CVE Daily
← All tags

Tag: Buffer Overflow

All CVEs associated with "Buffer Overflow". Page 131/160 • 19109 CVEs.

Subscribe CVEs: RSS for “Buffer Overflow”  ·  RSS (High+Critical only)

About “Buffer Overflow”

A curated feed of “Buffer Overflow”-related CVEs appears below. We currently track 19109 CVEs for this tag (all time). In the last 365 days, 2722 were published. Average CVSS is 7.9 (all time; 8.0 over 365d), and 78% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-121 - Stack-based Buffer Overflow, CWE-122 - Heap-based Buffer Overflow.

In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2007-06-14
Critical

CVE-2007-3216

Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2006-4168

Integer overflow in the exif_data_load_data_entry function in libexif/exif-data.c in Libexif before 0.6.16 allows remote attackers to cause a denial of service (application crash) or execute arbitrar…

CVSS: 6.8 CWE: N/A View on NVD
Critical

CVE-2007-3210

Stack-based buffer overflow in nptoken.mox in the Cellosoft Tokens Object 2.0.0.6 extension for Vitalize! allows remote attackers to execute arbitrary code via a long string argument to the RemoveChr…

CVSS: 9.3 CWE: N/A View on NVD
2007-06-12
Critical

CVE-2007-3181

Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute arbitrary code via a large p_cnct_count value in a p_cnct structure in a connect (0x01) request to po…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2007-3203

Stack-based buffer overflow in smtpdll.dll in the SMTP service in 602Pro LAN SUITE 2003 2003.0.03.0828 allows remote attackers to execute arbitrary code via an e-mail message with a long address. NOT…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2007-0245

Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency,…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-2222

Multiple buffer overflows in the (1) ActiveListen (Xlisten.dll) and (2) ActiveVoice (Xvoice.dll) speech controls, as used by Microsoft Internet Explorer 5.01, 6, and 7, allow remote attackers to exec…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-3180

Buffer overflow in Help and Support Center before 4.4 C on HP Windows systems allows remote attackers to read or write arbitrary files via unknown vectors.

CVSS: 9.4 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-06-11
Critical

CVE-2007-2920

Multiple stack-based buffer overflows in the Zoomify Viewer ActiveX control in ZActiveX.dll might allow remote attackers to execute arbitrary code via unspecified vectors.

CVSS: 9.3 CWE: N/A View on NVD
Medium

CVE-2007-3161

Buffer overflow in Ace-FTP Client 1.24a allows user-assisted, remote FTP servers to execute arbitrary code via a long response.

CVSS: 6.8 CWE: N/A View on NVD
Medium

CVE-2007-3162

Buffer overflow in the NotSafe function in the idaiehlp ActiveX control in idaiehlp.dll 1.9.1.74 in Internet Download Accelerator (ida) 5.2 allows remote attackers to cause a denial of service (Inter…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2007-3166

Buffer overflow in Qualcomm Eudora 7.1.0.9 allows user-assisted, remote IMAP servers to execute arbitrary code via a long FLAGS response to a SELECT INBOX command.

CVSS: 6.8 CWE: N/A View on NVD
High

CVE-2007-3167

Stack-based buffer overflow in the Vivotek Motion Jpeg ActiveX control (aka MjpegControl) in MjpegDecoder.dll 2.0.0.13 allows remote attackers to execute arbitrary code via a long PtzUrl property val…

CVSS: 7.6 CWE: N/A View on NVD
Critical

CVE-2007-3169

Buffer overflow in a certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20, and other versions before 5.0, allows remote attackers to cause a denial of service…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-3147

Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ywcupl.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-3148

Buffer overflow in the Yahoo! Webcam Viewer ActiveX control in ywcvwr.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2007-06-08
Critical

CVE-2007-1685

Buffer overflow in k9filter.exe in BlueCoat K9 Web Protection 3.2.36, and probably other versions before 3.2.44, allows remote attackers to cause a denial of service (crash) and possibly execute arbi…

CVSS: 10.0 CWE: N/A View on NVD
2007-06-07
Medium

CVE-2007-3124

Buffer overflow in backup/src/vmsbackup.c (aka the backup utility) in FreeVMS before 0.3.6 might allow local users to gain privileges via a long string in response to an "extract [ny]" prompt.

