Search
Total
6142 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5392 | 1 Xpdf | 1 Xpdf | 2017-09-29 | 9.3 HIGH | N/A |
| Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow. | |||||
| CVE-2007-5137 | 1 Tcl Tk | 1 Tcl Tk | 2017-09-29 | 6.8 MEDIUM | N/A |
| Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. NOTE: this issue is due to an incorrect patch for CVE-2007-5378. | |||||
| CVE-2007-5257 | 1 Edraw | 1 Office Viewer Component | 2017-09-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the EDraw.OfficeViewer ActiveX control in officeviewer.ocx in EDraw Office Viewer Component 5.3.220.1 and earlier allows remote attackers to execute arbitrary code via long strings in the first and second arguments to the FtpDownloadFile method, a different vector than CVE-2007-4821 and CVE-2007-3169. | |||||
| CVE-2007-5094 | 1 Ipswitch | 1 Imail | 2017-09-29 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in iaspam.dll in the SMTP Server in Ipswitch IMail Server 8.01 through 8.11 allows remote attackers to execute arbitrary code via a set of four different e-mail messages with a long boundary parameter in a certain malformed Content-Type header line, the string "MIME" by itself on a line in the header, and a long Content-Transfer-Encoding header line. | |||||
| CVE-2007-5081 | 1 Realnetworks | 3 Realone Player, Realplayer, Realplayer Enterprise | 2017-09-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 8, 10, 10.1, and possibly 10.5; RealOne Player 1 and 2; and RealPlayer Enterprise allows remote attackers to execute arbitrary code via a crafted RM file. | |||||
| CVE-2007-5070 | 1 Quiksoft | 1 Easymail Messageprinter Object | 2017-09-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the EasyMailMessagePrinter ActiveX control in emprint.DLL 6.0.1.0 in the Quiksoft EasyMail MessagePrinter Object allows remote attackers to execute arbitrary code via a long string in the first argument to the SetFont method. | |||||
| CVE-2007-5067 | 1 Imatix | 1 Xitami | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple buffer overflows in iMatix Xitami Web Server 2.5c2 allow remote attackers to execute arbitrary code via a long If-Modified-Since header to (1) xigui32.exe or (2) xitami.exe. | |||||
| CVE-2007-5036 | 1 Airdefense | 1 Airsensor | 2017-09-29 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in the AirDefense Airsensor M520 with firmware 4.3.1.1 and 4.4.1.4 allow remote authenticated users to cause a denial of service (HTTPS service outage) via a crafted query string in an HTTPS request to (1) adLog.cgi, (2) post.cgi, or (3) ad.cgi, related to the "files filter." | |||||
| CVE-2007-5019 | 1 Sun | 3 Java Web Start, Jre, Sdk | 2017-09-29 | 10.0 HIGH | N/A |
| Buffer overflow in the Sun Java Web Start ActiveX control in Java Runtime Environment (JRE) 1.6.0_X allows remote attackers to have an unknown impact via a long argument to the dnsResolve (isInstalled.dnsResolve) method. | |||||
| CVE-2007-5018 | 1 David Harris | 1 Mercury 32 | 2017-09-29 | 6.0 MEDIUM | N/A |
| Stack-based buffer overflow in IMAPD in Mercury/32 4.52 allows remote authenticated users to execute arbitrary code via a long argument in a SEARCH ON command. NOTE: this issue might overlap with CVE-2004-1211. | |||||
| CVE-2007-4903 | 1 Ultra Shareware | 1 Ultra Crypto Component | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple buffer overflows in a certain ActiveX control in CryptoX.dll 2.0 and earlier in the Ultra Crypto Component allow remote attackers to execute arbitrary code via (1) a long string in the first argument to the AcquireContext method or (2) an unspecified vector to the DeleteContext method. | |||||
| CVE-2007-4821 | 1 Edraw | 1 Office Viewer Component | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in a certain ActiveX control in officeviewer.ocx 5.2.218.1 in EDraw Office Viewer Component 5.2 allows remote attackers to execute arbitrary code via a long first argument to the HttpDownloadFileToTempDir method, a different vulnerability than CVE-2007-3169. | |||||
| CVE-2007-4816 | 1 Baofeng | 1 Storm | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the BaoFeng2 storm ActiveX control in Mps.dll allow remote attackers to have an unknown impact via a long (1) URL, (2) backImage, or (3) titleImage property value; (4) a long first argument to the advancedOpen method; a long argument to the (5) isDVDPath or (6) rawParse method; or (7) a .smpl file with a long path attribute in an item element in a PlayList. | |||||
| CVE-2007-4803 | 1 Atomix Productions | 1 Atomixmp3 | 2017-09-29 | 6.8 MEDIUM | N/A |
