4300 matches found
WS_FTP XCRC buffer overflow
Added: 09/22/2006 CVE: CVE-2006-4847 BID: 20076 OSVDB: 28939 Background WSFTP Server is an FTP server for Windows platforms. Problem Buffer overflows in multiple FTP commands allow an authenticated attacker to execute arbitrary commands. Resolution Upgrade to WSFTP Server 5.05 Hotfix 1. Reference...
WS_FTP XCRC buffer overflow
Added: 09/22/2006 CVE: CVE-2006-4847 BID: 20076 OSVDB: 28939 Background WSFTP Server is an FTP server for Windows platforms. Problem Buffer overflows in multiple FTP commands allow an authenticated attacker to execute arbitrary commands. Resolution Upgrade to WSFTP Server 5.05 Hotfix 1. Reference...
WS_FTP XCRC buffer overflow
Added: 09/22/2006 CVE: CVE-2006-4847 BID: 20076 OSVDB: 28939 Background WSFTP Server is an FTP server for Windows platforms. Problem Buffer overflows in multiple FTP commands allow an authenticated attacker to execute arbitrary commands. Resolution Upgrade to WSFTP Server 5.05 Hotfix 1. Reference...
WS_FTP XCRC buffer overflow
Added: 09/22/2006 CVE: CVE-2006-4847 BID: 20076 OSVDB: 28939 Background WSFTP Server is an FTP server for Windows platforms. Problem Buffer overflows in multiple FTP commands allow an authenticated attacker to execute arbitrary commands. Resolution Upgrade to WSFTP Server 5.05 Hotfix 1. Reference...
Internet Explorer VML rect fill buffer overflow
Added: 09/20/2006 CVE: CVE-2006-4868 BID: 20096 OSVDB: 28946 Background Vector Markup Language VML is an XML-based format for vector graphics. Problem A buffer overflow in Internet Explorer when processing VML code allows remote command execution using a long fill parameter within a rect tag...
Internet Explorer VML rect fill buffer overflow
Added: 09/20/2006 CVE: CVE-2006-4868 BID: 20096 OSVDB: 28946 Background Vector Markup Language VML is an XML-based format for vector graphics. Problem A buffer overflow in Internet Explorer when processing VML code allows remote command execution using a long fill parameter within a rect tag...
Internet Explorer VML rect fill buffer overflow
Added: 09/20/2006 CVE: CVE-2006-4868 BID: 20096 OSVDB: 28946 Background Vector Markup Language VML is an XML-based format for vector graphics. Problem A buffer overflow in Internet Explorer when processing VML code allows remote command execution using a long fill parameter within a rect tag...
Internet Explorer VML rect fill buffer overflow
Added: 09/20/2006 CVE: CVE-2006-4868 BID: 20096 OSVDB: 28946 Background Vector Markup Language VML is an XML-based format for vector graphics. Problem A buffer overflow in Internet Explorer when processing VML code allows remote command execution using a long fill parameter within a rect tag...
Mercury Mail IMAP DELETE command buffer overflow
Added: 09/18/2006 CVE: CVE-2004-1211 BID: 11775 OSVDB: 12508 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem Buffer overflow vulnerabilities in the IMAP service allow authenticated attackers to execute arbitrary commands using long arguments t...
MDaemon WorldClient form2raw.cgi From buffer overflow
Added: 09/18/2006 CVE: CVE-2003-1200 BID: 9317 OSVDB: 3255 Background MDaemon is an e-mail server product for Windows. It includes a web mail component called WorldClient. Problem A buffer overflow in MDaemon WorldClient allows remote command execution by sending a web request for the form2raw.cg...
MDaemon WorldClient form2raw.cgi From buffer overflow
Added: 09/18/2006 CVE: CVE-2003-1200 BID: 9317 OSVDB: 3255 Background MDaemon is an e-mail server product for Windows. It includes a web mail component called WorldClient. Problem A buffer overflow in MDaemon WorldClient allows remote command execution by sending a web request for the form2raw.cg...
MDaemon WorldClient form2raw.cgi From buffer overflow
Added: 09/18/2006 CVE: CVE-2003-1200 BID: 9317 OSVDB: 3255 Background MDaemon is an e-mail server product for Windows. It includes a web mail component called WorldClient. Problem A buffer overflow in MDaemon WorldClient allows remote command execution by sending a web request for the form2raw.cg...
