4300 matches found
ReGet Deluxe .wjr file SaveTo attribute buffer overflow
Added: 05/14/2010 BID: 37511 Background ReGet Deluxe is a download manager for Windows. Problem A buffer overflow vulnerability allows command execution when a user opens a .wjr file containing a Download tag with a specially crafted SaveTo attribute. Resolution Do not open untrusted .wjr files...
ReGet Deluxe .wjr file SaveTo attribute buffer overflow
Added: 05/14/2010 BID: 37511 Background ReGet Deluxe is a download manager for Windows. Problem A buffer overflow vulnerability allows command execution when a user opens a .wjr file containing a Download tag with a specially crafted SaveTo attribute. Resolution Do not open untrusted .wjr files...
Novell ZENworks Configuration Management UploadServlet Remote Code Execution
Added: 05/10/2010 BID: 39114 OSVDB: 63412 Background Novell ZENworks Configuration Management is an IT desktop computer management suite that provides the ability to install, configure and administer desktop computers from a centralized location. The product is based on a client/server...
Novell ZENworks Configuration Management UploadServlet Remote Code Execution
Added: 05/10/2010 BID: 39114 OSVDB: 63412 Background Novell ZENworks Configuration Management is an IT desktop computer management suite that provides the ability to install, configure and administer desktop computers from a centralized location. The product is based on a client/server...
Novell ZENworks Configuration Management UploadServlet Remote Code Execution
Added: 05/10/2010 BID: 39114 OSVDB: 63412 Background Novell ZENworks Configuration Management is an IT desktop computer management suite that provides the ability to install, configure and administer desktop computers from a centralized location. The product is based on a client/server...
Novell ZENworks Configuration Management UploadServlet Remote Code Execution
Added: 05/10/2010 BID: 39114 OSVDB: 63412 Background Novell ZENworks Configuration Management is an IT desktop computer management suite that provides the ability to install, configure and administer desktop computers from a centralized location. The product is based on a client/server...
Microsoft Visio DXF file insertion buffer overflow
Added: 05/07/2010 CVE: CVE-2010-1681 BID: 39836 Background Microsoft Visio is a component of the Microsoft Office suite which provides the capability to produce diagrams. Problem A buffer overflow vulnerability allows command execution when a user inserts a specially crafted DXF file into a Visio...
Microsoft Visio DXF file insertion buffer overflow
Added: 05/07/2010 CVE: CVE-2010-1681 BID: 39836 Background Microsoft Visio is a component of the Microsoft Office suite which provides the capability to produce diagrams. Problem A buffer overflow vulnerability allows command execution when a user inserts a specially crafted DXF file into a Visio...
Microsoft Visio DXF file insertion buffer overflow
Added: 05/07/2010 CVE: CVE-2010-1681 BID: 39836 Background Microsoft Visio is a component of the Microsoft Office suite which provides the capability to produce diagrams. Problem A buffer overflow vulnerability allows command execution when a user inserts a specially crafted DXF file into a Visio...
Microsoft Visio DXF file insertion buffer overflow
Added: 05/07/2010 CVE: CVE-2010-1681 BID: 39836 Background Microsoft Visio is a component of the Microsoft Office suite which provides the capability to produce diagrams. Problem A buffer overflow vulnerability allows command execution when a user inserts a specially crafted DXF file into a Visio...
Microsoft Publisher File Conversion Textbox buffer overflow
Added: 04/30/2010 CVE: CVE-2010-0479 BID: 39347 OSVDB: 63748 Background Microsoft Office Publisher, part of the Microsoft Office suite, is a product for creating publications and marketing materials. Problem A buffer overflow vulnerability allows command execution when a user loads a Publisher 97...
Microsoft Publisher File Conversion Textbox buffer overflow
Added: 04/30/2010 CVE: CVE-2010-0479 BID: 39347 OSVDB: 63748 Background Microsoft Office Publisher, part of the Microsoft Office suite, is a product for creating publications and marketing materials. Problem A buffer overflow vulnerability allows command execution when a user loads a Publisher 97...
