4305 matches found
TWiki revision control shell command injection
Added: 04/06/2006 CVE: CVE-2005-2877 BID: 14834 OSVDB: 19403 Background TWiki is a web-based collaboration platform written in PERL. Problem The revision control function in TWiki does not sufficiently check the rev parameter before using it in a shell command call. This allows remote attackers t...
Mercury Mail Transport System Phonebook service buffer overflow
Added: 02/02/2006 CVE: CVE-2005-4411 BID: 16396 OSVDB: 22103 Background Mercury Mail Transport System is a free mail server for Windows and Netware platforms. It includes a Phone Book service which runs on port 105/TCP. Problem A buffer overflow vulnerability in the Phone Book service allows remo...
MailEnable IMAP command buffer overflow
Added: 01/24/2006 CVE: CVE-2004-2501 BID: 11755 OSVDB: 12135 Background MailEnable is a mail server supporting SMTP and POP3 for Windows platforms. MailEnable Professional and MailEnable Enterprise also include IMAP and HTTPMail services. Problem A buffer overflow in the IMAP service allows an...
Easy File Sharing Web Server HEAD HTTP request vulnerability
Added: 01/08/2016 Background Easy File Sharing Web Server is software that allows users to upload/download files to a server easily through a web browser, as well as providing a bulletin board system forum. Problem Easy File Sharing Web Server is vulnerable to a stack buffer overflow condition as...
Konica Minolta FTP Utility buffer overflow
Added: 10/01/2015 Background The Konica Minolta FTP Utility is an FTP server for Windows 98 through XP. Problem A vulnerability in the FTP Utility allows remote, unauthenticated attackers to execute arbitrary commands by sending a long, specially crafted argument to any command. Resolution Remove...
D-Link Cookie command injection
Added: 07/30/2015 Background D-Link produces a variety of routers, switches, and other network equipment for home users and businesses. Problem A command injection vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted cookie in an HTTP request...
TRENDnet Shell
Added: 06/24/2014 Background TRENDnet routers are vulnerable to a range of SQL injection, command injection, and buffer overflow vulnerabilities. Current supported devices include: TEW-654TR - Remote Root Shell TEW-732BR - Remote Root Shell Problem A SQL injection vulnerability allows the attacke...
Eudora WorldMail IMAPd UID Command Buffer Overflow Vulnerability
Added: 03/06/2014 BID: 65650 OSVDB: 104071 Background Eudora WorldMail is an e-mail server for Windows. Problem Eudora WorldMail version 9.0.333.0 and probably earlier IMAPd service is vulnerable to buffer overflow as a result of improper validation of user-supplied input when handling UID...
ActFax RAW Server Stack Buffer Overflow
Added: 04/12/2013 BID: 57789 OSVDB: 89944 Background ActFax is a Windows-based software package that sends, receives and electronically stores faxes. Problem The ActFax RAW server is vulnerable to a boundary error when processing the @F000 data field, which could result in stack-based buffer...
WibuKey Runtime WkWin32.dll module DisplayMessageDialog overflow
Added: 12/27/2012 BID: 56678 OSVDB: 87881 Background WibuKey is a software protection and licensing solution. Problem A vulnerability in the WkWin32.dll ActiveX control in WibuKey Runtime allows command execution when a web page calls the DisplayMessageDialog method with a long, specially crafted...
SAP NetWeaver SAPHostControl Command Injection
Added: 08/29/2012 BID: 55084 OSVDB: 84821 Background SAP NetWeaver is a technology platform for building and integrating SAP business applications. Problem The NetWeaver management console exposes an authenticated SOAP web service interface. During the authentication phase, user-supplied values...
Adobe Photoshop U3D.8BI Library Collada Asset Elements Handling
Added: 05/30/2012 BID: 53464 OSVDB: 81832 Background Adobe Photoshop is an application for editing digital images. Problem Adobe Photoshop 12.1 in Creative Suite CS 5.1 20110328.r.145 is vulnerable to a stack-based buffer overflow that could be exploited to perform arbitrary remote code execution...
Quest InTrust Annotation Objects ActiveX Control Add Method Vulnerability
Added: 04/27/2012 BID: 52765 OSVDB: 80662 Background InTrust collects, stores, reports and alerts on event log data from Windows, Unix and Linux systems. Problem Quest Intrust Annotation Objects ActiveX Control AnnotateX.dll is vulnerable to remote code execution due to an input validation error...
