4305 matches found
Ipswitch IMail Server IMAP SEARCH buffer overflow
Added: 07/27/2007 CVE: CVE-2007-3925 BID: 24962 OSVDB: 36219 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service could allow an authenticated attacker to execute arbitrary commands by sending a specially crafted SEARCH command...
Windows Telephony API buffer overflow
Added: 06/12/2007 CVE: CVE-2005-0058 BID: 14518 OSVDB: 18606 Background The Windows Telephony API TAPI provides telecommunications support for Windows applications. Problem A buffer overflow in the Windows Telephony API allows local attackers to execute commands with administrative privileges...
ACDSee XPM file handling buffer overflow
Added: 05/10/2007 CVE: CVE-2007-2193 BID: 23620 OSVDB: 35236 Background ACDSee is a suite of products for viewing and organizing photos. Problem A buffer overflow vulnerability in the IDX.apl plug-in allows command execution when a user opens a specially crafted XPM file. Resolution Apply a fix...
MERCUR imapd SUBSCRIBE command buffer overflow
Added: 03/27/2007 CVE: CVE-2007-1579 BID: 23050 OSVDB: 33546 Background MERCUR Messaging Server is an e-mail server supporting the SMTP, POP3, and IMAP protocols for Windows platforms. Problem A buffer overflow vulnerability allows remote, authenticated attackers to execute arbitrary commands by...
NetMail WebAdmin username buffer overflow
Added: 03/16/2007 CVE: CVE-2007-1350 BID: 22857 OSVDB: 33886 Background Novell NetMail WebAdmin is a web-based administration interface which runs an HTTP server on port 89/TCP. Problem A buffer overflow vulnerability in Novell NetMail WebAdmin allows remote attackers to execute arbitrary command...
Trend Micro ServerProtect ENG_SetRealTimeScanConfigInfo buffer overflow
Added: 03/07/2007 CVE: CVE-2007-1070 BID: 22639 OSVDB: 33042 Background Trend Micro ServerProtect is a virus scanner for servers. Problem A buffer overflow vulnerability in the ENGSetRealTimeScanConfigInfo function allows remote attackers to execute arbitrary commands by sending a specially craft...
HP Mercury LoadRunner mchan.dll buffer overflow
Added: 02/16/2007 CVE: CVE-2007-0446 BID: 22487 OSVDB: 33132 Background HP Mercury LoadRunner is a load testing solution. Problem A buffer overflow in the mchan.dll library allows remote attackers to execute arbitrary commands by sending a packet with a long serveripname field to port 54345/TCP...
BrightStor ARCserve Message Engine opnum 0x75 buffer overflow
Added: 01/24/2007 CVE: CVE-2007-0169 BID: 22005 OSVDB: 31318 Background The BrightStor ARCserve Backup server runs the Message Engine RPC service on ports 6503/TCP and 6504/TCP by default. Problem A buffer overflow in BrightStor ARCserve Backup allows remote attackers to execute arbitrary command...
BrightStor ARCserve Message Engine opnum 0x2f buffer overflow
Added: 01/19/2007 CVE: CVE-2007-0169 BID: 22005 OSVDB: 31318 Background The BrightStor ARCserve Backup server runs the Message Engine RPC service on ports 6503/TCP and 6504/TCP by default. Problem A buffer overflow in BrightStor ARCserve Backup allows remote attackers to execute arbitrary command...
Microsoft Excel PALETTE record buffer overflow
Added: 01/11/2007 CVE: CVE-2007-0031 BID: 21922 OSVDB: 31258 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms. Problem A buffer overflow vulnerability in Microsoft Excel allows command execution when a user opens a speciall...
Novell NetMail NMAP STOR command buffer overflow
Added: 01/05/2007 CVE: CVE-2006-6424 BID: 21725 OSVDB: 31363 Background Novell NetMail servers include the Network Messaging Application Protocol NMAP service, which listens on port 689/TCP. Problem A buffer overflow in Novell NetMail allows remote attackers to execute arbitrary commands by sendi...
MySQL MaxDB WebDBM database name buffer overflow
Added: 09/06/2006 CVE: CVE-2006-4305 BID: 19660 OSVDB: 28300 Background MaxDB is a SAP-certified open-source database developed by MySQL. Problem A buffer overflow in MaxDB allows remote attackers to execute arbitrary commands by sending a long database name from a WebDBM client. Resolution Upgra...