| Buffer overflow in AtomixMP3 2.3 allows user-assisted remote attackers to execute arbitrary code via long strings in file and title fields in a .pls file, as demonstrated by the (1) File1 and (2) Title1 fields, different vectors than CVE-2006-6287 and CVE-2007-2487. | |||||
| CVE-2007-4802 | 1 Ourgame.com | 1 Globallink | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple heap-based buffer overflows in GlobalLink 2.7.0.8 allow remote attackers to execute arbitrary code via (1) a long eighth argument to the SetInfo method in a certain ActiveX control in glItemCom.dll or (2) a long second argument to the SetClientInfo method in a certain ActiveX control in glitemflat.dll. | |||||
| CVE-2007-4776 | 1 Microsoft | 1 Visual Basic | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in Microsoft Visual Basic 6.0 and Enterprise Edition 6.0 SP6 allows user-assisted remote attackers to execute arbitrary code via a Visual Basic project (vbp) file containing a long Reference line, related to VBP_Open and OLE. NOTE: there are limited usage scenarios under which this would be a vulnerability. | |||||
| CVE-2007-4748 | 1 Ppstream | 1 Ppstream | 2017-09-29 | 6.8 MEDIUM | N/A |
| Buffer overflow in the PowerPlayer.dll ActiveX control in PPStream 2.0.1.3829 allows remote attackers to execute arbitrary code via a long Logo parameter. | |||||
| CVE-2007-4735 | 1 Next Generation Software | 1 Virtual Dj \(vdj\) | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in Next Generation Software Virtual DJ (VDJ) 5.0 allows user-assisted remote attackers to execute arbitrary code via a long file path in an m3u file. | |||||
| CVE-2007-4734 | 1 Ots Labs | 1 Otsturntables | 2017-09-29 | 4.3 MEDIUM | N/A |
| Buffer overflow in Ots Labs OTSTurntables 1.00 allows user-assisted remote attackers to execute arbitrary code via a long file path in an m3u file. | |||||
| CVE-2007-4730 | 1 X.org | 1 Xorg-server | 2017-09-29 | 4.3 MEDIUM | N/A |
| Buffer overflow in the compNewPixmap function in compalloc.c in the Composite extension for the X.org X11 server before 1.4 allows local users to execute arbitrary code by copying data from a large pixel depth pixmap into a smaller pixel depth pixmap. | |||||
| CVE-2007-4722 | 1 Move Networks Inc | 1 Move Media Player | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple stack-based buffer overflows in the Quantum Streaming Internet Explorer Player ActiveX control in qsp2ie07051001.dll 1.0.0.1 in Move Media Player allow remote attackers to execute arbitrary code via a long string to the (1) Play and (2) Buzzer methods. | |||||
| CVE-2007-4623 | 1 Ibm | 1 Aix | 2017-09-29 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the sendrmt function in bellmail in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via a long parameter to the m command. | |||||
| CVE-2007-4586 | 1 Php | 1 Php | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple buffer overflows in php_iisfunc.dll in the iisfunc extension for PHP 5.2.0 and earlier allow context-dependent attackers to execute arbitrary code, probably during Unicode conversion, as demonstrated by a long string in the first argument to the iis_getservicestate function, related to the ServiceId argument to the (1) fnStartService, (2) fnGetServiceState, (3) fnStopService, and possibly other functions. | |||||
| CVE-2007-4584 | 1 Bitchx | 1 Bitchx | 2017-09-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the p_mode variable. | |||||
| CVE-2007-4582 | 1 Acti | 1 Network Video Recorder | 2017-09-29 | 7.5 HIGH | N/A |
| Buffer overflow in the nvUnifiedControl.AUnifiedControl.1 ActiveX control in nvUnifiedControl.dll 1.1.45.0 in ACTi Network Video Recorder (NVR) SP2 2.0 allows remote attackers to execute arbitrary code via a long second argument to the SetText method. | |||||
| CVE-2007-4513 | 1 Ibm | 1 Aix | 2017-09-29 | 7.2 HIGH | N/A |
| Multiple stack-based buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via a long argument to the (1) "-p" option to lqueryvg or (2) the "-V" option to lquerypv. | |||||
| CVE-2007-4474 | 1 Ibm | 2 Domino Web Access, Lotus Domino Web Access | 2017-09-29 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an overflow from a long General_ServerName property value when calling the InstallBrowserHelperDll function in the Upload Module in the dwa7.dwa7.1 control in dwa7w.dll 7.0.34.1. | |||||
| CVE-2007-4440 | 1 Pmail | 1 Mercury Mail Transport System | 2017-09-29 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mail Transport System, possibly 4.51 and earlier, allows remote attackers to execute arbitrary code via a long AUTH CRAM-MD5 string. NOTE: this might overlap CVE-2006-5961. | |||||
