Search
Total
11946 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-1071 | 1 Randomsoftware | 1 Icarus | 2017-10-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Icarus 2.0 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted Portable Game Notation (.pgn) file. | |||||
| CVE-2017-14692 | 1 Stdutility | 1 Stdu Viewer | 2017-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllGetClassObject+0x000000000000653b." | |||||
| CVE-2017-14688 | 1 Stdutility | 1 Stdu Viewer | 2017-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to a "Read Access Violation starting at STDUDjVuFile!DllUnregisterServer+0x000000000000d917." | |||||
| CVE-2015-7896 | 1 Samsung | 2 Galaxy S6, Samsung Mobile | 2017-10-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file. | |||||
| CVE-2017-8742 | 1 Microsoft | 7 Office Compatibility Pack, Office Web Apps, Office Web Apps Server and 4 more | 2017-09-29 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Microsoft PowerPoint Viewer 2007, Microsoft SharePoint Server 2013 Service Pack 1, Microsoft SharePoint Enterprise Server 2016, Microsoft Office Web Apps 2010 Service Pack 2, and Microsoft Office Compatibility Pack Service Pack 3 when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8743. | |||||
| CVE-2017-14727 | 1 Weechat | 2 Logger, Weechat | 2017-09-29 | 5.0 MEDIUM | 7.5 HIGH |
| logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized. | |||||
| CVE-2017-14691 | 1 Stdutility | 1 Stdu Viewer | 2017-09-29 | 4.6 MEDIUM | 7.8 HIGH |
| STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_773a0000!RtlAddAccessAllowedAce+0x000000000000027a." | |||||
| CVE-2017-14689 | 1 Stdutility | 1 Stdu Viewer | 2017-09-29 | 4.6 MEDIUM | 7.8 HIGH |
| STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at STDUDjVuFile!DllUnregisterServer+0x000000000000328e." | |||||
| CVE-2017-14690 | 1 Stdutility | 1 Stdu Viewer | 2017-09-29 | 4.6 MEDIUM | 7.8 HIGH |
| STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting at STDUJBIG2File!DllGetClassObject+0x00000000000064e7." | |||||
| CVE-2009-1352 | 1 Dawningsoft | 1 Powerchm | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Dawningsoft PowerCHM 5.7 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an HTML file with a link to a long URL, as demonstrated by a .rar URL. | |||||
| CVE-2009-0833 | 2 Myplugins, Nullsoft | 2 Gen Msn, Winamp | 2017-09-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in gen_msn.dll in the gen_msn plugin 0.31 for Winamp 5.541 allows remote attackers to execute arbitrary code via a playlist (.pls) file with a long URL in the File1 field. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0885 | 1 Mediacommands | 1 Media Commands | 2017-09-29 | 9.3 HIGH | N/A |
| Multiple heap-based buffer overflows in Media Commands 1.0 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in a (1) M3U, (2) M3l, (3) TXT, and (4) LRC playlist file. | |||||
| CVE-2009-0909 | 1 Vmware | 4 Ace, Player, Server and 1 more | 2017-09-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CAN-435. | |||||
| CVE-2009-0910 | 1 Vmware | 4 Ace, Player, Server and 1 more | 2017-09-29 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CAN-436. | |||||
| CVE-2009-1028 | 1 Edisys | 1 Ezip Wizard | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in ediSys eZip Wizard 3.0 allows remote attackers to execute arbitrary code via a crafted .zip file. | |||||
| CVE-2009-1040 | 1 Winasm | 1 Winasm Studio | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in WinAsm Studio 5.1.5.0 allows user-assisted remote attackers to execute arbitrary code via a crafted project (.wap) file. | |||||
| CVE-2009-1041 | 1 Freebsd | 1 Freebsd | 2017-09-29 | 7.2 HIGH | N/A |
| The ktimer feature (sys/kern/kern_time.c) in FreeBSD 7.0, 7.1, and 7.2 allows local users to overwrite arbitrary kernel memory via an out-of-bounds timer value. | |||||
| CVE-2009-1057 | 1 Microsmarts | 1 Zipitfast\! | 2017-09-29 | 10.0 HIGH | N/A |
