Total
13458 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5722 | 1 Sawstudio | 1 Sawstudio | 2025-04-09 | 10.0 HIGH | N/A |
|
Buffer overflow in SAWStudio 3.9i allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long SAWSTUDIO PREFERENCES STRUCT value in a .prf (preferences) file.
|
|||||
| CVE-2008-0702 | 1 South River Technologies | 1 Titan Ftp Server | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple heap-based buffer overflows in Titan FTP Server 6.03 and 6.0.5.549 allow remote attackers to cause a denial of service (daemon crash or hang) and possibly execute arbitrary code via a long argument to the (1) USER or (2) PASS command, different vectors than CVE-2004-1641.
|
|||||
| CVE-2008-1928 | 1 Imager | 1 Imager | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Buffer overflow in Imager 0.42 through 0.63 allows attackers to cause a denial of service (crash) via an image based fill in which the number of input channels is different from the number of output channels.
|
|||||
| CVE-2008-0587 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
|
Buffer overflow in the uspchrp program in devices.chrp.base.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.
|
|||||
| CVE-2007-6166 | 2 Apple, Microsoft | 5 Mac Os X, Quicktime, Safari and 2 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.
|
|||||
| CVE-2007-6425 | 1 Hp | 1 Hp-ux | 2025-04-09 | 10.0 HIGH | N/A |
|
Unspecified vulnerability in HP-UX B.11.31, when running ARPA Transport, allows remote attackers to cause a denial of service via unknown vectors.
|
|||||
| CVE-2008-7079 | 1 Nero | 1 Showtime | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in Nero ShowTime 5.0.15.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long entry in a .M3U playlist file. NOTE: this issue might be related to CVE-2008-0619.
|
|||||
| CVE-2009-0228 | 1 Microsoft | 1 Windows 2000 | 2025-04-09 | 10.0 HIGH | N/A |
|
Stack-based buffer overflow in the EnumeratePrintShares function in Windows Print Spooler Service (win32spl.dll) in Microsoft Windows 2000 SP4 allows remote printer servers to execute arbitrary code via a crafted ShareName in a response to an RPC request, related to "printing data structures," aka "Buffer Overflow in Print Spooler Vulnerability."
|
|||||
| CVE-2009-3969 | 1 Faslo | 1 Faslo Player | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in Faslo Player 7.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .m3u playlist file.
|
|||||
| CVE-2007-5909 | 4 Activepdf, Autonomy, Ibm and 1 more | 6 Docconverter, Keyview Export Sdk, Keyview Filter Sdk and 3 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary code via a crafted (1) AG file to kpagrdr.dll, (2) AW file to awsr.dll, (3) DLL or (4) EXE file to exesr.dll, (5) DOC file to mwsr.dll, (6) MIF file to mifsr.dll, (7) SAM file to lasr.dll, or (8) RTF file to rtfsr.dll. NOT ...
Show More |
|||||
| CVE-2007-3744 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 5.8 MEDIUM | N/A |
|
Heap-based buffer overflow in the UPnP IGD (Internet Gateway Device Standardized Device Control Protocol) implementation in mDNSResponder on Apple Mac OS X 10.4.10 before 20070731 allows network-adjacent remote attackers to execute arbitrary code via a crafted packet.
|
|||||
| CVE-2007-4803 | 1 Atomix Productions | 1 Atomixmp3 | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Buffer overflow in AtomixMP3 2.3 allows user-assisted remote attackers to execute arbitrary code via long strings in file and title fields in a .pls file, as demonstrated by the (1) File1 and (2) Title1 fields, different vectors than CVE-2006-6287 and CVE-2007-2487.
|
|||||
| CVE-2007-5687 | 1 Justsystem | 1 Ichitaro | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple buffer overflows in the rich text processing functionality in JustSystems Ichitaro 2004 through 2007, 11 through 13, and other versions allow remote attackers to execute arbitrary code via a long (1) pard field or (2) font name in the fcharset0 field, which is not properly handled in (a) JSTARO4.OCX; or (3) a long title, which is not properly handled by (b) TJSVDA.DLL.
|
|||||
| CVE-2008-5902 | 1 Xrdp | 1 Xrdp | 2025-04-09 | 7.5 HIGH | N/A |
|
Buffer overflow in the xrdp_bitmap_invalidate function in xrdp/xrdp_bitmap.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via a crafted request.
|
|||||
| CVE-2009-1430 | 1 Symantec | 5 Antivirus, Antivirus Central Quarantine Server, Client Security and 2 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow rem ...
