Search
Total
6142 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-2930 | 1 Pharscape | 1 Hsolink | 2017-08-17 | 7.2 HIGH | N/A |
| Multiple stack-based buffer overflows in hsolinkcontrol in hsolink 1.0.118 allow local users to gain privileges via long command-line arguments, a different vulnerability than CVE-2010-1671. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-2810 | 1 Lynx | 1 Lynx | 2017-08-17 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the convert_to_idna function in WWW/Library/Implementation/HTParse.c in Lynx 2.8.8dev.1 through 2.8.8dev.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed URL containing a % (percent) character in the domain name. | |||||
| CVE-2010-2701 | 1 Fathsoft | 1 Fathftp | 2017-08-17 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the FathFTP ActiveX control 1.7 allow remote attackers to execute arbitrary code via (1) the GetFromURL member or (2) a long argument to the RasIsConnected method. | |||||
| CVE-2010-2709 | 1 Hp | 1 Openview Network Node Manager | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long OvJavaLocale value in a cookie. | |||||
| CVE-2010-2702 | 1 Epicgames | 6 Postal 2, Raven Shield, Swat 4 and 3 more | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in the UGameEngine::UpdateConnectingMessage function in the Unreal engine 1, 2, and 2.5, as used in multiple games including Unreal Tournament 2004, Unreal tournament 2003, Postal 2, Raven Shield, and SWAT4, when downloads are enabled, allows remote attackers to execute arbitrary code via a long LEVEL field in a WELCOME response to a download request. | |||||
| CVE-2010-2604 | 1 Rim | 2 Blackberry Enterprise Server, Blackberry Enterprise Server Express | 2017-08-17 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server 4.1.3 through 5.0.2, and Enterprise Server Express 5.0.1 and 5.0.2, allow remote attackers to execute arbitrary code via a crafted PDF file. | |||||
| CVE-2010-2602 | 1 Rim | 1 Blackberry Enterprise Server | 2017-08-17 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Enterprise Server 5.0.0 through 5.0.2, 4.1.6, and 4.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF document. | |||||
| CVE-2010-2587 | 1 Adobe | 1 Shockwave Player | 2017-08-17 | 9.3 HIGH | N/A |
| The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2588 and CVE-2010-4188. | |||||
| CVE-2010-2588 | 1 Adobe | 1 Shockwave Player | 2017-08-17 | 9.3 HIGH | N/A |
| The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2587 and CVE-2010-4188. | |||||
| CVE-2010-2489 | 2 Microsoft, Ruby-lang | 2 Windows, Ruby | 2017-08-17 | 7.2 HIGH | N/A |
| Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow local users to gain privileges via a crafted ARGF.inplace_mode value that is not properly handled when constructing the filenames of the backup files. | |||||
| CVE-2010-2439 | 1 Moreforge | 1 Moreamp | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in MoreAmp allows remote attackers to execute arbitrary code via a long line in a song list (.maf file). | |||||
| CVE-2010-2360 | 1 Isamu Kaneko | 1 Winny | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Winny 2.0b7.1 and earlier might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2006-2007. | |||||
| CVE-2010-2350 | 1 Daniel Mealha Cabrita | 1 Ziproxy | 2017-08-17 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the PNG decoder in Ziproxy 3.1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNG file. | |||||
| CVE-2010-2348 | 1 Freesoftwaretoolbox | 1 Batch Audio Converter | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Batch Audio Converter Lite Edition 1.0.0.0 and earlier allows remote attackers to execute arbitrary code via a long line in a .WAV file. | |||||
| CVE-2010-2343 | 1 Dennisre | 1 Audio Converter | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in D.R. Software Audio Converter 8.1, 2007, and 8.05 allows remote attackers to execute arbitrary code via a crafted pls playlist file. | |||||
| CVE-2010-2330 | 1 Upredsun | 1 Isharer File Sharing Wizard | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Content-Length header. | |||||
| CVE-2010-2329 | 1 Rosoftengineering | 1 Rosoft Audio Converter | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in Rosoft Audio Converter 4.4.4 allows remote attackers to execute arbitrary code via a long playlist entry in a .m3u file. | |||||
