Lucene search
K
SaintMost viewed

4305 matches found

Saint
Saint
•added 2007/07/27 12:0 a.m.•23 views

Ipswitch IMail Server IMAP SEARCH buffer overflow

Added: 07/27/2007 CVE: CVE-2007-3925 BID: 24962 OSVDB: 36219 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service could allow an authenticated attacker to execute arbitrary commands by sending a specially crafted SEARCH command...

6.5CVSS7.6AI score0.84673EPSS
Exploits7
Saint
Saint
•added 2007/06/12 12:0 a.m.•23 views

Windows Telephony API buffer overflow

Added: 06/12/2007 CVE: CVE-2005-0058 BID: 14518 OSVDB: 18606 Background The Windows Telephony API TAPI provides telecommunications support for Windows applications. Problem A buffer overflow in the Windows Telephony API allows local attackers to execute commands with administrative privileges...

7.5CVSS7AI score0.50047EPSS
Exploits5
Saint
Saint
•added 2007/05/10 12:0 a.m.•23 views

ACDSee XPM file handling buffer overflow

Added: 05/10/2007 CVE: CVE-2007-2193 BID: 23620 OSVDB: 35236 Background ACDSee is a suite of products for viewing and organizing photos. Problem A buffer overflow vulnerability in the IDX.apl plug-in allows command execution when a user opens a specially crafted XPM file. Resolution Apply a fix...

9.3CVSS7AI score0.3657EPSS
Exploits7
Saint
Saint
•added 2007/03/27 12:0 a.m.•23 views

MERCUR imapd SUBSCRIBE command buffer overflow

Added: 03/27/2007 CVE: CVE-2007-1579 BID: 23050 OSVDB: 33546 Background MERCUR Messaging Server is an e-mail server supporting the SMTP, POP3, and IMAP protocols for Windows platforms. Problem A buffer overflow vulnerability allows remote, authenticated attackers to execute arbitrary commands by...

10CVSS7.5AI score0.56209EPSS
Exploits5
Saint
Saint
•added 2007/03/16 12:0 a.m.•23 views

NetMail WebAdmin username buffer overflow

Added: 03/16/2007 CVE: CVE-2007-1350 BID: 22857 OSVDB: 33886 Background Novell NetMail WebAdmin is a web-based administration interface which runs an HTTP server on port 89/TCP. Problem A buffer overflow vulnerability in Novell NetMail WebAdmin allows remote attackers to execute arbitrary command...

6.8CVSS7.8AI score0.19398EPSS
Exploits5
Saint
Saint
•added 2007/03/07 12:0 a.m.•23 views

Trend Micro ServerProtect ENG_SetRealTimeScanConfigInfo buffer overflow

Added: 03/07/2007 CVE: CVE-2007-1070 BID: 22639 OSVDB: 33042 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the ENGSetRealTimeScanConfigInfo function allows remote attackers to execute arbitrary commands by sending a specially craft...

10CVSS7.7AI score0.73767EPSS
Exploits27
Saint
Saint
•added 2007/02/16 12:0 a.m.•23 views

HP Mercury LoadRunner mchan.dll buffer overflow

Added: 02/16/2007 CVE: CVE-2007-0446 BID: 22487 OSVDB: 33132 Background HP Mercury LoadRunner is a load testing solution. Problem A buffer overflow in the mchan.dll library allows remote attackers to execute arbitrary commands by sending a packet with a long serveripname field to port 54345/TCP...

10CVSS7.8AI score0.44457EPSS
Exploits5
Saint
Saint
•added 2007/01/24 12:0 a.m.•23 views

BrightStor ARCserve Message Engine opnum 0x75 buffer overflow

Added: 01/24/2007 CVE: CVE-2007-0169 BID: 22005 OSVDB: 31318 Background The BrightStor ARCserve Backup server runs the Message Engine RPC service on ports 6503/TCP and 6504/TCP by default. Problem A buffer overflow in BrightStor ARCserve Backup allows remote attackers to execute arbitrary command...