Dell Webcam Software ActiveX Control CrazyTalk4Native.dll Buffer Overflow
Added: 03/23/2012 BID: 52571 OSVDB: 80205 Background Dell Webcam center was written by Creative and branded by Dell. It includes features to control the Dell laptop's integrated webcam, providing photo capture and video recording capability. It comes bundled with Creative Livecam, which provides...
Computech Wordlist Builder DIC File Buffer Overflow
Added: 09/26/2011 BID: 47113 Background Computech Wordlist Builder is a simple utility that generates sorted wordlists based on contents of documents. Problem A stack overflow condition exists in Wordlist Builder 1.0 due the use of a fixed-length buffer used to read words from the .DIC file...
Get OS X 10.7 Hashes
Added: 07/14/2011 Background This tool attempts to retrieve the SHA 512 password hashes stored by OS X Lion 10.7.x Acounts are enumerated using dscl . list /Users/ and password hashes are eunmerated using dscl . read /Users/ Limitations A connection to the target is required to run this tool. The...
AOL Desktop .rtx File Buffer Overflow
Added: 03/18/2011 BID: 46129 OSVDB: 70741 Background AOL Desktop is an internet suite that integrates a web browser, media player, and IM client. Problem A heap overflow vulnerability exists in the Rich Text file parser of AOL Desktop 9.x. In documents with HTML links, the parser does not properl...
HP Photo Creations audio.Record ActiveX Stack Buffer Overflow
Added: 01/10/2011 BID: 45631 Background HP Photo Creations is free software that lets the user create photo books, calendars, collages, greeting cards and other keepsakes that can be printed or shipped to the user. HP Photo Creations installs and registers the audio.Record ActiveX control which...
Novell iManager getMultiPartParameters file upload vulnerability
Added: 10/11/2010 BID: 43635 OSVDB: 68320 Background Novell iManager is a web-based management interface for other Novell products. Problem The getMultiPartParameters function in the nps.jar web application in Novell iManager allows remote attackers to upload arbitrary files to the server. By...
ARP Spoof
Added: 08/23/2010 Background The Address Resolution Protocol ARP is used to resolve IP addresses into the hardware addresses which are used for delivering packets on a local network. Problem It is possible to send a computer a forged ARP reply, which is then stored in that computer's cache. This...
TweakFS Zip Utility for FSX filename buffer overflow
Added: 06/24/2010 CVE: CVE-2010-1458 BID: 39565 OSVDB: 63899 Background The TweakFS Zip Utility is included in the TweakFS Flight Simulator X Utilities. Problem A buffer overflow vulnerability in the TweakFS Zip Utility allows command execution when a user opens a ZIP archive containing a long,...
ReGet Deluxe .wjr file SaveTo attribute buffer overflow
Added: 05/14/2010 BID: 37511 Background ReGet Deluxe is a download manager for Windows. Problem A buffer overflow vulnerability allows command execution when a user opens a .wjr file containing a Download tag with a specially crafted SaveTo attribute. Resolution Do not open untrusted .wjr files...
Orbital Viewer buffer overflow
Added: 03/24/2010 CVE: CVE-2010-0688 BID: 38436 OSVDB: 62580 Background Orbital Viewer is a program for viewing atomic and molecular orbitals. Problem A buffer overflow vulnerability in Orbital Viewer allows command execution when a user opens a specially crafted .orb file. Resolution Do not open...
Xi Software Net Transport eDonkey Protocol Buffer Overflow
Added: 02/22/2010 OSVDB: 61435 Background Net Transport, also known as NetXfer, is a download manager for Windows made by Xi Software. Among the protocols Net Transport can handle is eDonkey, a decentrailized peer to peer network for file sharing. Problem The Net Transport download manager fails ...
BigAnt Messenger Server USV Command Buffer Overflow
Added: 02/09/2010 BID: 37520 OSVDB: 61386 Background BigAnt Messenger Server offers secure instant messaging, file transfer, voip, video chat, web conferencing and more. Problem BigAnt server version 2.52 and earlier are vulnerable to a remote, unauthenticated buffer overflow attack. The...
