Search
Total
6142 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-1441 | 1 Google | 1 Chrome | 2017-08-17 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the ParamTraits<SkBitmap>::Read function in Google Chrome before 1.0.154.64 allows attackers to leverage renderer access to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to a large bitmap that arrives over the IPC channel. | |||||
| CVE-2009-1291 | 1 Tibco | 4 Enterprise Message Service, Rtworks, Smartsockets and 1 more | 2017-08-17 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterprise Message Service (EMS) 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server (aka RTserver), SmartSockets client libraries and add-on products, RTworks libraries and components, EMS Server (aka tibemsd), SmartMQ, iProcess Engine, ActiveMatrix products, and CA Enterprise Communicator, allows remote attackers to execute arbitrary code via "inbound data," as demonstrated by requests to the UDP interface of the RTserver component, and data injection into the TCP stream to tibemsd. | |||||
| CVE-2009-0900 | 1 Ibm | 1 Websphere Mq | 2017-08-17 | 4.1 MEDIUM | N/A |
| Heap-based buffer overflow in the client in IBM WebSphere MQ 6.0 before 6.0.2.7 and 7.0 before 7.0.1.0 allows local users to gain privileges via crafted SSL information in a Client Channel Definition Table (CCDT) file. | |||||
| CVE-2009-0896 | 1 Ibm | 1 Websphere Mq | 2017-08-17 | 10.0 HIGH | N/A |
| Buffer overflow in the queue manager in IBM WebSphere MQ 6.x before 6.0.2.7 and 7.x before 7.0.1.0 allows remote attackers to execute arbitrary code via a crafted request. | |||||
| CVE-2009-0849 | 3 Linux, Microsoft, Novastor | 3 Linux, Windows, Novanet | 2017-08-17 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the DtbClsLogin function in NovaStor NovaNET 12 allows remote attackers to (1) execute arbitrary code on Linux platforms via a long username field during backup domain authentication, related to libnnlindtb.so; or (2) cause a denial of service (daemon crash) on Windows platforms via a long username field during backup domain authentication, related to nnwindtb.dll. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0659 | 1 Tptest | 1 Tptest | 2017-08-17 | 5.0 MEDIUM | N/A |
| Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 allows remote attackers to have an unknown impact via a STATS line with a long email field. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-7232 | 1 Netplex-tech | 1 Xtacacsd | 2017-08-17 | 10.0 HIGH | N/A |
| Buffer overflow in the report function in xtacacsd 4.1.2 and earlier allows remote attackers to execute arbitrary code via a crafted CONNECT TACACS command. | |||||
| CVE-2008-7162 | 1 Heroshare | 1 Hero Super Player 3000 | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in Hero Super Player 3000 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in a .M3U file. NOTE: this might be related to CVE-2008-4504. | |||||
| CVE-2008-7004 | 1 Elog | 1 Elog | 2017-08-17 | 10.0 HIGH | N/A |
| Buffer overflow in Electronic Logbook (ELOG) before 2.7.1 has unknown impact and attack vectors, possibly related to elog.c. | |||||
| CVE-2008-6821 | 1 Ibm | 1 Db2 | 2017-08-17 | 10.0 HIGH | N/A |
| Buffer overflow in the DAS server in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP2 might allow attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, a different vulnerability than CVE-2007-3676 and CVE-2008-3853. | |||||
| CVE-2008-6703 | 1 Stalker-game | 1 S.t.a.l.k.e.r.\ | 2017-08-17 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the IPureServer::_Recieve function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to execute arbitrary code via a compressed 0x39 packet, which is decompressed by the NET_Compressor::Decompress function. | |||||
| CVE-2008-6560 | 1 Redhat | 3 Cman, Fedora, Linux | 2017-08-17 | 7.8 HIGH | N/A |
| Buffer overflow in CMAN - The Cluster Manager before 2.03.09-1 on Fedora 9 and Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (CPU consumption and memory corruption) via a cluster.conf file with many lines. NOTE: it is not clear whether this issue crosses privilege boundaries in realistic uses of the product. | |||||
| CVE-2008-6415 | 1 Youngzsoft | 1 Ccproxy | 2017-08-17 | 10.0 HIGH | N/A |
| Buffer overflow in YoungZSoft CCProxy 6.5 might allow remote attackers to execute arbitrary code via a CONNECTION request with a long hostname. | |||||
| CVE-2009-0569 | 1 Rimarts | 1 Becky\! Internet Mail | 2017-08-08 | 9.3 HIGH | N/A |
| Buffer overflow in Becky! Internet Mail 2.48.02 and earlier allows remote attackers to execute arbitrary code via a mail message with a crafted return receipt request. | |||||
| CVE-2009-0544 | 1 Pycrypto | 1 Arc2 | 2017-08-08 | 10.0 HIGH | N/A |
| Buffer overflow in the PyCrypto ARC2 module 2.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length. | |||||
