Total
11483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-3144 | 4 Canonical, Debian, Haxx and 1 more | 5 Ubuntu Linux, Debian Linux, Curl and 2 more | 2018-10-16 | 9.0 HIGH | N/A |
| The fix_hostname function in cURL and libcurl 7.37.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) or possibly have other unspecified impact via a zero-length host name, as demonstrated by "http://:80" and ":80." | |||||
| CVE-2007-3338 | 1 Ingres | 1 Database Server | 2018-10-16 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allow remote attackers to execute arbitrary code via the (1) uuid_from_char or (2) duve_get_args functions. | |||||
| CVE-2007-3340 | 1 Bughunter | 1 Http Server | 2018-10-16 | 7.8 HIGH | N/A |
| BugHunter HTTP SERVER (httpsv.exe) 1.6.2 allows remote attackers to cause a denial of service (application crash) via a large number of requests for nonexistent pages. | |||||
| CVE-2007-3180 | 1 Hp | 1 Help And Support Center | 2018-10-16 | 9.4 HIGH | N/A |
| Buffer overflow in Help and Support Center before 4.4 C on HP Windows systems allows remote attackers to read or write arbitrary files via unknown vectors. | |||||
| CVE-2007-3148 | 1 Yahoo | 1 Messenger | 2018-10-16 | 9.3 HIGH | N/A |
| Buffer overflow in the Yahoo! Webcam Viewer ActiveX control in ywcvwr.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the receive method. | |||||
| CVE-2007-3147 | 1 Yahoo | 1 Messenger | 2018-10-16 | 9.3 HIGH | N/A |
| Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ywcupl.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the send method. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2007-3040 | 1 Microsoft | 1 Windows 2000 | 2018-10-16 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in agentdpv.dll 2.0.0.3425 in Microsoft Agent on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a crafted URL to the Agent (Agent.Control) ActiveX control, which triggers an overflow within the Agent Service (agentsrv.exe) process, a different issue than CVE-2007-1205. | |||||
| CVE-2007-3039 | 1 Microsoft | 3 Message Queuing, Windows 2000, Windows Xp | 2018-10-16 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) service in Microsoft Windows 2000 Server SP4, Windows 2000 Professional SP4, and Windows XP SP2 allows attackers to execute arbitrary code via a long string in an opnum 0x06 RPC call to port 2103. NOTE: this is remotely exploitable on Windows 2000 Server. | |||||
| CVE-2007-3037 | 1 Microsoft | 1 Windows Media Player | 2018-10-16 | 4.0 MEDIUM | N/A |
| Microsoft Windows Media Player 7.1, 9, 10, and 11 allows remote attackers to execute arbitrary code via a skin file (WMZ or WMD) with crafted header information that causes a size mismatch between compressed and decompressed data and triggers a heap-based buffer overflow, aka "Windows Media Player Code Execution Vulnerability Parsing Skins." | |||||
| CVE-2007-2966 | 1 F-secure | 7 F-secure Anti-virus, F-secure Anti-virus Client Security, F-secure Anti-virus Linux Client Security and 4 more | 2018-10-16 | 7.5 HIGH | N/A |
| Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335. | |||||
| CVE-2007-2952 | 1 Blue Coat Systems | 2 Filter, K9 Web Protection | 2018-10-16 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the filter service (aka k9filter.exe) in Blue Coat K9 Web Protection 3.2.44 with Filter 3.2.32 allow (1) remote attackers to execute arbitrary code via a long HTTP Referer header to the K9 Web Protection Administration interface and (2) man-in-the-middle attackers to execute arbitrary code via an HTTP response with a long HTTP version field. | |||||
| CVE-2007-2867 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2018-10-16 | 9.3 HIGH | N/A |
| Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (crash) via vectors related to dangling pointers, heap corruption, signed/unsigned, and other issues. | |||||
| CVE-2007-2856 | 2 Dart, Microsoft | 2 Powertcp Zip Compression, Internet Explorer | 2018-10-16 | 9.3 HIGH | N/A |
| Buffer overflow in the Dart Communications PowerTCP ZIP Compression ActiveX control in DartZip.dll 1.8.5.3, when Internet Explorer 6 is used, allows user-assisted remote attackers to execute arbitrary code via a long first argument to the QuickZip function, a related issue to CVE-2007-2855. | |||||
| CVE-2007-2846 | 2 Avas\!t, Avast\! | 2 Avast\! Antivirus, Avast\! Antivirus | 2018-10-16 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the SIS unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted SIS archive, resulting from an "integer cast around." | |||||
| CVE-2007-2831 | 1 Madwifi | 1 Madwifi | 2018-10-16 | 10.0 HIGH | N/A |
| Array index error in the (1) ieee80211_ioctl_getwmmparams and (2) ieee80211_ioctl_setwmmparams functions in net80211/ieee80211_wireless.c in MadWifi before 0.9.3.1 allows local users to cause a denial of service (system crash), possibly obtain kernel memory contents, and possibly execute arbitrary code via a large negative array index value. | |||||
| CVE-2007-2666 | 2 Notepad\+\+, Scintilla | 2 Notepad\+\+, Scintilla | 2018-10-16 | 7.6 HIGH | N/A |
| Stack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla 1.73, as used by notepad++ 4.1.1 and earlier, allows user-assisted remote attackers to execute arbitrary code via certain Ruby (.rb) files with long lines. NOTE: this was originally reported as a vulnerability in notepad++. | |||||
| CVE-2007-2582 | 1 Ibm | 1 Db2 | 2018-10-16 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) service in IBM DB2 9.x and earlier allow remote attackers to (1) execute arbitrary code via a crafted packet to the DB2JDS service on tcp/6789; and cause a denial of service via (2) an invalid LANG parameter or (2) a long packet that generates a "MemTree overflow." | |||||
| CVE-2007-2508 | 1 Trend Micro | 1 Serverprotect | 2018-10-16 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in SpntSvc.exe; or (2) TCP port 3628, which triggers an overflow in EarthAgent.exe. NOTE: both issues are reachable via TmRpcSrv.dll. | |||||
| CVE-2007-2446 | 1 Samba | 1 Samba | 2018-10-16 | 10.0 HIGH | N/A |
| Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFileSecurity (sec_io_acl), or (5) LsarLookupSids/LsarLookupSids2 (lsa_io_trans_names). | |||||
| CVE-2007-2418 | 1 Cerulean Studios | 1 Trillian Pro | 2018-10-16 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the Rendezvous / Extensible Messaging and Presence Protocol (XMPP) component (plugins\rendezvous.dll) for Cerulean Studios Trillian Pro before 3.1.5.1 allows remote attackers to execute arbitrary code via a message that triggers the overflow from expansion that occurs during encoding. | |||||