7.5CVSS7.7AI score0.68809EPSS
Exploits16
Saint
Saint
•added 2007/01/19 12:0 a.m.•23 views

BrightStor ARCserve Message Engine opnum 0x2f buffer overflow

Added: 01/19/2007 CVE: CVE-2007-0169 BID: 22005 OSVDB: 31318 Background The BrightStor ARCserve Backup server runs the Message Engine RPC service on ports 6503/TCP and 6504/TCP by default. Problem A buffer overflow in BrightStor ARCserve Backup allows remote attackers to execute arbitrary command...

7.5CVSS7.7AI score0.68809EPSS
Exploits16
Saint
Saint
•added 2007/01/11 12:0 a.m.•23 views

Microsoft Excel PALETTE record buffer overflow

Added: 01/11/2007 CVE: CVE-2007-0031 BID: 21922 OSVDB: 31258 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms. Problem A buffer overflow vulnerability in Microsoft Excel allows command execution when a user opens a speciall...

9.3CVSS6.8AI score0.41694EPSS
Exploits4
Saint
Saint
•added 2007/01/05 12:0 a.m.•23 views

Novell NetMail NMAP STOR command buffer overflow

Added: 01/05/2007 CVE: CVE-2006-6424 BID: 21725 OSVDB: 31363 Background Novell NetMail servers include the Network Messaging Application Protocol NMAP service, which listens on port 689/TCP. Problem A buffer overflow in Novell NetMail allows remote attackers to execute arbitrary commands by sendi...

9CVSS7.8AI score0.57909EPSS
Exploits7
Saint
Saint
•added 2006/09/06 12:0 a.m.•23 views

MySQL MaxDB WebDBM database name buffer overflow

Added: 09/06/2006 CVE: CVE-2006-4305 BID: 19660 OSVDB: 28300 Background MaxDB is a SAP-certified open-source database developed by MySQL. Problem A buffer overflow in MaxDB allows remote attackers to execute arbitrary commands by sending a long database name from a WebDBM client. Resolution Upgra...

10CVSS7.8AI score0.70468EPSS
Exploits7
Saint
Saint
•added 2006/08/25 12:0 a.m.•23 views

McAfee Subscription Manager ActiveX buffer overflow

Added: 08/25/2006 CVE: CVE-2006-3961 BID: 19265 OSVDB: 27698 Background McAfee Antivirus products access the McAfee Security Center product which allows users to set preferences and settings for numerous installed McAfee components and services. The Security Center includes a Subscription Manager...

6.8CVSS6.9AI score0.33824EPSS
Exploits7
Saint
Saint
•added 2006/07/17 12:0 a.m.•23 views

Serv-U FTP site chmod buffer overflow

Added: 07/17/2006 CVE: CVE-2004-2111 BID: 9675 OSVDB: 3713 Background Serv-U is an FTP server for Windows platforms. Problem An attacker who has logged on to the Serv-U FTP server and has a writable directory could execute arbitrary commands by sending a site chmod command with an overly long fil...

8.5CVSS7.5AI score0.86867EPSS
Exploits10
Saint
Saint
•added 2006/07/14 12:0 a.m.•23 views

eSignal WinSig.exe buffer overflow

Added: 07/14/2006 CVE: CVE-2004-1868 BID: 9978 OSVDB: 4583 Background eSignal is a tool which provides real-time financial and market information. Its main application, WinSig.exe , services requests on port 80/TCP. Problem A buffer overflow vulnerability in eSignal allows remote attackers to...

7.5CVSS7.9AI score0.06708EPSS
Exploits5
Saint
Saint
•added 2006/07/10 12:0 a.m.•23 views

MERCUR Messaging IMAP LOGIN command buffer overflow

Added: 07/10/2006 CVE: CVE-2006-1255 BID: 17138 OSVDB: 23950 Background MERCUR Messaging 2005 is an e-mail server supporting the SMTP, POP3, and IMAP protocols for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service when processing the LOGIN command allows remote...

