Total
12475 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-0647 | 1 Ourgame.com | 2 Glworld, Hangameplugincn18 Activex Control | 2025-04-09 | 10.0 HIGH | N/A |
Multiple stack-based buffer overflows in the HanGamePluginCn18.HanGamePluginCn18.1 ActiveX control in HanGamePluginCn18.dll in Ourgame GLWorld 2.6.1.29 (aka Lianzong Game Platform) allow remote attackers to execute arbitrary code via long arguments to the (1) hgs_startGame and (2) hgs_startNotify methods, as exploited in the wild as of February 2008. NOTE: some of these details are obtained from third party information. | |||||
CVE-2009-0397 | 1 Gstreamer | 2 Good Plug-ins, Plug-ins | 2025-04-09 | 9.3 HIGH | N/A |
Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample (aka stts) atom data in a malformed QuickTime media .mov file. | |||||
CVE-2009-3938 | 1 Poppler | 1 Poppler | 2025-04-09 | 6.8 MEDIUM | N/A |
Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc in Poppler (aka libpoppler) 0.10.6, 0.12.0, and possibly other versions, as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file. | |||||
CVE-2008-5005 | 1 University Of Washington | 2 Alpine, Imap Toolkit | 2025-04-09 | 10.0 HIGH | N/A |
Multiple stack-based buffer overflows in (1) University of Washington IMAP Toolkit 2002 through 2007c, (2) University of Washington Alpine 2.00 and earlier, and (3) Panda IMAP allow (a) local users to gain privileges by specifying a long folder extension argument on the command line to the tmail or dmail program; and (b) remote attackers to execute arbitrary code by sending e-mail to a destination mailbox name composed of a username and '+' character followed by a long string, processed by the tmail or possibly dmail program. | |||||
CVE-2009-0002 | 2 Apple, Microsoft | 4 Mac Os X, Quicktime, Windows Vista and 1 more | 2025-04-09 | 9.3 HIGH | N/A |
Heap-based buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a QTVR movie file with crafted THKD atoms. | |||||
CVE-2007-5764 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
Buffer overflow in the pioout program in printers.rte in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long command line option. | |||||
CVE-2009-1817 | 1 Digimode10 | 1 Maya | 2025-04-09 | 9.3 HIGH | N/A |
Multiple buffer overflows in DigiMode Maya 1.0.2 allow remote attackers to execute arbitrary code via a long string in a malformed (1) .m3u or (2) .m3l playlist file. | |||||
CVE-2007-4423 | 1 Ibm | 1 Db2 Universal Database | 2025-04-09 | 5.0 MEDIUM | N/A |
Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument. | |||||
CVE-2008-3865 | 1 Trend Micro | 3 Internet Security 2007, Internet Security 2008, Officescan | 2025-04-09 | 10.0 HIGH | N/A |
Multiple heap-based buffer overflows in the ApiThread function in the firewall service (aka TmPfw.exe) in Trend Micro Network Security Component (NSC) modules, as used in Trend Micro OfficeScan 8.0 SP1 Patch 1 and Internet Security 2007 and 2008 17.0.1224, allow remote attackers to execute arbitrary code via a packet with a small value in an unspecified size field. | |||||
CVE-2007-1709 | 1 Php | 1 Php | 2025-04-09 | 4.3 MEDIUM | N/A |
Buffer overflow in the confirm_phpdoc_compiled function in the phpDOC extension (PECL phpDOC) in PHP 5.2.1 allows context-dependent attackers to execute arbitrary code via a long argument string. | |||||
CVE-2009-4362 | 1 Ibm | 1 Aix | 2025-04-09 | 7.2 HIGH | N/A |
Multiple buffer overflows in qosmod in IBM AIX 6.1 allow local users to cause a denial of service (application crash) or possibly gain privileges via long string arguments. NOTE: some of these details are obtained from third party information. | |||||
CVE-2008-7249 | 1 Pedro Lineu Orso | 1 Sarg | 2025-04-09 | 9.3 HIGH | N/A |
Buffer overflow in Squid Analysis Report Generator (Sarg) 2.2.3.1, and probably later, allows user-assisted remote attackers to execute arbitrary code via a long HTTP request method in a crafted access.log file, a different vulnerability than CVE-2008-1167. | |||||
CVE-2008-2145 | 1 Novell | 1 Client | 2025-04-09 | 7.2 HIGH | N/A |
Stack-based buffer overflow in Novell Client 4.91 SP4 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long username in the "forgotten password" dialog. | |||||
CVE-2008-0698 | 1 Ibm | 1 Db2 | 2025-04-09 | 7.8 HIGH | N/A |
Buffer overflow in the DAS server in IBM DB2 UDB before 8.2 Fixpak 16 has unknown attack vectors, and an impact probably involving "invalid memory access." | |||||
CVE-2008-6998 | 1 Google | 1 Chrome | 2025-04-09 | 9.3 HIGH | N/A |
Stack-based buffer overflow in chrome/common/gfx/url_elider.cc in Google Chrome 0.2.149.27 and other versions before 0.2.149.29 might allow user-assisted remote attackers to execute arbitrary code via a link target (href attribute) with a large number of path elements, which triggers the overflow when the status bar is updated after the user hovers over the link. | |||||
CVE-2008-2469 | 1 Libspf | 1 Libspf2 | 2025-04-09 | 10.0 HIGH | N/A |
Heap-based buffer overflow in the SPF_dns_resolv_lookup function in Spf_dns_resolv.c in libspf2 before 1.2.8 allows remote attackers to execute arbitrary code via a long DNS TXT record with a modified length field. | |||||
CVE-2008-1018 | 1 Apple | 1 Quicktime | 2025-04-09 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via an MP4A movie with a malformed Channel Compositor (aka chan) atom. | |||||
CVE-2007-4823 | 1 Google | 1 Picasa | 2025-04-09 | 7.5 HIGH | N/A |
Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory. | |||||
CVE-2009-2298 | 1 Hp | 1 Openview Network Node Manager | 2025-04-09 | 7.5 HIGH | N/A |
Stack-based buffer overflow in rping in HP OpenView Network Node Manager (OV NNM) 7.53 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a CGI request to webappmon.exe. NOTE: this may overlap CVE-2009-1420. | |||||
CVE-2007-5330 | 1 Broadcom | 2 Brightstor Arcserve Backup, Brightstor Enterprise Backup | 2025-04-09 | 10.0 HIGH | N/A |
The cadbd RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to (1) execute arbitrary code via stack-based buffer overflows in unspecified RPC procedures, and (2) trigger memory corruption related to the use of "handle" RPC arguments as pointers. |