CVE Daily
← All tags

Tag: Buffer Overflow

All CVEs associated with "Buffer Overflow". Page 127/160 • 19114 CVEs.

Subscribe CVEs: RSS for “Buffer Overflow”  ·  RSS (High+Critical only)

About “Buffer Overflow”

A curated feed of “Buffer Overflow”-related CVEs appears below. We currently track 19114 CVEs for this tag (all time). In the last 365 days, 2726 were published. Average CVSS is 7.9 (all time; 8.0 over 365d), and 78% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-121 - Stack-based Buffer Overflow, CWE-122 - Heap-based Buffer Overflow.

In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2008-02-05
High

CVE-2008-0586

Multiple buffer overflows in IBM AIX 5.2 and 5.3 allow local users to gain privileges via unspecified vectors related to the (1) lchangevg, (2) ldeletepv, (3) putlvodm, (4) lvaryoffvg, and (5) lvgenm…

CVSS: 7.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2008-0587

Buffer overflow in the uspchrp program in devices.chrp.base.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

CVSS: 7.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2008-0588

Buffer overflow in the utape program in devices.scsi.tape.diag in IBM AIX 5.2 and 5.3 allows local users to gain privileges via unspecified vectors.

CVSS: 7.2 CWE: CWE-264 View on NVD
Critical

CVE-2007-5602

Multiple stack-based buffer overflows in SwiftView Viewer before 8.3.5, as used by SwiftView and SwiftSend, allow remote attackers to execute arbitrary code via unspecified vectors to the (1) svocx.o…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-02-04
Medium

CVE-2007-6699

Multiple buffer overflows in the AIM PicEditor 9.5.1.8 ActiveX control in YGPPicEdit.dll in AOL You've Got Pictures (YGP) Picture Editor allow remote attackers to cause a denial of service (browser c…

CVSS: 4.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-02-01
High

CVE-2007-6697

Buffer overflow in the LWZReadByte function in IMG_gif.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cr…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2008-0544

Heap-based buffer overflow in the IMG_LoadLBM_RW function in IMG_lbm.c in SDL_image before 1.2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2008-0550

Off-by-one error in Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a certain HTTP request that leads to a buffer overfl…

CVSS: 10.0 CWE: CWE-189 View on NVD
2008-01-31
Critical

CVE-2008-0064

Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView 1.91 and 1.92, (2) NConvert 4.85, and (3) libgfl280.dll in GFL SDK 2.870 for Windows allows user-assisted remote attackers to execut…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2008-0509

Multiple buffer overflows in IBM AIX 4.3 allow remote attackers to cause a denial of service (crash) or possibly gain privileges via a long argument to (1) piox25, related to piox25.c; or (2) piox25r…

CVSS: 4.4 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-01-30
Medium

CVE-2008-0492

Stack-based buffer overflow in the Persits.XUpload.2 ActiveX control in XUpload.ocx 3.0.0.4 and earlier in Persits XUpload 3.0 allows remote attackers to execute arbitrary code via a long argument to…

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-01-29
Critical

CVE-2008-0477

Stack-based buffer overflow in the QMPUpgrade.Upgrade.1 ActiveX control in QMPUpgrade.dll 1.0.0.1 in Move Networks Upgrade Manager allows remote attackers to execute arbitrary code via a long first a…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2008-0176

Heap-based buffer overflow in w32rtr.exe in GE Fanuc CIMPLICITY HMI SCADA system 7.0 before 7.0 SIM 9, and earlier versions before 6.1 SP6 Hot fix - 010708_162517_6106, allow remote attackers to exec…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2008-0467

Stack-based buffer overflow in Firebird before 2.0.4, and 2.1.x before 2.1.0 RC1, might allow remote attackers to execute arbitrary code via a long username.