CVSS: 4.6 CWE: N/A View on NVD
Critical

CVE-2007-2948

Multiple stack-based buffer overflows in stream/stream_cddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long (1) album title or (2) categor…

CVSS: 9.3 CWE: N/A View on NVD
Critical

CVE-2007-3111

Buffer overflow in the Provideo Camimage ActiveX control in ISSCamControl.dll 1.0.1.5, when Internet Explorer 6 is used on Windows 2000 SP4, allows remote attackers to execute arbitrary code via a lo…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2007-3121

Buffer overflow in the CCdecode function in contrib/ntsc-cc.c in the zvbi-ntsc-cc tool in Zapping VBI Library (ZVBI) before 0.2.25 allows attackers to cause a denial of service (application crash) an…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2007-3123

unrar.c in libclamav in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to cause a denial of service (core dump) via a crafted RAR file with a modified vm_codesize value, which t…

CVSS: 5.0 CWE: N/A View on NVD
2007-06-06
Critical

CVE-2007-2919

Multiple stack-based buffer overflows in the FViewerLoading ActiveX control (FlipViewerX.dll) in E-Book Systems FlipViewer before 4.1 allow remote attackers to cause a denial of service (crash) or ex…

CVSS: 9.3 CWE: N/A View on NVD
Critical

CVE-2007-2863

Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a long fil…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2007-2864

Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large in…

CVSS: 9.3 CWE: N/A View on NVD
Critical

CVE-2007-2419

Multiple buffer overflows in an ActiveX control (boisweb.dll) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allow remote attackers to execute arbitrary code via the (1) the second…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2007-2514

Stack-based buffer overflow in XferWan.exe as used in multiple products including (1) Symantec Discovery 6.5, (2) Numara Asset Manager 8.0, and (3) Centennial UK Ltd Discovery 2006 Feature Pack, allo…

CVSS: 9.3 CWE: N/A View on NVD
Critical

CVE-2007-3071

Buffer overflow in the GetWebStoreURL function in a certain ActiveX control in eSellerateControl365.dll 3.6.5.0 in eSellerate SDK allows user-assisted remote attackers to execute arbitrary code via a…

CVSS: 9.3 CWE: N/A View on NVD
Medium

CVE-2007-3068

Stack-based buffer overflow in DVD X Player 4.1 Professional allows remote attackers to execute arbitrary code via a PLF playlist containing a long filename.

CVSS: 6.8 CWE: N/A View on NVD
2007-06-05
Medium

CVE-2007-3046

Buffer overflow in Advanced Software Production Line Vortex Library before 1.0.3 allows remote attackers to cause a denial of service (listener crash) via unspecified vectors related to the select I/…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2007-0933

Buffer overflow in the wireless driver 6.0.0.18 for D-Link DWL-G650+ (Rev. A1) on Windows XP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a bea…

CVSS: 7.8 CWE: N/A View on NVD
2007-06-04
Medium

CVE-2007-3006

Buffer overflow in Acoustica MP3 CD Burner 4.32 allows user-assisted remote attackers to execute arbitrary code via a .asx playlist file with a REF element containing a long string in the HREF attrib…

CVSS: 6.8 CWE: N/A View on NVD
Medium

CVE-2007-2452

Heap-based buffer overflow in the visit_old_format function in locate/locate.c in locate in GNU findutils before 4.2.31 might allow context-dependent attackers to execute arbitrary code via a long pa…

CVSS: 6.0 CWE: N/A View on NVD
2007-06-01
Medium

CVE-2007-2984

Multiple stack-based buffer overflows in the Media Technology Group CDPass ActiveX control in CDPass.dll allow remote attackers to execute arbitrary code via unspecified vectors, possibly involving t…

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-2987

Multiple buffer overflows in certain ActiveX controls in sasatl.dll in Zenturi ProgramChecker allow remote attackers to execute arbitrary code via unspecified vectors, possibly involving the (1) Debu…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-2917

Multiple buffer overflows in a certain ActiveX control in odapi.dll in Authentium Command Antivirus before 4.93.8 allow remote attackers to execute arbitrary code via unspecified vectors.

