Vulnerabilities (CVE)

Filtered by CWE-119
Total 12475 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-0647 1 Ourgame.com 2 Glworld, Hangameplugincn18 Activex Control 2025-04-09 10.0 HIGH N/A
Multiple stack-based buffer overflows in the HanGamePluginCn18.HanGamePluginCn18.1 ActiveX control in HanGamePluginCn18.dll in Ourgame GLWorld 2.6.1.29 (aka Lianzong Game Platform) allow remote attackers to execute arbitrary code via long arguments to the (1) hgs_startGame and (2) hgs_startNotify methods, as exploited in the wild as of February 2008. NOTE: some of these details are obtained from third party information.
CVE-2009-0397 1 Gstreamer 2 Good Plug-ins, Plug-ins 2025-04-09 9.3 HIGH N/A
Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file.
CVE-2009-3938 1 Poppler 1 Poppler 2025-04-09 6.8 MEDIUM N/A
Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file.
CVE-2008-5005 1 University Of Washington 2 Alpine, Imap Toolkit 2025-04-09 10.0 HIGH N/A
Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007c, (2) University of Washington Alpine 2.00 and earlier, and (3) Panda IMAP allow (a) local users to gain privileges by specifying a long folder extension argument on the command line to the tmail or dmail program; and (b) remote attackers to execute arbitrary code by sending e-mail to a destination mailbox name composed of a username and '+' character followed by a long string, processed by the tmail or possibly dmail program.
CVE-2009-0002 2 Apple, Microsoft 4 Mac Os X, Quicktime, Windows Vista and 1 more 2025-04-09 9.3 HIGH N/A
Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QTVR movie file with crafted THKD atoms.
CVE-2007-5764 1 Ibm 1 Aix 2025-04-09 7.2 HIGH N/A
Buffer overflow in the pioout program in printers.rte in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long command line option.
CVE-2009-1817 1 Digimode10 1 Maya 2025-04-09 9.3 HIGH N/A
Multiple buffer overflows in DigiMode Maya 1.0.2 allow remote attackers to execute arbitrary code via a long string in a malformed (1) .m3u or (2) .m3l playlist file.
CVE-2007-4423 1 Ibm 1 Db2 Universal Database 2025-04-09 5.0 MEDIUM N/A
Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument.
CVE-2008-3865 1 Trend Micro 3 Internet Security 2007, Internet Security 2008, Officescan 2025-04-09 10.0 HIGH N/A
Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrary code via a packet with a small value in an unspecified size field.
CVE-2007-1709 1 Php 1 Php 2025-04-09 4.3 MEDIUM N/A
Buffer overflow in the confirm_phpdoc_compiled function in the phpDOC extension (PECL phpDOC) in PHP 5.2.1 allows context-dependent attackers to execute arbitrary code via a long argument string.
CVE-2009-4362 1 Ibm 1 Aix 2025-04-09 7.2 HIGH N/A
Multiple buffer overflows in qosmod in IBM AIX 6.1 allow local users to cause a denial of service (application crash) or possibly gain privileges via long string arguments. NOTE: some of these details are obtained from third party information.
CVE-2008-7249 1 Pedro Lineu Orso 1 Sarg 2025-04-09 9.3 HIGH N/A
Buffer overflow in Squid Analysis Report Generator (Sarg) 2.2.3.1, and probably later, allows user-assisted remote attackers to execute arbitrary code via a long HTTP request method in a crafted access.log file, a different vulnerability than CVE-2008-1167.
CVE-2008-2145 1 Novell 1 Client 2025-04-09 7.2 HIGH N/A
Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long username in the "forgotten password" dialog.
CVE-2008-0698 1 Ibm 1 Db2 2025-04-09 7.8 HIGH N/A
Buffer overflow in the DAS server in IBM DB2 UDB before 8.2 Fixpak 16 has unknown attack vectors, and an impact probably involving "invalid memory access."
CVE-2008-6998 1 Google 1 Chrome 2025-04-09 9.3 HIGH N/A
Stack-based buffer overflow in chrome/common/gfx/url_elider.cc in Google Chrome 0.2.149.27 and other versions before 0.2.149.29 might allow user-assisted remote attackers to execute arbitrary code via a link target (href attribute) with a large number of path elements, which triggers the overflow when the status bar is updated after the user hovers over the link.
CVE-2008-2469 1 Libspf 1 Libspf2 2025-04-09 10.0 HIGH N/A
Heap-based buffer overflow in the SPF_dns_resolv_lookup function in Spf_dns_resolv.c in libspf2 before 1.2.8 allows remote attackers to execute arbitrary code via a long DNS TXT record with a modified length field.
CVE-2008-1018 1 Apple 1 Quicktime 2025-04-09 6.8 MEDIUM N/A
Heap-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via an MP4A movie with a malformed Channel Compositor (aka chan) atom.
CVE-2007-4823 1 Google 1 Picasa 2025-04-09 7.5 HIGH N/A
Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory.
CVE-2009-2298 1 Hp 1 Openview Network Node Manager 2025-04-09 7.5 HIGH N/A
Stack-based buffer overflow in rping in HP OpenView Network Node Manager (OV NNM) 7.53 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a CGI request to webappmon.exe. NOTE: this may overlap CVE-2009-1420.
CVE-2007-5330 1 Broadcom 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup 2025-04-09 10.0 HIGH N/A
The cadbd RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to (1) execute arbitrary code via stack-based buffer overflows in unspecified RPC procedures, and (2) trigger memory corruption related to the use of "handle" RPC arguments as pointers.