Mozilla Firefox PKCS11 Module Installation Code Execution
Added: 09/24/2009 CVE: CVE-2009-3076 BID: 36343 OSVDB: 57977 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem The warning dialog displayed when adding or removing security modules via pkcs11.addmodule or pkcs11.deletemodule can be customized by a...
Microsoft DirectX DirectShow QuickTime movie parsing vulnerability
Added: 06/03/2009 CVE: CVE-2009-1537 BID: 35139 OSVDB: 54797 Background DirectX is a feature of the Windows operating system used for streaming media. Within DirectX, the DirectShow technology performs client-side audio and video sourcing, manipulation and rendering. Problem A command execution...
Flash drive/CD autoplay command execution
Added: 04/07/2009 Background This tool allows you to create a USB flash drive which, when inserted into a Windows computer, prompts a user to run a program which creates a command connection. The program is disguised as the "Open Folder" option in the AutoPlay dialog to entice the user to run it...
Winamp skin file MAKI script buffer overflow
Added: 03/10/2009 BID: 34009 Background Winamp is a media player for Windows. Problem A buffer overflow in Winamp allows command execution when a user opens a skin file containing a compiled MAKI script with a specially crafted string having an incorrect length field. Resolution Upgrade to Winamp...
Oracle Secure Backup NDMP_CONECT_CLIENT_AUTH buffer overflow
Added: 01/28/2009 CVE: CVE-2008-5444 BID: 33177 OSVDB: 51340 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A buffer overflow vulnerability in Oracle Secure Backup when handling the NDMP protocol allows remote attackers to execute...
Read Address Book
Added: 10/07/2008 Background This tool attempts to gather e-mail addresses from Outlook and Outlook Express address book files .WAB, .PAB on the target. Limitations A connection to the target is required to run this tool. Recent versions of Microsoft Outlook no longer store address books locally ...
Microsoft PowerPoint Viewer picture index CString object integer overflow
Added: 09/19/2008 CVE: CVE-2008-0120 BID: 30552 OSVDB: 47406 Background Microsoft PowerPoint Viewer 2003 is a free tool which allows viewing of Microsoft PowerPoint presentations without requiring Microsoft PowerPoint itself. Problem An integer overflow vulnerability in the handling of CString...
WebEx Meeting Manager atucfobj.dll ActiveX buffer overflow
Added: 08/22/2008 CVE: CVE-2008-3558 BID: 30578 OSVDB: 47344 Background The WebEx Meeting Manager is automatically installed when a user starts or joins a meeting. Problem A buffer overflow vulnerability in the atucfobj.dll ActiveX control allows command execution when a user loads a web page whi...
WebEx Meeting Manager atucfobj.dll ActiveX buffer overflow
Added: 08/22/2008 CVE: CVE-2008-3558 BID: 30578 OSVDB: 47344 Background The WebEx Meeting Manager is automatically installed when a user starts or joins a meeting. Problem A buffer overflow vulnerability in the atucfobj.dll ActiveX control allows command execution when a user loads a web page whi...
Orbit Downloader URL Unicode conversion buffer overflow
Added: 07/07/2008 CVE: CVE-2008-1602 BID: 28541 OSVDB: 44036 Background Orbit Downloader is a download manager supporting various protocols. Problem A buffer overflow vulnerability during Unicode conversion in the download failure notification message allows command execution when Orbit Downloade...
Veritas Storage Foundation Administrator service buffer overflow
Added: 03/03/2008 CVE: CVE-2008-0638 BID: 25778 OSVDB: 41978 Background Veritas Storage Foundation is an online storage management solution. An Administrator service, implemented by vxsvc.exe , listens on port 3207 by default. Problem A buffer overflow vulnerability in the Administrator service...
BrightStor ARCserve Backup LGServer rxsUseLicenseIni buffer overflow
Added: 01/11/2008 CVE: CVE-2007-3216 BID: 24348 OSVDB: 35329 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem A buffer overflow vulnerability in the rxsUseLicenseIni function allow...
Borland Interbase ibserver.exe create buffer overflow
Added: 07/26/2007 CVE: CVE-2007-3566 BID: 25048 OSVDB: 38602 Background Borland Interbase is a database solution for Windows, Linux, and Solaris platforms. Problem A buffer overflow in the database service, ibserver.exe , allows remote attackers to execute arbitrary commands by sending a speciall...
