4305 matches found
Windows Plug and Play buffer overflow
Added: 03/03/2006 CVE: CVE-2005-1983 BID: 14513 OSVDB: 18605 Background The Windows Plug and Play service allows Windows operating systems to automatically detect and configure a new hardware device, such as a mouse. Problem A buffer overflow in the Plug and Play service could allow command...
Novell ZENworks Remote Management authentication buffer overflow
Added: 03/02/2006 CVE: CVE-2005-1543 BID: 13678 OSVDB: 16698 Background Novell ZENworks is a resource management solution consisting of a management server and management agents. Problem The Novell ZENworks Remote Management service is affected by a buffer overflow when processing authentication...
Novell ZENworks Remote Management authentication buffer overflow
Added: 03/02/2006 CVE: CVE-2005-1543 BID: 13678 OSVDB: 16698 Background Novell ZENworks is a resource management solution consisting of a management server and management agents. Problem The Novell ZENworks Remote Management service is affected by a buffer overflow when processing authentication...
Novell ZENworks Remote Management authentication buffer overflow
Added: 03/02/2006 CVE: CVE-2005-1543 BID: 13678 OSVDB: 16698 Background Novell ZENworks is a resource management solution consisting of a management server and management agents. Problem The Novell ZENworks Remote Management service is affected by a buffer overflow when processing authentication...
Novell ZENworks Remote Management authentication buffer overflow
Added: 03/02/2006 CVE: CVE-2005-1543 BID: 13678 OSVDB: 16698 Background Novell ZENworks is a resource management solution consisting of a management server and management agents. Problem The Novell ZENworks Remote Management service is affected by a buffer overflow when processing authentication...
MDaemon IMAP AUTHENTICATE command buffer overflow
Added: 03/01/2006 BID: 14317 OSVDB: 18069 Background MDaemon is an e-mail server for Windows. Problem The IMAP service in MDaemon is affected by buffer overflow vulnerabilities in the AUTHENTICATE LOGIN and AUTHENTICATE CRAM-MD5 commands which can be exploited without logging into the server...
MDaemon IMAP AUTHENTICATE command buffer overflow
Added: 03/01/2006 BID: 14317 OSVDB: 18069 Background MDaemon is an e-mail server for Windows. Problem The IMAP service in MDaemon is affected by buffer overflow vulnerabilities in the AUTHENTICATE LOGIN and AUTHENTICATE CRAM-MD5 commands which can be exploited without logging into the server...
MDaemon IMAP AUTHENTICATE command buffer overflow
Added: 03/01/2006 BID: 14317 OSVDB: 18069 Background MDaemon is an e-mail server for Windows. Problem The IMAP service in MDaemon is affected by buffer overflow vulnerabilities in the AUTHENTICATE LOGIN and AUTHENTICATE CRAM-MD5 commands which can be exploited without logging into the server...
MDaemon IMAP AUTHENTICATE command buffer overflow
Added: 03/01/2006 BID: 14317 OSVDB: 18069 Background MDaemon is an e-mail server for Windows. Problem The IMAP service in MDaemon is affected by buffer overflow vulnerabilities in the AUTHENTICATE LOGIN and AUTHENTICATE CRAM-MD5 commands which can be exploited without logging into the server...
Safari archive metadata command execution
Added: 02/24/2006 CVE: CVE-2006-0848 BID: 16736 OSVDB: 23366 Background The Safari web browser supports explicit binding, which allows a file to override the default application for its file type. Safe files are files such as pictures, movies, and archives which are opened automatically when...
Internet Explorer COM object instantiation vulnerability
Added: 02/24/2006 CVE: CVE-2005-1990 BID: 14511 OSVDB: 18612 Background Windows operating systems use the Component Object Model COM to allow various program components to be run within different applications. Problem Improper instantiation of certain COM objects as ActiveX controls by Internet...
Internet Explorer COM object instantiation vulnerability
Added: 02/24/2006 CVE: CVE-2005-1990 BID: 14511 OSVDB: 18612 Background Windows operating systems use the Component Object Model COM to allow various program components to be run within different applications. Problem Improper instantiation of certain COM objects as ActiveX controls by Internet...