| CVE-2010-2321 | 1 Adobe | 1 Indesign Cs3 | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in Adobe InDesign CS3 10.0 allows user-assisted remote attackers to execute arbitrary code via a crafted .indd file. | |||||
| CVE-2010-2311 | 1 Power-tab | 1 Power Tab Editor | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Power Tab Editor 1.7 build 80 allows user-assisted remote attackers to execute arbitrary code via a .ptb file with a long font name. | |||||
| CVE-2010-2305 | 1 Symantec | 1 Sygate Personal Firewall | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in an ActiveX control in SSHelper.dll for Symantec Sygate Personal Firewall 5.6 build 2808 allows remote attackers to execute arbitrary code via a long third argument to the SetRegString method. | |||||
| CVE-2010-2191 | 1 Php | 1 Php | 2017-08-17 | 6.4 MEDIUM | N/A |
| The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; the (5) ZEND_FETCH_RW, (6) ZEND_CONCAT, and (7) ZEND_ASSIGN_CONCAT opcodes; and the (8) ArrayObject::uasort method in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal function or handler. NOTE: vectors 2 through 4 are related to the call time pass by reference feature. | |||||
| CVE-2010-2031 | 1 Kingsoft | 1 Webshield | 2017-08-17 | 7.2 HIGH | N/A |
| KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVSafe device. | |||||
| CVE-2010-2028 | 1 Mgenti | 1 Tftputil Gui | 2017-08-17 | 10.0 HIGH | N/A |
| Buffer overflow in k23productions TFTPUtil GUI (aka TFTPGUI) 1.4.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long transport mode. | |||||
| CVE-2010-2004 | 1 Bsplayer | 1 Bs.player | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in BS.Global BS.Player 2.51 Build 1022 Free, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via the Skin parameter in the Options section of a skins file (.bsi), a different vulnerability than CVE-2009-1068. | |||||
| CVE-2010-1932 | 1 Xnview | 1 Xnview | 2017-08-17 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in XnView 1.97.4 and possibly earlier allows remote attackers to execute arbitrary code via a MultiBitMap (MBM) file with a Paint Data Section that contains a malformed Encoding field. | |||||
| CVE-2010-1688 | 1 2brightsparks | 1 Syncback | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in 2BrightSparks SyncBack Freeware 3.2.20.0, and possibly other versions before 3.2.21, allows user-assisted remote attackers to execute arbitrary code via a long filename in a (1) .sps or (2) zip profile. | |||||
| CVE-2010-1597 | 1 Zipgenius | 1 Zipgenius | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in zgtips.dll in ZipGenius 6.3.1.2552 allows user-assisted remote attackers to execute arbitrary code via a ZIP file containing an entry with a long filename. | |||||
| CVE-2010-1465 | 1 Trellian | 1 Ftp | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Trellian FTP client 3.01, including 3.1.3.1789, allows remote attackers to execute arbitrary code via a long PASV response. | |||||
| CVE-2010-1458 | 2 Microsoft, Tweakfs | 2 Flight Simulator X, Tweakfs Zip Utility | 2017-08-17 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in Create and Extract Zips TweakFS Zip Utility 1.0 for Flight Simulator X (FSX) allows remote attackers to execute arbitrary code via a long filename in a ZIP archive. | |||||
| CVE-2010-1296 | 1 Adobe | 1 Photoshop Cs4 | 2017-08-17 | 9.3 HIGH | N/A |
| Multiple buffer overflows in Adobe Photoshop CS4 before 11.0.2 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) .ASL, (2) .ABR, or (3) .GRD file. | |||||
| CVE-2010-1033 | 1 Hp | 1 Operations Manager | 2017-08-17 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in a certain Tetradyne ActiveX control in HP Operations Manager 7.5, 8.10, and 8.16 might allow remote attackers to execute arbitrary code via a long string argument to the (1) LoadFile or (2) SaveFile method, related to srcvw32.dll and srcvw4.dll. | |||||
| CVE-2010-0919 | 1 Ibm | 3 Domino Web Access, Lotus Domino, Lotus Inotes | 2017-08-17 | 7.6 HIGH | N/A |
| Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka Domino Web Access or DWA) 6.5, 7.0 before 7.0.4, 8.0, 8.0.2, and before 229.281 for Domino 8.0.2 FP4 allows remote attackers to execute arbitrary code via a long URL argument to an unspecified method, aka PRAD7JTNHJ. | |||||
| CVE-2010-0718 | 1 Microsoft | 1 Windows Media Player | 2017-08-17 | 4.3 MEDIUM | N/A |
| Buffer overflow in Microsoft Windows Media Player 9 and 11.0.5721.5145 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted .mpg file. | |||||
