Total
12110 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5091 | 1 Novell | 1 Edirectory | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in the LDAP Service in Novell eDirectory 8.7.3 before SP10a and 8.8 before SP3 allows attackers to cause a denial of service (application crash) via vectors involving an "invalid extensibleMatch filter." | |||||
| CVE-2008-1442 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the substringData method in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code, related to an unspecified manipulation of a DOM object before a call to this method, aka the "HTML Objects Memory Corruption Vulnerability." | |||||
| CVE-2009-0950 | 1 Apple | 1 Itunes | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Apple iTunes before 8.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an itms: URL with a long URL component after a colon. | |||||
| CVE-2009-1791 | 2 Mega-nerd, Nullsoft | 2 Libsndfile, Winamp | 2024-02-04 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an AIFF file with an invalid header value. | |||||
| CVE-2008-5416 | 1 Microsoft | 1 Sql Server | 2024-02-04 | 9.0 HIGH | N/A |
| Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2 allows remote authenticated users to cause a denial of service (access violation exception) or execute arbitrary code by calling the sp_replwritetovarbin extended stored procedure with a set of invalid parameters that trigger memory overwrite, aka "SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability." | |||||
| CVE-2009-1885 | 1 Apache | 1 Xerces-c\+\+ | 2024-02-04 | 4.3 MEDIUM | N/A |
| Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrated by the Codenomicon XML fuzzing framework. | |||||
| CVE-2009-1209 | 1 W3 | 1 Amaya | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in W3C Amaya Web Browser 11.1 allows remote attackers to execute arbitrary code via a script tag with a long defer attribute. | |||||
| CVE-2009-3058 | 1 Aksoft | 1 Akplayer | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in akPlayer 1.9.0 allows remote attackers to execute arbitrary code via a long string in a .plt playlist file. | |||||
| CVE-2008-3625 | 1 Apple | 1 Quicktime | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Apple QuickTime before 7.5.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a QuickTime Virtual Reality (QTVR) movie file with crafted (1) maxTilt, (2) minFieldOfView, and (3) maxFieldOfView elements in panorama track PDAT atoms. | |||||
| CVE-2009-1608 | 1 Microchip | 1 Mplab Ide | 2024-02-04 | 9.3 HIGH | N/A |
| Multiple buffer overflows in Microchip MPLAB IDE 8.30 and possibly earlier versions allow user-assisted remote attackers to execute arbitrary code via a .MCP project file with long (1) FILE_INFO, (2) CAT_FILTERS, and possibly other fields. | |||||
| CVE-2008-3916 | 1 Gnu | 1 Ed | 2024-02-04 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue only crosses privilege boundaries when ed is invoked as a third-party component. | |||||
| CVE-2009-2375 | 1 Photo-dvd-maker | 1 Photo Dvd Maker | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Photo DVD Maker 8.02, and possibly earlier versions, allows remote attackers to execute arbitrary code via a long File_Name parameter in a .pdm file. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-0215 | 1 Ibm | 1 Access Support Activex Control | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the GetXMLValue method in the IBM Access Support ActiveX control in IbmEgath.dll, as distributed on IBM and Lenovo computers, allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2008-5876 | 1 Irrlicht | 1 Irrlicht | 2024-02-04 | 9.3 HIGH | N/A |
| Buffer overflow in Irrlicht before 1.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors in the B3D loader. | |||||
| CVE-2008-3480 | 1 Anzio | 2 Print Wizard, Web Print Object | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the Anzio Web Print Object (WePO) ActiveX control 3.2.19 and 3.2.24, as used in Anzio Print Wizard, allows remote attackers to execute arbitrary code via a long mainurl parameter. | |||||
| CVE-2009-1643 | 1 Sorinara | 1 Soritong Mp3 Player | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Sorinara Soritong MP3 Player 1.0 allows remote attackers to execute arbitrary code via a crafted .m3u file. | |||||
| CVE-2008-3364 | 1 Trend Micro | 1 Officescan | 2024-02-04 | 9.3 HIGH | N/A |
| Buffer overflow in the ObjRemoveCtrl Class ActiveX control in OfficeScanRemoveCtrl.dll 7.3.0.1020 in Trend Micro OfficeScan Corp Edition (OSCE) Web-Deployment 7.0, 7.3 build 1343 Patch 4 and other builds, and 8.0; Client Server Messaging Security (CSM) 3.5 and 3.6; and Worry-Free Business Security (WFBS) 5.0 allows remote attackers to execute arbitrary code via a long string in the Server property, and possibly other properties. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-1020 | 1 Apple | 1 Quicktime | 2024-02-04 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in quickTime.qts in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted PICT image file with Kodak encoding, related to error checking and error messages. | |||||
| CVE-2008-2703 | 1 Novell | 1 Groupwise Messenger | 2024-02-04 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attackers to execute arbitrary code via "spoofed server responses" that contain a long string after the NM_A_SZ_TRANSACTION_ID field name. | |||||
| CVE-2009-3569 | 1 Apache | 1 Openoffice.org | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in OpenOffice.org (OOo) allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.8, aka "Client-side stack overflow exploit." NOTE: as of 20091005, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||