Search
Total
11946 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1278 | 1 Adobe | 2 Acrobat, Reader | 2018-10-10 | 9.3 HIGH | N/A |
| Buffer overflow in the Atlcom.get_atlcom ActiveX control in gp.ocx in Adobe Download Manager, as used in Adobe Reader and Acrobat 8.x before 8.2 and 9.x before 9.3, allows remote attackers to execute arbitrary code via unspecified parameters. | |||||
| CVE-2010-1398 | 2 Apple, Microsoft | 7 Mac Os X, Mac Os X Server, Safari and 4 more | 2018-10-10 | 9.3 HIGH | N/A |
| WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly perform ordered list insertions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document, related to the insertion of an unspecified element into an editable container and the access of an uninitialized element. | |||||
| CVE-2010-1185 | 1 Sap | 1 Maxdb | 2018-10-10 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and 7.6.0.37 through 7.6.06 allows remote attackers to execute arbitrary code via an invalid length parameter in a handshake packet to TCP port 7210. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-0994 | 1 Visualizationlibrary | 1 Visualization Library | 2018-10-10 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in src/vl/vlDAT.cpp in Visualization Library 2009.08.812 allow user-assisted remote attackers to execute arbitrary code via a crafted DAT file, related to the (1) vl::loadDAT and (2) vl::isDAT functions. | |||||
| CVE-2010-0995 | 1 Tonec | 1 Internet Download Manager | 2018-10-10 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Internet Download Manager (IDM) before 5.19 allows remote attackers to execute arbitrary code via a crafted FTP URI that causes unspecified "test sequences" to be sent from client to server. | |||||
| CVE-2010-0998 | 1 Freedownloadmanager | 1 Free Download Manager | 2018-10-10 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Free Download Manager (FDM) before 3.0.852 allow remote attackers to execute arbitrary code via vectors involving (1) the folders feature in Site Explorer, (2) the websites feature in Site Explorer, (3) an FTP URI, or (4) a redirect. | |||||
| CVE-2010-1084 | 1 Linux | 1 Linux Kernel | 2018-10-10 | 7.1 HIGH | N/A |
| Linux kernel 2.6.18 through 2.6.33, and possibly other versions, allows remote attackers to cause a denial of service (memory corruption) via a large number of Bluetooth sockets, related to the size of sysfs files in (1) net/bluetooth/l2cap.c, (2) net/bluetooth/rfcomm/core.c, (3) net/bluetooth/rfcomm/sock.c, and (4) net/bluetooth/sco.c. | |||||
| CVE-2010-0990 | 1 Creative | 2 Autoupdate, Autoupdate Engine Activex Control | 2018-10-10 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Creative Software AutoUpdate Engine ActiveX Control 2.0.12.0, as used in Creative Software AutoUpdate 1.40.01, allows remote attackers to execute arbitrary code via vectors related to the BrowseFolder method. | |||||
| CVE-2010-0991 | 1 Enlightenment | 1 Imlib2 | 2018-10-10 | 6.8 MEDIUM | N/A |
| Multiple heap-based buffer overflows in imlib2 1.4.3 allow context-dependent attackers to execute arbitrary code via a crafted (1) ARGB, (2) XPM, or (3) BMP file, related to the IMAGE_DIMENSIONS_OK macro in lib/image.h. | |||||
| CVE-2010-0624 | 1 Gnu | 2 Cpio, Tar | 2018-10-10 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character. | |||||
| CVE-2010-0625 | 1 Novell | 2 Netware, Netware Ftp Server | 2018-10-10 | 6.5 MEDIUM | N/A |
| Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command. | |||||
| CVE-2010-0619 | 1 Lexmark | 1 X94x | 2018-10-10 | 7.3 HIGH | N/A |
| Stack-based buffer overflow in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printcryption DLE components on certain Lexmark laser printers and multi-function printers allows remote attackers to execute arbitrary code or cause a denial of service (device hang) via a long argument to a PJL INQUIRE command. | |||||
| CVE-2010-0553 | 1 Geopp | 1 Geo\+\+ Gncaster | 2018-10-10 | 6.5 MEDIUM | N/A |
| Geo++ GNCASTER 1.4.0.7 and earlier allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a long NMEA data sentence. | |||||
| CVE-2010-0529 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2018-10-10 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a BkPixPat opcode (0x12) containing crafted values that are used in a calculation for memory allocation. | |||||
| CVE-2010-0528 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2018-10-10 | 9.3 HIGH | N/A |
| Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted color tables in a movie file, related to malformed MediaVideo data, a sample description atom (STSD), and a crafted length value. | |||||
| CVE-2010-0526 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2018-10-10 | 4.3 MEDIUM | N/A |
| Heap-based buffer overflow in QuickTimeMPEG.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted genl atom in a QuickTime movie file with MPEG encoding, which is not properly handled during decompression. | |||||