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-4771

Heap-based buffer overflow in the doInterval function in regexcmp.cpp in libicu in International Components for Unicode (ICU) 3.8.1 and earlier allows context-dependent attackers to cause a denial of…

CVSS: 9.3 CWE: CWE-399 View on NVD
2008-01-25
High

CVE-2007-5764

Buffer overflow in the pioout program in printers.rte in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long command line option.

CVSS: 7.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2008-0443

Heap-based buffer overflow in the FileUploader.FUploadCtl.1 ActiveX control in FileUploader.dll 2.0.0.2 in Lycos FileUploader Module allows remote attackers to execute arbitrary code via a long Handw…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-01-23
Critical

CVE-2008-0437

Multiple buffer overflows in the WebHPVCInstall.HPVirtualRooms14 ActiveX control in HPVirtualRooms14.dll 1.0.0.100, as used in the installation process for HP Virtual Rooms, allow remote attackers to…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2008-0394

Buffer overflow in Citadel SMTP server 7.10 and earlier allows remote attackers to execute arbitrary code via a long RCPT TO command, which is not properly handled by the makeuserkey function. NOTE:…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2008-0399

Multiple buffer overflows in Toshiba Surveillance (Surveillix) RecordSend ActiveX control (MeIpCamX.DLL 1.0.0.4) allow remote attackers to execute arbitrary code via long arguments to the (1) SetPort…

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2008-0401

Buffer overflow in the logging functionality of the HTTP server in IBM Tivoli Provisioning Manager for OS Deployment (TPMfOSD) before 5.1.0.3 Interim Fix 3 allows remote attackers to cause a denial o…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2008-0392

Multiple buffer overflows in Microsoft Visual Basic Enterprise Edition 6.0 SP6 allow user-assisted remote attackers to execute arbitrary code via a .dsr file with a long (1) ConnectionName or (2) Com…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-01-22
Critical

CVE-2008-0065

Multiple stack-based buffer overflows in in_mp3.dll in Winamp 5.21, 5.5, and 5.51 allow remote attackers to execute arbitrary code via a long (1) artist or (2) name tag in Ultravox streaming metadata…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2008-0378

Stack-based buffer overflow in SocksCap 2.40-051231 and earlier, when "Resolve all names remotely" is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitr…

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2008-0379

Race condition in the Enterprise Tree ActiveX control (EnterpriseControls.dll 11.5.0.313) in Crystal Reports XI Release 2 allows remote attackers to cause a denial of service (crash) and possibly exe…

CVSS: 9.3 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2008-0380

Buffer overflow in the Digital Data Communications RtspVaPgCtrl ActiveX control (RtspVapgDecoder.dll 1.1.0.29) allows remote attackers to execute arbitrary code via a long MP4Prefix property.

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-01-18
High

CVE-2008-0006

Buffer overflow in (1) X.Org Xserver before 1.4.1, and (2) the libfont and libXfont libraries on some platforms including Sun Solaris, allows context-dependent attackers to execute arbitrary code via…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2008-0364

Buffer overflow in (1) BitTorrent 6.0 and earlier; and (2) uTorrent 1.7.5 and earlier, and 1.8-alpha-7834 and earlier in the 1.8.x series; on Windows allows remote attackers to cause a denial of serv…

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2008-0365

Multiple buffer overflows in CORE FORCE before 0.95.172 allow local users to cause a denial of service (system crash) and possibly execute arbitrary code in the kernel context via crafted arguments t…

CVSS: 7.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2008-0356

Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-01-17
High

CVE-2008-0337

Heap-based buffer overflow in the _mwProcessReadSocket function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to execute arbitrary code via a long URI.

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2008-0027

Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and Cal…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2007-6681

Stack-based buffer overflow in modules/demux/subtitle.c in VideoLAN VLC 0.8.6d allows remote attackers to execute arbitrary code via a long subtitle in a (1) MicroDvd, (2) SSA, and (3) Vplayer file.

