Total
11483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-0266 | 1 Trilogic | 1 Media Player | 2009-01-26 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Triologic Media Player 8.0.0.0 allows user-assisted remote attackers to execute arbitrary code via a long string in a .m3l playlist file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-1999-0002 | 3 Bsdi, Caldera, Redhat | 3 Bsd Os, Openlinux, Linux | 2009-01-25 | 10.0 HIGH | N/A |
| Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems. | |||||
| CVE-2008-5386 | 1 Ibm | 1 Aix | 2008-12-16 | 6.9 MEDIUM | N/A |
| Buffer overflow in ndp in IBM AIX 6.1.0 through 6.1.2, when the netcd daemon is running, allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2008-5281 | 1 South River Technologies | 1 Titan Ftp Server | 2008-11-30 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Titan FTP Server 6.05 build 550 allows remote attackers to execute arbitrary code via a long DELE command. | |||||
| CVE-2008-5231 | 1 Novell | 1 Iprint | 2008-11-25 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the ExecuteRequest method in the Novell iPrint ActiveX control in ienipp.ocx in Novell iPrint Client 5.06 and earlier allows remote attackers to execute arbitrary code via a long target-frame option value, a different vulnerability than CVE-2008-2431. | |||||
| CVE-2007-6699 | 1 Aol | 1 Ygp Piceditor Activex Control | 2008-11-14 | 4.3 MEDIUM | N/A |
| Multiple buffer overflows in the AIM PicEditor 9.5.1.8 ActiveX control in YGPPicEdit.dll in AOL You've Got Pictures (YGP) Picture Editor allow remote attackers to cause a denial of service (browser crash) via a long string in the (1) DisplayName, (2) FinalSavePath, (3) ForceSaveTo, (4) HiddenControls, (5) InitialEditorScreen, (6) Locale, (7) Proxy, and (8) UserAgent property values. | |||||
| CVE-2007-6357 | 1 Microsoft | 1 Access | 2008-11-14 | 5.8 MEDIUM | N/A |
| Stack-based buffer overflow in Microsoft Office Access allows remote, user-assisted attackers to execute arbitrary code via a crafted Microsoft Access Database (.mdb) file. NOTE: due to the lack of details as of 20071210, it is not clear whether this issue is the same as CVE-2007-6026 or CVE-2005-0944. | |||||
| CVE-2007-6009 | 1 Acdsee | 3 Photo Editor, Photo Manager, Pro Photo Manager | 2008-11-14 | 9.3 HIGH | N/A |
| Multiple buffer overflows in ACD products allow user-assisted remote attackers to execute arbitrary code via a long section string in a (1) XBM or (2) XPM file to (a) ID_X.apl or (b) IDE_ACDStd.apl. NOTE: the PSP and LHA vectors are already covered by CVE-2007-4344 and CVE-2007-6007. NOTE: these might be integer overflows rather than buffer overflows. | |||||
| CVE-2007-6092 | 1 Ingate | 2 Ingate Firewall, Ingate Siparator | 2008-11-14 | 10.0 HIGH | N/A |
| Buffer overflow in libsrtp in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries. | |||||
| CVE-2007-5807 | 1 Ssreader | 1 Ultra Star Reader | 2008-11-14 | 6.8 MEDIUM | N/A |
| Buffer overflow in the register function in Ultra Star Reader ActiveX control in SSReader allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-5939 | 1 Heimdal | 1 Heimdal | 2008-11-14 | 10.0 HIGH | N/A |
| The gss_userok function in appl/ftp/ftpd/gss_userok.c in Heimdal 0.7.2 does not allocate memory for the ticketfile pointer before calling free, which allows remote attackers to have an unknown impact via an invalid username. NOTE: the vulnerability was originally reported for ftpd.c, but this is incorrect. | |||||
| CVE-2007-5548 | 1 Cisco | 1 Ios | 2008-11-14 | 6.9 MEDIUM | N/A |
| Multiple stack-based buffer overflows in Command EXEC in Cisco IOS allow local users to gain privileges via unspecified vectors, aka (1) PSIRT-0474975756 and (2) PSIRT-0388256465. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2007-5675 | 1 Multixtpm | 1 Application Server | 2008-11-14 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the DebugPrint function in MultiXTpm Application Server before 4.0.2d allows remote attackers to execute arbitrary code via a long string argument. | |||||
| CVE-2007-5144 | 1 Microsoft | 1 Windows Live Messenger | 2008-11-14 | 4.3 MEDIUM | N/A |
| Buffer overflow in the GDI engine in Windows Live Messenger, as used for Windows MSN Live 8.1, allows user-assisted remote attackers to cause a denial of service (application crash or system crash) and possibly execute arbitrary code by placing a malformed file in a new folder under the Sharing Folders path, and triggering a synchronize operation through the Windows MSN Live online service, possibly related to extended file attributes and possibly related to an incomplete fix for MS07-046, as demonstrated by a (1) .jpg, (2) .gif, (3) .wmf, (4) .doc, or (5) .ico file. | |||||
| CVE-2007-3286 | 1 Avaya | 1 Ip Soft Phone | 2008-11-14 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in unspecified ActiveX controls in COM objects in Avaya IP Softphone R5.2 before SP3, and R6.0, allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2007-3962 | 1 Fsp | 1 C Library | 2008-11-14 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in fsplib.c in fsplib before 0.9 might allow remote attackers to execute arbitrary code via (1) a long filename that is not properly handled by the fsp_readdir_native function when MAXNAMLEN is greater than 255, or (2) a long d_name directory (dirent) field in the fsp_readdir function. | |||||
| CVE-2008-0238 | 1 Xine | 1 Xine-lib | 2008-09-10 | 7.5 HIGH | N/A |
| Multiple heap-based buffer overflows in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 allow remote attackers to execute arbitrary code via the SDP (1) Title, (2) Author, or (3) Copyright attribute, related to the rmff_dump_header function, different vectors than CVE-2008-0225. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2007-1682 | 1 Softartisans | 1 Xfile | 2008-09-10 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to the (1) BuildPath, (2) GetDriveName, (3) DriveExists, or (4) DeleteFile method. | |||||
| CVE-2002-1222 | 1 Cisco | 1 Catos | 2008-09-10 | 7.1 HIGH | N/A |
| Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request. | |||||
| CVE-2002-1401 | 1 Postgresql | 1 Postgresql | 2008-09-09 | 6.5 MEDIUM | N/A |
| Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add (also incorrectly identified as path_addr) for PostgreSQL 7.2.3 and earlier allow attackers to cause a denial of service and possibly execute arbitrary code, possibly as a result of an integer overflow. | |||||