Search
Total
11946 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-6898 | 1 Saschart | 1 Sascam Webcam Server | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in the XHTTP Module 4.1.0.0 in the ActiveX control for SaschArt SasCam Webcam Server 2.6.5 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Get method and other unspecified methods. | |||||
| CVE-2009-0443 | 1 Elecard | 1 Elecard Avc Hd Player | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Elecard AVC HD PLAYER 5.5.90116 allows remote attackers to execute arbitrary code via an M3U file containing a long string in a URL. | |||||
| CVE-2008-4750 | 1 Dbsoftlab | 1 Vimp X | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the VImpX.VImpAX ActiveX control (VImpX.ocx) 4.8.8.0 in DB Software Laboratory VImp X, possibly 4.7.7, allows remote attackers to execute arbitrary code via a long LogFile property. | |||||
| CVE-2008-5405 | 1 Oxid | 1 Cain And Abel | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the RDP protocol password decoder in Cain & Abel 4.9.23 and 4.9.24, and possibly earlier, allows remote attackers to execute arbitrary code via an RDP file containing a long string. | |||||
| CVE-2008-5387 | 1 Ibm | 1 Aix | 2017-09-29 | 6.2 MEDIUM | N/A |
| Buffer overflow in autoconf6 in IBM AIX 6.1.0 through 6.1.2, when Role-Based Access Control is enabled, allows local users with aix.network.config.tcpip authorization to gain privileges via unspecified vectors. | |||||
| CVE-2008-5316 | 1 Littlecms | 2 Lcms, Little Cms Color Engine | 2017-09-29 | 10.0 HIGH | N/A |
| Buffer overflow in the ReadEmbeddedTextTag function in src/cmsio1.c in Little cms color engine (aka lcms) before 1.16 allows attackers to have an unknown impact via vectors related to a length parameter inconsistency involving the contents of "the input file," a different vulnerability than CVE-2007-2741. | |||||
| CVE-2008-5297 | 1 Vitalwerks | 1 No-ip Duc | 2017-09-29 | 7.6 HIGH | N/A |
| Buffer overflow in No-IP DUC 2.1.7 and earlier allows remote HTTP servers to execute arbitrary code via a crafted response to a DNS update request, related to a missing length check in the GetNextLine function. | |||||
| CVE-2008-5664 | 1 Realtek | 1 Realtek Media Player | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Realtek Media Player (aka Realtek Sound Manager, RtlRack, or rtlrack.exe) 1.15.0.0 allows remote attackers to execute arbitrary code via a crafted playlist (PLA) file. | |||||
| CVE-2008-5358 | 1 Sun | 2 Jdk, Jre | 2017-09-29 | 9.3 HIGH | N/A |
| Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier might allow remote attackers to execute arbitrary code via a crafted GIF file that triggers memory corruption during display of the splash screen, possibly related to splashscreen.dll. | |||||
| CVE-2008-5356 | 1 Sun | 3 Jdk, Jre, Sdk | 2017-09-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file. | |||||
| CVE-2008-5354 | 1 Sun | 3 Jdk, Jre, Sdk | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier allows locally-launched and possibly remote untrusted Java applications to execute arbitrary code via a JAR file with a long Main-Class manifest entry. | |||||
| CVE-2008-5078 | 1 Gnu | 1 Escript | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in the (1) recognize_eps_file function (src/psgen.c) and (2) tilde_subst function (src/util.c) in GNU enscript 1.6.1, and possibly earlier, might allow remote attackers to execute arbitrary code via an epsf escape sequence with a long filename. | |||||
| CVE-2008-5049 | 1 Isecsoft | 1 Anti-keylogger Elite | 2017-09-29 | 7.2 HIGH | N/A |
| Buffer overflow in AKEProtect.sys 3.3.3.0 in ISecSoft Anti-Keylogger Elite 3.3.0 and earlier, and possibly other versions including 3.3.3, allows local users to gain privileges via long inputs to the (1) 0x002224A4, (2) 0x002224C0, and (3) 0x002224CC IOCTL. | |||||
| CVE-2008-5045 | 1 Network-client.com | 1 Ftp Now | 2017-09-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Network-Client FTP Now 2.6, and possibly other versions, allows remote FTP servers to cause a denial of service (crash) via a 200 server response that is exactly 1024 characters long. | |||||
| CVE-2008-4933 | 1 Linux | 1 Linux Kernel | 2017-09-29 | 7.8 HIGH | N/A |
| Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build_key_uni function. | |||||
| CVE-2008-4922 | 2 Djvu, Microsoft | 2 Activex Control For Microsoft Office 2000, Office | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in the DjVu ActiveX Control 3.0 for Microsoft Office (DjVu_ActiveX_MSOffice.dll) allows remote attackers to execute arbitrary code via a long (1) ImageURL property, and possibly the (2) Mode, (3) Page, or (4) Zoom properties. | |||||
| CVE-2008-5025 | 1 Linux | 1 Linux Kernel | 2017-09-29 | 7.8 HIGH | N/A |
| Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008-4933. | |||||