| MicroSmarts Enterprise ZipItFast! 3.0 allows remote attackers to execute arbitrary code via a crafted .zip file that triggers memory corruption, related to a "format string buffer overflow." NOTE: CVE has not investigated whether the specified file.zip file can be used for exploitation of this product. | |||||
| CVE-2009-1058 | 1 Zipgenius | 1 Zipgenius | 2017-09-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in ZipGenius might allow remote attackers to execute arbitrary code via a crafted .zip file that triggers an SEH overwrite. NOTE: it is possible that this overlaps CVE-2005-3317. NOTE: CVE has not investigated whether the specified file.zip file can be used for exploitation of this product. | |||||
| CVE-2009-1059 | 1 Powerzip | 1 Powerzip | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Trident PowerZip 7.2 might allow remote attackers to execute arbitrary code via a crafted .zip file. NOTE: CVE has not investigated whether the specified file.zip file can be used for exploitation of this product. | |||||
| CVE-2009-1063 | 1 Brother Soft | 1 Exescope | 2017-09-29 | 6.8 MEDIUM | N/A |
| Buffer overflow in eXeScope 6.50 allows user-assisted remote attackers to execute arbitrary code via a crafted executable (.exe) file. | |||||
| CVE-2009-1209 | 1 W3 | 1 Amaya | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in W3C Amaya Web Browser 11.1 allows remote attackers to execute arbitrary code via a script tag with a long defer attribute. | |||||
| CVE-2009-1236 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-09-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allows remote attackers to cause a denial of service (system crash) via a ZIP NOTIFY (aka ZIPOP_NOTIFY) packet that overwrites a certain ifPort structure member. | |||||
| CVE-2009-1257 | 1 Magic Iso Maker | 1 Magic Iso Maker | 2017-09-29 | 9.0 HIGH | N/A |
| Heap-based buffer overflow in Magic ISO Maker 5.5 build 0274 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted CCD file. | |||||
| CVE-2009-1260 | 1 Ezbsystems | 1 Ultraiso | 2017-09-29 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in UltraISO 9.3.3.2685 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted (1) CCD or (2) IMG file. | |||||
| CVE-2009-1324 | 1 Mini-stream | 1 Asx To Mp3 Converter | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Mini-stream ASX to MP3 Converter 3.0.0.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file. | |||||
| CVE-2009-1325 | 1 Mini-stream | 1 Ripper | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Mini-stream Ripper 3.0.1.1 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file. | |||||
| CVE-2009-1326 | 1 Mini-stream | 1 Rm Downloader | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file. | |||||
| CVE-2009-1327 | 1 Mini-stream | 1 Wm Downloader | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Mini-stream WM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file. | |||||
| CVE-2009-1328 | 1 Mini-stream | 1 Rm-mp3 Converter | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Mini-stream RM-MP3 Converter 3.0.0.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file. | |||||
| CVE-2009-1330 | 1 Mini-stream | 1 Easy Rm To Mp3 Converter | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary code via a long filename in a playlist (.pls) file. | |||||
| CVE-2009-1351 | 1 Heikki Ylinen | 1 Apollo | 2017-09-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Apollo 37zz allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long URI in a playlist (.m3u) file. | |||||
| CVE-2009-1375 | 1 Pidgin | 1 Pidgin | 2017-09-29 | 5.0 MEDIUM | N/A |
| The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service (memory corruption and application crash) via vectors involving the (1) XMPP or (2) Sametime protocol. | |||||
| CVE-2009-1355 | 1 Ibm | 1 Aix | 2017-09-29 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long filename. | |||||
| CVE-2009-1356 | 1 Elecard | 1 Elecard Avc Hd Player | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Elecard AVC HD Player allows remote attackers to execute arbitrary code via a long MP3 filename in a playlist (.xpl) file. | |||||