10CVSS7.7AI score0.68147EPSS
Exploits12
Saint
Saint
•added 2006/06/30 12:0 a.m.•23 views

MailEnable SMTP AUTH LOGIN buffer overflow

Added: 06/30/2006 CVE: CVE-2005-1781 BID: 13772 OSVDB: 16851 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. MailEnable Professional and MailEnable Enterprise also include IMAP and HTTPMail services. Problem The SMTP service in MailEnable is affected by a...

5CVSS8AI score0.01768EPSS
Exploits4
Saint
Saint
•added 2006/06/13 12:0 a.m.•23 views

Symantec real-time scan service buffer overflow

Added: 06/13/2006 CVE: CVE-2006-2630 BID: 18107 OSVDB: 25846 Background Various Symantec products include a real-time virus scan service. Problem A buffer overflow in the real-time virus scan service allows remote attackers to execute arbitrary commands. Resolution Apply patch SYM06-010. Referenc...

10CVSS7.6AI score0.73558EPSS
Exploits7
Saint
Saint
•added 2006/06/13 12:0 a.m.•23 views

Symantec real-time scan service buffer overflow

Added: 06/13/2006 CVE: CVE-2006-2630 BID: 18107 OSVDB: 25846 Background Various Symantec products include a real-time virus scan service. Problem A buffer overflow in the real-time virus scan service allows remote attackers to execute arbitrary commands. Resolution Apply patch SYM06-010. Referenc...

10CVSS7.7AI score0.73558EPSS
Exploits7
Saint
Saint
•added 2006/03/31 12:0 a.m.•23 views

RealPlayer invalid chunk header heap overflow

Added: 03/31/2006 CVE: CVE-2005-2922 BID: 17202 OSVDB: 24062 Background RealPlayer, RealOne Player, and Helix Player include an embedded player which plays media embedded in a web page. Problem A chunked HTTP response containing an invalid or missing chunk header results in a heap overflow, leadi...

9.3CVSS6.5AI score0.05783EPSS
Exploits5
Saint
Saint
•added 2006/03/24 12:0 a.m.•23 views

BakBone NetVault remote heap overflow

Added: 03/24/2006 CVE: CVE-2005-1009 BID: 12967 OSVDB: 15234 Background BakBone NetVault is a distributed data backup and restore solution for UNIX and Windows networks. Problem A heap overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...

10CVSS7.6AI score0.57017EPSS
Exploits8
Saint
Saint
•added 2006/03/16 12:0 a.m.•23 views

Internet Explorer isComponentInstalled buffer overflow

Added: 03/16/2006 CVE: CVE-2006-1016 BID: 16870 OSVDB: 31647 Background The isComponentInstalled method allows scripts to determine which components are installed. Problem Internet Explorer is affected by a buffer overflow in the isComponentInstalled method which can lead to remote command...

7.5CVSS7.1AI score0.66674EPSS
Exploits8
Saint
Saint
•added 2006/03/07 12:0 a.m.•23 views

Microsoft Visual Studio .dbp and .sln buffer overflow

Added: 03/07/2006 CVE: CVE-2006-1043 BID: 16953 OSVDB: 23711 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem A buffer overflow vulnerability leads to command execution when a specially crafted Database Project .dbp or...

5.1CVSS7AI score0.22396EPSS
Exploits5
Saint
Saint
•added 2006/03/03 12:0 a.m.•23 views

Windows Plug and Play buffer overflow

Added: 03/03/2006 CVE: CVE-2005-1983 BID: 14513 OSVDB: 18605 Background The Windows Plug and Play service allows Windows operating systems to automatically detect and configure a new hardware device, such as a mouse. Problem A buffer overflow in the Plug and Play service could allow command...