McAfee Subscription Manager ActiveX buffer overflow
Added: 08/25/2006 CVE: CVE-2006-3961 BID: 19265 OSVDB: 27698 Background McAfee Antivirus products access the McAfee Security Center product which allows users to set preferences and settings for numerous installed McAfee components and services. The Security Center includes a Subscription Manager...
Serv-U FTP site chmod buffer overflow
Added: 07/17/2006 CVE: CVE-2004-2111 BID: 9675 OSVDB: 3713 Background Serv-U is an FTP server for Windows platforms. Problem An attacker who has logged on to the Serv-U FTP server and has a writable directory could execute arbitrary commands by sending a site chmod command with an overly long fil...
eSignal WinSig.exe buffer overflow
Added: 07/14/2006 CVE: CVE-2004-1868 BID: 9978 OSVDB: 4583 Background eSignal is a tool which provides real-time financial and market information. Its main application, WinSig.exe , services requests on port 80/TCP. Problem A buffer overflow vulnerability in eSignal allows remote attackers to...
MERCUR Messaging IMAP LOGIN command buffer overflow
Added: 07/10/2006 CVE: CVE-2006-1255 BID: 17138 OSVDB: 23950 Background MERCUR Messaging 2005 is an e-mail server supporting the SMTP, POP3, and IMAP protocols for Windows platforms. Problem A buffer overflow vulnerability in the IMAP service when processing the LOGIN command allows remote...
MailEnable SMTP AUTH LOGIN buffer overflow
Added: 06/30/2006 CVE: CVE-2005-1781 BID: 13772 OSVDB: 16851 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. MailEnable Professional and MailEnable Enterprise also include IMAP and HTTPMail services. Problem The SMTP service in MailEnable is affected by a...
Symantec real-time scan service buffer overflow
Added: 06/13/2006 CVE: CVE-2006-2630 BID: 18107 OSVDB: 25846 Background Various Symantec products include a real-time virus scan service. Problem A buffer overflow in the real-time virus scan service allows remote attackers to execute arbitrary commands. Resolution Apply patch SYM06-010. Referenc...
Symantec real-time scan service buffer overflow
Added: 06/13/2006 CVE: CVE-2006-2630 BID: 18107 OSVDB: 25846 Background Various Symantec products include a real-time virus scan service. Problem A buffer overflow in the real-time virus scan service allows remote attackers to execute arbitrary commands. Resolution Apply patch SYM06-010. Referenc...
RealPlayer invalid chunk header heap overflow
Added: 03/31/2006 CVE: CVE-2005-2922 BID: 17202 OSVDB: 24062 Background RealPlayer, RealOne Player, and Helix Player include an embedded player which plays media embedded in a web page. Problem A chunked HTTP response containing an invalid or missing chunk header results in a heap overflow, leadi...
BakBone NetVault remote heap overflow
Added: 03/24/2006 CVE: CVE-2005-1009 BID: 12967 OSVDB: 15234 Background BakBone NetVault is a distributed data backup and restore solution for UNIX and Windows networks. Problem A heap overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted...
Internet Explorer isComponentInstalled buffer overflow
Added: 03/16/2006 CVE: CVE-2006-1016 BID: 16870 OSVDB: 31647 Background The isComponentInstalled method allows scripts to determine which components are installed. Problem Internet Explorer is affected by a buffer overflow in the isComponentInstalled method which can lead to remote command...
Microsoft Visual Studio .dbp and .sln buffer overflow
Added: 03/07/2006 CVE: CVE-2006-1043 BID: 16953 OSVDB: 23711 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem A buffer overflow vulnerability leads to command execution when a specially crafted Database Project .dbp or...
Windows Plug and Play buffer overflow
Added: 03/03/2006 CVE: CVE-2005-1983 BID: 14513 OSVDB: 18605 Background The Windows Plug and Play service allows Windows operating systems to automatically detect and configure a new hardware device, such as a mouse. Problem A buffer overflow in the Plug and Play service could allow command...
Winamp playlist file buffer overflow
Added: 01/31/2006 CVE: CVE-2006-0476 BID: 16410 OSVDB: 22789 Background Winamp is a media player for Windows. Problem A buffer overflow in Winamp allows code execution when a specially crafted playlist file is opened. Resolution Upgrade to Winamp 5.13 or higher. References Limitations Exploit...