| CVE-2009-1370 | 1 Xilisoft | 1 Xilisoft Video Converter | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in ape_plugin.plg in Xilisoft Video Converter 3.1.53.0704n and 5.1.23.0402 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .cue file. | |||||
| CVE-2009-1373 | 1 Pidgin | 1 Pidgin | 2017-09-29 | 7.1 HIGH | N/A |
| Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-1374 | 1 Pidgin | 1 Pidgin | 2017-09-29 | 5.0 MEDIUM | N/A |
| Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) before 2.5.6 allows remote attackers to cause a denial of service (application crash) via a QQ packet. | |||||
| CVE-2009-1516 | 1 Icewarp | 1 Merak Mail Server | 2017-09-29 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the IceWarpServer.APIObject ActiveX control in api.dll in IceWarp Merak Mail Server 9.4.1 might allow context-dependent attackers to execute arbitrary code via a large value in the second argument to the Base64FileEncode method, as possibly demonstrated by a web application that accepts untrusted input for this method. | |||||
| CVE-2009-1449 | 1 Coolplayer | 1 Coolplayer | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka CoolPlayer+ Portable) 2.19.1 allows remote attackers to execute arbitrary code via a skin file (skin.ini) with a large PlaylistSkin parameter. NOTE: this may overlap CVE-2008-5735. | |||||
| CVE-2009-1577 | 1 Cscope | 1 Cscope | 2017-09-29 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the putstring function in find.c in Cscope before 15.6 allow user-assisted remote attackers to execute arbitrary code via a long (1) function name or (2) symbol in a source-code file. | |||||
| CVE-2009-1592 | 1 Electrasoft | 1 32bit Ftp | 2017-09-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long banner. NOTE: this might overlap CVE-2003-1368. | |||||
| CVE-2009-1602 | 1 Pablosoftwaresolutions | 1 Quick\'n Easy Mail Server | 2017-09-29 | 5.0 MEDIUM | N/A |
| Pablo Software Solutions Quick 'n Easy Mail Server 3.3 allows remote attackers to cause a denial of service (daemon outage or CPU consumption) via multiple long SMTP commands, as demonstrated by HELO commands. | |||||
| CVE-2009-1611 | 1 Electrasoft | 1 32bit Ftp | 2017-09-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long 257 reply to a CWD command. | |||||
| CVE-2009-1612 | 1 Baofeng | 1 Storm | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control in mps.dll 3.9.4.27 in Baofeng Storm allows remote attackers to execute arbitrary code via a long argument to the OnBeforeVideoDownload method, as exploited in the wild in April and May 2009. NOTE: some of these details are obtained from third party information. NOTE: it was later reported that 3.09.04.17 and earlier are also affected. | |||||
| CVE-2009-1627 | 1 Sdp Multimedia | 1 Streaming Download Project | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Streaming Download Project (SDP) Downloader 2.3.0 allows remote attackers to execute arbitrary code via a long .asf URL in the HREF attribute of a REF element in a .asx file. | |||||
| CVE-2009-1641 | 1 Mini-stream | 1 Ripper | 2017-09-29 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in Mini-stream Ripper 3.0.1.1 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. | |||||
| CVE-2009-1643 | 1 Sorinara | 1 Soritong Mp3 Player | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Sorinara Soritong MP3 Player 1.0 allows remote attackers to execute arbitrary code via a crafted .m3u file. | |||||
| CVE-2009-1644 | 1 Sorinara | 1 Streaming Audio Player | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Sorinara Streaming Audio Player 0.9 allows remote attackers to execute arbitrary code via a crafted .pla file. | |||||
| CVE-2009-1645 | 1 Mini-stream | 1 Easy Rm-mp3 Converter | 2017-09-29 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in Mini-stream Easy RM-MP3 Converter 3.0.0.7 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. | |||||