10CVSS7AI score0.93405EPSS
Exploits9
Saint
Saint
•added 2006/01/31 12:0 a.m.•23 views

Winamp playlist file buffer overflow

Added: 01/31/2006 CVE: CVE-2006-0476 BID: 16410 OSVDB: 22789 Background Winamp is a media player for Windows. Problem A buffer overflow in Winamp allows code execution when a specially crafted playlist file is opened. Resolution Upgrade to Winamp 5.13 or higher. References Limitations Exploit...

7.6CVSS7.1AI score0.74506EPSS
Exploits8
Saint
Saint
•added 2005/11/29 12:0 a.m.•23 views

Novell eDirectory iMonitor buffer overflow

Added: 11/29/2005 CVE: CVE-2005-2551 BID: 14548 OSVDB: 18703 Background iMonitor is a web service which is a component of Novell eDirectory. Problem A buffer overflow when processing long HTTP or HTTPS requests leads to remote command execution. Resolution Upgrade to eDirectory 8.7.3 IR7 or highe...

7.5CVSS7.2AI score0.55424EPSS
Exploits7
Saint
Saint
•added 2005/11/29 12:0 a.m.•23 views

Hummingbird InetD LPD buffer overflow

Added: 11/29/2005 CVE: CVE-2005-1815 BID: 13788 OSVDB: 16957 Background Hummingbird InetD implements common UNIX services on Windows platforms. Problem The Hummingbird InetD LPD service is affected by a buffer overflow which allows remote command execution. Resolution Apply the patch. References...

5CVSS7.2AI score0.47192EPSS
Exploits7
Saint
Saint
•added 2017/10/13 12:0 a.m.•22 views

Apache Tomcat PUT method JSP upload

Added: 10/13/2017 BID: 100954 Background Apache Tomcat is a Java web application platform. Problem A vulnerability in Apache Tomcat allows remote attackers to execute arbitrary commands by using the PUT method to upload a JSP file, and then requesting that file. Resolution Upgrade to Apache Tomca...

8.4AI score
Exploits0
Saint
Saint
•added 2016/01/08 12:0 a.m.•22 views

Easy File Sharing Web Server HEAD HTTP request vulnerability

Added: 01/08/2016 Background Easy File Sharing Web Server is software that allows users to upload/download files to a server easily through a web browser, as well as providing a bulletin board system forum. Problem Easy File Sharing Web Server is vulnerable to a stack buffer overflow condition as...

8.3AI score
Exploits0
Saint
Saint
•added 2015/05/11 12:0 a.m.•22 views

iTunes .PLS Title buffer overflow

Added: 05/11/2015 Background iTunes is a free media player for multiple platforms. Problem A buffer overflow vulnerability in iTunes allows command execution when a .PLS file containing a specially crafted Title parameter is opened. Resolution Do not open untrusted .PLS files. References...

0.7AI score
Exploits0
Saint
Saint
•added 2015/01/29 12:0 a.m.•22 views

WP Symposium Plugin for WordPress Arbitrary File Upload

Added: 01/29/2015 BID: 71686 OSVDB: 116046 Background WP Symposium is a social network plugin for WordPress. Problem WP Symposium Plugin for WordPress contains a vulnerability that allows a remote attacker to execute arbitrary PHP code. This vulnerability is due to the...

8.2AI score
Exploits0
Saint
Saint
•added 2014/12/19 12:0 a.m.•22 views

XEROX Multiple Product Unauthenticated Remote Firmware Injection Vulnerability

Added: 12/19/2014 BID: 52483 OSVDB: 80096 Background Some Xerox Multifunction Printers MFP utilize Dynamic Loadable Modules DLM for patching, upgrading and cloning. The DLMs can be delivered to the printer via the Jet Direct printer service on TCP port 9100. Problem Multiple Xerox products are...

8.1AI score
Exploits0
Saint
Saint
•added 2014/07/02 12:0 a.m.•22 views

Easy File Management Web Server UserID Cookie Handling Buffer Overflow

Added: 07/02/2014 BID: 67542 OSVDB: 107241 Background Easy File Management Web Server is a Microsoft Windows based file management application that allows remote users to upload and download files through a web browser. It also supports online editing of Word, Excel, PowerPoint and PDF documents ...

