Search
Total
11946 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1465 | 1 Trellian | 1 Ftp | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Trellian FTP client 3.01, including 3.1.3.1789, allows remote attackers to execute arbitrary code via a long PASV response. | |||||
| CVE-2010-2329 | 1 Rosoftengineering | 1 Rosoft Audio Converter | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in Rosoft Audio Converter 4.4.4 allows remote attackers to execute arbitrary code via a long playlist entry in a .m3u file. | |||||
| CVE-2010-2330 | 1 Upredsun | 1 Isharer File Sharing Wizard | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Content-Length header. | |||||
| CVE-2010-2810 | 1 Lynx | 1 Lynx | 2017-08-17 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the convert_to_idna function in WWW/Library/Implementation/HTParse.c in Lynx 2.8.8dev.1 through 2.8.8dev.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed URL containing a % (percent) character in the domain name. | |||||
| CVE-2010-1458 | 2 Microsoft, Tweakfs | 2 Flight Simulator X, Tweakfs Zip Utility | 2017-08-17 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in Create and Extract Zips TweakFS Zip Utility 1.0 for Flight Simulator X (FSX) allows remote attackers to execute arbitrary code via a long filename in a ZIP archive. | |||||
| CVE-2010-3281 | 1 Alcatel-lucent | 1 Omnivista 4760 Server | 2017-08-17 | 5.4 MEDIUM | N/A |
| Stack-based buffer overflow in the HTTP proxy service in Alcatel-Lucent OmniVista 4760 server before R5.1.06.03.c_Patch3 allows remote attackers to execute arbitrary code or cause a denial of service (service crash) via a long request. | |||||
| CVE-2010-1296 | 1 Adobe | 1 Photoshop Cs4 | 2017-08-17 | 9.3 HIGH | N/A |
| Multiple buffer overflows in Adobe Photoshop CS4 before 11.0.2 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) .ASL, (2) .ABR, or (3) .GRD file. | |||||
| CVE-2010-3444 | 2 Fribidi, Kobi Zamir | 2 Gnu Fribidi, Pyfribidi | 2017-08-17 | 7.5 HIGH | N/A |
| Buffer overflow in the log2vis_utf8 function in pyfribidi.c in GNU FriBidi 0.19.1, 0.19.2, and possibly other versions, as used in PyFriBidi 0.10.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Arabic UTF-8 string that causes original 2-byte UTF-8 sequences to be transformed into 3-byte sequences. | |||||
| CVE-2010-0688 | 1 Orbitals | 1 Orbital Viewer | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Orbital Viewer 1.04 allows user-assisted remote attackers to execute arbitrary code via a crafted (1) .orb or (2) .ov file. | |||||
| CVE-2010-2343 | 1 Dennisre | 1 Audio Converter | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in D.R. Software Audio Converter 8.1, 2007, and 8.05 allows remote attackers to execute arbitrary code via a crafted pls playlist file. | |||||
| CVE-2010-2348 | 1 Freesoftwaretoolbox | 1 Batch Audio Converter | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Batch Audio Converter Lite Edition 1.0.0.0 and earlier allows remote attackers to execute arbitrary code via a long line in a .WAV file. | |||||
| CVE-2010-2350 | 1 Daniel Mealha Cabrita | 1 Ziproxy | 2017-08-17 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the PNG decoder in Ziproxy 3.1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNG file. | |||||
| CVE-2010-2930 | 1 Pharscape | 1 Hsolink | 2017-08-17 | 7.2 HIGH | N/A |
| Multiple stack-based buffer overflows in hsolinkcontrol in hsolink 1.0.118 allow local users to gain privileges via long command-line arguments, a different vulnerability than CVE-2010-1671. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-2360 | 1 Isamu Kaneko | 1 Winny | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple buffer overflows in Winny 2.0b7.1 and earlier might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2006-2007. | |||||
| CVE-2010-2932 | 1 Barcodewiz | 1 Barcode Activex Control | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in BarCodeWiz BarCode 3.29 ActiveX control (BarcodeWiz.dll) allows remote attackers to execute arbitrary code via a long argument to the LoadProperties method. | |||||
| CVE-2010-2439 | 1 Moreforge | 1 Moreamp | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in MoreAmp allows remote attackers to execute arbitrary code via a long line in a song list (.maf file). | |||||
| CVE-2010-1033 | 1 Hp | 1 Operations Manager | 2017-08-17 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in a certain Tetradyne ActiveX control in HP Operations Manager 7.5, 8.10, and 8.16 might allow remote attackers to execute arbitrary code via a long string argument to the (1) LoadFile or (2) SaveFile method, related to srcvw32.dll and srcvw4.dll. | |||||
