.60625EPSS
Exploits7
Saint
Saint
•added 2008/12/12 12:0 a.m.•24 views

Internet Explorer XML data binding memory corruption

Added: 12/12/2008 CVE: CVE-2008-4844 BID: 32721 OSVDB: 50622 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A data binding error allows command execution when a user loads specially crafted XML code containing nested SPAN tags,...

9.3CVSS7.5AI score0.66513EPSS
Exploits10
Saint
Saint
•added 2008/10/06 12:0 a.m.•24 views

Autodesk LiveUpdate ActiveX control ApplyPatch method vulnerability

Added: 10/06/2008 CVE: CVE-2008-4472 BID: 31490 OSVDB: 49047 Background Autodesk is a suite of architectural design software products. Problem The ApplyPatch method in the LiveUpdate ActiveX control allows a web page to execute arbitrary files on the system. Remote command execution is possible b...

9.3CVSS7.2AI score0.07836EPSS
Exploits4
Saint
Saint
•added 2008/09/24 12:0 a.m.•24 views

Microsoft Excel FORMAT record array index memory corruption

Added: 09/24/2008 CVE: CVE-2008-3005 BID: 30639 OSVDB: 47408 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A memory corruption vulnerability allows command execution when a user opens a spreadsheet...

9.3CVSS6.5AI score0.31934EPSS
Exploits5
Saint
Saint
•added 2008/06/25 12:0 a.m.•24 views

Novell iPrint Client ienipp.ocx ActiveX control buffer overflow

Added: 06/25/2008 CVE: CVE-2008-2908 BID: 29736 OSVDB: 46194 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem Multiple buffer overflow vulnerabilities in the...

9.3CVSS7.1AI score0.35423EPSS
Exploits7
Saint
Saint
•added 2008/03/31 12:0 a.m.•24 views

MDaemon IMAP FETCH command buffer overflow

Added: 03/31/2008 CVE: CVE-2008-1358 BID: 28245 OSVDB: 43111 Background MDaemon is an e-mail server for Windows. Problem A buffer overflow vulnerability in the IMAP service allows authenticated users to execute arbitrary commands by sending a FETCH command with a long BODY. Resolution Upgrade to...

6.5CVSS7.7AI score0.57075EPSS
Exploits7
Saint
Saint
•added 2008/03/28 12:0 a.m.•24 views

rpc.ypupdated command injection vulnerability

Added: 03/28/2008 CVE: CVE-1999-0208 BID: 1749 OSVDB: 11517 Background Network Information Service NIS is a distributed database that allows you to maintain consistent configuration files throughout your network. rpc.ypupdated is an NIS service which is responsible for duplicating information fro...

10CVSS7.7AI score0.12856EPSS
Exploits5
Saint
Saint
•added 2008/03/13 12:0 a.m.•24 views

mIRC PRIVMSG hostname buffer overflow

Added: 03/13/2008 CVE: CVE-2008-4449 BID: 31552 OSVDB: 48752 Background mIRC is an Internet Relay Chat IRC client. Problem A buffer overflow in mIRC allows command execution when a user connects to a malicious IRC server which sends a PRIVMSG message with a long, specially crafted hostname...

9.3CVSS6.9AI score0.38737EPSS
Exploits8
Saint
Saint
•added 2008/03/11 12:0 a.m.•24 views

Novell iPrint Control ActiveX control ExecuteRequest buffer overflow

Added: 03/11/2008 CVE: CVE-2008-0935 BID: 27939 OSVDB: 42063 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem A buffer overflow vulnerability in the ExecuteReque...

10CVSS6.9AI score0.6514EPSS
Exploits8
Saint
Saint
•added 2008/01/28 12:0 a.m.•24 views

Tivoli Provisioning Manager for OS Deployment HTTP server buffer overflow

Added: 01/28/2008 CVE: CVE-2008-0401 BID: 27387 OSVDB: 40481 Background Tivoli Provisioning Manager for OS Deployment is a product which facilitates remote operating system installation and management. Problem A buffer overflow vulnerability in the HTTP server which comes with Tivoli Provisioning...

10CVSS7.7AI score0.08377EPSS
Exploits5
Saint
Saint
•added 2008/01/22 12:0 a.m.•24 views

Microsoft DirectX SAMI parser buffer overflow

Added: 01/22/2008 CVE: CVE-2007-3901 BID: 26789 OSVDB: 39126 Background DirectX is a feature of the Windows operating system used for streaming media. Problem A buffer overflow vulnerability in DirectX allows command execution when a user opens a specially crafted SAMI file in Windows Media Playe...

