Search
Total
11946 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3361 | 1 Intellitamper | 1 Intellitamper | 2017-09-29 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in IntelliTamper 2.07 allows remote web sites to execute arbitrary code via a long HTTP Server header. | |||||
| CVE-2008-3360 | 1 Intellitamper | 1 Intellitamper | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 allows remote attackers to execute arbitrary code via a long URL in the HREF attribute of an A element, a different vulnerability than CVE-2006-2494. | |||||
| CVE-2008-3257 | 3 Bea, Bea Systems, Oracle | 4 Weblogic Server, Apache Connector In Weblogic Server, Weblogic Server and 1 more | 2017-09-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request. | |||||
| CVE-2008-3242 | 1 Ppmate | 1 Ppmedia Class | 2017-09-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the PPMedia Class ActiveX control in PPMPlayer.dll in PPMate 2.3.1.93 allows remote attackers to execute arbitrary code via a long argument to the StartUrl method. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-3209 | 1 Blackice | 1 Black Ice Document Imaging Sdk | 2017-09-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the OpenGifFile function in BiGif.dll in Black Ice Document Imaging SDK 10.95 allows remote attackers to execute arbitrary code via a long string argument to the GetNumberOfImagesInGifFile method in the BIImgFrm Control ActiveX control in biimgfrm.ocx. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-3182 | 1 Speedbit | 1 Download Accelerator Plus | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in DAP.exe in Download Accelerator Plus (DAP) 7.0.1.3, 8.6.6.3, and other 8.x versions allows user-assisted remote attackers to execute arbitrary code via an M3U (.m3u) file containing a long MP3 URL. | |||||
| CVE-2008-3155 | 1 Panda | 1 Panda Activescan | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the ActiveX control (as2guiie.dll) in Panda ActiveScan before 1.02.00 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long argument to the Update method. | |||||
| CVE-2008-3148 | 2 Mackt, Ollydbg | 2 Imprec, Ollydbg | 2017-09-29 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in (1) OllyDBG 1.10 and (2) ImpREC 1.7f allows user-assisted attackers to execute arbitrary code via a crafted DLL file that contains a long string. | |||||
| CVE-2008-2959 | 1 Microsoft | 1 Visual Basic Enterprise Edition | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in a certain ActiveX control (vb6skit.dll) in Microsoft Visual Basic Enterprise Edition 6.0 SP6 might allow remote attackers to execute arbitrary code via a long lpstrLinkPath argument to the fCreateShellLink function. | |||||
| CVE-2008-2928 | 1 Redhat | 1 Directory Server | 2017-09-29 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7.1 before SP7 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted Accept-Language HTTP header. | |||||
| CVE-2008-2922 | 1 T0pp8uzz | 1 Dana Irc Client | 2017-09-29 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in artegic Dana IRC client 1.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long IRC message. | |||||
| CVE-2008-2910 | 1 Muvee | 1 Autoproducer | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in the DXTTextOutEffect ActiveX control (aka the Text-Effect DXT Filter), as distributed in TextOut.dll 6.0.18.1 and mvtextout.dll, in muvee autoProducer 6.0 and 6.1 allows remote attackers to execute arbitrary code via a long FontSetting property value. | |||||
| CVE-2008-2745 | 1 Black Ice | 1 Annotation Software | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in BiAnno ActiveX Control (BiAnno.ocx) in Black Ice Software Annotation Plugin 10.95 allows remote attackers to execute arbitrary code via a long parameter to the AnnoSaveToTiff method. | |||||
| CVE-2008-2513 | 1 Ibm | 1 Aix | 2017-09-29 | 7.2 HIGH | N/A |
| Buffer overflow in the kernel in IBM AIX 5.2, 5.3, and 6.1 allows local users to execute arbitrary code in kernel mode via unknown attack vectors. | |||||
| CVE-2008-2469 | 1 Libspf | 1 Libspf2 | 2017-09-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the SPF_dns_resolv_lookup function in Spf_dns_resolv.c in libspf2 before 1.2.8 allows remote attackers to execute arbitrary code via a long DNS TXT record with a modified length field. | |||||
| CVE-2008-3558 | 1 Cisco | 1 Webex Meeting Manager | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the WebexUCFObject ActiveX control in atucfobj.dll in Cisco WebEx Meeting Manager before 20.2008.2606.4919 allows remote attackers to execute arbitrary code via a long argument to the NewObject method. | |||||
| CVE-2008-3583 | 1 Intellitamper | 1 Intellitamper | 2017-09-29 | 7.5 HIGH | N/A |
