Total
12492 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-0985 | 1 Google | 1 Android Sdk | 2025-04-09 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in the GIF library in the WebKit framework for Google Android SDK m3-rc37a and earlier allows remote attackers to execute arbitrary code via a crafted GIF file whose logical screen height and width are different than the actual height and width. | |||||
CVE-2008-4473 | 2 Adobe, Microsoft | 2 Flash Player, Windows | 2025-04-09 | 9.3 HIGH | N/A |
Multiple heap-based buffer overflows in Adobe Flash CS3 Professional on Windows and Flash MX 2004 allow remote attackers to execute arbitrary code via an SWF file containing long control parameters. | |||||
CVE-2007-6026 | 1 Microsoft | 6 Jet, Office, Windows 2000 and 3 more | 2025-04-09 | 9.3 HIGH | N/A |
Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944. | |||||
CVE-2006-5456 | 2 Graphicsmagick, Imagemagick | 2 Graphicsmagick, Imagemagick | 2025-04-09 | 5.1 MEDIUM | N/A |
Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. | |||||
CVE-2008-3558 | 1 Cisco | 1 Webex Meeting Manager | 2025-04-09 | 9.3 HIGH | N/A |
Stack-based buffer overflow in the WebexUCFObject ActiveX control in atucfobj.dll in Cisco WebEx Meeting Manager before 20.2008.2606.4919 allows remote attackers to execute arbitrary code via a long argument to the NewObject method. | |||||
CVE-2008-5754 | 1 Bpftp | 1 Bulletproof Ftp Client | 2025-04-09 | 9.3 HIGH | N/A |
Stack-based buffer overflow in BulletProof FTP Client allows user-assisted attackers to execute arbitrary code via a .bps file (aka Session-File) with a long second line, possibly a related issue to CVE-2008-5753. | |||||
CVE-2009-0952 | 1 Apple | 1 Quicktime | 2025-04-09 | 9.3 HIGH | N/A |
Buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted compressed PSD image. | |||||
CVE-2008-4556 | 1 Sun | 1 Solaris | 2025-04-09 | 10.0 HIGH | N/A |
Stack-based buffer overflow in the adm_build_path function in sadmind in Sun Solstice AdminSuite on Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted request. | |||||
CVE-2009-0157 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in CFNetwork in Apple Mac OS X 10.5 before 10.5.7 allows remote web servers to execute arbitrary code or cause a denial of service (application crash) via long HTTP headers. | |||||
CVE-2008-3577 | 1 Openttd | 1 Openttd | 2025-04-09 | 4.6 MEDIUM | N/A |
Buffer overflow in src/openttd.cpp in OpenTTD before 0.6.2 allows local users to execute arbitrary code via a large filename supplied to the "-g" parameter in the ttd_main function. NOTE: it is unlikely that this issue would cross privilege boundaries in typical environments. | |||||
CVE-2008-5356 | 1 Sun | 3 Jdk, Jre, Sdk | 2025-04-09 | 9.3 HIGH | N/A |
Heap-based buffer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier might allow remote attackers to execute arbitrary code via a crafted TrueType font file. | |||||
CVE-2008-4028 | 1 Microsoft | 8 Office, Office Compatibility Pack For Word Excel Ppt 2007, Office Outlook and 5 more | 2025-04-09 | 9.3 HIGH | N/A |
Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via crafted control words related to multiple Drawing Object tags in (1) an RTF file or (2) a rich text e-mail message, which triggers incorrect memory allocation and a heap-based buffer overflow, aka "Word RTF Object Parsing Vulnerability," a different vulnerability than CVE-2008-4030. | |||||
CVE-2008-4321 | 1 Flashget | 1 Flashget Ftp | 2025-04-09 | 9.3 HIGH | N/A |
Buffer overflow in FlashGet (formerly JetCar) FTP 1.9 allows remote FTP servers to execute arbitrary code via a long response to the PWD command. | |||||
CVE-2009-3254 | 1 Ultimatevideosite | 1 Ultimate Player | 2025-04-09 | 9.3 HIGH | N/A |
Multiple stack-based buffer overflows in Ultimate Player 1.56 beta allow remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .upl playlist file. | |||||
CVE-2006-5882 | 2 Broadcom, Linksys | 2 Bcmwl5.sys Wireless Device Driver, Wpc300n Wireless-n Notebook Adapter Driver | 2025-04-09 | 8.3 HIGH | N/A |
Stack-based buffer overflow in the Broadcom BCMWL5.SYS wireless device driver 3.50.21.10, as used in Cisco Linksys WPC300N Wireless-N Notebook Adapter before 4.100.15.5 and other products, allows remote attackers to execute arbitrary code via an 802.11 response frame containing a long SSID field. | |||||
CVE-2007-0016 | 1 Netfarer | 1 Movieplay | 2025-04-09 | 7.5 HIGH | N/A |
Stack-based buffer overflow in MoviePlay 4.76 allows remote attackers to execute arbitrary code via a long filename in a LST file. | |||||
CVE-2009-4124 | 1 Ruby-lang | 1 Ruby | 2025-04-09 | 10.0 HIGH | N/A |
Heap-based buffer overflow in the rb_str_justify function in string.c in Ruby 1.9.1 before 1.9.1-p376 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving (1) String#ljust, (2) String#center, or (3) String#rjust. NOTE: some of these details are obtained from third party information. | |||||
CVE-2007-5542 | 1 Miranda-im | 1 Miranda Im | 2025-04-09 | 9.3 HIGH | N/A |
Stack-based buffer overflow in Miranda IM 0.6.8 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590. | |||||
CVE-2009-1130 | 1 Microsoft | 2 Office, Office Powerpoint | 2025-04-09 | 9.3 HIGH | N/A |
Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a crafted structure in a Notes container in a PowerPoint file that causes PowerPoint to read more data than was allocated when creating a C++ object, leading to an overwrite of a function pointer, aka "Heap Corruption Vulnerability." | |||||
CVE-2008-4038 | 1 Microsoft | 5 Windows 2000, Windows Server 2003, Windows Server 2008 and 2 more | 2025-04-09 | 10.0 HIGH | N/A |
Buffer underflow in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via a Server Message Block (SMB) request that contains a filename with a crafted length, aka "SMB Buffer Underflow Vulnerability." |