8.5CVSS6.8AI score0.45873EPSS
Exploits13
Saint
Saint
•added 2007/11/30 12:0 a.m.•24 views

QuickTime RTSP Content-Type header buffer overflow

Added: 11/30/2007 CVE: CVE-2007-6166 BID: 26549 OSVDB: 40876 Background QuickTime is a media player for Windows and Mac OS platforms. Problem A buffer overflow vulnerability in QuickTime allows command execution when a user opens an RTSP stream containing a specially crafted Content-Type header...

9.3CVSS6.8AI score0.41916EPSS
Exploits10
Saint
Saint
•added 2007/11/19 12:0 a.m.•24 views

Adobe PageMaker MAIPM6.DLL font name buffer overflow

Added: 11/19/2007 CVE: CVE-2007-5169 BID: 25989 OSVDB: 38067 Background Adobe PageMaker is page layout software. Problem A buffer overflow vulnerability in MAIPM6.DLL allows command execution when a user opens a .PMD file containing specially crafted font names. Resolution Apply the update...

9.3CVSS6.7AI score0.10175EPSS
Exploits4
Saint
Saint
•added 2007/11/01 12:0 a.m.•24 views

BrightStor ARCserve Backup LGServer rxrLogin buffer overflow

Added: 11/01/2007 CVE: CVE-2007-5003 BID: 24348 OSVDB: 41353 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem A buffer overflow vulnerability in the rxrLogin function allows remote...

10CVSS7.8AI score0.67204EPSS
Exploits8
Saint
Saint
•added 2007/08/09 12:0 a.m.•24 views

CA eTrust Intrusion Detection CallCode ActiveX vulnerability

Added: 08/09/2007 CVE: CVE-2007-3302 BID: 25050 OSVDB: 37698 Background CA eTrust Intrusion Detection includes the CallCode Caller.dll ActiveX control. Problem The CallCode ActiveX control is incorrectly marked safe for scripting. This ActiveX control contains scriptable functions which, if a use...

9.3CVSS6.5AI score0.10788EPSS
Exploits5
Saint
Saint
•added 2007/07/27 12:0 a.m.•24 views

Ipswitch IMail Server IMAP SEARCH buffer overflow

Added: 07/27/2007 CVE: CVE-2007-3925 BID: 24962 OSVDB: 36219 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service could allow an authenticated attacker to execute arbitrary commands by sending a specially crafted SEARCH command...

6.5CVSS7.6AI score0.84673EPSS
Exploits7
Saint
Saint
•added 2007/07/26 12:0 a.m.•24 views

Borland Interbase ibserver.exe create buffer overflow

Added: 07/26/2007 CVE: CVE-2007-3566 BID: 25048 OSVDB: 38602 Background Borland Interbase is a database solution for Windows, Linux, and Solaris platforms. Problem A buffer overflow in the database service, ibserver.exe, allows remote attackers to execute arbitrary commands by sending a specially...

7.5CVSS7.9AI score0.66081EPSS
Exploits9
Saint
Saint
•added 2007/06/20 12:0 a.m.•24 views

Internet Explorer Content Advisor memory corruption

Added: 06/20/2007 CVE: CVE-2005-0555 BID: 13117 OSVDB: 15466 Background The Content Advisor is used to control what content is viewable in Internet Explorer. Problem A memory corruption vulnerability in the Content Advisor allows command execution when a user loads a specially crafted page in...

7.5CVSS7.7AI score0.58357EPSS
Exploits4
Saint
Saint
•added 2007/06/07 12:0 a.m.•24 views

CA Antivirus engine CAB handling buffer overflow

Added: 06/07/2007 CVE: CVE-2007-2864 BID: 24330 OSVDB: 35245 Background The CA Antivirus engine is included in multiple CA products. Problem A buffer overflow vulnerability in the CA Antivirus engine allows command execution when a CAB file containing a specially crafted "coffFiles" field is...

9.3CVSS6.8AI score0.49647EPSS
Exploits7
Saint
Saint
•added 2007/04/23 12:0 a.m.•24 views

LANDesk Management Suite Alert Service buffer overflow

Added: 04/23/2007 CVE: CVE-2007-1674 BID: 23483 OSVDB: 34964 Background LANDesk Management Suite automates systems and security management tasks across a network. It runs an Alert Service which listens for communication on port 65535/UDP. Problem A buffer overflow vulnerability in the Alert Servi...

10CVSS7.7AI score0.72864EPSS
Exploits10
Saint
Saint
•added 2007/02/02 12:0 a.m.•24 views

BrightStor ARCserve LGServer buffer overflow

Added: 02/02/2007 CVE: CVE-2007-0449 BID: 22342 OSVDB: 31593 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem A buffer overflow vulnerability in BrightStor ARCserve Backup for...