| CVE-2008-4779 | 1 Tguzip | 1 Tguzip | 2017-09-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in TUGzip 3.5.0.0 allows remote attackers to denial of service (crash) or execute arbitrary code via a long filename in a .zip file. | |||||
| CVE-2008-4771 | 3 4xem, D-link, Vivotek | 3 Vatctrl Class, Mpeg4 Shm Audio Control, Rtsp Mpeg4 Sp Control | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in VATDecoder.VatCtrl.1 ActiveX control in (1) 4xem VatCtrl Class (VATDecoder.dll 1.0.0.27 and 1.0.0.51), (2) D-Link MPEG4 SHM Audio Control (VAPGDecoder.dll 1.7.0.5), (3) Vivotek RTSP MPEG4 SP Control (RtspVapgDecoderNew.dll 2.0.0.39), and possibly other products, allows remote attackers to execute arbitrary code via a long Url property. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5383 | 1 National Instruments | 1 Electronics Workbench | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in National Instruments Electronics Workbench allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted .ewb file. | |||||
| CVE-2008-4729 | 1 Hummingbird | 2 Exceed, Exceed Powersuite | 2017-09-29 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in Hummingbird.XWebHostCtrl.1 ActiveX control (hclxweb.dll) in Hummingbird Xweb ActiveX Control 13.0 and earlier allows remote attackers to execute arbitrary code via a long PlainTextPassword property. NOTE: code execution might not be possible in 13.0. | |||||
| CVE-2008-4652 | 1 Dart | 1 Powertcp Ftp For Activex | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in the ActiveX control (DartFtp.dll) in Dart Communications PowerTCP FTP for ActiveX 2.0.2 0 allows remote attackers to execute arbitrary code via a long SecretKey property. | |||||
| CVE-2008-4588 | 1 Etype | 1 Eserv | 2017-09-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the FTP server in Etype Eserv 3.x, possibly 3.26, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long argument to the ABOR command. | |||||
| CVE-2008-4572 | 1 Guildftpd | 1 Guildftpd | 2017-09-29 | 10.0 HIGH | N/A |
| GuildFTPd 0.999.14, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long arguments to the CWD and LIST commands, which triggers heap corruption related to an improper free call, and possibly triggering a heap-based buffer overflow. | |||||
| CVE-2008-4548 | 1 Rtssentry | 1 Rtssentry | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the PTZCamPanelCtrl ActiveX control (CamPanel.dll) in RTS Sentry 2.1.0.2 allows remote attackers to execute arbitrary code via a long second argument to the ConnectServer method. | |||||
| CVE-2008-4547 | 1 Dvrstation | 1 Dvrstation Cms | 2017-09-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the PdvrAtl.PdvrOcx.1 ActiveX control (pdvratl.dll) in DVRHOST Web CMS OCX 1.0.1.25 allows remote attackers to execute arbitrary code via a long second argument to the TimeSpanFormat method. | |||||
| CVE-2008-4470 | 1 Numark | 1 Cue | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Numark CUE 5.0 rev2 allows user-assisted attackers to cause a denial of service (application crash) or execute arbitrary code via an M3U playlist file that contains a long absolute pathname. | |||||
| CVE-2008-4452 | 1 Cambridge Computer Corporation | 1 Vxftpsrv | 2017-09-29 | 9.0 HIGH | N/A |
| Buffer overflow in Cambridge Computer Corporation vxFtpSrv 2.0.3 allows remote attackers to cause a denial of service (crash and hang) and possibly execute arbitrary code via a long CWD request. | |||||
| CVE-2008-4449 | 1 Mirc | 1 Mirc | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in mIRC 6.34 allows remote attackers to execute arbitrary code via a long hostname in a PRIVMSG message. | |||||
| CVE-2008-4321 | 1 Flashget | 1 Flashget Ftp | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in FlashGet (formerly JetCar) FTP 1.9 allows remote FTP servers to execute arbitrary code via a long response to the PWD command. | |||||
| CVE-2008-4193 | 1 Alt-n | 1 Securitygateway | 2017-09-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in SecurityGateway.dll in Alt-N Technologies SecurityGateway 1.0.1 allows remote attackers to execute arbitrary code via a long username parameter. | |||||
| CVE-2008-4116 | 1 Apple | 2 Itunes, Quicktime | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long type attribute in a quicktime tag (1) on a web page or embedded in a (2) .mp4 or (3) .mov file, possibly related to the Check_stack_cookie function and an off-by-one error that leads to a heap-based buffer overflow. | |||||
| CVE-2008-5868 | 1 Intellitamper | 1 Intellitamper | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows user-assisted attackers to execute arbitrary code via a long ProxyLogin value in a configuration (.cfg) file. | |||||