Safari archive metadata command execution
Added: 02/24/2006 CVE: CVE-2006-0848 BID: 16736 OSVDB: 23366 Background The Safari web browser supports explicit binding, which allows a file to override the default application for its file type. Safe files are files such as pictures, movies, and archives which are opened automatically when...
Safari archive metadata command execution
Added: 02/24/2006 CVE: CVE-2006-0848 BID: 16736 OSVDB: 23366 Background The Safari web browser supports explicit binding, which allows a file to override the default application for its file type. Safe files are files such as pictures, movies, and archives which are opened automatically when...
Windows NetDDE buffer overflow
Added: 02/24/2006 CVE: CVE-2004-0206 BID: 11372 OSVDB: 10689 Background Network Dynamic Data Exchange NetDDE is a Windows service which allows two applications to communicate with each other over a network. Problem A buffer overflow in the NetDDE service could allow a remote, anonymous attacker t...
Windows NetDDE buffer overflow
Added: 02/24/2006 CVE: CVE-2004-0206 BID: 11372 OSVDB: 10689 Background Network Dynamic Data Exchange NetDDE is a Windows service which allows two applications to communicate with each other over a network. Problem A buffer overflow in the NetDDE service could allow a remote, anonymous attacker t...
Windows NetDDE buffer overflow
Added: 02/24/2006 CVE: CVE-2004-0206 BID: 11372 OSVDB: 10689 Background Network Dynamic Data Exchange NetDDE is a Windows service which allows two applications to communicate with each other over a network. Problem A buffer overflow in the NetDDE service could allow a remote, anonymous attacker t...
Internet Explorer COM object instantiation vulnerability
Added: 02/24/2006 CVE: CVE-2005-1990 BID: 14511 OSVDB: 18612 Background Windows operating systems use the Component Object Model COM to allow various program components to be run within different applications. Problem Improper instantiation of certain COM objects as ActiveX controls by Internet...
Windows NetDDE buffer overflow
Added: 02/24/2006 CVE: CVE-2004-0206 BID: 11372 OSVDB: 10689 Background Network Dynamic Data Exchange NetDDE is a Windows service which allows two applications to communicate with each other over a network. Problem A buffer overflow in the NetDDE service could allow a remote, anonymous attacker t...
Safari archive metadata command execution
Added: 02/24/2006 CVE: CVE-2006-0848 BID: 16736 OSVDB: 23366 Background The Safari web browser supports explicit binding, which allows a file to override the default application for its file type. Safe files are files such as pictures, movies, and archives which are opened automatically when...
Internet Explorer COM object instantiation vulnerability
Added: 02/24/2006 CVE: CVE-2005-1990 BID: 14511 OSVDB: 18612 Background Windows operating systems use the Component Object Model COM to allow various program components to be run within different applications. Problem Improper instantiation of certain COM objects as ActiveX controls by Internet...
Lotus Notes Attachment Viewer UUE file buffer overflow
Added: 02/21/2006 CVE: CVE-2005-2618 BID: 16576 OSVDB: 23065 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the attachment viewer in the Lotus Notes e-mail client allows command execution when a user opens a specially crafted UUE file. Resolution Upgra...
Lotus Notes Attachment Viewer UUE file buffer overflow
Added: 02/21/2006 CVE: CVE-2005-2618 BID: 16576 OSVDB: 23065 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the attachment viewer in the Lotus Notes e-mail client allows command execution when a user opens a specially crafted UUE file. Resolution Upgra...
Lotus Notes Attachment Viewer UUE file buffer overflow
Added: 02/21/2006 CVE: CVE-2005-2618 BID: 16576 OSVDB: 23065 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the attachment viewer in the Lotus Notes e-mail client allows command execution when a user opens a specially crafted UUE file. Resolution Upgra...
Lotus Notes Attachment Viewer UUE file buffer overflow
Added: 02/21/2006 CVE: CVE-2005-2618 BID: 16576 OSVDB: 23065 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the attachment viewer in the Lotus Notes e-mail client allows command execution when a user opens a specially crafted UUE file. Resolution Upgra...