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-01-16
High

CVE-2008-0295

Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier, allows user-assisted remote attackers to cause a denial…

CVSS: 8.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2008-0296

Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash)…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-5658

Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to execute arbitrar…

CVSS: 10.0 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2008-0036

Buffer overflow in Apple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a crafted compressed PICT image, which triggers the overflow during decoding.

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-01-12
Critical

CVE-2008-0247

Heap-based buffer overflow in the Express Backup Server service (dsmsvc.exe) in IBM Tivoli Storage Manager (TSM) Express 5.3 before 5.3.7.3 allows remote attackers to execute arbitrary code via a pac…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2008-0248

Buffer overflow in an ActiveX control in ccpm_0237.dll for StreamAudio ChainCast ProxyManager allows remote attackers to execute arbitrary code via a long URL argument to the InternalTuneIn method.

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2008-0250

Buffer overflow in Microsoft Visual InterDev 6.0 (SP6) allows user-assisted attackers to execute arbitrary code via a Studio Solution (.SLN) file with a long Project line.

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-01-11
High

CVE-2008-0238

Multiple heap-based buffer overflows in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 allow remote attackers to execute arbitrary code via the SDP (1) Title, (2) Author, or (3…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2008-0234

Buffer overflow in Apple Quicktime Player 7.3.1.70 and other versions before 7.4.1, when RTSP tunneling is enabled, allows remote attackers to execute arbitrary code via a long Reason-Phrase response…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-01-10
High

CVE-2008-0220

Multiple stack-based buffer overflows in the WebLaunch.WeblaunchCtl.1 (aka CWebLaunchCtl) ActiveX control in weblaunch.ocx 1.0.0.1 in Gateway Weblaunch allow remote attackers to execute arbitrary cod…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2008-0223

Buffer overflow in JustSystems JSFC.DLL, as used in multiple JustSystems products such as Ichitaro, allows remote attackers to execute arbitrary code via a crafted .JTD file.

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2008-0225

Heap-based buffer overflow in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute in an…

CVSS: 6.4 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2008-0226

Multiple buffer overflows in yaSSL 1.7.5 and earlier, as used in MySQL and possibly other products, allow remote attackers to execute arbitrary code via (1) the ProcessOldClientHello function in hand…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-01-09
Critical

CVE-2007-6250

Stack-based buffer overflow in AOL AOLMediaPlaybackControl (AOLMediaPlaybackControl.exe), as used by AmpX ActiveX control (AmpX.dll), might allow remote attackers to execute arbitrary code via the Ap…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2007-6531

Stack-based buffer overflow in the Panel (xfce4-panel) component in Xfce before 4.4.2 might allow remote attackers to execute arbitrary code via Launcher tooltips. NOTE: a second buffer overflow (ov…

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2008-0151

Heap-based buffer overflow in Foxit WAC Server 2.1.0.910, 2.0 Build 3503, and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Telnet request with…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-01-08
High

CVE-2007-5360

Buffer overflow in OpenPegasus Management server, when compiled to use PAM and with PEGASUS_USE_PAM_STANDALONE_PROC defined, as used in VMWare ESX Server 3.0.1 and 3.0.2, might allow remote attackers…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2008-0003

Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM management server (tog-pegasus), when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2008-0096

Multiple buffer overflows in Georgia SoftWorks SSH2 Server (GSW_SSHD) 7.01.0003 and earlier allow remote attackers to execute arbitrary code via a (1) a long username, which triggers an overflow in t…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2008-0098

Buffer overflow in RealPlayer 11 build 6.0.14.748 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: As of 20080103, this disclosure has no actionable information. Howe…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2008-0100

Stack-based buffer overflow in the Scene::errorf function in Scene.cpp in White_Dune 0.29 beta791 and earlier allows remote attackers to execute arbitrary code via a long string in a .WRL file.