CVSS: 9.3 CWE: N/A View on NVD
Medium

CVE-2007-2918

Multiple stack-based buffer overflows in ActiveX controls (1) VibeC in (a) vibecontrol.dll, (2) CallManager and (3) ViewerClient in (b) StarClient.dll, (4) ComLink in (c) uicomlink.dll, and (5) WebCa…

CVSS: 6.8 CWE: N/A View on NVD
Critical

CVE-2007-2974

Buffer overflow in the file parsing engine in Avira Antivir Antivirus before 7.03.00.09 allows remote attackers to execute arbitrary code via a crafted LZH archive file, resulting from an "integer ca…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2007-2977

Buffer overflow in the receive function in submit/submitcommon.c in the submit daemon in DOMjudge before 2.0.0RC1 allows remote attackers to cause a denial of service or have other unspecified impact…

CVSS: 7.8 CWE: N/A View on NVD
Medium

CVE-2007-2980

Heap-based buffer overflow in a certain ActiveX control in LEADTOOLS LEAD Raster ISIS Object (LTRIS14e.DLL) 14.5.0.44 allows remote attackers to cause a denial of service (Internet Explorer crash) or…

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-2981

Buffer overflow in a certain ActiveX control in LEAD Technologies LEADTOOLS Raster OCR Document Object Library (ltrdc14e.dll) 14.5.0.44 allows remote attackers to execute arbitrary code via a long Di…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-2982

Multiple buffer overflows in the British Telecommunications Business Connect webhelper ActiveX control before 1.0.0.7 in btbconnectwebcontrol.dll allow remote attackers to execute arbitrary code via…

CVSS: 9.3 CWE: N/A View on NVD
2007-05-31
High

CVE-2007-2966

Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-2938

Buffer overflow in the BaseRunner ActiveX control in the Ademco ATNBaseLoader100 Module (ATNBaseLoader100.dll) 5.4.0.6, when Internet Explorer 6 is used, allows remote attackers to execute arbitrary…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2007-2946

Buffer overflow in a certain ActiveX control in LeadTools Raster Dialog File_D Object (LTRDFD14e.DLL) 14.5.0.44 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) or exe…

CVSS: 10.0 CWE: N/A View on NVD
2007-05-30
Medium

CVE-2007-2903

Buffer overflow in the HelpPopup method in the Microsoft Office 2000 Controllo UA di Microsoft Office ActiveX control (OUACTRL.OCX) 1.0.1.9 allows remote attackers to cause a denial of service (proba…

CVSS: 5.0 CWE: N/A View on NVD
Critical

CVE-2007-2884

Multiple stack-based buffer overflows in Microsoft Visual Basic 6 allow user-assisted remote attackers to cause a denial of service (CPU consumption) or execute arbitrary code via a Visual Basic Proj…

CVSS: 9.3 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2007-2888

Stack-based buffer overflow in UltraISO 8.6.2.2011 and earlier allows user-assisted remote attackers to execute arbitrary code via a long FILE string (filename) in a .cue file, a related issue to CVE…

CVSS: 7.6 CWE: N/A View on NVD
High

CVE-2007-2893

Heap-based buffer overflow in the bx_ne2k_c::rx_frame function in iodev/ne2k.cc in the emulated NE2000 device in Bochs 2.3 allows local users of the guest operating system to write to arbitrary memor…

CVSS: 7.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2007-2895

Buffer overflow in a certain ActiveX control in LTRDF14e.DLL 14.5.0.44 in LeadTools Raster Dialog File Object allows remote attackers to execute arbitrary code via a long Directory property value.

CVSS: 7.5 CWE: N/A View on NVD
2007-05-29
High

CVE-2007-2877

Buffer overflow in tcl/win/tclWinReg.c in Tcl (Tcl/Tk) before 8.5a6 allows local users to gain privileges via long registry key paths.