Lotus Notes HTML Speed Reader URL buffer overflow
Added: 02/17/2006 CVE: CVE-2005-2618 BID: 16576 OSVDB: 23068 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the HTML Speed Reader component of the Lotus Notes e-mail client allows command execution by a specially crafted e-mail message containing a lon...
Lotus Notes HTML Speed Reader URL buffer overflow
Added: 02/17/2006 CVE: CVE-2005-2618 BID: 16576 OSVDB: 23068 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the HTML Speed Reader component of the Lotus Notes e-mail client allows command execution by a specially crafted e-mail message containing a lon...
Microsoft IIS .HTR ISAPI chunked encoding buffer overflow
Added: 02/17/2006 CVE: CVE-2002-0364 BID: 4855 OSVDB: 5316 Background Microsoft IIS web servers include ISAPI extensions which are invoked in the server process to handle requests of a given type. Problem A heap overflow in IIS 4.0 and 5.0 when processing chunked encoding transfers of HTR request...
Lotus Notes HTML Speed Reader URL buffer overflow
Added: 02/17/2006 CVE: CVE-2005-2618 BID: 16576 OSVDB: 23068 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the HTML Speed Reader component of the Lotus Notes e-mail client allows command execution by a specially crafted e-mail message containing a lon...
Microsoft IIS .HTR ISAPI chunked encoding buffer overflow
Added: 02/17/2006 CVE: CVE-2002-0364 BID: 4855 OSVDB: 5316 Background Microsoft IIS web servers include ISAPI extensions which are invoked in the server process to handle requests of a given type. Problem A heap overflow in IIS 4.0 and 5.0 when processing chunked encoding transfers of HTR request...
Microsoft IIS .HTR ISAPI chunked encoding buffer overflow
Added: 02/17/2006 CVE: CVE-2002-0364 BID: 4855 OSVDB: 5316 Background Microsoft IIS web servers include ISAPI extensions which are invoked in the server process to handle requests of a given type. Problem A heap overflow in IIS 4.0 and 5.0 when processing chunked encoding transfers of HTR request...
Microsoft IIS .HTR ISAPI chunked encoding buffer overflow
Added: 02/17/2006 CVE: CVE-2002-0364 BID: 4855 OSVDB: 5316 Background Microsoft IIS web servers include ISAPI extensions which are invoked in the server process to handle requests of a given type. Problem A heap overflow in IIS 4.0 and 5.0 when processing chunked encoding transfers of HTR request...
Lotus Notes HTML Speed Reader URL buffer overflow
Added: 02/17/2006 CVE: CVE-2005-2618 BID: 16576 OSVDB: 23068 Background Lotus Notes is the client for Lotus Domino servers. Problem A buffer overflow in the HTML Speed Reader component of the Lotus Notes e-mail client allows command execution by a specially crafted e-mail message containing a lon...
Windows Media Player plugin EMBED buffer overflow
Added: 02/16/2006 CVE: CVE-2006-0005 BID: 16644 OSVDB: 23132 Background The Windows Media Player plug-in allows the processing of embedded media from inside other applications, such as web browsers. Problem A buffer overflow in the Windows Media Player plug-in allows remote command execution when...
Windows Media Player plugin EMBED buffer overflow
Added: 02/16/2006 CVE: CVE-2006-0005 BID: 16644 OSVDB: 23132 Background The Windows Media Player plug-in allows the processing of embedded media from inside other applications, such as web browsers. Problem A buffer overflow in the Windows Media Player plug-in allows remote command execution when...
Windows Media Player plugin EMBED buffer overflow
Added: 02/16/2006 CVE: CVE-2006-0005 BID: 16644 OSVDB: 23132 Background The Windows Media Player plug-in allows the processing of embedded media from inside other applications, such as web browsers. Problem A buffer overflow in the Windows Media Player plug-in allows remote command execution when...
Windows Media Player plugin EMBED buffer overflow
Added: 02/16/2006 CVE: CVE-2006-0005 BID: 16644 OSVDB: 23132 Background The Windows Media Player plug-in allows the processing of embedded media from inside other applications, such as web browsers. Problem A buffer overflow in the Windows Media Player plug-in allows remote command execution when...