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-01-04
Critical

CVE-2007-6654

Buffer overflow in a certain ActiveX control in Macrovision InstallShield Update Service Web Agent 5.1.100.47363 allows remote attackers to execute arbitrary code via a long string in the ProductCode…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2007-6626

Multiple buffer overflows in the RTSP_valid_response_msg function in RTSP_state_machine.c in LScube Feng 0.1.15 and earlier allow remote attackers to execute arbitrary code via (1) a long first line…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2007-6631

Multiple buffer overflows in LScube libnemesi 0.6.4-rc1 and earlier allow remote attackers to execute arbitrary code via (1) a reply that begins with a long version string, which triggers an overflow…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2008-01-03
Medium

CVE-2007-6613

Stack-based buffer overflow in the print_iso9660_recurse function in iso-info (src/iso-info.c) in GNU Compact Disc Input and Control Library (libcdio) 0.79 and earlier allows context-dependent attack…

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-12-31
Medium

CVE-2007-6605

Buffer overflow in a certain ActiveX control in SkyFexClient.ocx 1.0.2.77 in SkyFex Client 1.0 allows remote attackers to execute arbitrary code via long strings in the first four arguments to the St…

CVSS: 5.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2007-6609

Multiple stack-based buffer overflows in the CPLI_ReadTag_OGG function in CPI_PlaylistItem.c in CoolPlayer 217 and earlier allow user-assisted remote attackers to execute arbitrary code via a long (1…

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-12-28
High

CVE-2007-6593

Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary co…

CVSS: 8.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2007-6561

Multiple stack-based buffer overflows in PDFLib allow user-assisted remote attackers to execute arbitrary code via a long filename argument to the PDF_load_image function that results in an overflow…

CVSS: 5.7 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2007-6562

Multiple stack-based buffer overflows in the use of FD_SET in TCPreen before 1.4.4 allow remote attackers to cause a denial of service via multiple concurrent connections, which result in overflows i…

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-6563

Heap-based buffer overflow in WinAce 2.65 and earlier, and possibly other versions before 2.69, allows user-assisted remote attackers to execute arbitrary code via a long filename in a compressed UUE…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-12-27
High

CVE-2007-6533

Buffer overflow in Zoom Player 6.00 beta 2 and earlier allows user-assisted remote attackers to execute arbitrary code via an HTTP link to a PLS file in a crafted ZPL file, which causes an overflow i…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2007-6535

Buffer overflow in the YShortcut ActiveX control in YShortcut.dll 2006.8.15.1 in Yahoo! Toolbar might allow attackers to execute arbitrary code via a long string to the IsTaggedBM method.

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2007-6537

Stack-based buffer overflow in the zfile_gunzip function in zfile.c in WinUAE 1.4.4 and earlier allows user-assisted remote attackers to execute arbitrary code via a long filename in a gzipped archiv…

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-4474

Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attacke…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-6530

Buffer overflow in the XUpload.ocx ActiveX control in Persits Software XUpload 2.1.0.1, and probably other versions before 3.0, as used by HP Mercury LoadRunner and Groove Virtual Office, allows remo…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-12-21
Medium

CVE-2007-6516

Buffer overflow in RavWare Software MAS Flic ActiveX Control (masflc.ocx) 1.0.0.1 allows remote attackers to execute arbitrary code via a long FileName property.

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2007-6510

Multiple stack-based buffer overflows in ProWizard 4 PC (prowiz) 1.62 and earlier allow remote attackers to execute arbitrary code via a crafted file to the (1) AMOS-MusicBank, (2) FuzzacPacker, and…

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-12-20
Medium

CVE-2007-6473

Heap-based buffer overflow in Texas Imperial Software WFTPD Pro Explorer 1.0 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command.

CVSS: 5.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2007-6478

Stack-based buffer overflow in Rosoft Media Player 4.1.7, 4.1.8, and possibly earlier versions allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a…

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2007-6335

Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow.

CVSS: 7.5 CWE: CWE-189 View on NVD
High

CVE-2007-6353

Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.

CVSS: 7.5 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
Critical

CVE-2007-6281

Heap-based buffer overflow in Open File Manager service (ofmnt.exe) in St. Bernard Open File Manager 9.5 allows remote attackers to execute arbitrary code via a long request.