10CVSS7.8AI score0.7924EPSS
Exploits7
Saint
Saint
•added 2006/12/29 12:0 a.m.•24 views

NetMail IMAP APPEND command buffer overflow

Added: 12/29/2006 CVE: CVE-2006-6425 BID: 21723 OSVDB: 31362 Background Novell NetMail is an e-mail and calendaring server application. Problem A buffer overflow in the NetMail IMAP service allows remote, authenticated attackers to execute arbitrary commands by sending a long, specially crafted...

9CVSS7.7AI score0.58474EPSS
Exploits7
Saint
Saint
•added 2006/12/18 12:0 a.m.•24 views

Oracle MD2 component SDO_CODE_SIZE buffer overflow

Added: 12/18/2006 CVE: CVE-2004-1774 BID: 10871 OSVDB: 9867 Background Oracle Database is a relational database solution available for multiple platforms. Problem A buffer overflow in the SDOCODESIZE function in the MD2 component of Oracle Database allows remote attackers to execute arbitrary...

7.2CVSS9.6AI score0.02672EPSS
Exploits5
Saint
Saint
•added 2006/12/01 12:0 a.m.•24 views

MailEnable IMAP SELECT buffer overflow

Added: 12/01/2006 CVE: CVE-2006-6290 BID: 21362 OSVDB: 31698 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. MailEnable Professional and MailEnable Enterprise also include IMAP and HTTPMail services. Problem A buffer overflow vulnerability in the IMAP servic...

6.5CVSS7.6AI score0.03171EPSS
Exploits4
Saint
Saint
•added 2006/10/26 12:0 a.m.•24 views

Novell eDirectory iMonitor HTTP redirection buffer overflow

Added: 10/26/2006 CVE: CVE-2006-5478 BID: 20655 OSVDB: 29993 Background iMonitor is a web service which is a component of Novell eDirectory. Problem iMonitor allows remote command execution by sending specially crafted HTTP header data in a request for certain URLs, which results in a buffer...

7.5CVSS7.2AI score0.83891EPSS
Exploits11
Saint
Saint
•added 2006/09/29 12:0 a.m.•24 views

IMail SMTP RCPT TO buffer overflow

Added: 09/29/2006 CVE: CVE-2006-4379 BID: 19885 OSVDB: 28576 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow vulnerability in the SMTP daemon allows remote command execution by sending a RCPT TO argument containing a long string between @ and : characters...

7.5CVSS7AI score0.60041EPSS
Exploits8
Saint
Saint
•added 2006/09/22 12:0 a.m.•24 views

WS_FTP XCRC buffer overflow

Added: 09/22/2006 CVE: CVE-2006-4847 BID: 20076 OSVDB: 28939 Background WSFTP Server is an FTP server for Windows platforms. Problem Buffer overflows in multiple FTP commands allow an authenticated attacker to execute arbitrary commands. Resolution Upgrade to WSFTP Server 5.05 Hotfix 1. Reference...

6.5CVSS7.1AI score0.85213EPSS
Exploits10
Saint
Saint
•added 2006/06/30 12:0 a.m.•24 views

MailEnable SMTP AUTH LOGIN buffer overflow

Added: 06/30/2006 CVE: CVE-2005-1781 BID: 13772 OSVDB: 16851 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. MailEnable Professional and MailEnable Enterprise also include IMAP and HTTPMail services. Problem The SMTP service in MailEnable is affected by a...

5CVSS8AI score0.01768EPSS
Exploits4
Saint
Saint
•added 2006/06/16 12:0 a.m.•24 views

Windows Media Player PNG buffer overflow

Added: 06/16/2006 CVE: CVE-2006-0025 BID: 18385 OSVDB: 26430 Background Windows Media Player is an audio and video media player for Windows platforms. Problem A buffer overflow in Windows Media Player allows command execution when a user opens a specially crafted PNG image file. Resolution Apply...

9.3CVSS6.7AI score0.48723EPSS
Exploits5
Saint
Saint
•added 2006/06/12 12:0 a.m.•24 views

Cyrus IMAP pop3d popsubfolders buffer overflow

Added: 06/12/2006 CVE: CVE-2006-2502 BID: 18056 OSVDB: 25853 Background Cyrus IMAP is an open-source IMAP, POP3, and KPOP server. The popsubfolders configuration option allows POP3 users to access subfolders by specifying the subfolder name when logging in. Problem When the popsubfolders...

5.1CVSS7.7AI score0.53333EPSS
Exploits12
Saint
Saint
•added 2006/06/05 12:0 a.m.•24 views

Internet Explorer Javaprxy.dll heap overflow

Added: 06/05/2006 CVE: CVE-2005-2087 BID: 14087 OSVDB: 17680 Background Windows operating systems use the Component Object Model COM to allow various program components to be run within different applications. One such object, the JView Profiler Javaprxy.dll, is a debugger interface for Microsoft...