Novell eDirectory iMonitor buffer overflow
Added: 11/29/2005 CVE: CVE-2005-2551 BID: 14548 OSVDB: 18703 Background iMonitor is a web service which is a component of Novell eDirectory. Problem A buffer overflow when processing long HTTP or HTTPS requests leads to remote command execution. Resolution Upgrade to eDirectory 8.7.3 IR7 or highe...
Hummingbird InetD LPD buffer overflow
Added: 11/29/2005 CVE: CVE-2005-1815 BID: 13788 OSVDB: 16957 Background Hummingbird InetD implements common UNIX services on Windows platforms. Problem The Hummingbird InetD LPD service is affected by a buffer overflow which allows remote command execution. Resolution Apply the patch. References...
Apache Tomcat PUT method JSP upload
Added: 10/13/2017 BID: 100954 Background Apache Tomcat is a Java web application platform. Problem A vulnerability in Apache Tomcat allows remote attackers to execute arbitrary commands by using the PUT method to upload a JSP file, and then requesting that file. Resolution Upgrade to Apache Tomca...
Easy File Sharing Web Server HEAD HTTP request vulnerability
Added: 01/08/2016 Background Easy File Sharing Web Server is software that allows users to upload/download files to a server easily through a web browser, as well as providing a bulletin board system forum. Problem Easy File Sharing Web Server is vulnerable to a stack buffer overflow condition as...
iTunes .PLS Title buffer overflow
Added: 05/11/2015 Background iTunes is a free media player for multiple platforms. Problem A buffer overflow vulnerability in iTunes allows command execution when a .PLS file containing a specially crafted Title parameter is opened. Resolution Do not open untrusted .PLS files. References...
WP Symposium Plugin for WordPress Arbitrary File Upload
Added: 01/29/2015 BID: 71686 OSVDB: 116046 Background WP Symposium is a social network plugin for WordPress. Problem WP Symposium Plugin for WordPress contains a vulnerability that allows a remote attacker to execute arbitrary PHP code. This vulnerability is due to the...
XEROX Multiple Product Unauthenticated Remote Firmware Injection Vulnerability
Added: 12/19/2014 BID: 52483 OSVDB: 80096 Background Some Xerox Multifunction Printers MFP utilize Dynamic Loadable Modules DLM for patching, upgrading and cloning. The DLMs can be delivered to the printer via the Jet Direct printer service on TCP port 9100. Problem Multiple Xerox products are...
Easy File Management Web Server UserID Cookie Handling Buffer Overflow
Added: 07/02/2014 BID: 67542 OSVDB: 107241 Background Easy File Management Web Server is a Microsoft Windows based file management application that allows remote users to upload and download files through a web browser. It also supports online editing of Word, Excel, PowerPoint and PDF documents ...
HP LoadRunner lrFileIOService ActiveX WriteFileString Method Traversal Vulnerability
Added: 10/17/2013 CVE: CVE-2013-4798 BID: 61443 OSVDB: 95642 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the lrFileIOService ActiveX control. Problem HP LoadRunner before 11.52 is vulnerable to remote code execution. The lrFileIOService ActiveX...
WPAD Listener
Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, browsers are...
HP LoadRunner lrFileIOService ActiveX Control WriteFileBinary Input Validation Error
Added: 08/29/2013 CVE: CVE-2013-2370 BID: 61441 OSVDB: 95640 Background HP LoadRunner is a software performance testing solution. HP LoadRunner includes the lrFileIOService ActiveX control. Problem HP LoadRunner before 11.52 is vulnerable to remote code execution. The lrFileIOService ActiveX...
PineApp Mail-SeCure ldapsyncnow.php command injection
Added: 08/14/2013 BID: 61474 OSVDB: 95781 Background PineApp Mail-SeCure is an e-mail security appliance which provides perimeter security protection to stop threats prior to their penetration of the customer's network, as well as post-perimeter anti-spam content inspection. Problem A vulnerabili...
Sami FTP Server LIST command buffer overflow
Added: 04/01/2013 BID: 58247 OSVDB: 90815 Background Sami FTP Server is an FTP server for Windows. Problem Sami FTP Server is affected by a buffer overflow vulnerability. A remote attacker could exploit this vulnerability by sending a long, specially crafted LIST command to the server, resulting ...