Show More |
|||||
| CVE-2008-1373 | 1 Easy Software Products | 1 Cups | 2025-04-09 | 5.8 MEDIUM | N/A |
|
Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484.
|
|||||
| CVE-2007-6468 | 1 Hammer Of Thyrion | 1 Hammer Of Thyrion | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in the HuffDecode function in hw_utils/hwrcon/huffman.c and hexenworld/Client/huffman.c in Hammer of Thyrion 1.4.2 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted huffman encoded packet. NOTE: some of these details are obtained from third party information.
|
|||||
| CVE-2008-3869 | 1 Sun | 1 Solaris | 2025-04-09 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request, related to improper decoding of request parameters.
|
|||||
| CVE-2007-6020 | 4 Activepdf, Autonomy, Ibm and 1 more | 5 Docconverter, Keyview, Lotus Notes and 2 more | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long attribute value in a (1) DI, (2) FD, (3) FT, (4) JD, (5) JL, (6) LE, (7) OB, (8) OD, (9) OL, (10) PN, (11) PS, (12) PW, (13) RD, (14) QL, or (15) TS tag in a .fff file.
|
|||||
| CVE-2005-4882 | 1 Philippe Jounin | 1 Tftpd32 | 2025-04-09 | 5.0 MEDIUM | N/A |
|
tftpd in Philippe Jounin Tftpd32 2.74 and earlier, as used in Wyse Simple Imager (WSI) and other products, allows remote attackers to cause a denial of service (daemon crash) via a long filename in a TFTP read (aka RRQ or get) request, a different vulnerability than CVE-2002-2226.
|
|||||
| CVE-2009-4171 | 1 Yahoo | 1 Messenger | 2025-04-09 | 4.3 MEDIUM | N/A |
|
An ActiveX control in YahooBridgeLib.dll for Yahoo! Messenger 9.0.0.2162, and possibly other 9.0 versions, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by calling the RegisterMe method with a long argument.
|
|||||
| CVE-2007-2668 | 1 Webdesproxy | 1 Webdesproxy | 2025-04-09 | 6.8 MEDIUM | N/A |
|
Buffer overflow in webdesproxy 0.0.1 allows remote attackers to execute arbitrary code via a long URL, possibly involving the process_connection_request function in webdesproxy.c.
|
|||||
| CVE-2007-4794 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
|
Buffer overflow in fcstat in devices.common.IBM.fc.rte in IBM AIX 5.2 and 5.3 allows local users to gain privileges via a long input parameter.
|
|||||
| CVE-2007-2263 | 1 Realnetworks | 3 Realone Player, Realplayer, Realplayer Enterprise | 2025-04-09 | 9.3 HIGH | N/A |
|
Heap-based buffer overflow in RealNetworks RealPlayer 10.0, 10.1, and possibly 10.5, RealOne Player, and RealPlayer Enterprise allows remote attackers to execute arbitrary code via an SWF (Flash) file with malformed record headers.
|
|||||
| CVE-2009-2460 | 1 Forkosh | 1 Mathtex | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple stack-based buffer overflows in mathtex.cgi in mathTeX, when downloaded before 20090713, have unspecified impact and remote attack vectors.
|
|||||
| CVE-2007-6613 | 1 Gnu | 1 Libcdio | 2025-04-09 | 5.0 MEDIUM | N/A |
|
Stack-based buffer overflow in the print_iso9660_recurse function in iso-info (src/iso-info.c) in GNU Compact Disc Input and Control Library (libcdio) 0.79 and earlier allows context-dependent attackers to cause a denial of service (core dump) and possibly execute arbitrary code via a disk or image that contains a long joilet file name.
|
|||||
| CVE-2008-5416 | 1 Microsoft | 1 Sql Server | 2025-04-09 | 9.0 HIGH | N/A |
|
Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2 allows remote authenticated users to cause a denial of service (access violation exception) or execute arbitrary code by calling the sp_replwritetovarbin extended stored procedure with a set of invali ...