| CVE-2008-5756 | 1 Bpsoft | 1 Hex Workshop | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in BreakPoint Software Hex Workshop 5.1.4 allows user-assisted attackers to cause a denial of service and possibly execute arbitrary code via a long mapping reference in a Color Mapping (.cmap) file. | |||||
| CVE-2008-5755 | 1 Intellitamper | 1 Intellitamper | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows remote attackers to execute arbitrary code via a MAP file containing a long URL, possibly a related issue to CVE-2006-2494. | |||||
| CVE-2008-5754 | 1 Bpftp | 1 Bulletproof Ftp Client | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in BulletProof FTP Client allows user-assisted attackers to execute arbitrary code via a .bps file (aka Session-File) with a long second line, possibly a related issue to CVE-2008-5753. | |||||
| CVE-2008-5753 | 1 Bpftp | 1 Bulletproof Ftp Client | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in BulletProof FTP Client 2.63 and 2010 allows user-assisted attackers to execute arbitrary code via a bookmark file entry with a long host name, which appears as a host parameter within the quick-connect bar. | |||||
| CVE-2008-5722 | 1 Sawstudio | 1 Sawstudio | 2017-09-29 | 10.0 HIGH | N/A |
| Buffer overflow in SAWStudio 3.9i allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long SAWSTUDIO PREFERENCES STRUCT value in a .prf (preferences) file. | |||||
| CVE-2008-5711 | 1 Facebook | 1 Photouploader | 2017-09-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value. | |||||
| CVE-2008-5691 | 1 Phonecian Casino | 1 Flashax | 2017-09-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the Phoenician Casino FlashAX ActiveX control 1.0.0.7 allows remote attackers to execute arbitrary code via a long argument to the SetID method. | |||||
| CVE-2008-5492 | 1 Verypdf | 1 Verydoc Pdf Viewer | 2017-09-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the PDFVIEW.PdfviewCtrl.1 ActiveX control in pdfview.ocx 2.0.0.1 in VeryDOC PDF Viewer OCX Control allows remote attackers to execute arbitrary code via a long first argument to the OpenPDF method. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5406 | 1 Apple | 2 Itunes, Quicktime | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Apple QuickTime Player 7.5.5 and iTunes 8.0.2.20 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a MOV file with "long arguments," related to an "off by one overflow." | |||||
| CVE-2008-2514 | 1 Ibm | 1 Aix | 2017-09-29 | 4.6 MEDIUM | N/A |
| Buffer overflow in errpt in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via unknown attack vectors. | |||||
| CVE-2008-3877 | 1 Acoustica | 1 Mixcraft | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Acoustica Mixcraft 4.1 Build 96 and 4.2 Build 98 allows user-assisted attackers to execute arbitrary code via a crafted .mx4 file. NOTE: it was later reported that version 3 is also affected. | |||||
| CVE-2008-3878 | 1 Ultrashareware | 1 Ultra Office Control | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 in Ultra Shareware Ultra Office Control allows remote attackers to execute arbitrary code via long strUrl, strFile, and strPostData parameters to the HttpUpload method. | |||||
| CVE-2008-4048 | 1 Friendly Technologies | 1 Friendly Pppoe Client | 2017-09-29 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in a certain ActiveX control in fwRemoteCfg.dll 3.3.3.1 in Friendly Technologies FriendlyPPPoE Client 3.0.0.57 allows remote attackers to execute arbitrary code via a long third argument to the CreateURLShortcut method. | |||||
| CVE-2008-4070 | 1 Mozilla | 2 Seamonkey, Thunderbird | 2017-09-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canceling [a] newsgroup message" and "cancelled newsgroup messages." | |||||
| CVE-2008-4087 | 1 Acoustica | 1 Beatcraft | 2017-09-29 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in Acoustica Beatcraft 1.02 Build 19 allows user-assisted attackers to cause a denial of service or execute arbitrary code via a Beatcraft Project (aka bcproj) file with a long string in a certain instruments title field. | |||||
| CVE-2008-3408 | 1 Coolplayer | 1 Coolplayer | 2017-09-29 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in CoolPlayer 2.18, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a crafted m3u file. | |||||
| CVE-2008-3364 | 1 Trend Micro | 1 Officescan | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in the ObjRemoveCtrl Class ActiveX control in OfficeScanRemoveCtrl.dll 7.3.0.1020 in Trend Micro OfficeScan Corp Edition (OSCE) Web-Deployment 7.0, 7.3 build 1343 Patch 4 and other builds, and 8.0; Client Server Messaging Security (CSM) 3.5 and 3.6; and Worry-Free Business Security (WFBS) 5.0 allows remote attackers to execute arbitrary code via a long string in the Server property, and possibly other properties. NOTE: some of these details are obtained from third party information. | |||||