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-6454

Heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execu…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2007-6457

Stack-based buffer overflow in the webmail feature in SurgeMail 38k4 allows remote attackers to cause a denial of service (crash) via a long Host header.

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-6468

Buffer overflow in the HuffDecode function in hw_utils/hwrcon/huffman.c and hexenworld/Client/huffman.c in Hammer of Thyrion 1.4.2 allows remote attackers to execute arbitrary code or cause a denial…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-12-19
Medium

CVE-2007-3876

Stack-based buffer overflow in SMB in Apple Mac OS X 10.4.11 allows local users to execute arbitrary code via (1) a long workgroup (-W) option to mount_smbfs or (2) an unspecified manipulation of the…

CVSS: 6.6 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2007-5848

Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service.

CVSS: 7.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-5849

Integer underflow in the asn1_get_string function in the SNMP back end (backend/snmp.c) for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that t…

CVSS: 9.3 CWE: CWE-189 View on NVD
High

CVE-2007-5850

Heap-based buffer overflow in Desktop Services in Apple Mac OS X 10.4.11 allows user-assisted attackers to execute arbitrary code via a directory with a crafted .DS_Store file.

CVSS: 8.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-12-18
Critical

CVE-2007-6435

Stack-based buffer overflow in Novell GroupWise before 6.5.7, when HTML preview of e-mail is enabled, allows user-assisted remote attackers to execute arbitrary code via a long SRC attribute in an IM…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-6436

Stack-based buffer overflow in JSGCI.DLL in JustSystems Ichitaro 2005, 2006, and 2007 allows user-assisted remote attackers to execute arbitrary code via a crafted document, as actively exploited in…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-12-17
Critical

CVE-2007-6401

Stack-based buffer overflow in mplayer2.exe in Microsoft Windows Media Player (WMP) 6.4, when used with the 3ivx 4.5.1 or 5.0.1 codec, allows remote attackers to execute arbitrary code via a certain…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-6402

Stack-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9, when used with the 3ivx 4.5.1 or 5.0.1 codec, allows remote attackers to execute arbitrary code via a certain .mp4 fil…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2007-6403

Stack-based buffer overflow in Nullsoft Winamp 5.32 allows user-assisted remote attackers to execute arbitrary code via crafted unicode in a .mp4 file, with crafted tags, contained in a certain .rar…

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2007-6411

Multiple buffer overflows in the HandleEmotsConfig function in the GG Client in Gadu-Gadu 7.7 Build 3669 allow user-assisted remote attackers to execute arbitrary code or cause a denial of service (g…

CVSS: 4.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-12-15
High

CVE-2007-6386

Stack-based buffer overflow in PccScan.dll before build 1451 in Trend Micro AntiVirus plus AntiSpyware 2008, Internet Security 2008, and Internet Security Pro 2008 allows user-assisted remote attacke…

CVSS: 7.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-6387

Multiple stack-based buffer overflows in the awApi4.AnswerWorks.1 ActiveX control in awApi4.dll 4.0.0.42, as used by Vantage Linguistics AnswerWorks, and Intuit Clearly Bookkeeping, ProSeries, QuickB…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2007-4706

Heap-based buffer overflow in Apple QuickTime before 7.3.1 allows remote attackers to execute arbitrary code via a crafted QTL file.

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-5580

Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2007-6151

The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buff…

CVSS: 7.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-6195

Buffer overflow in the sw_rpc_agent_init function in swagentd in Software Distributor (SD), and possibly other DCE applications, in HP HP-UX B.11.11 and B.11.23 allows remote attackers to execute arb…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2007-6357

Stack-based buffer overflow in Microsoft Office Access allows remote, user-assisted attackers to execute arbitrary code via a crafted Microsoft Access Database (.mdb) file. NOTE: due to the lack of…

CVSS: 5.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2007-6377

Stack-based buffer overflow in the PassThru functionality in ext.dll in BadBlue 2.72b and earlier allows remote attackers to execute arbitrary code via a long query string.