Microsoft Publisher File Conversion Textbox buffer overflow
Added: 04/30/2010 CVE: CVE-2010-0479 BID: 39347 OSVDB: 63748 Background Microsoft Office Publisher, part of the Microsoft Office suite, is a product for creating publications and marketing materials. Problem A buffer overflow vulnerability allows command execution when a user loads a Publisher 97...
Microsoft Publisher File Conversion Textbox buffer overflow
Added: 04/30/2010 CVE: CVE-2010-0479 BID: 39347 OSVDB: 63748 Background Microsoft Office Publisher, part of the Microsoft Office suite, is a product for creating publications and marketing materials. Problem A buffer overflow vulnerability allows command execution when a user loads a Publisher 97...
RealNetworks Helix Server AgentX receive_agentx Stack Buffer Overflow
Added: 04/27/2010 CVE: CVE-2010-1318 BID: 39564 OSVDB: 63919 Background RealNetworks Helix Server is a media server supporting multiple formats and platforms. Problem A stack buffer overflow vulnerability exists in RealNetworks Helix Server due to a boundary error in the AgentX::receiveagentx...
RealNetworks Helix Server AgentX receive_agentx Stack Buffer Overflow
Added: 04/27/2010 CVE: CVE-2010-1318 BID: 39564 OSVDB: 63919 Background RealNetworks Helix Server is a media server supporting multiple formats and platforms. Problem A stack buffer overflow vulnerability exists in RealNetworks Helix Server due to a boundary error in the AgentX::receiveagentx...
RealNetworks Helix Server AgentX receive_agentx Stack Buffer Overflow
Added: 04/27/2010 CVE: CVE-2010-1318 BID: 39564 OSVDB: 63919 Background RealNetworks Helix Server is a media server supporting multiple formats and platforms. Problem A stack buffer overflow vulnerability exists in RealNetworks Helix Server due to a boundary error in the AgentX::receiveagentx...
RealNetworks Helix Server AgentX receive_agentx Stack Buffer Overflow
Added: 04/27/2010 CVE: CVE-2010-1318 BID: 39564 OSVDB: 63919 Background RealNetworks Helix Server is a media server supporting multiple formats and platforms. Problem A stack buffer overflow vulnerability exists in RealNetworks Helix Server due to a boundary error in the AgentX::receiveagentx...
Internet Explorer Tabular Data Control DataURL memory corruption
Added: 04/22/2010 CVE: CVE-2010-0805 BID: 39025 OSVDB: 63329 Background Tabular Data Control is an ActiveX control which can be used to display data from a delimited text file. Problem A memory corruption vulnerability allows command execution when a user loads a web page which invokes Tabular Da...
Internet Explorer Tabular Data Control DataURL memory corruption
Added: 04/22/2010 CVE: CVE-2010-0805 BID: 39025 OSVDB: 63329 Background Tabular Data Control.aspx is an ActiveX control which can be used to display data from a delimited text file. Problem A memory corruption vulnerability allows command execution when a user loads a web page which invokes Tabul...
Internet Explorer Tabular Data Control DataURL memory corruption
Added: 04/22/2010 CVE: CVE-2010-0805 BID: 39025 OSVDB: 63329 Background Tabular Data Control.aspx is an ActiveX control which can be used to display data from a delimited text file. Problem A memory corruption vulnerability allows command execution when a user loads a web page which invokes Tabul...
Java Runtime Environment Soundbank Resource Name Stack Buffer Overflow
Added: 04/22/2010 CVE: CVE-2010-0839 BID: 39070 OSVDB: 63494 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The JRE Java programming class library contains the Java Sound Application Interface API t...
Java Runtime Environment Soundbank Resource Name Stack Buffer Overflow
Added: 04/22/2010 CVE: CVE-2010-0839 BID: 39070 OSVDB: 63494 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The JRE Java programming class library contains the Java Sound Application Interface API t...
Java Runtime Environment Soundbank Resource Name Stack Buffer Overflow
Added: 04/22/2010 CVE: CVE-2010-0839 BID: 39070 OSVDB: 63494 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The JRE Java programming class library contains the Java Sound Application Interface API t...