| CVE-2010-0505 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2018-10-10 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 (JPEG2000) image, related to incorrect calculation and the CGImageReadGetBytesAtOffset function. | |||||
| CVE-2010-0516 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2018-10-10 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with RLE encoding, which triggers memory corruption when the length of decompressed data exceeds that of the allocated heap chunk. | |||||
| CVE-2010-0517 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2018-10-10 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with M-JPEG encoding, which causes QuickTime to calculate a buffer size using height and width fields, but to use a different field to control the length of a copy operation. | |||||
| CVE-2010-0520 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2018-10-10 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in QuickTimeAuthoring.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FLC file, related to crafted DELTA_FLI chunks and untrusted length values in a .fli file, which are not properly handled during decompression. | |||||
| CVE-2010-0392 | 1 Thegreenbow | 1 Ipsec Vpn Client | 2018-10-10 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in vpnconf.exe in TheGreenBow IPSec VPN Client 4.51.001, 4.65.003, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a long OpenScriptAfterUp parameter in a policy (.tgb) file, related to "phase 2." | |||||
| CVE-2010-0107 | 1 Symantec | 4 Client Security, Norton 360, Norton Antivirus and 1 more | 2018-10-10 | 9.3 HIGH | N/A |
| Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. NOTE: this is only a vulnerability if the attacker can "masquerade as an authorized site." | |||||
| CVE-2010-0059 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2018-10-10 | 6.8 MEDIUM | N/A |
| CoreAudio in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted audio content with QDM2 encoding, which triggers a buffer overflow due to inconsistent length fields, related to QDCA. | |||||
| CVE-2009-4654 | 2 Microsoft, Novell | 2 Windows, Edirectory | 2018-10-10 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to execute arbitrary code via long sadminpwd and verifypwd parameters in a submit action to /dhost/httpstk. | |||||
| CVE-2009-4668 | 1 Cowon America | 1 Jetaudio | 2018-10-10 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long ID3 tag in an MP3 file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4462 | 1 Intellicom | 3 Netbiter Webscada Ws100, Netbiter Webscada Ws200, Netbiterconfig | 2018-10-10 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the NetBiterConfig utility (NetBiterConfig.exe) 1.3.0 for Intellicom NetBiter WebSCADA allows remote attackers to execute arbitrary code via a long hn (hostname) parameter in a crafted HICP-protocol UDP packet. | |||||
| CVE-2009-4310 | 2 Microsoft, Windows | 4 Windows 2000, Windows 2003 Server, Windows Xp and 1 more | 2018-10-10 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted compressed video data in an IV41 stream in a media file, leading to many loop iterations, as demonstrated by data in an AVI file. | |||||
| CVE-2009-4988 | 1 Sap | 1 Business One 2005-a | 2018-10-10 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in NT_Naming_Service.exe in SAP Business One 2005 A 6.80.123 and 6.80.320 allows remote attackers to execute arbitrary code via a long GIOP request to TCP port 30000. | |||||
| CVE-2009-4653 | 2 Microsoft, Novell | 2 Windows, Edirectory | 2018-10-10 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to cause a denial of service (dhost.exe crash) and possibly execute arbitrary code via a long string to /dhost/modules?I:. | |||||
| CVE-2009-4309 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Media Player and 1 more | 2018-10-10 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream in a media file, as demonstrated by an AVI file. | |||||
| CVE-2010-0062 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2018-10-10 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in quicktime.qts in CoreMedia and QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed .3g2 movie file with H.263 encoding that triggers an incorrect buffer length calculation. | |||||
| CVE-2009-4753 | 1 Nas Adapter | 1 Nasu2fw41 | 2018-10-10 | 7.1 HIGH | N/A |
| Multiple buffer overflows in the FTP server on the Addonics NAS Adapter NASU2FW41 with loader 1.17 allow remote attackers to cause a denial of service (TCP/IP outage) via long arguments to the (1) XRMD, (2) delete, (3) RNFR, or (4) RNTO command. | |||||
| CVE-2009-4009 | 1 Powerdns | 1 Recursor | 2018-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets. | |||||