McAfee ePolicy Orchestrator SiteManager ExportSiteList buffer overflow
Added: 05/11/2007 CVE: CVE-2007-1498 BID: 22952 OSVDB: 33796 Background ePolicy Orchestrator is a centralized security configuration and monitoring application. It includes the SiteManager ActiveX control which is implemented by sitemanager.dll. Problem A buffer overflow vulnerability in the...
ACDSee XPM file handling buffer overflow
Added: 05/10/2007 CVE: CVE-2007-2193 BID: 23620 OSVDB: 35236 Background ACDSee is a suite of products for viewing and organizing photos. Problem A buffer overflow vulnerability in the IDX.apl plug-in allows command execution when a user opens a specially crafted XPM file. Resolution Apply a fix...
LANDesk Management Suite Alert Service buffer overflow
Added: 04/23/2007 CVE: CVE-2007-1674 BID: 23483 OSVDB: 34964 Background LANDesk Management Suite automates systems and security management tasks across a network. It runs an Alert Service which listens for communication on port 65535/UDP. Problem A buffer overflow vulnerability in the Alert Servi...
BrightStor ARCserve Message Engine opnum 0x75 buffer overflow
Added: 01/24/2007 CVE: CVE-2007-0169 BID: 22005 OSVDB: 31318 Background The BrightStor ARCserve Backup server runs the Message Engine RPC service on ports 6503/TCP and 6504/TCP by default. Problem A buffer overflow in BrightStor ARCserve Backup allows remote attackers to execute arbitrary command...
Novell eDirectory iMonitor HTTP redirection buffer overflow
Added: 10/26/2006 CVE: CVE-2006-5478 BID: 20655 OSVDB: 29993 Background iMonitor is a web service which is a component of Novell eDirectory. Problem iMonitor allows remote command execution by sending specially crafted HTTP header data in a request for certain URLs, which results in a buffer...
MySQL MaxDB WebDBM database name buffer overflow
Added: 09/06/2006 CVE: CVE-2006-4305 BID: 19660 OSVDB: 28300 Background MaxDB is a SAP-certified open-source database developed by MySQL. Problem A buffer overflow in MaxDB allows remote attackers to execute arbitrary commands by sending a long database name from a WebDBM client. Resolution Upgra...
ViRobot Server web interface addschup buffer overflow
Added: 07/28/2006 CVE: CVE-2005-2041 BID: 13964 OSVDB: 17320 Background ViRobot Linux Server includes a web-based control interface. Problem A buffer overflow in the addschup CGI program included in the ViRobot Linux Server allows remote attackers to write arbitrary commands into the root crontab...
IIS Unicode Directory Traversal
Added: 07/03/2006 CVE: CVE-2000-0884 BID: 1806 OSVDB: 436 Background Microsoft IIS is a web server for Windows platforms. Problem Microsoft IIS 4.0 and 5.0 allow path validation checks to be bypassed by encoding invalid characters in Unicode. For example, a slash character is represented as %c0%a...
IMail IMAP DELETE command buffer overflow
Added: 06/01/2006 CVE: CVE-2004-1520 BID: 11675 OSVDB: 11838 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow in the IMAP service could allow remote attackers to execute commands by sending a long, specially crafted DELETE command. The attacker would need to...
Internet Explorer isComponentInstalled buffer overflow
Added: 03/16/2006 CVE: CVE-2006-1016 BID: 16870 OSVDB: 31647 Background The isComponentInstalled method allows scripts to determine which components are installed. Problem Internet Explorer is affected by a buffer overflow in the isComponentInstalled method which can lead to remote command...
IMail IMAP FETCH command buffer overflow
Added: 03/15/2006 CVE: CVE-2005-3526 BID: 17063 OSVDB: 23796 Background IMail is a mail server for Windows including SMTP, IMAP, and LDAP services. Problem A buffer overflow vulnerability in IMail allows remote authenticated attackers to execute arbitrary commands by sending a specially crafted...
IMail IMAP LOGIN special character vulnerability
Added: 01/04/2006 CVE: CVE-2005-1255 BID: 13727 OSVDB: 16804 Background IMail is a mail server for Windows platforms. It includes SMTP, POP, IMAP, and LDAP services, a web interface, and web calendaring. Problem A remote attacker could execute arbitrary commands by sending a long specially crafte...