| CVE-2010-2028 | 1 Mgenti | 1 Tftputil Gui | 2017-08-17 | 10.0 HIGH | N/A |
| Buffer overflow in k23productions TFTPUtil GUI (aka TFTPGUI) 1.4.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long transport mode. | |||||
| CVE-2010-2489 | 2 Microsoft, Ruby-lang | 2 Windows, Ruby | 2017-08-17 | 7.2 HIGH | N/A |
| Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow local users to gain privileges via a crafted ARGF.inplace_mode value that is not properly handled when constructing the filenames of the backup files. | |||||
| CVE-2010-3041 | 1 Cisco | 2 Webex Advanced Recording Format Player, Webex Recording Format Player | 2017-08-17 | 9.3 HIGH | N/A |
| Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3042, CVE-2010-3043, and CVE-2010-3044. | |||||
| CVE-2009-3033 | 1 Symantec | 3 Altiris Deployment Solution, Altiris Management Platform, Altiris Notification Server | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in the RunCmd method in the Altiris eXpress NS Console Utilities ActiveX control in AeXNSConsoleUtilities.dll in the web console in Symantec Altiris Deployment Solution 6.9.x, Altiris Notification Server 6.0.x, and Management Platform 7.0.x allows remote attackers to execute arbitrary code via a long string in the second argument. | |||||
| CVE-2009-4850 | 1 Awingsoft | 1 Awakening Winds3d Viewer Plugin | 2017-08-17 | 9.3 HIGH | N/A |
| The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file. | |||||
| CVE-2009-4124 | 1 Ruby-lang | 1 Ruby | 2017-08-17 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the rb_str_justify function in string.c in Ruby 1.9.1 before 1.9.1-p376 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving (1) String#ljust, (2) String#center, or (3) String#rjust. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-4486 | 1 Novell | 1 Imanager | 2017-08-17 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the eDirectory plugin in Novell iManager before 2.7.3 allows remote attackers to execute arbitrary code via vectors that trigger long arguments to an unspecified sub-application, related to importing and exporting from a schema. | |||||
| CVE-2009-3483 | 1 Globalscape | 1 Cuteftp | 2017-08-17 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the Create New Site feature in GlobalSCAPE CuteFTP Professional, Home, and Lite 8.3.3 and 8.3.3.0054 allows user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a site list containing an entry with a long label. | |||||
| CVE-2009-3484 | 1 Coreftp | 1 Core Ftp | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Core FTP 2.1 build 1612 allows user-assisted remote attackers to execute arbitrary code via a long hostname in an FTP server entry in a site backup file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-3476 | 1 Internet2 | 3 Opensaml, Shibboleth-sp, Xmltooling | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in OpenSAML before 1.1.3 as used in Internet2 Shibboleth Service Provider software 1.3.x before 1.3.4, and XMLTooling before 1.2.2 as used in Internet2 Shibboleth Service Provider software 2.x before 2.2.1, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed encoded URL. | |||||
| CVE-2009-4846 | 1 Deliantra | 1 Deliantra | 2017-08-17 | 6.8 MEDIUM | N/A |
| Multiple buffer overflows in Deliantra Server before 2.82 allow remote attackers to execute arbitrary code via vectors related to (1) the command_gsay function in server/c_party.C and (2) the book implementation. | |||||
| CVE-2009-3183 | 1 Sun | 2 Opensolaris, Solaris | 2017-08-17 | 7.2 HIGH | N/A |
| Heap-based buffer overflow in w in Sun Solaris 8 through 10, and OpenSolaris before snv_124, allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2009-4737 | 1 Justsystems | 2 Ichitaro, Ichitaro Viewer | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to "pvpara ffooter." | |||||
| CVE-2010-0037 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted DNG image. | |||||
| CVE-2010-0036 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP4 audio file. | |||||
| CVE-2010-0356 | 1 Viscomsoft | 1 Movie Player Pro Sdk Activex | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the MOVIEPLAYER.MoviePlayerCtrl.1 ActiveX control in MoviePlayer.ocx 6.8.0.0 in Viscom Software Movie Player Pro SDK ActiveX 6.8 allows remote attackers to execute arbitrary code via a long strFontName parameter to the DrawText method. | |||||
| CVE-2010-0387 | 1 Sun | 1 Java System Web Server | 2017-08-17 | 7.5 HIGH | N/A |