| CVE-2007-4066 | 1 Xiph.org | 1 Libvorbis | 2017-09-29 | 4.3 MEDIUM | N/A |
| Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow context-dependent attackers to cause a denial of service or have other unspecified impact via a crafted OGG file, aka trac Changesets 13162, 13168, 13169, 13170, 13172, 13211, and 13215, as demonstrated by an overflow in oggenc.exe related to the _psy_noiseguards_8 array. | |||||
| CVE-2007-4005 | 1 Mike Dubman | 1 Windows Rsh Daemon | 2017-09-29 | 5.0 MEDIUM | N/A |
| Stack-based buffer overflow in Mike Dubman Windows RSH daemon (rshd) 1.7 allows remote attackers to execute arbitrary code via a long string to the shell port (514/tcp). NOTE: this might overlap CVE-2007-4006. | |||||
| CVE-2007-3876 | 1 Apple | 1 Mac Os X | 2017-09-29 | 6.6 MEDIUM | N/A |
| Stack-based buffer overflow in SMB in Apple Mac OS X 10.4.11 allows local users to execute arbitrary code via (1) a long workgroup (-W) option to mount_smbfs or (2) an unspecified manipulation of the command line to smbutil. | |||||
| CVE-2007-3739 | 2 Apple, Redhat | 2 Powerpc, Enterprise Linux | 2017-09-29 | 4.7 MEDIUM | N/A |
| mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not prevent stack expansion from entering into reserved kernel page memory, which allows local users to cause a denial of service (OOPS) via unspecified vectors. | |||||
| CVE-2015-3685 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-22 | 6.8 MEDIUM | N/A |
| CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted text file, a different vulnerability than CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689. | |||||
| CVE-2015-3684 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-22 | 6.8 MEDIUM | N/A |
| The HTTPAuthentication implementation in CFNetwork in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted credentials in a URL. | |||||
| CVE-2015-5118 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3135 and CVE-2015-4432. | |||||
| CVE-2015-4695 | 1 Wvware | 1 Libwmf | 2017-09-22 | 5.0 MEDIUM | N/A |
| meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file. | |||||
| CVE-2015-4431 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3117, CVE-2015-3123, CVE-2015-3130, CVE-2015-3133, and CVE-2015-3134. | |||||
| CVE-2015-4432 | 4 Adobe, Apple, Linux and 1 more | 7 Air, Air Sdk, Air Sdk \& Compiler and 4 more | 2017-09-22 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3135 and CVE-2015-5118. | |||||
| CVE-2015-3719 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-22 | 6.8 MEDIUM | N/A |
| TrueTypeScaler in FontParser in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-3694. | |||||
| CVE-2015-3712 | 1 Apple | 1 Mac Os X | 2017-09-22 | 9.3 HIGH | N/A |
| The NVIDIA graphics driver in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds write) via a crafted app. | |||||
| CVE-2015-3703 | 1 Apple | 2 Iphone Os, Mac Os X | 2017-09-22 | 6.8 MEDIUM | N/A |
| ImageIO in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF image. | |||||
| CVE-2015-3705 | 1 Apple | 1 Mac Os X | 2017-09-22 | 9.3 HIGH | N/A |
| IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3706. | |||||
| CVE-2015-3706 | 1 Apple | 1 Mac Os X | 2017-09-22 | 9.3 HIGH | N/A |
| IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3705. | |||||
| CVE-2015-3699 | 1 Apple | 1 Mac Os X | 2017-09-22 | 7.2 HIGH | N/A |
| Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702. | |||||
| CVE-2015-3700 | 1 Apple | 1 Mac Os X | 2017-09-22 | 7.2 HIGH | N/A |
| Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3701, and CVE-2015-3702. | |||||
| CVE-2015-3698 | 1 Apple | 1 Mac Os X | 2017-09-22 | 7.2 HIGH | N/A |
| Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702. | |||||
| CVE-2015-3701 | 1 Apple | 1 Mac Os X | 2017-09-22 | 7.2 HIGH | N/A |
| Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, and CVE-2015-3702. | |||||
| CVE-2015-3696 | 1 Apple | 1 Mac Os X | 2017-09-22 | 7.2 HIGH | N/A |
| Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702. | |||||
| CVE-2015-3697 | 1 Apple | 1 Mac Os X | 2017-09-22 | 7.2 HIGH | N/A |
| Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, CVE-2015-3701, and CVE-2015-3702. | |||||
| CVE-2015-3702 | 1 Apple | 1 Mac Os X | 2017-09-22 | 7.2 HIGH | N/A |
| Buffer overflow in the Intel Graphics Driver in Apple OS X before 10.10.4 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-3695, CVE-2015-3696, CVE-2015-3697, CVE-2015-3698, CVE-2015-3699, CVE-2015-3700, and CVE-2015-3701. | |||||