0.7AI score
Exploits0
Saint
Saint
•added 2013/10/17 12:0 a.m.•22 views

HP LoadRunner lrFileIOService ActiveX WriteFileString Method Traversal Vulnerability

Added: 10/17/2013 CVE: CVE-2013-4798 BID: 61443 OSVDB: 95642 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the lrFileIOService ActiveX control. Problem HP LoadRunner before 11.52 is vulnerable to remote code execution. The lrFileIOService ActiveX...

10CVSS7.2AI score0.67723EPSS
Exploits9
Saint
Saint
•added 2013/09/30 12:0 a.m.•22 views

WPAD Listener

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, browsers are...

0.7AI score
Exploits0
Saint
Saint
•added 2013/08/29 12:0 a.m.•22 views

HP LoadRunner lrFileIOService ActiveX Control WriteFileBinary Input Validation Error

Added: 08/29/2013 CVE: CVE-2013-2370 BID: 61441 OSVDB: 95640 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the lrFileIOService ActiveX control. Problem HP LoadRunner before 11.52 is vulnerable to remote code execution. The lrFileIOService ActiveX...

7.5CVSS7.4AI score0.62764EPSS
Exploits9
Saint
Saint
•added 2013/08/14 12:0 a.m.•22 views

PineApp Mail-SeCure ldapsyncnow.php command injection

Added: 08/14/2013 BID: 61474 OSVDB: 95781 Background PineApp Mail-SeCure is an e-mail security appliance which provides perimeter security protection to stop threats prior to their penetration of the customer's network, as well as post-perimeter anti-spam content inspection. Problem A vulnerabili...

8AI score
Exploits0
Saint
Saint
•added 2013/04/01 12:0 a.m.•22 views

Sami FTP Server LIST command buffer overflow

Added: 04/01/2013 BID: 58247 OSVDB: 90815 Background Sami FTP Server is an FTP server for Windows. Problem Sami FTP Server is affected by a buffer overflow vulnerability. A remote attacker could exploit this vulnerability by sending a long, specially crafted LIST command to the server, resulting ...

0.1AI score
Exploits0
Saint
Saint
•added 2013/04/01 12:0 a.m.•22 views

Sami FTP Server LIST command buffer overflow

Added: 04/01/2013 BID: 58247 OSVDB: 90815 Background Sami FTP Server is an FTP server for Windows. Problem Sami FTP Server is affected by a buffer overflow vulnerability. A remote attacker could exploit this vulnerability by sending a long, specially crafted LIST command to the server, resulting ...

8AI score
Exploits0
Saint
Saint
•added 2012/10/12 12:0 a.m.•22 views

Novell File Reporter NFRAgent.exe VOL tag buffer overflow

Added: 10/12/2012 BID: 55268 OSVDB: 85503 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where duplicates exist...

8.1AI score
Exploits0
Saint
Saint
•added 2012/10/12 12:0 a.m.•22 views

HP Diagnostics magentservice.exe Malformed Packet Parsing Vulnerability

Added: 10/12/2012 BID: 55159 OSVDB: 84855 Background HP Diagnostics software monitors application transaction health in traditional, virtualized and cloud environments. Problem HP Diagnostics Server has a buffer overflow vulnerability in the magentservice.exe process that could allow...

2.7AI score
Exploits0
Saint
Saint
•added 2012/08/20 12:0 a.m.•22 views

HP Operations Agent Opcode 0x8c vulnerability

Added: 08/20/2012 CVE: CVE-2012-2020 BID: 54362 OSVDB: 83674 Background HP Operations Agents is a fault and performance monitoring solution for servers. Problem A buffer overflow vulnerability in the coda.exe process, which listens on a random TCP port, could allow remote attackers to execute...