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2007-2881

Multiple stack-based buffer overflows in the SOCKS proxy support (sockd) in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol…

CVSS: 10.0 CWE: N/A View on NVD
2007-05-24
Critical

CVE-2007-2386

Buffer overflow in mDNSResponder in Apple Mac OS X 10.4 up to 10.4.9 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted UPnP Intern…

CVSS: 9.4 CWE: N/A View on NVD
Critical

CVE-2007-2390

Buffer overflow in iChat in Apple Mac OS X 10.3.9 and 10.4.9 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted UPnP Inte…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2007-2852

Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during (1) delete/disinfect or (2) rename operations via a crafted dire…

CVSS: 9.3 CWE: N/A View on NVD
Critical

CVE-2007-2855

Buffer overflow in a certain ActiveX control in DartZipLite.dll 1.8.5.3 in Dart ZipLite Compression for ActiveX allows user-assisted remote attackers to execute arbitrary code via a long first argume…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-2856

Buffer overflow in the Dart Communications PowerTCP ZIP Compression ActiveX control in DartZip.dll 1.8.5.3, when Internet Explorer 6 is used, allows user-assisted remote attackers to execute arbitrar…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-2845

Heap-based buffer overflow in the CAB unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted CAB archive, resulting…

CVSS: 9.3 CWE: N/A View on NVD
Critical

CVE-2007-2846

Heap-based buffer overflow in the SIS unpacker in avast! Anti-Virus Managed Client before 4.7.700 allows user-assisted remote attackers to execute arbitrary code via a crafted SIS archive, resulting…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-2848

Stack-based buffer overflow in the SetPath function in the shComboBox ActiveX control (shcmb80.ocx) in Sky Software Shell MegaPack ActiveX 8.0 allows remote attackers to execute arbitrary code via a…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2007-2687

Stack-based buffer overflow in the MicroWorld Agent service (MWAGENT.EXE) in MicroWorld Technologies eScan before 9.0.718.1 allows remote attackers to execute arbitrary code via a long command.

CVSS: 10.0 CWE: N/A View on NVD
2007-05-22
High

CVE-2007-2820

Multiple stack-based buffer overflows in the KSign KSignSWAT ActiveX Control (AxKSignSWAT.dll) 2.0.3.3 allow remote attackers to execute arbitrary code via long arguments to the (1) SWAT_Init, (2) SW…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2007-2823

Multiple buffer overflows in HT Editor before 2.0.6 might allow remote attackers to execute arbitrary code via unspecified vectors, possibly involving the editor display width. NOTE: some of the det…

CVSS: 6.8 CWE: N/A View on NVD
Critical

CVE-2007-2827

Heap-based buffer overflow in LEAD Technologies LEADTOOLS ISIS ActiveX Control (ltisi14E.ocx) 14.5.0.44 and earlier allows remote attackers to execute arbitrary code via a long DriverName property.

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2007-2807

Stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop 1.6.18, and possibly earlier, allows user-assisted, remote IRC servers to execute arbitrary code via a long private message.

CVSS: 6.8 CWE: N/A View on NVD
Critical

CVE-2007-2809

Buffer overflow in the transfer manager in Opera before 9.21 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted torrent file. NOTE: due to the lack of details,…

CVSS: 9.3 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2007-2814

Multiple stack-based buffer overflows in the Pegasus ImagN' ActiveX control (IMW32O40.OCX) 4.00.041 allow remote attackers to execute arbitrary code via (1) a long FileName parameter, or unspecified…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2007-2788

Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK a…

CVSS: 6.8 CWE: CWE-189 View on NVD
2007-05-21
High

CVE-2007-2787

Stack-based buffer overflow in the BrowseDir function in the (1) lttmb14E.ocx or (2) LTRTM14e.DLL ActiveX control in LeadTools Raster Thumbnail Object Library 14.5.0.44 allows remote attackers to exe…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2007-2770

Stack-based buffer overflow in Eudora 7.1 allows user-assisted, remote SMTP servers to execute arbitrary code via a long SMTP reply. NOTE: the user must click through a warning about a possible buff…

CVSS: 9.3 CWE: N/A View on NVD
Critical

CVE-2007-2771

Stack-based buffer overflow in the LEAD Technologies LeadTools JPEG 2000 LEADJ2K.LEADJ2K.140 ActiveX control (LTJ2K14.ocx) 14.5.0.35 allows remote attackers to execute arbitrary code via a long Bitma…

