Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0586 | 1 Ibm | 1 Aix | 2017-09-29 | 7.2 HIGH | N/A |
| Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors related to the (1) lchangevg, (2) ldeletepv, (3) putlvodm, (4) lvaryoffvg, and (5) lvgenminor programs in bos.rte.lvm; and the (6) tellclvmd program in bos.clvm.enh. | |||||
| CVE-2008-1601 | 1 Ibm | 1 Aix | 2017-09-29 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the reboot program on IBM AIX 5.2 and 5.3 allows local users in the shutdown group to gain privileges. | |||||
| CVE-2008-0554 | 1 Netpbm | 1 Netpbm | 2017-09-29 | 6.8 MEDIUM | N/A |
| Buffer overflow in the readImageData function in giftopnm.c in netpbm before 10.27 in netpbm before 10.27 allows remote user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484. | |||||
| CVE-2008-0016 | 1 Mozilla | 2 Firefox, Seamonkey | 2017-09-29 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to execute arbitrary code via a crafted UTF-8 URL in a link. | |||||
| CVE-2008-1044 | 1 Move Networks Inc | 2 Move Media Player, Qunatum Streaming Player | 2017-09-29 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the Quantum Streaming Player (Quantum Streaming IE Player) ActiveX control (aka QSP2IE.QSP2IE) in qsp2ie07076007.dll 7.7.6.7 and qsp2ie07074039.dll 7.7.4.39 in Move Media Player allows remote attackers to execute arbitrary code via a long argument to the UploadLogs method, a different vector than CVE-2007-4722. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0493 | 1 Irfanview | 1 Irfanview | 2017-09-29 | 9.3 HIGH | N/A |
| fpx.dll 3.9.8.0 in the FlashPix plugin for IrfanView 4.10 allows remote attackers to execute arbitrary code via a crafted FlashPix (.FPX) file, which triggers heap corruption. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0647 | 1 Ourgame.com | 2 Glworld, Hangameplugincn18 Activex Control | 2017-09-29 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in the HanGamePluginCn18.HanGamePluginCn18.1 ActiveX control in HanGamePluginCn18.dll in Ourgame GLWorld 2.6.1.29 (aka Lianzong Game Platform) allow remote attackers to execute arbitrary code via long arguments to the (1) hgs_startGame and (2) hgs_startNotify methods, as exploited in the wild as of February 2008. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-1307 | 1 Kingsoft | 1 Antivirus Online Update Module | 2017-09-29 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the KUpdateObj2 Class ActiveX control in UpdateOcx2.dll in Beijing KingSoft Antivirus Online Update Module 2007.12.29.29 allows remote attackers to execute arbitrary code via a long argument to the SetUninstallName method. | |||||
| CVE-2008-1943 | 2 Redhat, Xensource | 4 Desktop, Enterprise Linux, Virtualization Server and 1 more | 2017-09-29 | 2.1 LOW | N/A |
| Buffer overflow in the backend of XenSource Xen Para Virtualized Frame Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted description of a shared framebuffer. | |||||
| CVE-2008-0380 | 1 Digital Data Communications | 1 Rtspvapgdecoder.dll | 2017-09-29 | 10.0 HIGH | N/A |
| Buffer overflow in the Digital Data Communications RtspVaPgCtrl ActiveX control (RtspVapgDecoder.dll 1.1.0.29) allows remote attackers to execute arbitrary code via a long MP4Prefix property. | |||||
| CVE-2008-0394 | 1 Citadel | 1 Smtp | 2017-09-29 | 7.5 HIGH | N/A |
| Buffer overflow in Citadel SMTP server 7.10 and earlier allows remote attackers to execute arbitrary code via a long RCPT TO command, which is not properly handled by the makeuserkey function. NOTE: some of these details were obtained from third party information. | |||||
| CVE-2008-1498 | 1 Netwin | 1 Surgemail | 2017-09-29 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3.8k4-4 and earlier allows remote authenticated users to execute arbitrary code via a long first argument to the LIST command. | |||||
| CVE-2008-1096 | 1 Imagemagick | 2 Graphicsmagick, Imagemagick | 2017-09-29 | 6.8 MEDIUM | N/A |
| The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf file that triggers an out-of-bounds heap write, possibly related to the ScaleCharToQuantum function. | |||||
| CVE-2008-0304 | 3 Linux, Microsoft, Mozilla | 4 Linux Kernel, Windows, Seamonkey and 1 more | 2017-09-29 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation during message preview. | |||||
| CVE-2008-1802 | 1 Rdesktop | 1 Rdesktop | 2017-09-29 | 9.3 HIGH | N/A |
| Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attackers to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields. | |||||
| CVE-2008-0623 | 1 Yahoo | 1 Music Jukebox | 2017-09-29 | 4.3 MEDIUM | N/A |
| Stack-based buffer overflow in the YMP Datagrid ActiveX control (datagrid.dll) in Yahoo! Music Jukebox 2.2.2.056 allows remote attackers to execute arbitrary code via a long argument to the AddImage method. | |||||
| CVE-2007-4440 | 1 Pmail | 1 Mercury Mail Transport System | 2017-09-29 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mail Transport System, possibly 4.51 and earlier, allows remote attackers to execute arbitrary code via a long AUTH CRAM-MD5 string. NOTE: this might overlap CVE-2006-5961. | |||||
| CVE-2007-5094 | 1 Ipswitch | 1 Imail | 2017-09-29 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in iaspam.dll in the SMTP Server in Ipswitch IMail Server 8.01 through 8.11 allows remote attackers to execute arbitrary code via a set of four different e-mail messages with a long boundary parameter in a certain malformed Content-Type header line, the string "MIME" by itself on a line in the header, and a long Content-Transfer-Encoding header line. | |||||
| CVE-2007-6473 | 1 Texas Imperial Software | 1 Wftpd Pro Explorer | 2017-09-29 | 5.8 MEDIUM | N/A |
| Heap-based buffer overflow in Texas Imperial Software WFTPD Pro Explorer 1.0 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command. | |||||
| CVE-2007-5018 | 1 David Harris | 1 Mercury 32 | 2017-09-29 | 6.0 MEDIUM | N/A |
| Stack-based buffer overflow in IMAPD in Mercury/32 4.52 allows remote authenticated users to execute arbitrary code via a long argument in a SEARCH ON command. NOTE: this issue might overlap with CVE-2004-1211. | |||||