Total
12110 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-1675 | 1 Electrasoft | 1 32bit Ftp | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long 227 reply to a PASV command. | |||||
| CVE-2008-0015 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the CComVariant::ReadFromStream function in the Active Template Library (ATL), as used in the MPEG2TuneRequest ActiveX control in msvidctl.dll in DirectShow, in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted web page, as exploited in the wild in July 2009, aka "Microsoft Video ActiveX Control Vulnerability." | |||||
| CVE-2009-1274 | 1 Xine | 1 Xine-lib | 2024-02-04 | 5.0 MEDIUM | N/A |
| Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow. | |||||
| CVE-2008-4548 | 1 Rtssentry | 1 Rtssentry | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the PTZCamPanelCtrl ActiveX control (CamPanel.dll) in RTS Sentry 2.1.0.2 allows remote attackers to execute arbitrary code via a long second argument to the ConnectServer method. | |||||
| CVE-2009-0004 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2024-02-04 | 9.3 HIGH | N/A |
| Buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted MP3 audio file. | |||||
| CVE-2008-4562 | 1 Hp | 1 Openview Network Node Manager | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in the ovlaunch CGI program in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 on Windows allows remote attackers to execute arbitrary code via a crafted Host parameter. NOTE: this issue may be partially covered by CVE-2009-0205. | |||||
| CVE-2009-1855 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow attackers to execute arbitrary code via a PDF file containing a malformed U3D model file with a crafted extension block. | |||||
| CVE-2008-0955 | 1 Creative | 1 Creative Software Autoupdate Engine | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the Creative Software AutoUpdate Engine ActiveX control in CTSUEng.ocx allows remote attackers to execute arbitrary code via a long CacheFolder property value. | |||||
| CVE-2008-7177 | 1 Nasm | 1 Netwide Assembler | 2024-02-04 | 9.3 HIGH | N/A |
| Buffer overflow in the listing module in Netwide Assembler (NASM) before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719. | |||||
| CVE-2009-2832 | 1 Apple | 1 Mac Os X Server | 2024-02-04 | 5.1 MEDIUM | N/A |
| Buffer overflow in FTP Server in Apple Mac OS X before 10.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a CWD command specifying a pathname in a deeply nested hierarchy of directories, related to a "CWD command line tool." | |||||
| CVE-2008-1952 | 1 Xensource | 1 Xen Para Virtualized Frame Buffer | 2024-02-04 | 2.1 LOW | N/A |
| The backend for XenSource Xen Para Virtualized Frame Buffer (PVFB) in Xen ioemu does not properly restrict the frame buffer size, which allows attackers to cause a denial of service (crash) by mapping an arbitrary amount of guest memory. | |||||
| CVE-2008-3209 | 1 Blackice | 1 Black Ice Document Imaging Sdk | 2024-02-04 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the OpenGifFile function in BiGif.dll in Black Ice Document Imaging SDK 10.95 allows remote attackers to execute arbitrary code via a long string argument to the GetNumberOfImagesInGifFile method in the BIImgFrm Control ActiveX control in biimgfrm.ocx. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-5514 | 1 University Of Washington | 1 Imap | 2024-02-04 | 4.3 MEDIUM | N/A |
| Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow. | |||||
| CVE-2008-5383 | 1 National Instruments | 1 Electronics Workbench | 2024-02-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in National Instruments Electronics Workbench allows user-assisted attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted .ewb file. | |||||
| CVE-2008-1491 | 1 Asus | 1 Remote Console | 2024-02-04 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 and 2.0.0.24 allows remote attackers to execute arbitrary code via a long string to TCP port 623. | |||||
| CVE-2009-0133 | 1 Microsoft | 1 Html Help Workshop | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier allows context-dependent attackers to execute arbitrary code via a .hhp file with a long "Index file" field, possibly a related issue to CVE-2006-0564. | |||||
| CVE-2009-0270 | 1 Fujitsu | 1 Systemcastwizard Lite | 2024-02-04 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in PXEService.exe in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier allows remote attackers to execute arbitrary code via a large PXE protocol request in a UDP packet. | |||||
| CVE-2009-0065 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large stream ID. | |||||
| CVE-2009-0650 | 1 Tptest | 1 Tptest | 2024-02-04 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the GetStatsFromLine function in TPTEST 3.1.7 and earlier, and possibly 5.02, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a STATS line with a long pwd field. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0948 | 1 Mit | 1 Kerberos 5 | 2024-02-04 | 9.3 HIGH | N/A |
| Buffer overflow in the RPC library (lib/rpc/rpc_dtablesize.c) used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.2.2, and probably other versions before 1.3, when running on systems whose unistd.h does not define the FD_SETSIZE macro, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering a large number of open file descriptors. | |||||