| CVE-2009-4177 | 1 Hp | 1 Openview Network Node Manager | 2018-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Host header. | |||||
| CVE-2009-4181 | 1 Hp | 1 Openview Network Node Manager | 2018-10-10 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via vectors involving the sel and arg parameters to jovgraph.exe. | |||||
| CVE-2009-4179 | 1 Hp | 1 Openview Network Node Manager | 2018-10-10 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in ovalarm.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Accept-Language header in an OVABverbose action. | |||||
| CVE-2009-4176 | 1 Hp | 1 Openview Network Node Manager | 2018-10-10 | 10.0 HIGH | N/A |
| Multiple heap-based buffer overflows in ovsessionmgr.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long (1) userid or (2) passwd parameter to ovlogin.exe. | |||||
| CVE-2009-4257 | 3 Apple, Microsoft, Realnetworks | 6 Mac Os X, Windows, Helix Player and 3 more | 2018-10-10 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in datatype/smil/common/smlpkt.cpp in smlrender.dll in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10 and 11.0.0, and Helix Player 10.x and 11.0.0 allows remote attackers to execute arbitrary code via an SMIL file with crafted string lengths. | |||||
| CVE-2009-4244 | 3 Apple, Microsoft, Realnetworks | 6 Mac Os X, Windows, Helix Player and 3 more | 2018-10-10 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via an SIPR codec field with a small length value that triggers incorrect memory allocation. | |||||
| CVE-2009-4241 | 3 Apple, Microsoft, Realnetworks | 6 Mac Os X, Windows, Helix Player and 3 more | 2018-10-10 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote attackers to execute arbitrary code via a file with invalid ASMRuleBook structures that trigger heap memory corruption. | |||||
| CVE-2009-4002 | 1 Adobe | 1 Shockwave Player | 2018-10-10 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Adobe Shockwave Player before 11.5.6.606 allows remote attackers to execute arbitrary code via a crafted 3D model in a Shockwave file. | |||||
| CVE-2009-4049 | 1 Avast | 2 Avast Antivirus Home, Avast Antivirus Professional | 2018-10-10 | 7.2 HIGH | N/A |
| Heap-based buffer overflow in aswRdr.sys (aka the TDI RDR driver) in avast! Home and Professional 4.8.1356.0 allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted arguments to IOCTL 0x80002024. | |||||
| CVE-2009-4242 | 3 Apple, Microsoft, Realnetworks | 6 Mac Os X, Windows, Helix Player and 3 more | 2018-10-10 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the CGIFCodec::GetPacketBuffer function in datatype/image/gif/common/gifcodec.cpp in RealNetworks RealPlayer 10; RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741; RealPlayer 11 11.0.0 through 11.0.4; RealPlayer Enterprise; Mac RealPlayer 10, 10.1, and 11.0; Linux RealPlayer 10; and Helix Player 10.x allows remote attackers to execute arbitrary code via a GIF file with crafted chunk sizes that trigger improper memory allocation. | |||||
| CVE-2009-4195 | 1 Adobe | 1 Illustrator | 2018-10-10 | 9.3 HIGH | N/A |
| Buffer overflow in Adobe Illustrator CS4 14.0.0, CS3 13.0.3 and earlier, and CS3 13.0.0 allows remote attackers to execute arbitrary code via a long DSC comment in an Encapsulated PostScript (.eps) file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4171 | 1 Yahoo | 1 Messenger | 2018-10-10 | 4.3 MEDIUM | N/A |
| An ActiveX control in YahooBridgeLib.dll for Yahoo! Messenger 9.0.0.2162, and possibly other 9.0 versions, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by calling the RegisterMe method with a long argument. | |||||
| CVE-2009-4246 | 3 Apple, Microsoft, Realnetworks | 6 Mac Os X, Windows, Helix Player and 3 more | 2018-10-10 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows user-assisted remote attackers to execute arbitrary code via a malformed .RJS skin file that contains a web.xmb file with crafted length values. | |||||
| CVE-2009-4178 | 1 Hp | 1 Openview Network Node Manager | 2018-10-10 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in OvWebHelp.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Topic parameter. | |||||
| CVE-2009-4108 | 1 Dxm2008 | 1 Xm Easy Personal Ftp Server | 2018-10-10 | 4.0 MEDIUM | N/A |
| XM Easy Personal FTP Server 5.8.0 allows remote authenticated users to cause a denial of service (crash) by uploading or creating a large number of files or directories, then performing a LIST command. | |||||
| CVE-2009-4180 | 1 Hp | 1 Openview Network Node Manager | 2018-10-10 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Host header. | |||||
| CVE-2009-3700 | 1 Squidguard | 1 Squidguard | 2018-10-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in sgLog.c in squidGuard 1.3 and 1.4 allows remote attackers to cause a denial of service (application hang or loss of blocking functionality) via a long URL with many / (slash) characters, related to "emergency mode." | |||||