10CVSS7.8AI score0.64685EPSS
Exploits8
Saint
Saint
•added 2012/07/25 12:0 a.m.•22 views

Apple QuickTime SetLanguage Overflow

Added: 07/25/2012 CVE: CVE-2012-0666 BID: 53577 OSVDB: 81937 Background Apple QuickTime is a media player for Windows and Mac OS platforms. Problem The QuickTime player browser plugin does not properly validate the language field in QT Movie files. If a malicious QT Movie file were opened via a...

9.3CVSS7.2AI score0.04057EPSS
Exploits5
Saint
Saint
•added 2012/04/27 12:0 a.m.•22 views

Quest InTrust Annotation Objects ActiveX Control Add Method Vulnerability

Added: 04/27/2012 BID: 52765 OSVDB: 80662 Background InTrust collects, stores, reports and alerts on event log data from Windows, Unix and Linux systems. Problem Quest Intrust Annotation Objects ActiveX Control AnnotateX.dll is vulnerable to remote code execution due to an input validation error...

8AI score
Exploits0
Saint
Saint
•added 2012/04/27 12:0 a.m.•22 views

Quest InTrust Annotation Objects ActiveX Control Add Method Vulnerability

Added: 04/27/2012 BID: 52765 OSVDB: 80662 Background InTrust collects, stores, reports and alerts on event log data from Windows, Unix and Linux systems. Problem Quest Intrust Annotation Objects ActiveX Control AnnotateX.dll is vulnerable to remote code execution due to an input validation error...

8AI score
Exploits0
Saint
Saint
•added 2012/04/19 12:0 a.m.•22 views

Cisco Linksys PTZ Internet Video Camera PlayerPT ActiveX Overflow

Added: 04/19/2012 BID: 52673 OSVDB: 80297 Background The Cisco WVC200 Wireless-G PTZ Internet Video Camera sends live video through the Internet to a web browser anywhere in the world. Viewers can access the video stream through an HTTP service, which requires an ActiveX client to be installed in...

7.6AI score
Exploits0
Saint
Saint
•added 2012/02/25 12:0 a.m.•22 views

Browser Find toolbar phishing attack

Added: 02/25/2012 Background This tool serves a page claiming to be a list of stolen passwords. When a user sees this list, the most common response is to validate the claim by opening a Find box Ctrl-F and searching for his or her own password. The tool intercepts the Ctrl-F keypress and opens a...

7.2AI score
Exploits0
Saint
Saint
•added 2011/12/27 12:0 a.m.•22 views

Traq authenticate function remote code execution

Added: 12/27/2011 BID: 50961 OSVDB: 77556 Background Traq is a PHP5+ and MySQL4+ based Project Tracking system with the ability to host multiple projects. Problem The flaw is caused due to admin rights not properly being restricted in the "authenticate" function in admincp/common.php. This can be...

0.8AI score
Exploits0
Saint
Saint
•added 2011/11/28 12:0 a.m.•22 views

Viscom Software Image Viewer ActiveX TIFMergeMultiFiles Vulnerability

Added: 11/28/2011 BID: 50712 Background Viscom Image Viewer CP is an image viewer ActiveX control that supports many popular image file formats, zoom in, zoom out, panning, auto zoom and auto scrolling when drawing the selection rectangle. Problem The ImageViewer2.OCX ActiveX control in Image...

0.8AI score
Exploits0
Saint
Saint
•added 2011/10/24 12:0 a.m.•22 views

ACD Systems Fotoslate PLP File ID Parameter Buffer Overflow

Added: 10/24/2011 CVE: CVE-2011-2595 BID: 49558 OSVDB: 75425 Background ACD Systems FotoSlate 4 Photo Print Studio allows users to create contact sheets or wallet sized prints, choose themed frames, and create custom calendars. Problem Fotoslate 4.0 Build 146 is vulnerable to remote code executio...

10CVSS6.9AI score0.6128EPSS
Exploits8
Total number of security vulnerabilities4305