Show More |
|||||
| CVE-2008-0633 | 1 Anon Proxy Server | 1 Anon Proxy Server | 2025-04-09 | 6.0 MEDIUM | N/A |
|
Buffer overflow in Anon Proxy Server 0.102 and earlier, when user authentication is enabled, allows remote attackers to cause a denial of service (exception) via a user name with a large number of quotes, which triggers the overflow during escaping.
|
|||||
| CVE-2009-1119 | 1 Emc | 1 Replistor | 2025-04-09 | 10.0 HIGH | N/A |
|
Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote attackers to execute arbitrary code via a crafted message to (1) ctrlservice.exe or (2) rep_srv.exe, possibly related to an integer overflow.
|
|||||
| CVE-2007-0072 | 1 Trend Micro | 1 Serverprotect | 2025-04-09 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in an unspecified procedure in Trend Micro ServerProtect 5.7 and 5.58 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a read operation over RPC.
|
|||||
| CVE-2008-6447 | 1 Quiksoft | 1 Easymail Mailstore Object | 2025-04-09 | 9.3 HIGH | N/A |
|
Buffer overflow in emmailstore.dll 6.5.0.3 in the QuikSoft EasyMail MailStore ActiveX control allows remote attackers to execute arbitrary code via a long first argument to the CreateStore method.
|
|||||
| CVE-2008-0356 | 1 Citrix | 4 Access Essentials, Desktop Server, Metaframe Presentation Server and 1 more | 2025-04-09 | 10.0 HIGH | N/A |
|
Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary code via an invalid size value in a packet to TCP port 2512 or 2513.
|
|||||
| CVE-2007-0320 | 1 Macrovision | 1 Installfromtheweb | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple buffer overflows in (a) an ActiveX control (iftw.dll) and (b) Netscape plug-in (npiftw32.dll) for Macrovision (formerly InstallShield) InstallFromTheWeb allow remote attackers to execute arbitrary code via crafted HTML documents.
|
|||||
| CVE-2007-4472 | 1 Broderbund | 1 Expressit 3dgreetings Player | 2025-04-09 | 9.3 HIGH | N/A |
|
Multiple buffer overflows in the Broderbund Expressit 3DGreetings Player ActiveX control could allow remote attackers to execute arbitrary code via unspecified vectors.
|
|||||
| CVE-2008-0962 | 1 Emc | 1 Diskxtender | 2025-04-09 | 9.0 HIGH | N/A |
|
Stack-based buffer overflow in the File System Manager for EMC DiskXtender 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted request to the RPC interface.
|
|||||
| CVE-2009-3088 | 2 Ibm, Linux | 2 Tivoli Directory Server, Linux Kernel | 2025-04-09 | 7.5 HIGH | N/A |
|
Heap-based buffer overflow in ibmdiradm in IBM Tivoli Directory Server (TDS) 6.0 on Linux allows remote attackers to have an unspecified impact via unknown vectors that trigger heap corruption, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
|
|||||
| CVE-2008-1365 | 1 Trend Micro | 1 Officescan Corporate Edition | 2025-04-09 | 6.4 MEDIUM | N/A |
|
Stack-based buffer overflow in Trend Micro OfficeScan Corporate Edition 8.0 Patch 2 build 1189 and earlier, and 7.3 Patch 3 build 1314 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long encrypted password, which triggers the overflow in (1) cgiChkMasterPwd.exe, (2) policyserver.exe as reachable through cgiABLogon.exe, and other vectors.
|
|||||
| CVE-2009-2485 | 1 Tingan | 1 Ht-mp3player | 2025-04-09 | 9.3 HIGH | N/A |
|
Stack-based buffer overflow in HT-MP3Player 1.0 allows remote attackers to execute arbitrary code via a long string in a .ht3 file.
|
|||||
| CVE-2008-2469 | 1 Libspf | 1 Libspf2 | 2025-04-09 | 10.0 HIGH | N/A |
|
Heap-based buffer overflow in the SPF_dns_resolv_lookup function in Spf_dns_resolv.c in libspf2 before 1.2.8 allows remote attackers to execute arbitrary code via a long DNS TXT record with a modified length field.
|
|||||
| CVE-2008-1601 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
|
Stack-based buffer overflow in the reboot program on IBM AIX 5.2 and 5.3 allows local users in the shutdown group to gain privileges.
|
|||||