AWStats configdir parameter command execution
Added: 02/14/2006 CVE: CVE-2005-0116 BID: 12298 OSVDB: 13002 Background AWStats is a web application for showing web, FTP, and mail server statistics. Problem Insufficient validation of the configdir parameter before being used in a PERL open call leads to remote command execution. Resolution...
AWStats configdir parameter command execution
Added: 02/14/2006 CVE: CVE-2005-0116 BID: 12298 OSVDB: 13002 Background AWStats is a web application for showing web, FTP, and mail server statistics. Problem Insufficient validation of the configdir parameter before being used in a PERL open call leads to remote command execution. Resolution...
AWStats configdir parameter command execution
Added: 02/14/2006 CVE: CVE-2005-0116 BID: 12298 OSVDB: 13002 Background AWStats is a web application for showing web, FTP, and mail server statistics. Problem Insufficient validation of the configdir parameter before being used in a PERL open call leads to remote command execution. Resolution...
AWStats configdir parameter command execution
Added: 02/14/2006 CVE: CVE-2005-0116 BID: 12298 OSVDB: 13002 Background AWStats is a web application for showing web, FTP, and mail server statistics. Problem Insufficient validation of the configdir parameter before being used in a PERL open call leads to remote command execution. Resolution...
Microsoft WINS replication service pointer corruption
Added: 02/10/2006 CVE: CVE-2004-1080 BID: 11763 OSVDB: 12378 Background The Windows Internet Naming Service WINS maps Netbios names to IP addresses. The WINS replication service runs on port 42/TCP and allows WINS servers to share Netbios name information with other WINS servers. Problem The WINS...
Mozilla Firefox QueryInterface method memory corruption
Added: 02/10/2006 CVE: CVE-2006-0295 BID: 16476 OSVDB: 22893 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A memory corruption in the QueryInterface method of the Location and Navigator objects leads to command execution. Resolution Upgrade to...
Microsoft WINS replication service pointer corruption
Added: 02/10/2006 CVE: CVE-2004-1080 BID: 11763 OSVDB: 12378 Background The Windows Internet Naming Service WINS maps Netbios names to IP addresses. The WINS replication service runs on port 42/TCP and allows WINS servers to share Netbios name information with other WINS servers. Problem The WINS...
Microsoft WINS replication service pointer corruption
Added: 02/10/2006 CVE: CVE-2004-1080 BID: 11763 OSVDB: 12378 Background The Windows Internet Naming Service WINS maps Netbios names to IP addresses. The WINS replication service runs on port 42/TCP and allows WINS servers to share Netbios name information with other WINS servers. Problem The WINS...
Mozilla Firefox QueryInterface method memory corruption
Added: 02/10/2006 CVE: CVE-2006-0295 BID: 16476 OSVDB: 22893 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A memory corruption in the QueryInterface method of the Location and Navigator objects leads to command execution. Resolution Upgrade to...
Mozilla Firefox QueryInterface method memory corruption
Added: 02/10/2006 CVE: CVE-2006-0295 BID: 16476 OSVDB: 22893 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A memory corruption in the QueryInterface method of the Location and Navigator objects leads to command execution. Resolution Upgrade to...
Microsoft WINS replication service pointer corruption
Added: 02/10/2006 CVE: CVE-2004-1080 BID: 11763 OSVDB: 12378 Background The Windows Internet Naming Service WINS maps Netbios names to IP addresses. The WINS replication service runs on port 42/TCP and allows WINS servers to share Netbios name information with other WINS servers. Problem The WINS...
Mozilla Firefox QueryInterface method memory corruption
Added: 02/10/2006 CVE: CVE-2006-0295 BID: 16476 OSVDB: 22893 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem A memory corruption in the QueryInterface method of the Location and Navigator objects leads to command execution. Resolution Upgrade to...
Microsoft IIS 5.0 printer ISAPI extension buffer overflow
Added: 02/08/2006 CVE: CVE-2001-0241 BID: 2674 OSVDB: 3323 Background Microsoft IIS web servers include ISAPI extensions which are invoked in the server process to handle requests of a given type. Problem The ISAPI extension which handles requests for file names ending in .printer is affected by ...