Sami FTP Server LIST command buffer overflow
Added: 04/01/2013 BID: 58247 OSVDB: 90815 Background Sami FTP Server is an FTP server for Windows. Problem Sami FTP Server is affected by a buffer overflow vulnerability. A remote attacker could exploit this vulnerability by sending a long, specially crafted LIST command to the server, resulting ...
Novell File Reporter NFRAgent.exe VOL tag buffer overflow
Added: 10/12/2012 BID: 55268 OSVDB: 85503 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where duplicates exist...
HP Diagnostics magentservice.exe Malformed Packet Parsing Vulnerability
Added: 10/12/2012 BID: 55159 OSVDB: 84855 Background HP Diagnostics software monitors application transaction health in traditional, virtualized and cloud environments. Problem HP Diagnostics Server has a buffer overflow vulnerability in the magentservice.exe process that could allow...
HP Operations Agent Opcode 0x8c vulnerability
Added: 08/20/2012 CVE: CVE-2012-2020 BID: 54362 OSVDB: 83674 Background HP Operations Agents is a fault and performance monitoring solution for servers. Problem A buffer overflow vulnerability in the coda.exe process, which listens on a random TCP port, could allow remote attackers to execute...
Apple QuickTime SetLanguage Overflow
Added: 07/25/2012 CVE: CVE-2012-0666 BID: 53577 OSVDB: 81937 Background Apple QuickTime is a media player for Windows and Mac OS platforms. Problem The QuickTime player browser plugin does not properly validate the language field in QT Movie files. If a malicious QT Movie file were opened via a...
Quest InTrust Annotation Objects ActiveX Control Add Method Vulnerability
Added: 04/27/2012 BID: 52765 OSVDB: 80662 Background InTrust collects, stores, reports and alerts on event log data from Windows, Unix and Linux systems. Problem Quest Intrust Annotation Objects ActiveX Control AnnotateX.dll is vulnerable to remote code execution due to an input validation error...
Quest InTrust Annotation Objects ActiveX Control Add Method Vulnerability
Added: 04/27/2012 BID: 52765 OSVDB: 80662 Background InTrust collects, stores, reports and alerts on event log data from Windows, Unix and Linux systems. Problem Quest Intrust Annotation Objects ActiveX Control AnnotateX.dll is vulnerable to remote code execution due to an input validation error...
Cisco Linksys PTZ Internet Video Camera PlayerPT ActiveX Overflow
Added: 04/19/2012 BID: 52673 OSVDB: 80297 Background The Cisco WVC200 Wireless-G PTZ Internet Video Camera sends live video through the Internet to a web browser anywhere in the world. Viewers can access the video stream through an HTTP service, which requires an ActiveX client to be installed in...
Browser Find toolbar phishing attack
Added: 02/25/2012 Background This tool serves a page claiming to be a list of stolen passwords. When a user sees this list, the most common response is to validate the claim by opening a Find box Ctrl-F and searching for his or her own password. The tool intercepts the Ctrl-F keypress and opens a...
Traq authenticate function remote code execution
Added: 12/27/2011 BID: 50961 OSVDB: 77556 Background Traq is a PHP5+ and MySQL4+ based Project Tracking system with the ability to host multiple projects. Problem The flaw is caused due to admin rights not properly being restricted in the "authenticate" function in admincp/common.php. This can be...
Viscom Software Image Viewer ActiveX TIFMergeMultiFiles Vulnerability
Added: 11/28/2011 BID: 50712 Background Viscom Image Viewer CP is an image viewer ActiveX control that supports many popular image file formats, zoom in, zoom out, panning, auto zoom and auto scrolling when drawing the selection rectangle. Problem The ImageViewer2.OCX ActiveX control in Image...
ACD Systems Fotoslate PLP File ID Parameter Buffer Overflow
Added: 10/24/2011 CVE: CVE-2011-2595 BID: 49558 OSVDB: 75425 Background ACD Systems FotoSlate 4 Photo Print Studio allows users to create contact sheets or wallet sized prints, choose themed frames, and create custom calendars. Problem Fotoslate 4.0 Build 146 is vulnerable to remote code executio...