| CVE-2010-0688 | 1 Orbitals | 1 Orbital Viewer | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Orbital Viewer 1.04 allows user-assisted remote attackers to execute arbitrary code via a crafted (1) .orb or (2) .ov file. | |||||
| CVE-2010-0564 | 1 Trendmicro | 1 Officescan | 2017-08-17 | 5.0 MEDIUM | N/A |
| Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in OfficeScan 8.0 before SP1 Patch 5 - Build 3510, possibly tmufeng.dll before 3.0.0.1029, allows attackers to cause a denial of service (crash or OfficeScan hang) via unspecified vectors. NOTE: it is likely that this issue also affects tmufeng.dll before 2.0.0.1049 for OfficeScan 10.0. | |||||
| CVE-2010-0387 | 1 Sun | 1 Java System Web Server | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple heap-based buffer overflows in (1) webservd and (2) the admin server in Sun Java System Web Server 7.0 Update 7 allow remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via a long string in an "Authorization: Digest" HTTP header. | |||||
| CVE-2010-0356 | 1 Viscomsoft | 1 Movie Player Pro Sdk Activex | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the MOVIEPLAYER.MoviePlayerCtrl.1 ActiveX control in MoviePlayer.ocx 6.8.0.0 in Viscom Software Movie Player Pro SDK ActiveX 6.8 allows remote attackers to execute arbitrary code via a long strFontName parameter to the DrawText method. | |||||
| CVE-2010-0272 | 1 Sun | 1 Java System Web Server | 2017-08-17 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attackers to discover process memory locations via crafted data to TCP port 80, as demonstrated by the vd_sjws2 module in VulnDisco. NOTE: as of 20100106, this disclosure has no actionable information. However, because the VulnDisco author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2010-0138 | 2 Cisco, Microsoft | 2 Ciscoworks Internetwork Performance Monitor, Windows | 2017-08-17 | 10.0 HIGH | N/A |
| Buffer overflow in Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 and earlier on Windows, as distributed in CiscoWorks LAN Management Solution (LMS), allows remote attackers to execute arbitrary code via a malformed getProcessName CORBA General Inter-ORB Protocol (GIOP) request, related to a "third-party component," aka Bug ID CSCsv62350. | |||||
| CVE-2010-0110 | 1 Symantec | 3 Antivirus, Antivirus Central Quarantine Server, System Center | 2017-08-17 | 7.9 HIGH | N/A |
| Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service. | |||||
| CVE-2010-0037 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted DNG image. | |||||
| CVE-2010-0036 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file. | |||||
| CVE-2009-5022 | 1 Libtiff | 1 Libtiff | 2017-08-17 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrary code via a crafted TIFF file. | |||||
| CVE-2009-5018 | 1 Catb | 1 Gif2png | 2017-08-17 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long command-line argument, as demonstrated by a CGI program that launches gif2png. | |||||
| CVE-2009-4897 | 1 Artifex | 3 Afpl Ghostscript, Ghostscript Fonts, Gpl Ghostscript | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document containing a long name. | |||||
| CVE-2009-4850 | 1 Awingsoft | 1 Awakening Winds3d Viewer Plugin | 2017-08-17 | 9.3 HIGH | N/A |
| The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file. | |||||
| CVE-2009-4846 | 1 Deliantra | 1 Deliantra | 2017-08-17 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in Deliantra Server before 2.82 allow remote attackers to execute arbitrary code via vectors related to (1) the command_gsay function in server/c_party.C and (2) the book implementation. | |||||
| CVE-2009-4737 | 1 Justsystems | 2 Ichitaro, Ichitaro Viewer | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to "pvpara ffooter." | |||||
| CVE-2009-4486 | 1 Novell | 1 Imanager | 2017-08-17 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the eDirectory plugin in Novell iManager before 2.7.3 allows remote attackers to execute arbitrary code via vectors that trigger long arguments to an unspecified sub-application, related to importing and exporting from a schema. | |||||
| CVE-2009-4292 | 1 Iij | 6 Seil\/b1, Seil\/b1 Firmware, Seil\/x1 and 3 more | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in the URL filtering function in Internet Initiative Japan SEIL/X1, SEIL/X2, and SEIL/B1 firmware 2.40 through 2.51 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||