Total
12110 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3662 | 1 Greg Roelofs | 1 Pnmtopng | 2024-02-04 | 4.6 MEDIUM | N/A |
| Off-by-one buffer overflow in pnmtopng before 2.39, when using the -alpha command line option (Alphas_Of_Color), allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM file with exactly 256 colors. | |||||
| CVE-2005-2310 | 1 Nullsoft | 1 Winamp | 2024-02-04 | 9.3 HIGH | N/A |
| Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions before 5.094, allows remote attackers to execute arbitrary code via an MP3 file with a long ID3v2 tag such as (1) ARTIST or (2) TITLE. | |||||
| CVE-2005-3193 | 1 Xpdf | 1 Xpdf | 2024-02-04 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in the JPXStream::readCodestream function in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, (4) CUPS, and (5) libextractor allows user-assisted attackers to cause a denial of service (heap corruption) and possibly execute arbitrary code via a crafted PDF file with large size values that cause insufficient memory to be allocated. | |||||
| CVE-2006-0730 | 1 Timo Sirainen | 1 Dovecot | 2024-02-04 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in Dovecot before 1.0beta3 allow remote attackers to cause a denial of service (application crash or hang) via unspecified vectors involving (1) "potential hangs" in the APPEND command and "potential crashes" in (2) dovecot-auth and (3) imap/pop3-login. NOTE: vector 2 might be related to a double free vulnerability. | |||||
| CVE-2005-3485 | 1 Glider | 1 Collectn Kill | 2024-02-04 | 7.5 HIGH | N/A |
| Buffer overflow in Glider Collect'n kill 1.0.0.0 allows remote attackers to execute arbitrary code via a gl_playerEnter command with a long player name. | |||||
| CVE-2005-2344 | 1 Rim | 1 Blackberry Enterprise Server | 2024-02-04 | 5.0 MEDIUM | N/A |
| The BlackBerry Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.0 to version 4.0 Service Pack 2 allows attackers to cause a denial of service via a malformed Portable Network Graphics (PNG) file that triggers a heap-based buffer overflow. | |||||
| CVE-2006-3459 | 2 Adobe, Libtiff | 2 Acrobat Reader, Libtiff | 2024-02-04 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c. | |||||
| CVE-2006-0007 | 1 Microsoft | 1 Office | 2024-02-04 | 9.3 HIGH | N/A |
| Buffer overflow in GIFIMP32.FLT, as used in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via a crafted GIF image that triggers memory corruption when it is parsed. | |||||
| CVE-2006-0323 | 1 Realnetworks | 4 Helix Player, Realone Player, Realplayer and 1 more | 2024-02-04 | 9.3 HIGH | N/A |
| Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations. | |||||
| CVE-2006-0459 | 1 Will Estes And John Millaway | 1 Flex | 2024-02-04 | 7.5 HIGH | N/A |
| flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator (flex) before 2.5.33 does not allocate enough memory for grammars containing (1) REJECT statements or (2) trailing context rules, which causes flex to generate code that contains a buffer overflow that might allow context-dependent attackers to execute arbitrary code. | |||||
| CVE-2006-3460 | 1 Libtiff | 1 Libtiff | 2024-02-04 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the JPEG decoder in the TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line size (TiffScanLineSize). | |||||
| CVE-2005-4267 | 1 Qualcomm | 1 Worldmail | 2024-02-04 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in Qualcomm WorldMail 3.0 allows remote attackers to execute arbitrary code via a long IMAP command that ends with a "}" character, as demonstrated using long (1) LIST, (2) LSUB, (3) SEARCH TEXT, (4) STATUS INBOX, (5) AUTHENTICATE, (6) FETCH, (7) SELECT, and (8) COPY commands. | |||||
| CVE-2006-3638 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-04 | 7.5 HIGH | N/A |
| Microsoft Internet Explorer 5.01 and 6 does not properly handle uninitialized COM objects, which allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code, as demonstrated by the Nth function in the DirectAnimation.DATuple ActiveX control, aka "COM Object Instantiation Memory Corruption Vulnerability." | |||||
| CVE-2005-2618 | 2 Autonomy, Ibm | 4 Keyview Export Sdk, Keyview Filter Sdk, Keyview Viewer Sdk and 1 more | 2024-02-04 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView SDK before 9.2.0, as used in Lotus Notes 6.5.4 and 7.0, allow remote attackers to execute arbitrary code via (1) a UUE file containing an encoded file with a long filename handled by uudrdr.dll, (2) a compressed ZIP file with a long filename handled by kvarcve.dll, (3) a TAR archive with a long filename that is extracted to a directory with a long path handled by the TAR reader (tarrdr.dll), (4) an email that contains a long HTTP, FTP, or // link handled by the HTML speed reader (htmsr.dll) or (5) an email containing a crafted long link handled by the HTML speed reader (htmsr.dll). | |||||
| CVE-2005-3831 | 1 Speedproject | 3 Speedcommander, Squeez, Zipstar | 2024-02-04 | 5.1 MEDIUM | N/A |
| Stack-based buffer overflow in (1) CxZIP60.dll and (2) CxZIP60u.dll, as used in SpeedProject products including (a) ZipStar 5.0 Build 4285, (b) Squeez 5.0 Build 4285, and (c) SpeedCommander 11.0 Build 4430 and 10.51 Build 4430, allows user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename. | |||||
| CVE-2004-2728 | 1 Hummingbird | 1 Connectivity | 2024-02-04 | 3.5 LOW | N/A |
| Buffer overflow in the FTP server of Hummingbird Connectivity 7.1 and 9.0 allows remote, authenticated users to cause a denial of service (application crash) via a long argument to the XCWD command. | |||||
| CVE-2005-3265 | 1 Skype Technologies | 1 Skype | 2024-02-04 | 9.3 HIGH | N/A |
| Buffer overflow in Skype for Windows 1.1.x.0 through 1.4.x.83 allows remote attackers to execute arbitrary code via (1) callto:// and (2) skype:// links, or (3) a non-standard VCARD, possibly due to an underlying error in the SysUtils.WideFmtStr Delphi routine. | |||||
| CVE-2005-4667 | 1 Info-zip | 1 Unzip | 2024-02-04 | 3.7 LOW | N/A |
| Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs. | |||||
| CVE-2006-3632 | 1 Ethereal Group | 1 Ethereal | 2024-02-04 | 10.0 HIGH | N/A |
| Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector. | |||||
| CVE-2006-0056 | 1 Pam-mysql | 1 Pam-mysql | 2024-02-04 | 7.5 HIGH | N/A |
| Double free vulnerability in the authentication and authentication token alteration code in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted passwords, which lead to a double free of a pointer that was created by the pam_get_item function. NOTE: this issue only occurs in certain configurations in which there are multiple PAM modules, PAM-MySQL is not evaluated first, and there are no requisite modules before PAM-MySQL. | |||||