Internet Explorer Tabular Data Control DataURL memory corruption
Added: 04/22/2010 CVE: CVE-2010-0805 BID: 39025 OSVDB: 63329 Background Tabular Data Control is an ActiveX control which can be used to display data from a delimited text file. Problem A memory corruption vulnerability allows command execution when a user loads a web page which invokes Tabular Da...
Java Runtime Environment Soundbank Resource Name Stack Buffer Overflow
Added: 04/22/2010 CVE: CVE-2010-0839 BID: 39070 OSVDB: 63494 Background The Java Runtime Environment JRE is part of the Java Development Kit JDK, a set of programming tools for developing Java applications. The JRE Java programming class library contains the Java Sound Application Interface API t...
Sun Java Web Start command-line argument injection
Added: 04/20/2010 CVE: CVE-2010-0886 BID: 39492 OSVDB: 63798 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Sun Java Web Start allows execution of arbitrary commands which are...
Sun Java Web Start command-line argument injection
Added: 04/20/2010 CVE: CVE-2010-0886 BID: 39492 OSVDB: 63798 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Sun Java Web Start allows execution of arbitrary commands which are...
Sun Java Web Start command-line argument injection
Added: 04/20/2010 CVE: CVE-2010-0886 BID: 39492 OSVDB: 63798 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Sun Java Web Start allows execution of arbitrary commands which are...
Sun Java Web Start command-line argument injection
Added: 04/20/2010 CVE: CVE-2010-0886 BID: 39492 OSVDB: 63798 Background Sun Java Web Start allows standalone Java applications, called JNLP files, to be executed by the Java Runtime Environment JRE. Problem A vulnerability in Sun Java Web Start allows execution of arbitrary commands which are...
Windows Media Unicast Service transport information packet buffer overflow
Added: 04/14/2010 CVE: CVE-2010-0478 Background The Windows Media Unicast Service is the part of Windows Media Services which allows streaming media to be sent to a specific user. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially...
Windows Media Unicast Service transport information packet buffer overflow
Added: 04/14/2010 CVE: CVE-2010-0478 Background The Windows Media Unicast Service is the part of Windows Media Services which allows streaming media to be sent to a specific user. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially...
Windows Media Unicast Service transport information packet buffer overflow
Added: 04/14/2010 CVE: CVE-2010-0478 Background The Windows Media Unicast Service is the part of Windows Media Services which allows streaming media to be sent to a specific user. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially...
Windows Media Unicast Service transport information packet buffer overflow
Added: 04/14/2010 CVE: CVE-2010-0478 Background The Windows Media Unicast Service is the part of Windows Media Services which allows streaming media to be sent to a specific user. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially...
Nagios statuswml.cgi Command Injection
Added: 04/13/2010 CVE: CVE-2009-2288 BID: 35464 OSVDB: 55281 Background Nagios is a network host and service monitoring and management system. Problem The Nagios statuswml.cgi script passes unsanitized data to the ping and traceroute commands, resulting in shell command execution via...
Nagios statuswml.cgi Command Injection
Added: 04/13/2010 CVE: CVE-2009-2288 BID: 35464 OSVDB: 55281 Background Nagios is a network host and service monitoring and management system. Problem The Nagios statuswml.cgi script passes unsanitized data to the ping and traceroute commands, resulting in shell command execution via...
Nagios statuswml.cgi Command Injection
Added: 04/13/2010 CVE: CVE-2009-2288 BID: 35464 OSVDB: 55281 Background Nagios is a network host and service monitoring and management system. Problem The Nagios statuswml.cgi script passes unsanitized data to the ping and traceroute commands, resulting in shell command execution via...
Nagios statuswml.cgi Command Injection
Added: 04/13/2010 CVE: CVE-2009-2288 BID: 35464 OSVDB: 55281 Background Nagios is a network host and service monitoring and management system. Problem The Nagios statuswml.cgi script passes unsanitized data to the ping and traceroute commands, resulting in shell command execution via...
Easy FTP Server MKD command buffer overflow
Added: 04/08/2010 BID: 38102 OSVDB: 62134 Background UplusFTP formerly Easy FTP Server is a free FTP server for Windows platforms. Problem A buffer overflow vulnerability allows remote, authenticated attackers to execute arbitrary commands by sending a MKD command with a specially crafted argumen...
Easy FTP Server MKD command buffer overflow
Added: 04/08/2010 BID: 38102 OSVDB: 62134 Background UplusFTP formerly Easy FTP Server is a free FTP server for Windows platforms. Problem A buffer overflow vulnerability allows remote, authenticated attackers to execute arbitrary commands by sending a MKD command with a specially crafted argumen...
Easy FTP Server MKD command buffer overflow
Added: 04/08/2010 BID: 38102 OSVDB: 62134 Background UplusFTP formerly Easy FTP Server is a free FTP server for Windows platforms. Problem A buffer overflow vulnerability allows remote, authenticated attackers to execute arbitrary commands by sending a MKD command with a specially crafted argumen...
Easy FTP Server MKD command buffer overflow
Added: 04/08/2010 BID: 38102 OSVDB: 62134 Background UplusFTP formerly Easy FTP Server is a free FTP server for Windows platforms. Problem A buffer overflow vulnerability allows remote, authenticated attackers to execute arbitrary commands by sending a MKD command with a specially crafted argumen...
Internet Explorer iepeers.dll use-after-free vulnerability
Added: 04/02/2010 CVE: CVE-2010-0806 BID: 38615 OSVDB: 62810 Background The iepeers.dll component of Internet Explorer provides support for Web Folders and printing. Problem A vulnerability in iepeers.dll allows a specially crafted web page to cause a pointer to be used after it has been freed,...
Internet Explorer iepeers.dll use-after-free vulnerability
Added: 04/02/2010 CVE: CVE-2010-0806 BID: 38615 OSVDB: 62810 Background The iepeers.dll component of Internet Explorer provides support for Web Folders and printing. Problem A vulnerability in iepeers.dll allows a specially crafted web page to cause a pointer to be used after it has been freed,...
Internet Explorer iepeers.dll use-after-free vulnerability
Added: 04/02/2010 CVE: CVE-2010-0806 BID: 38615 OSVDB: 62810 Background The iepeers.dll component of Internet Explorer provides support for Web Folders and printing. Problem A vulnerability in iepeers.dll allows a specially crafted web page to cause a pointer to be used after it has been freed,...
Internet Explorer iepeers.dll use-after-free vulnerability
Added: 04/02/2010 CVE: CVE-2010-0806 BID: 38615 OSVDB: 62810 Background The iepeers.dll component of Internet Explorer provides support for Web Folders and printing. Problem A vulnerability in iepeers.dll allows a specially crafted web page to cause a pointer to be used after it has been freed,...
Orbital Viewer buffer overflow
Added: 03/24/2010 CVE: CVE-2010-0688 BID: 38436 OSVDB: 62580 Background Orbital Viewer is a program for viewing atomic and molecular orbitals. Problem A buffer overflow vulnerability in Orbital Viewer allows command execution when a user opens a specially crafted .orb file. Resolution Do not open...
Orbital Viewer buffer overflow
Added: 03/24/2010 CVE: CVE-2010-0688 BID: 38436 OSVDB: 62580 Background Orbital Viewer is a program for viewing atomic and molecular orbitals. Problem A buffer overflow vulnerability in Orbital Viewer allows command execution when a user opens a specially crafted .orb file. Resolution Do not open...
Orbital Viewer buffer overflow
Added: 03/24/2010 CVE: CVE-2010-0688 BID: 38436 OSVDB: 62580 Background Orbital Viewer is a program for viewing atomic and molecular orbitals. Problem A buffer overflow vulnerability in Orbital Viewer allows command execution when a user opens a specially crafted .orb file. Resolution Do not open...
Orbital Viewer buffer overflow
Added: 03/24/2010 CVE: CVE-2010-0688 BID: 38436 OSVDB: 62580 Background Orbital Viewer is a program for viewing atomic and molecular orbitals. Problem A buffer overflow vulnerability in Orbital Viewer allows command execution when a user opens a specially crafted .orb file. Resolution Do not open...