| Multiple heap-based buffer overflows in (1) webservd and (2) the admin server in Sun Java System Web Server 7.0 Update 7 allow remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via a long string in an "Authorization: Digest" HTTP header. | |||||
| CVE-2009-4186 | 2 Apple, Microsoft | 2 Safari, Windows | 2017-08-17 | 9.3 HIGH | N/A |
| Stack consumption vulnerability in Apple Safari 4.0.3 on Windows allows remote attackers to cause a denial of service (application crash) via a long URI value (aka url) in the Cascading Style Sheets (CSS) background property. | |||||
| CVE-2009-4201 | 1 Assistanttools | 1 Mp3 Tag Assistance Professional | 2017-08-17 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in Mp3 Tag Assistant Professional 2.92 build 300 allow remote attackers to execute arbitrary code via an MP3 file with a long string in the (1) ID3v1, (2) ID3v2, or (3) APEv2 metadata field. | |||||
| CVE-2009-4227 | 1 Xfig | 1 Xfig | 2017-08-17 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses the 1.3 file format. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-5022 | 1 Libtiff | 1 Libtiff | 2017-08-17 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrary code via a crafted TIFF file. | |||||
| CVE-2009-4240 | 1 Ibm | 1 Infosphere Information Server | 2017-08-17 | 10.0 HIGH | N/A |
| Multiple buffer overflows in unspecified setuid executables in the DataStage subsystem in IBM InfoSphere Information Server 8.1 before FP1 have unknown impact and attack vectors. | |||||
| CVE-2009-3213 | 1 Broid | 1 Broid | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in broid 1.0 Beta 3a allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .mp3 file. | |||||
| CVE-2009-5018 | 1 Catb | 1 Gif2png | 2017-08-17 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long command-line argument, as demonstrated by a CGI program that launches gif2png. | |||||
| CVE-2009-4243 | 3 Apple, Microsoft, Realnetworks | 6 Mac Os X, Windows, Helix Player and 3 more | 2017-08-17 | 9.3 HIGH | N/A |
| RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an "overflow." | |||||
| CVE-2009-4251 | 1 Corel | 1 Paint Shop Pro | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Jasc Paint Shop Pro 8.10 (aka Corel Paint Shop Pro) allows user-assisted remote attackers to execute arbitrary code via a crafted PNG file. NOTE: this might be the same issue as CVE-2007-2366. | |||||
| CVE-2009-3938 | 1 Poppler | 1 Poppler | 2017-08-17 | 6.8 MEDIUM | N/A |
| Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file. | |||||
| CVE-2009-3924 | 2 Punkbuster, Raven Software | 2 Punkbuster, Soldier Of Fortune 2 | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in pbsv.dll, as used in Soldier of Fortune II and possibly other applications when Even Balance PunkBuster 1.728 or earlier is enabled, allows remote attackers to cause a denial of service (application server crash) and possibly execute arbitrary code via a long restart packet. | |||||
| CVE-2010-0272 | 1 Sun | 1 Java System Web Server | 2017-08-17 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attackers to discover process memory locations via crafted data to TCP port 80, as demonstrated by the vd_sjws2 module in VulnDisco. NOTE: as of 20100106, this disclosure has no actionable information. However, because the VulnDisco author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2009-4097 | 1 Malsmith | 1 Serenity Audio Player | 2017-08-17 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the MplayInputFile function in Serenity Audio Player 3.2.3 and earlier allows remote attackers to execute arbitrary code via a long URL in an M3U file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-0138 | 2 Cisco, Microsoft | 2 Ciscoworks Internetwork Performance Monitor, Windows | 2017-08-17 | 10.0 HIGH | N/A |
| Buffer overflow in Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 and earlier on Windows, as distributed in CiscoWorks LAN Management Solution (LMS), allows remote attackers to execute arbitrary code via a malformed getProcessName CORBA General Inter-ORB Protocol (GIOP) request, related to a "third-party component," aka Bug ID CSCsv62350. | |||||
| CVE-2009-4897 | 1 Artifex | 3 Afpl Ghostscript, Ghostscript Fonts, Gpl Ghostscript | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document containing a long name. | |||||
| CVE-2009-3878 | 2 Intevydis, Sun | 2 Vulndisco Pack, Java System Web Server | 2017-08-17 | 9.3 HIGH | N/A |
| Buffer overflow in Sun Java System Web Server 7.0 Update 6 has unspecified impact and remote attack vectors, as demonstrated by the vd_sjws module in VulnDisco Pack Professional 8.12. NOTE: as of 20091105, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||