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-12-13
Critical

CVE-2007-6015

Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a G…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-6204

Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to execute arbitrary code via unspecified long arguments to (1) ovlogin.…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2007-6327

Buffer overflow in a certain ActiveX control in Online Media Technologies AVSMJPEGFILE.DLL 1.1.1.102 allows remote attackers to execute arbitrary code via a long first argument to the CreateStill met…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-12-12
Medium

CVE-2007-5007

Stack-based buffer overflow in the ir_fetch_seq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command.

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-0064

Heap-based buffer overflow in Windows Media Format Runtime 7.1, 9, 9.5, 9.5 x64 Edition, 11, and Windows Media Services 9.1 for Microsoft Windows 2000, XP, Server 2003, and Vista allows user-assisted…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-3039

Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) service in Microsoft Windows 2000 Server SP4, Windows 2000 Professional SP4, and Windows XP SP2 allows attackers to execute arbitra…

CVSS: 9.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-3895

Buffer overflow in Microsoft DirectShow in Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary code via a crafted (1) WAV or (2) AVI file.

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2007-3901

Stack-based buffer overflow in the DirectShow Synchronized Accessible Media Interchange (SAMI) parser in quartz.dll for Microsoft DirectX 7.0 through 10.0 allows remote attackers to execute arbitrary…

CVSS: 8.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-12-10
Medium

CVE-2007-6302

Multiple heap-based buffer overflows in avirus.exe in Novell NetMail 3.5.2 before Messaging Architects M+NetMail 3.52f (aka 3.5.2F) allows remote attackers to execute arbitrary code via unspecified A…

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-12-07
Critical

CVE-2007-6109

Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integ…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-6277

Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large (1) Metadata Block Size, (2) VORBIS Comment…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-12-04
Medium

CVE-2007-6228

Stack-based buffer overflow in the Helper class in the yt.ythelper.2 ActiveX control in Yahoo! Toolbar 1.4.1 allows remote attackers to cause a denial of service (browser crash) via a long argument t…

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-11-30
Critical

CVE-2007-6189

A certain ActiveX control in (1) OScan8.ocx and (2) Oscan81.ocx in BitDefender Online Anti-Virus Scanner 8.0 allows remote attackers to execute arbitrary code via a long argument to the InitX method…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2007-6175

Buffer overflow in Lhaplus 1.55 and earlier allows remote attackers to execute arbitrary code via a crafted LZH archive, a different vector than CVE-2007-5048.

CVSS: 6.6 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2007-6181

Heap-based buffer overflow in cygwin1.dll in Cygwin 1.5.7 and earlier allows context-dependent attackers to execute arbitrary code via a filename with a certain length, as demonstrated by a remote au…

CVSS: 8.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-11-29
Critical

CVE-2007-6166

Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arb…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-11-27
Medium

CVE-2007-4674

An "integer arithmetic" error in Apple QuickTime 7.2 allows remote attackers to execute arbitrary code via a crafted movie file containing a movie atom with a large size value, which triggers a stack…

CVSS: 6.8 CWE: CWE-189 View on NVD
Medium

CVE-2007-6144

Heap-based buffer overflow in the PPlayer.XPPlayer.1 ActiveX control in pplayer.dll_1_work in Xunlei Thunder 5.7.4.401 allows remote attackers to execute arbitrary code via a long string in a FlvPlay…

CVSS: 6.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-11-23
Critical

CVE-2007-6112

Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-6114

Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissec…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-6115

Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-11-22
Critical

CVE-2007-6092

Buffer overflow in libsrtp in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries.

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-11-21
Medium

CVE-2007-6063

Buffer overflow in the isdn_net_setcfg function in isdn_net.c in Linux kernel 2.6.23 allows local users to have an unknown impact via a crafted argument to the isdn_ioctl function.

CVSS: 6.9 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD