Search
Total
6142 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5252 | 1 Netsupport | 2 Netsupport Manager Client, Netsupport School Student | 2018-10-15 | 10.0 HIGH | N/A |
| Buffer overflow in NetSupport Manager (NSM) Client 10.00 and 10.20, and NetSupport School Student (NSS) 9.00, allows remote NSM servers to cause a denial of service or possibly execute arbitrary code via crafted data in the configuration exchange phase of an initial connection setup. NOTE: a vendor statement, which is too vague to be sure that it is for this particular issue, says that only a denial of service is possible. | |||||
| CVE-2007-5249 | 1 Americasarmy | 2 America\'s Army, America\'s Army Special Forces | 2018-10-15 | 4.3 MEDIUM | N/A |
| Multiple buffer overflows in the logging function in the Unreal engine, as used by America's Army and America's Army Special Forces 2.8.2 and earlier, when Punkbuster (PB) is enabled, allow remote attackers to cause a denial of service (daemon crash) via a long (1) PB_Y packet to the YPG server on UDP port 1716 or (2) PB_U packet to UCON on UDP port 1716, different vectors than CVE-2007-4442. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain. | |||||
| CVE-2007-5246 | 1 Firebirdsql | 1 Firebird | 2018-10-15 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Firebird LI 2.0.0.12748 and 2.0.1.12855, and WI 2.0.0.12748 and 2.0.1.12855, allow remote attackers to execute arbitrary code via (1) a long attach request on TCP port 3050 to the isc_attach_database function or (2) a long create request on TCP port 3050 to the isc_create_database function. | |||||
| CVE-2007-5245 | 1 Firebirdsql | 1 Firebird | 2018-10-15 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Firebird LI 1.5.3.4870 and 1.5.4.4910, and WI 1.5.3.4870 and 1.5.4.4910, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the SVC_attach function or (2) unspecified vectors involving the INET_connect function. | |||||
| CVE-2007-5256 | 1 Mcdu | 1 Fsd | 2018-10-15 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in FSD 2.052 d9 and earlier, and FSFDT FSD 3.000 d9 and earlier, allow (1) remote attackers to execute arbitrary code via a long HELP command on TCP port 3010 to the sysuser::exechelp function in sysuser.cc and (2) remote authenticated users to execute arbitrary code via long commands on TCP port 6809 to the servinterface::sendmulticast function in servinterface.cc, as demonstrated by a PIcallsign command. | |||||
| CVE-2007-5116 | 6 Debian, Larry Wall, Mandrakesoft and 3 more | 10 Debian Linux, Perl, Mandrake Linux and 7 more | 2018-10-15 | 7.5 HIGH | N/A |
| Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression. | |||||
| CVE-2007-5107 | 1 Ask.com | 1 Ask Toolbar | 2018-10-15 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the AskJeevesToolBar.SettingsPlugin.1 ActiveX control in askBar.dll in IAC Search & Media ask.com Ask Toolbar 4.0.2.53 and earlier allows remote attackers to execute arbitrary code via a long ShortFormat property value. NOTE: some of these details are obtained from third party information. NOTE: the researcher claims that this is the same as CVE-2007-5108, but there is insufficient detail for CVE-2007-5108 to be certain. | |||||
| CVE-2007-4992 | 1 Firebirdsql | 1 Firebird | 2018-10-15 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the process_packet function in fbserver.exe in Firebird SQL 2.0.2 allows remote attackers to execute arbitrary code via a long request to TCP port 3050. | |||||
| CVE-2007-4988 | 1 Imagemagick | 1 Imagemagick | 2018-10-15 | 6.8 MEDIUM | N/A |
| Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overflow. | |||||
| CVE-2007-4939 | 3 Guliverkli, Mympc, Verycd | 3 Media Player Classic, Cd-storm, Stormplayer | 2018-10-15 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with an "indx truck size" of 0xffffffff, and certain wLongsPerEntry and nEntriesInuse values. | |||||
| CVE-2007-4938 | 11 Apple, Hp, Ibm and 8 more | 18 Mac Os X, Hp-ux, Tru64 and 15 more | 2018-10-15 | 7.6 HIGH | N/A |
| Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value. | |||||
| CVE-2007-4827 | 1 Automated Solutions | 1 Modbus Slave Activex Control | 2018-10-15 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Modbus/TCP Diagnostic function in MiniHMI.exe for the Automated Solutions Modbus Slave ActiveX Control before 1.5 allows remote attackers to corrupt the heap and possibly execute arbitrary code via malformed Modbus requests to TCP port 502. | |||||
| CVE-2007-4916 | 1 Hp | 2 All-in-on Printer, Photo And Imaging Gallery | 2018-10-15 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the FileFind::FindFile method in (1) MFC42.dll, (2) MFC42u.dll, (3) MFC71.dll, and (4) MFC71u.dll in Microsoft Foundation Class (MFC) Library 8.0, as used by the ListFiles method in hpqutil.dll 2.0.0.138 in Hewlett-Packard (HP) All-in-One and Photo & Imaging Gallery 1.1 and probably other products, allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long first argument. | |||||
| CVE-2007-4814 | 1 Microsoft | 1 Sql Server | 2018-10-15 | 7.5 HIGH | N/A |
| Buffer overflow in the SQLServer ActiveX control in the Distributed Management Objects OLE DLL (sqldmo.dll) 2000.085.2004.00 in Microsoft SQL Server Enterprise Manager 8.05.2004 allows remote attackers to execute arbitrary code via a long second argument to the Start method. | |||||
| CVE-2007-4812 | 1 Apple | 1 Safari | 2018-10-15 | 5.0 MEDIUM | N/A |
| Buffer overflow in Apple Safari 3.0.3 522.15.5, and other versions before Beta Update 3.0.4, allows remote attackers to cause a denial of service (crash) and possibly have other unspecified impact by setting document.location.hash to a long string. NOTE: the crash might actually occur in the alert method. | |||||
| CVE-2007-4768 | 1 Pcre | 1 Pcre | 2018-10-15 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to execute arbitrary code via a singleton Unicode sequence in a character class in a regex pattern, which is incorrectly optimized. | |||||
| CVE-2007-4731 | 1 Trend Micro | 1 Serverprotect | 2018-10-15 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the TMregChange function in TMReg.dll in Trend Micro ServerProtect before 5.58 Security Patch 4 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 5005. | |||||
| CVE-2007-4727 | 1 Lighttpd | 1 Lighttpd | 2018-10-15 | 6.8 MEDIUM | N/A |
| Buffer overflow in the fcgi_env_add function in mod_proxy_backend_fastcgi.c in the mod_fastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the SCRIPT_FILENAME variable, aka a "header overflow." | |||||
| CVE-2007-4684 | 1 Apple | 1 Mac Os X | 2018-10-15 | 6.9 MEDIUM | N/A |
| Integer overflow in the kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to execute arbitrary code via a large num_sels argument to the i386_set_ldt system call. | |||||
| CVE-2007-4672 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2018-10-15 | 7.6 HIGH | N/A |
| Stack-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid UncompressedQuickTimeData opcode length in a PICT image. | |||||
| CVE-2007-4648 | 1 Norman | 1 Norman Virus Control | 2018-10-15 | 7.2 HIGH | N/A |
| The nvcoaft51 driver in Norman Virus Control (NVC) 5.82 uses weak permissions (unrestricted write access) for the NvcOa device, which allows local users to gain privileges by (1) triggering a buffer overflow in a kernel pool via a string argument to ioctl 0xBF67201C; or by (2) sending a crafted KEVENT structure through ioctl 0xBF672028 to overwrite arbitrary memory locations. | |||||
| CVE-2007-4643 | 1 Doomsday | 1 Doomsday | 2018-10-15 | 5.0 MEDIUM | N/A |
| Integer underflow in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via a PKT_CHAT packet with a data length less than 3, which triggers an erroneous malloc, possibly related to the Sv_HandlePacket function in sv_main.c. | |||||
| CVE-2007-4642 | 1 Doomsday | 1 Doomsday | 2018-10-15 | 10.0 HIGH | N/A |
| Multiple buffer overflows in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allow remote attackers to execute arbitrary code via a long chat (PKT_CHAT) message that is not properly handled by the (1) D_NetPlayerEvent function in d_net.c or the (2) Msg_Write function in net_msg.c, or (3) many commands that are not properly handled by the NetSv_ReadCommands function in d_netsv.c; or (4) cause a denial of service (daemon crash) via a chat (PKT_CHAT) message without a final '\0' character. | |||||
| CVE-2007-4599 | 1 Realnetworks | 2 Realone Player, Realplayer | 2018-10-15 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in RealNetworks RealPlayer 10 and possibly 10.5, and RealOne Player 1 and 2, for Windows allows remote attackers to execute arbitrary code via a crafted playlist (PLS) file. | |||||
| CVE-2007-4580 | 1 Trustware | 1 Bufferzone | 2018-10-15 | 7.2 HIGH | N/A |
| Buffer underflow in redlight.sys in BufferZone 2.1 and 2.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by sending a small buffer size value to the FsSetVolumeInformation IOCTL handler code with a FsSetDirectoryInformation subcode containing a large buffer. | |||||
| CVE-2007-4568 | 1 X.org | 1 X Font Server | 2018-10-15 | 6.8 MEDIUM | N/A |
| Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow. | |||||
| CVE-2007-4566 | 1 Alpha Centauri Software | 1 Sidvault Ldap Server | 2018-10-15 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the login mechanism in sidvault in Alpha Centauri Software SIDVault LDAP Server before 2.0f allow remote attackers to execute arbitrary code via crafted LDAP packets, as demonstrated by a long dc entry in an LDAP bind. | |||||
| CVE-2007-4517 | 1 Oracle | 1 Database Server | 2018-10-15 | 6.0 MEDIUM | N/A |
| Buffer overflow in the XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA procedure in Oracle 10g R2 allows remote authenticated users to execute arbitrary code via a long (1) OWNER or (2) NAME argument. | |||||
| CVE-2007-4423 | 1 Ibm | 1 Db2 Universal Database | 2018-10-15 | 5.0 MEDIUM | N/A |
| Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument. | |||||
| CVE-2007-4344 | 1 Acdsee | 3 Photo Editor, Photo Manager, Pro Photo Manager | 2018-10-15 | 9.3 HIGH | N/A |
| Multiple input validation errors in ACD ACDSee Photo Manager 9.0 build 108, Pro Photo Manager 8.1 build 99, and Photo Editor 4.0 build 195 allow user-assisted remote attackers to execute arbitrary code via a long section string in (1) a PSP image to the ID_PSP.apl plug-in or (2) an LHA archive to the AM_LHA.apl plug-in, resulting in a heap-based buffer overflow. | |||||
| CVE-2007-4337 | 1 Streamripper | 1 Streamripper | 2018-10-15 | 5.8 MEDIUM | N/A |
| Multiple buffer overflows in the httplib_parse_sc_header function in lib/http.c in Streamripper before 1.62.2 allow remote attackers to execute arbitrary code via long (1) Location and (2) Server HTTP headers, a different vulnerability than CVE-2006-3124. | |||||
| CVE-2007-4286 | 1 Cisco | 1 Ios | 2018-10-15 | 9.3 HIGH | N/A |
| Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a crafted NHRP packet. | |||||
| CVE-2007-4218 | 1 Trend Micro | 1 Serverprotect | 2018-10-15 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the ServerProtect service (SpntSvc.exe) in Trend Micro ServerProtect for Windows before 5.58 Security Patch 4 allow remote attackers to execute arbitrary code via certain RPC requests to certain TCP ports that are processed by the (1) RPCFN_ENG_NewManualScan, (2) RPCFN_ENG_TimedNewManualScan, and (3) RPCFN_SetComputerName functions in (a) StRpcSrv.dll; the (4) RPCFN_CMON_SetSvcImpersonateUser and (5) RPCFN_OldCMON_SetSvcImpersonateUser functions in (b) Stcommon.dll; the (6) RPCFN_ENG_TakeActionOnAFile and (7) RPCFN_ENG_AddTaskExportLogItem functions in (c) Eng50.dll; the (8) NTF_SetPagerNotifyConfig function in (d) Notification.dll; or the (9) RPCFN_CopyAUSrc function in the (e) ServerProtect Agent service. | |||||
| CVE-2007-4137 | 6 Conectiva, Gentoo, Mandrakesoft and 3 more | 8 Linux, Linux, Mandrake Linux and 5 more | 2018-10-15 | 7.5 HIGH | N/A |
| Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable. | |||||
| CVE-2007-4037 | 1 Guidance Software | 1 Encase | 2018-10-15 | 4.3 MEDIUM | N/A |
| ** DISPUTED ** Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers typically do not corrupt a filesystem, and indicating that the relevant read operation can be disabled. | |||||
| CVE-2007-4033 | 2 Php, T1lib | 2 Php, T1lib | 2018-10-15 | 7.5 HIGH | N/A |
| Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloadfont function in php_gd2.dll in the gd (PHP_GD2) extension in PHP 5.2.3. | |||||
| CVE-2007-3911 | 1 Bakbone | 1 Netvault Reporter | 2018-10-15 | 10.0 HIGH | N/A |
| Multiple heap-based buffer overflows in (1) clsscheduler.exe (aka scheduler client) and (2) srvscheduler.exe (aka scheduler server) in BakBone NetVault Reporter 3.5 before Update4 allow remote attackers to execute arbitrary code via long filename arguments in HTTP requests. | |||||
| CVE-2007-3895 | 1 Microsoft | 5 Directx, Windows 2000, Windows 2003 Server and 2 more | 2018-10-15 | 9.3 HIGH | N/A |
| Buffer overflow in Microsoft DirectShow in Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted (1) WAV or (2) AVI file. | |||||
| CVE-2007-3752 | 1 Apple | 1 Itunes | 2018-10-15 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Apple iTunes before 7.4 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted album cover art in the covr atom of an MP4/AAC file. | |||||
| CVE-2015-6147 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6149. | |||||
| CVE-2015-6146 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6145. | |||||
| CVE-2015-6148 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6156. | |||||
| CVE-2015-6149 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6147. | |||||
| CVE-2015-6143 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140, CVE-2015-6142, CVE-2015-6153, CVE-2015-6158, CVE-2015-6159, and CVE-2015-6160. | |||||
| CVE-2015-6145 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6146. | |||||
| CVE-2015-6150 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6154. | |||||
| CVE-2015-6141 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6134. | |||||
| CVE-2015-2557 | 1 Microsoft | 1 Visio | 2018-10-12 | 9.3 HIGH | N/A |
| Buffer overflow in Microsoft Visio 2007 SP3 and 2010 SP2 allows remote attackers to execute arbitrary code via crafted UML data in an Office document, aka "Microsoft Office Memory Corruption Vulnerability." | |||||
| CVE-2015-2541 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2485 and CVE-2015-2491. | |||||
| CVE-2015-2542 | 1 Microsoft | 2 Edge, Internet Explorer | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability." | |||||