5CVSS6.6AI score0.61372EPSS
Exploits4
Saint
Saint
•added 2006/05/04 12:0 a.m.•24 views

Outlook Express NNTP LIST buffer overflow

Added: 05/04/2006 CVE: CVE-2005-1213 BID: 13951 OSVDB: 17306 Background Outlook Express is a free e-mail client which is included in Windows operating systems. Problem A buffer overflow in Outlook Express allows command execution when processing responses from NNTP servers to LIST commands...

7.5CVSS6.8AI score0.73961EPSS
Exploits8
Saint
Saint
•added 2006/05/03 12:0 a.m.•24 views

Internet Explorer IFRAME buffer overflow

Added: 05/03/2006 CVE: CVE-2004-1050 BID: 11515 OSVDB: 11337 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem A buffer overflow when processing the name attribute in an IFRAME tag allows command execution when a malformed web page ...

10CVSS6.6AI score0.67061EPSS
Exploits4
Saint
Saint
•added 2006/04/06 12:0 a.m.•24 views

TWiki revision control shell command injection

Added: 04/06/2006 CVE: CVE-2005-2877 BID: 14834 OSVDB: 19403 Background TWiki is a web-based collaboration platform written in PERL. Problem The revision control function in TWiki does not sufficiently check the rev parameter before using it in a shell command call. This allows remote attackers t...

7.5CVSS7.4AI score0.71104EPSS
Exploits8
Saint
Saint
•added 2006/04/05 12:0 a.m.•24 views

cachefsd heap overflow

Added: 04/05/2006 CVE: CVE-2002-0033 BID: 4674 OSVDB: 779 Background cachefsd is an RPC service which supports local caching of Network File Systems NFS, thereby improving performance on filesystems mounted from an NFS server. Problem A heap overflow in cachefsd allows remote command execution...

10CVSS7AI score0.23078EPSS
Exploits4
Saint
Saint
•added 2006/03/10 12:0 a.m.•24 views

WS_FTP MKD command buffer overflow

Added: 03/10/2006 CVE: CVE-2004-1135 BID: 11772 OSVDB: 12509 Background WSFTP Server is an FTP server for Windows platforms. Problem A buffer overflow vulnerability in the MKD command could allow an attacker to execute commands on the server. If the anonymous FTP account is enabled, the attacker...

5CVSS7.2AI score0.49642EPSS
Exploits7
Saint
Saint
•added 2006/02/16 12:0 a.m.•24 views

Windows Media Player plugin EMBED buffer overflow

Added: 02/16/2006 CVE: CVE-2006-0005 BID: 16644 OSVDB: 23132 Background The Windows Media Player plug-in allows the processing of embedded media from inside other applications, such as web browsers. Problem A buffer overflow in the Windows Media Player plug-in allows remote command execution when...

9.3CVSS7AI score0.43861EPSS
Exploits8
Saint
Saint
•added 2006/01/24 12:0 a.m.•24 views

Arkeia Type 77 Request buffer overflow

Added: 01/24/2006 CVE: CVE-2005-0491 BID: 12594 OSVDB: 14011 Background The Arkeia network backup software includes a daemon program called arkeiad which listens for connections on TCP port 617. Problem A buffer overflow in the processing of type 77 requests sent to the arkeiad listener allows...

10CVSS7.3AI score0.64901EPSS
Exploits13
Saint
Saint
•added 2006/01/09 12:0 a.m.•24 views

sadmind AUTH_SYS authentication vulnerability

Added: 01/09/2006 CVE: CVE-2003-0722 BID: 8615 OSVDB: 4585 Background sadmind is a service which coordinates distributed system administration operations remotely. The Sun Solstice AdminSuite runs sadmind with the AUTHSYS authentication method by default. Problem The sadmind running with the...

10CVSS7.4AI score0.85678EPSS
Exploits9
Saint
Saint
•added 2005/12/01 12:0 a.m.•24 views

Internet Explorer onload window vulnerability

Added: 12/01/2005 CVE: CVE-2005-1790 BID: 13799 OSVDB: 17094 Background Internet Explorer is an HTML web browser which comes by default on Microsoft operating systems. Problem Internet Explorer fails to properly initialize the window function when called from an onLoad event in a body tag. This...

2.6CVSS6.2AI score0.83472EPSS
Exploits9
Saint
Saint
•added 2005/11/30 12:0 a.m.•24 views

RSA SecurID Web Agent for IIS redirect buffer overflow

Added: 11/30/2005 CVE: CVE-2005-4734 BID: 26424 OSVDB: 20151 Background RSA SecurID Web Agent for IIS provides access control for IIS web servers using one-time authentication tokens. Problem A buffer overflow in IISWebAgentIF.dll could allow a remote attacker to execute arbitrary commands using ...

6.4CVSS7.9AI score0.54485EPSS
Exploits8
Total number of security vulnerabilities4305