| Buffer overflow in the HTML parser in IntelliTamper 2.07 allows remote attackers to execute arbitrary code via a long URL in the SRC attribute of an IMG element. NOTE: this might be related to CVE-2008-3360. NOTE: it was later reported that 2.08 Beta 4 is also affected. | |||||
| CVE-2008-3702 | 2 Jcomsoft, Speedbit | 2 Anigif, Download Accelerator Plus | 2017-09-29 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the Animation GIF ActiveX control in JComSoft AniGIF.ocx 1.12 and 2.47, as used in products such as SpeedBit Download Accelerator Plus (DAP) 8.6, allow remote attackers to execute arbitrary code via a long argument to the (1) ReadGIF or (2) ReadGIF2 method. | |||||
| CVE-2008-3733 | 1 Eo-video | 1 Eo-video | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in EO Video (eo-video) 1.36 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .eop (aka playlist) file with a ProjectElement element that contains a long Name element. | |||||
| CVE-2008-3795 | 1 Ipswitch | 1 Ws Ftp Home | 2017-09-29 | 10.0 HIGH | N/A |
| Buffer overflow in Ipswitch WS_FTP Home client allows remote FTP servers to have an unknown impact via a long "message response." | |||||
| CVE-2008-2161 | 2 Microsoft, Tftp | 2 All Windows, Tftp Server Sp | 2017-09-29 | 10.0 HIGH | N/A |
| Buffer overflow in TFTP Server SP 1.4 and 1.5 on Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a long TFTP error packet. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-2237 | 1 Openoffice | 1 Openoffice.org | 2017-09-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in OpenOffice.org (OOo) 2.x before 2.4.2 allows remote attackers to execute arbitrary code via a crafted WMF file associated with a StarOffice/StarSuite document. | |||||
| CVE-2008-2238 | 1 Openoffice | 1 Openoffice.org | 2017-09-29 | 9.3 HIGH | N/A |
| Multiple integer overflows in OpenOffice.org (OOo) 2.x before 2.4.2 allow remote attackers to execute arbitrary code via crafted EMR records in an EMF file associated with a StarOffice/StarSuite document, which trigger a heap-based buffer overflow. | |||||
| CVE-2008-2292 | 1 Net-snmp | 1 Net-snmp | 2017-09-29 | 6.8 MEDIUM | N/A |
| Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP). | |||||
| CVE-2008-2693 | 1 Black Ice | 1 Barcode Sdk | 2017-09-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the BITIFF.BITiffCtrl.1 ActiveX control in BITiff.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via a long first argument to the SetByteOrder method. | |||||
| CVE-2008-1878 | 1 Xine | 1 Xine-lib | 2017-09-29 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the demux_nsf_send_chunk function in src/demuxers/demux_nsf.c in xine-lib 1.1.12 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long NSF title. | |||||
| CVE-2008-0295 | 1 Videolan | 1 Vlc Media Player | 2017-09-29 | 8.5 HIGH | N/A |
| Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier, allows user-assisted remote attackers to cause a denial of service (crash) or execute arbitrary code via long Session Description Protocol (SDP) data. | |||||
| CVE-2008-0296 | 2 Microsoft, Videolan | 2 Windows, Vlc Media Player | 2017-09-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string. | |||||
| CVE-2008-0248 | 1 Streamaudio | 1 Chaincast Proxymanager Activex Control | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in an ActiveX control in ccpm_0237.dll for StreamAudio ChainCast ProxyManager allows remote attackers to execute arbitrary code via a long URL argument to the InternalTuneIn method. | |||||
| CVE-2008-0220 | 1 Gateway | 2 Cweblaunchctl Activex Control, Weblaunch | 2017-09-29 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the WebLaunch.WeblaunchCtl.1 (aka CWebLaunchCtl) ActiveX control in weblaunch.ocx 1.0.0.1 in Gateway Weblaunch allow remote attackers to execute arbitrary code via a long string in the (1) second or (2) fourth argument to the DoWebLaunch method. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0069 | 1 Pierreegougelet | 1 Xnview | 2017-09-29 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in XnView 1.92 and 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long FontName parameter in a slideshow (.sld) file, a different vector than CVE-2008-1461. | |||||
| CVE-2008-0250 | 1 Microsoft | 1 Visual Interdev | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in Microsoft Visual InterDev 6.0 (SP6) allows user-assisted attackers to execute arbitrary code via a Studio Solution (.SLN) file with a long Project line. | |||||
| CVE-2008-0304 | 3 Linux, Microsoft, Mozilla | 4 Linux Kernel, Windows, Seamonkey and 1 more | 2017-09-29 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation during message preview. | |||||