Mercury Mail IMAP DELETE command buffer overflow
Added: 09/18/2006 CVE: CVE-2004-1211 BID: 11775 OSVDB: 12508 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem Buffer overflow vulnerabilities in the IMAP service allow authenticated attackers to execute arbitrary commands using long arguments t...
Mercury Mail IMAP DELETE command buffer overflow
Added: 09/18/2006 CVE: CVE-2004-1211 BID: 11775 OSVDB: 12508 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem Buffer overflow vulnerabilities in the IMAP service allow authenticated attackers to execute arbitrary commands using long arguments t...
MDaemon WorldClient form2raw.cgi From buffer overflow
Added: 09/18/2006 CVE: CVE-2003-1200 BID: 9317 OSVDB: 3255 Background MDaemon is an e-mail server product for Windows. It includes a web mail component called WorldClient. Problem A buffer overflow in MDaemon WorldClient allows remote command execution by sending a web request for the form2raw.cg...
Mercury Mail IMAP DELETE command buffer overflow
Added: 09/18/2006 CVE: CVE-2004-1211 BID: 11775 OSVDB: 12508 Background Mercury Mail Transport System is an e-mail server product for Windows and NetWare. Problem Buffer overflow vulnerabilities in the IMAP service allow authenticated attackers to execute arbitrary commands using long arguments t...
TikiWiki file upload vulnerability (jhot.php)
Added: 09/08/2006 CVE: CVE-2006-4602 BID: 19819 OSVDB: 28456 Background TikiWiki is a multi-purpose web content management system written in PHP. Problem The jhot.php script allows remote attackers to upload arbitrary PHP commands into the img/wiki directory. The commands can then be executed by...
WhatsUp Gold _maincfgret.cgi instancename buffer overflow
Added: 09/08/2006 CVE: CVE-2004-0798 BID: 11043 OSVDB: 9177 Background WhatsUp Professional formerly WhatsUp Gold is a network mapping and monitoring tool. Problem A buffer overflow in the WhatsUp Gold web interface allows remote command execution by requesting maincfgret.cgi with a long...
TikiWiki file upload vulnerability (jhot.php)
Added: 09/08/2006 CVE: CVE-2006-4602 BID: 19819 OSVDB: 28456 Background TikiWiki is a multi-purpose web content management system written in PHP. Problem The jhot.php script allows remote attackers to upload arbitrary PHP commands into the img/wiki directory. The commands can then be executed by...
WhatsUp Gold _maincfgret.cgi instancename buffer overflow
Added: 09/08/2006 CVE: CVE-2004-0798 BID: 11043 OSVDB: 9177 Background WhatsUp Professional formerly WhatsUp Gold is a network mapping and monitoring tool. Problem A buffer overflow in the WhatsUp Gold web interface allows remote command execution by requesting maincfgret.cgi with a long...
TikiWiki file upload vulnerability (jhot.php)
Added: 09/08/2006 CVE: CVE-2006-4602 BID: 19819 OSVDB: 28456 Background TikiWiki is a multi-purpose web content management system written in PHP. Problem The jhot.php script allows remote attackers to upload arbitrary PHP commands into the img/wiki directory. The commands can then be executed by...
WhatsUp Gold _maincfgret.cgi instancename buffer overflow
Added: 09/08/2006 CVE: CVE-2004-0798 BID: 11043 OSVDB: 9177 Background WhatsUp Professional formerly WhatsUp Gold is a network mapping and monitoring tool. Problem A buffer overflow in the WhatsUp Gold web interface allows remote command execution by requesting maincfgret.cgi with a long...
WhatsUp Gold _maincfgret.cgi instancename buffer overflow
Added: 09/08/2006 CVE: CVE-2004-0798 BID: 11043 OSVDB: 9177 Background WhatsUp Professional formerly WhatsUp Gold is a network mapping and monitoring tool. Problem A buffer overflow in the WhatsUp Gold web interface allows remote command execution by requesting maincfgret.cgi with a long...
TikiWiki file upload vulnerability (jhot.php)
Added: 09/08/2006 CVE: CVE-2006-4602 BID: 19819 OSVDB: 28456 Background TikiWiki is a multi-purpose web content management system written in PHP. Problem The jhot.php script allows remote attackers to upload arbitrary PHP commands into the img/wiki directory. The commands can then be executed by...
MySQL MaxDB WebDBM database name buffer overflow
Added: 09/06/2006 CVE: CVE-2006-4305 BID: 19660 OSVDB: 28300 Background MaxDB is a SAP-certified open-source database developed by MySQL. Problem A buffer overflow in MaxDB allows remote attackers to execute arbitrary commands by sending a long database name from a WebDBM client. Resolution Upgra...
MySQL MaxDB WebDBM database name buffer overflow
Added: 09/06/2006 CVE: CVE-2006-4305 BID: 19660 OSVDB: 28300 Background MaxDB is a SAP-certified open-source database developed by MySQL. Problem A buffer overflow in MaxDB allows remote attackers to execute arbitrary commands by sending a long database name from a WebDBM client. Resolution Upgra...
MySQL MaxDB WebDBM database name buffer overflow
Added: 09/06/2006 CVE: CVE-2006-4305 BID: 19660 OSVDB: 28300 Background MaxDB is a SAP-certified open-source database developed by MySQL. Problem A buffer overflow in MaxDB allows remote attackers to execute arbitrary commands by sending a long database name from a WebDBM client. Resolution Upgra...
MySQL MaxDB WebDBM database name buffer overflow
Added: 09/06/2006 CVE: CVE-2006-4305 BID: 19660 OSVDB: 28300 Background MaxDB is a SAP-certified open-source database developed by MySQL. Problem A buffer overflow in MaxDB allows remote attackers to execute arbitrary commands by sending a long database name from a WebDBM client. Resolution Upgra...
Windows Task Scheduler buffer overflow
Added: 09/05/2006 CVE: CVE-2004-0212 BID: 10708 OSVDB: 7798 Background The Windows Task Scheduler is used to schedule commands to run at specified times. Problem A buffer overflow vulnerability in the Task Scheduler could allow command execution when a specially crafted .job file is processed...
Windows Task Scheduler buffer overflow
Added: 09/05/2006 CVE: CVE-2004-0212 BID: 10708 OSVDB: 7798 Background The Windows Task Scheduler is used to schedule commands to run at specified times. Problem A buffer overflow vulnerability in the Task Scheduler could allow command execution when a specially crafted .job file is processed...
Windows Task Scheduler buffer overflow
Added: 09/05/2006 CVE: CVE-2004-0212 BID: 10708 OSVDB: 7798 Background The Windows Task Scheduler is used to schedule commands to run at specified times. Problem A buffer overflow vulnerability in the Task Scheduler could allow command execution when a specially crafted .job file is processed...
Windows Task Scheduler buffer overflow
Added: 09/05/2006 CVE: CVE-2004-0212 BID: 10708 OSVDB: 7798 Background The Windows Task Scheduler is used to schedule commands to run at specified times. Problem A buffer overflow vulnerability in the Task Scheduler could allow command execution when a specially crafted .job file is processed...
McAfee Subscription Manager ActiveX buffer overflow
Added: 08/25/2006 CVE: CVE-2006-3961 BID: 19265 OSVDB: 27698 Background McAfee Antivirus products access the McAfee Security Center product which allows users to set preferences and settings for numerous installed McAfee components and services. The Security Center includes a Subscription Manager...
McAfee Subscription Manager ActiveX buffer overflow
Added: 08/25/2006 CVE: CVE-2006-3961 BID: 19265 OSVDB: 27698 Background McAfee Antivirus products access the McAfee Security Center product which allows users to set preferences and settings for numerous installed McAfee components and services. The Security Center includes a Subscription Manager...
McAfee Subscription Manager ActiveX buffer overflow
Added: 08/25/2006 CVE: CVE-2006-3961 BID: 19265 OSVDB: 27698 Background McAfee Antivirus products access the McAfee Security Center product which allows users to set preferences and settings for numerous installed McAfee components and services. The Security Center includes a Subscription Manager...
McAfee Subscription Manager ActiveX buffer overflow
Added: 08/25/2006 CVE: CVE-2006-3961 BID: 19265 OSVDB: 27698 Background McAfee Antivirus products access the McAfee Security Center product which allows users to set preferences and settings for numerous installed McAfee components and services. The Security Center includes a Subscription Manager...
Oracle Database string conversion buffer overflow
Added: 08/23/2006 BID: 10871 OSVDB: 9890 Background Oracle Database is a relational database product for multiple platforms. Problem The string conversion function in Oracle Database is affected by a buffer overflow vulnerability. A remote attacker could execute arbitrary commands by sending a lo...
Oracle Database string conversion buffer overflow
Added: 08/23/2006 BID: 10871 OSVDB: 9890 Background Oracle Database is a relational database product for multiple platforms. Problem The string conversion function in Oracle Database is affected by a buffer overflow vulnerability. A remote attacker could execute arbitrary commands by sending a lo...
Oracle Database string conversion buffer overflow
Added: 08/23/2006 BID: 10871 OSVDB: 9890 Background Oracle Database is a relational database product for multiple platforms. Problem The string conversion function in Oracle Database is affected by a buffer overflow vulnerability. A remote attacker could execute arbitrary commands by sending a lo...
Oracle Database string conversion buffer overflow
Added: 08/23/2006 BID: 10871 OSVDB: 9890 Background Oracle Database is a relational database product for multiple platforms. Problem The string conversion function in Oracle Database is affected by a buffer overflow vulnerability. A remote attacker could execute arbitrary commands by sending a lo...
IBM eGatherer ActiveX RunEgatherer buffer overflow
Added: 08/21/2006 CVE: CVE-2006-4221 BID: 19554 OSVDB: 27976 Background The eGatherer ActiveX control is installed with IBM Access Support. Problem A buffer overflow in the eGatherer ActiveX control allows command execution by a web page which sends a long, specially crafted file name to the...
IBM eGatherer ActiveX RunEgatherer buffer overflow
Added: 08/21/2006 CVE: CVE-2006-4221 BID: 19554 OSVDB: 27976 Background The eGatherer ActiveX control is installed with IBM Access Support. Problem A buffer overflow in the eGatherer ActiveX control allows command execution by a web page which sends a long, specially crafted file name to the...
IBM eGatherer ActiveX RunEgatherer buffer overflow
Added: 08/21/2006 CVE: CVE-2006-4221 BID: 19554 OSVDB: 27976 Background The eGatherer ActiveX control is installed with IBM Access Support. Problem A buffer overflow in the eGatherer ActiveX control allows command execution by a web page which sends a long, specially crafted file name to the...
IBM eGatherer ActiveX RunEgatherer buffer overflow
Added: 08/21/2006 CVE: CVE-2006-4221 BID: 19554 OSVDB: 27976 Background The eGatherer ActiveX control is installed with IBM Access Support. Problem A buffer overflow in the eGatherer ActiveX control allows command execution by a web page which sends a long, specially crafted file name to the...
Mozilla Firefox JavaScript Navigator object vulnerability
Added: 08/14/2006 CVE: CVE-2006-3677 BID: 19192 OSVDB: 27559 Background When used in a web page, Java references properties of the window.navigator object as it starts up in Firefox or SeaMonkey. Problem If a web page replaces the navigator object before starting Java, then the page could cause t...
Mozilla Firefox JavaScript Navigator object vulnerability
Added: 08/14/2006 CVE: CVE-2006-3677 BID: 19192 OSVDB: 27559 Background When used in a web page, Java references properties of the window.navigator object as it starts up in Firefox or SeaMonkey. Problem If a web page replaces the navigator object before starting Java, then the page could cause t...
Mozilla Firefox JavaScript Navigator object vulnerability
Added: 08/14/2006 CVE: CVE-2006-3677 BID: 19192 OSVDB: 27559 Background When used in a web page, Java references properties of the window.navigator object as it starts up in Firefox or SeaMonkey. Problem If a web page replaces the navigator object before starting Java, then the page could cause t...
Mozilla Firefox JavaScript Navigator object vulnerability
Added: 08/14/2006 CVE: CVE-2006-3677 BID: 19192 OSVDB: 27559 Background When used in a web page, Java references properties of the window.navigator object as it starts up in Firefox or SeaMonkey. Problem If a web page replaces the navigator object before starting Java, then the page could cause t...
Windows Server Service buffer overflow
Added: 08/11/2006 CVE: CVE-2006-3439 BID: 19409 OSVDB: 27845 Background The Windows Server Service supports file, print, and named-pipe sharing over the network. Problem A buffer overflow vulnerability in the Windows Server Service allows remote attackers to execute arbitrary commands. Resolution...
Windows Server Service buffer overflow
Added: 08/11/2006 CVE: CVE-2006-3439 BID: 19409 OSVDB: 27845 Background The Windows Server Service supports file, print, and named-pipe sharing over the network. Problem A buffer overflow vulnerability in the Windows Server Service allows remote attackers to execute arbitrary commands. Resolution...