| CVE-2009-0509 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2017-08-08 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows remote attackers to execute arbitrary code via a crafted file that triggers memory corruption. | |||||
| CVE-2009-0363 | 2 Barnowl, Ktools | 2 Barnowl, Owl | 2017-08-08 | 7.5 HIGH | N/A |
| Multiple buffer overflows in (a) BarnOwl before 1.0.5 and (b) owl 2.1.11 allow remote attackers to execute arbitrary code via vectors involving (1) a crafted zcrypt message, related to zcrypt.c; (2) a reply command on a message with a Zephyr Cc: list, related to zwrite.c; and unspecified other use of the products. | |||||
| CVE-2009-0264 | 1 Fujitsu | 1 Systemcastwizard Lite | 2017-08-08 | 10.0 HIGH | N/A |
| Buffer overflow in the Registry Setting Tool in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier has unknown impact and attack vectors. | |||||
| CVE-2009-0215 | 1 Ibm | 1 Access Support Activex Control | 2017-08-08 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the GetXMLValue method in the IBM Access Support ActiveX control in IbmEgath.dll, as distributed on IBM and Lenovo computers, allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2009-0150 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 4.4 MEDIUM | N/A |
| Stack-based buffer overflow in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service (application crash) by attempting to mount a crafted sparse disk image. | |||||
| CVE-2009-0157 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in CFNetwork in Apple Mac OS X 10.5 before 10.5.7 allows remote web servers to execute arbitrary code or cause a denial of service (application crash) via long HTTP headers. | |||||
| CVE-2009-0009 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-08 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the Pixlet codec in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted movie file that triggers memory corruption. | |||||
| CVE-2008-6070 | 1 Graphicsmagick | 1 Graphicsmagick | 2017-08-08 | 9.3 HIGH | N/A |
| Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PALM image, a different vulnerability than CVE-2007-0770. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-6071 | 1 Graphicsmagick | 1 Graphicsmagick | 2017-08-08 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the DecodeImage function in coders/pict.c in GraphicsMagick before 1.1.14, and 1.2.x before 1.2.3, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PICT image. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5876 | 1 Irrlicht | 1 Irrlicht | 2017-08-08 | 9.3 HIGH | N/A |
| Buffer overflow in Irrlicht before 1.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors in the B3D loader. | |||||
| CVE-2008-5839 | 1 Foxmail | 1 Foxmail | 2017-08-08 | 9.3 HIGH | N/A |
| Buffer overflow in Foxmail 6.5 allows remote attackers to execute arbitrary code via a long mailto URI in the HREF attribute of an A element. | |||||
| CVE-2008-5662 | 1 Sun | 1 Java Wireless Toolkit For Cldc | 2017-08-08 | 9.3 HIGH | N/A |
| Multiple buffer overflows in Sun Java Wireless Toolkit (WTK) for CLDC 2.5.2 and earlier allow downloaded programs to execute arbitrary code via unknown vectors. | |||||
| CVE-2008-5514 | 1 University Of Washington | 1 Imap | 2017-08-08 | 4.3 MEDIUM | N/A |
| Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow. | |||||
| CVE-2008-5408 | 1 Symantec | 1 Backup Exec For Windows Server | 2017-08-08 | 9.0 HIGH | N/A |
| Buffer overflow in the data management protocol in Symantec Backup Exec for Windows Servers 11.0 (aka 11d) builds 6235 and 7170, 12.0 build 1364, and 12.5 build 2213 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors. NOTE: this can be exploited by unauthenticated remote attackers by leveraging CVE-2008-5407. | |||||
| CVE-2008-5177 | 1 Insight-tech | 1 Yosemite Backup | 2017-08-08 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the DtbClsLogin function in Yosemite Backup 8.7 allows remote attackers to (1) execute arbitrary code on a Linux platform, related to libytlindtb.so; or (2) cause a denial of service (application crash) and possibly execute arbitrary code on a Windows platform, related to ytwindtb.dll; via a long username field during authentication. | |||||
| CVE-2008-5246 | 1 Xine | 1 Xine-lib | 2017-08-08 | 9.3 HIGH | N/A |
| Multiple heap-based buffer overflows in xine-lib before 1.1.15 allow remote attackers to execute arbitrary code via vectors that send ID3 data to the (1) id3v22_interp_frame and (2) id3v24_interp_frame functions in src/demuxers/id3.c. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-5245 | 1 Xine | 1 Xine-lib | 2017-08-08 | 9.3 HIGH | N/A |
| xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c. | |||||
| CVE-2008-5101 | 1 Optipng | 1 Optipng | 2017-08-08 | 9.3 HIGH | N/A |
| Buffer overflow in the BMP reader in OptiPNG 0.6 and 0.6.1 allows user-assisted attackers to execute arbitrary code via a crafted BMP image, related to an "array overflow." | |||||
| CVE-2008-5091 | 1 Novell | 1 Edirectory | 2017-08-08 | 10.0 HIGH | N/A |
| Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allows attackers to cause a denial of service (application crash) via vectors involving an "invalid extensibleMatch filter." | |||||
| CVE-2008-5048 | 1 Isecsoft | 1 Anti-trojan Elite | 2017-08-08 | 7.2 HIGH | N/A |
| Buffer overflow in Atepmon.sys in ISecSoft Anti-Trojan Elite 4.2.1 and earlier, and possibly 4.2.2, allows local users to cause a denial of service (crash) and possibly execute arbitrary code via long inputs to the 0x00222494 IOCTL. | |||||
| CVE-2008-5008 | 1 Mega-nerd | 1 Secret Rabbit Code | 2017-08-08 | 9.3 HIGH | N/A |
| Buffer overflow in src/src_sinc.c in Secret Rabbit Code (aka SRC or libsamplerate) before 0.1.4, when "extreme low conversion ratios" are used, allows user-assisted attackers to have an unknown impact via a crafted audio file. | |||||
| CVE-2008-5030 | 1 Libcaudio | 1 Libcaudio | 2017-08-08 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the cddb_read_disc_data function in cddb.c in libcdaudio 0.99.12p2 allows remote CDDB servers to execute arbitrary code via long CDDB data. | |||||
| CVE-2008-4867 | 2 Ffmpeg, Mplayer | 2 Ffmpeg, Mplayer | 2017-08-08 | 10.0 HIGH | N/A |
| Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as used by MPlayer, allows context-dependent attackers to have an unknown impact via vectors related to an incorrect DCA_MAX_FRAME_SIZE value. | |||||
| CVE-2008-4866 | 2 Ffmpeg, Mplayer | 2 Ffmpeg, Mplayer | 2017-08-08 | 10.0 HIGH | N/A |
| Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 before r14715, as used by MPlayer, allow context-dependent attackers to have an unknown impact via vectors related to execution of DTS generation code with a delay greater than MAX_REORDER_DELAY. | |||||
| CVE-2008-4776 | 1 Wojtek Kaniewsk | 1 Libgadu | 2017-08-08 | 4.3 MEDIUM | N/A |
| libgadu before 1.8.2 allows remote servers to cause a denial of service (crash) via a contact description with a large length, which triggers a buffer over-read. | |||||
| CVE-2008-4664 | 1 Qvod | 1 Qvod Player | 2017-08-08 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in QvodInsert.QvodCtrl.1 ActiveX control (QvodInsert.dll) in QVOD Player before 2.1.5 build 0053 allows remote attackers to execute arbitrary code via a long URL property. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-4631 | 1 Myer Sound Laboratories | 1 Muscle | 2017-08-08 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the Message::AddToString function in message/Message.cpp in MUSCLE before 4.40 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted message. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-4564 | 3 Autonomy, Ibm, Symantec | 10 Keyview Export Sdk, Keyview Filter Sdk, Keyview Viewer Sdk and 7 more | 2017-08-08 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file. | |||||
| CVE-2008-4541 | 1 Sun | 1 Java System Web Proxy Server | 2017-08-08 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request. | |||||
| CVE-2008-4563 | 2 Ibm, Microsoft | 3 Tivoli Storage Manager, Tivoli Storage Manager Express, Windows | 2017-08-08 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in adsmdll.dll 5.3.7.7296, as used by the daemon (dsmsvc.exe) in the backup server in IBM Tivoli Storage Manager (TSM) Express 5.3.7.3 and earlier and TSM 5.2, 5.3 before 5.3.6.0, and 5.4.0.0 through 5.4.4.0, allows remote attackers to execute arbitrary code via a crafted length value. | |||||
| CVE-2008-4508 | 1 Tonec Inc. | 1 Internet Download Manager | 2017-08-08 | 7.8 HIGH | N/A |
| Stack-based buffer overflow in the file parsing function in Tonec Internet Download Manager, possibly 5.14 and earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted AppleDouble file containing a long string. NOTE: this is probably a different vulnerability than CVE-2005-2210. | |||||
| CVE-2008-4504 | 1 Herosoft | 1 Hero Dvd Player | 2017-08-08 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in Mplayer.exe in Herosoft Inc. Hero DVD Player 3.0.8 allows user-assisted remote attackers to execute arbitrary code via an M3u file with a "long entry." NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2008-4434 | 2 Bittorrent, Utorrent | 2 Bittorrent, Utorrent | 2017-08-08 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in (1) uTorrent 1.7.7 build 8179 and earlier and (2) BitTorrent 6.0.3 build 8642 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Created By field in a .torrent file. | |||||
| CVE-2008-4396 | 1 Safer Networking | 1 Filealyzer | 2017-08-08 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Safer Networking FileAlyzer 1.6.0.0 and 1.6.0.4 beta, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via an executable with malformed version data. | |||||
| CVE-2008-4395 | 2 Linux, Ubuntu | 2 Linux Kernel, Linux Kernel | 2017-08-08 | 8.3 HIGH | N/A |
| Multiple buffer overflows in the ndiswrapper module 1.53 for the Linux kernel 2.6 allow remote attackers to execute arbitrary code by sending packets over a local wireless network that specify long ESSIDs. | |||||