| CVE-2008-0047 | 2 Apple, Cups | 3 Mac Os X, Mac Os X Server, Cups | 2017-09-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the cgiCompileSearch function in CUPS 1.3.5, and other versions including the version bundled with Apple Mac OS X 10.5.2, when printer sharing is enabled, allows remote attackers to execute arbitrary code via crafted search expressions. | |||||
| CVE-2008-0053 | 1 Apple | 1 Cups | 2017-09-29 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file. | |||||
| CVE-2007-6717 | 1 Ibm | 1 Aix | 2017-09-29 | 7.2 HIGH | N/A |
| Buffer overflow in tftp in bos.net.tcp.client in IBM AIX 5.2.0 and 5.3.0 allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2008-0016 | 1 Mozilla | 2 Firefox, Seamonkey | 2017-09-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to execute arbitrary code via a crafted UTF-8 URL in a link. | |||||
| CVE-2008-0320 | 1 Openoffice | 1 Openoffice.org | 2017-09-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream. | |||||
| CVE-2008-0337 | 1 Miniweb Http Server | 1 Miniweb Http Server | 2017-09-29 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the _mwProcessReadSocket function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to execute arbitrary code via a long URI. | |||||
| CVE-2008-0352 | 1 Linux | 1 Linux Kernel | 2017-09-29 | 7.8 HIGH | N/A |
| The Linux kernel 2.6.20 through 2.6.21.1 allows remote attackers to cause a denial of service (panic) via a certain IPv6 packet, possibly involving the Jumbo Payload hop-by-hop option (jumbogram). | |||||
| CVE-2008-0399 | 1 Toshiba | 1 Surveillix | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in Toshiba Surveillance (Surveillix) RecordSend ActiveX control (MeIpCamX.DLL 1.0.0.4) allow remote attackers to execute arbitrary code via long arguments to the (1) SetPort and (2) SetIpAddress methods. | |||||
| CVE-2007-6681 | 1 Videolan | 1 Vlc | 2017-09-29 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a (1) MicroDvd, (2) SSA, and (3) Vplayer file. | |||||
| CVE-2007-6654 | 1 Macrovision | 1 Update Service | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in a certain ActiveX control in Macrovision InstallShield Update Service Web Agent 5.1.100.47363 allows remote attackers to execute arbitrary code via a long string in the ProductCode argument (second argument) to the DownloadAndExecute method, a different vulnerability than CVE-2007-0321, CVE-2007-2419, and CVE-2007-5660. | |||||
| CVE-2007-6605 | 1 Skyfex | 1 Skyfex Client | 2017-09-29 | 5.8 MEDIUM | N/A |
| Buffer overflow in a certain ActiveX control in SkyFexClient.ocx 1.0.2.77 in SkyFex Client 1.0 allows remote attackers to execute arbitrary code via long strings in the first four arguments to the Start method. | |||||
| CVE-2008-0379 | 2 Businessobjects, Microsoft | 2 Crystal Reports Xi, Activex | 2017-09-29 | 9.3 HIGH | N/A |
| Race condition in the Enterprise Tree ActiveX control (EnterpriseControls.dll 11.5.0.313) in Crystal Reports XI Release 2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SelectedSession method, which triggers a buffer overflow. | |||||
| CVE-2008-0380 | 1 Digital Data Communications | 1 Rtspvapgdecoder.dll | 2017-09-29 | 10.0 HIGH | N/A |
| Buffer overflow in the Digital Data Communications RtspVaPgCtrl ActiveX control (RtspVapgDecoder.dll 1.1.0.29) allows remote attackers to execute arbitrary code via a long MP4Prefix property. | |||||
| CVE-2008-0392 | 1 Microsoft | 1 Visual Basic | 2017-09-29 | 9.3 HIGH | N/A |
| Multiple buffer overflows in Microsoft Visual Basic Enterprise Edition 6.0 SP6 allow user-assisted remote attackers to execute arbitrary code via a .dsr file with a long (1) ConnectionName or (2) CommandName line. | |||||
| CVE-2008-0394 | 1 Citadel | 1 Smtp | 2017-09-29 | 7.5 HIGH | N/A |
| Buffer overflow in Citadel SMTP server 7.10 and earlier allows remote attackers to execute arbitrary code via a long RCPT TO command, which is not properly handled by the makeuserkey function. NOTE: some of these details were obtained from third party information. | |||||
| CVE-2008-0437 | 2 Hp, Microsoft | 2 Virtual Rooms, Activex | 2017-09-29 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the WebHPVCInstall.HPVirtualRooms14 ActiveX control in HPVirtualRooms14.dll 1.0.0.100, as used in the installation process for HP Virtual Rooms, allow remote attackers to execute arbitrary code via a long (1) AuthenticationURL, (2) PortalAPIURL, or (3) cabroot property value. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0443 | 1 Lycos | 1 Fileuploader.dll | 2017-09-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the FileUploader.FUploadCtl.1 ActiveX control in FileUploader.dll 2.0.0.2 in Lycos FileUploader Module allows remote attackers to execute arbitrary code via a long HandwriterFilename property value. NOTE: some of these details are obtained from third party information. | |||||