CVSS: 9.3 CWE: N/A View on NVD
2007-05-18
Critical

CVE-2007-2758

Multiple buffer overflows in WinImage 8.0.8000 allow user-assisted remote attackers to execute arbitrary code via a FAT image that contains long directory names in a deeply nested directory structure…

CVSS: 9.3 CWE: N/A View on NVD
High

CVE-2007-2761

Stack-based buffer overflow in MagicISO 5.4 build 239 and earlier allows remote attackers to execute arbitrary code via a long filename in a .cue file.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2007-2763

Buffer overflow in the UnlockSupport function in the LockModules subsystem in a certain ActiveX control in ltmm15.dll in Sienzo Digital Music Mentor (DMM) 2.6.0.4 allows remote attackers to execute a…

CVSS: 10.0 CWE: N/A View on NVD
2007-05-17
Medium

CVE-2007-2754

Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads…

CVSS: 6.8 CWE: N/A View on NVD
Critical

CVE-2007-2741

Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file.

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2007-2744

Stack-based buffer overflow in the PrecisionID Barcode 1.9 ActiveX control in PrecisionID_Barcode.dll allows remote attackers to cause a denial of service (Internet Explorer 6 crash), and possibly ex…

CVSS: 7.5 CWE: N/A View on NVD
2007-05-16
Critical

CVE-2007-1173

Multiple buffer overflows in the CentennialIPTransferServer service (XFERWAN.EXE), as used by (1) Centennial Discovery 2006 Feature Pack 1, (2) Numara Asset Manager 8.0, and (3) Symantec Discovery 6.…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2007-2568

Multiple stack-based buffer overflows in VCDGear 3.55 allow user-assisted remote attackers to execute arbitrary code via a long (1) tag or (2) track type in a CUE file.

CVSS: 9.3 CWE: N/A View on NVD
Critical

CVE-2007-1689

Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2007-2711

Stack-based buffer overflow in TinyIdentD 2.2 and earlier allows remote attackers to execute arbitrary code via a long string to TCP port 113.

CVSS: 10.0 CWE: N/A View on NVD
2007-05-15
Low

CVE-2007-2683

Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters in the GECOS field, which triggers the overflow during alias expansion.

CVSS: 3.5 CWE: N/A View on NVD
High

CVE-2007-2678

Buffer overflow in the isChecked function in toolbar.dll in Netsprint Toolbar 1.1 might allow remote attackers to execute arbitrary code via unspecified vectors.

CVSS: 7.5 CWE: N/A View on NVD
2007-05-14
High

CVE-2007-2656

Stack-based buffer overflow in the Hewlett-Packard (HP) Magview ActiveX control in hpqvwocx.dll 1.0.0.309 allows remote attackers to cause a denial of service (application crash) and possibly have ot…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2007-2666

Stack-based buffer overflow in LexRuby.cxx (SciLexer.dll) in Scintilla 1.73, as used by notepad++ 4.1.1 and earlier, allows user-assisted remote attackers to execute arbitrary code via certain Ruby (…

CVSS: 7.6 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-2667

Buffer overflow in the DB Software Laboratory VImpX ActiveX control in VImpX.ocx 4.7.3 allows remote attackers to execute arbitrary code via a long LogFile parameter.

CVSS: 9.3 CWE: N/A View on NVD
Medium

CVE-2007-2668

Buffer overflow in webdesproxy 0.0.1 allows remote attackers to execute arbitrary code via a long URL, possibly involving the process_connection_request function in webdesproxy.c.

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-0754

Heap-based buffer overflow in Apple QuickTime before 7.1.3 allows user-assisted remote attackers to execute arbitrary code via a crafted Sample Table Sample Descriptor (STSD) atom size in a QuickTime…

CVSS: 9.3 CWE: N/A View on NVD
Critical

CVE-2007-2446

Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (ne…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2007-2646

Heap-based buffer overflow in yEnc32 1.0.7.207 allows user-assisted remote attackers to execute arbitrary code via a long filename in an NTX file.

CVSS: 6.8 CWE: N/A View on NVD
Critical

CVE-2007-2648

Stack-based buffer overflow in the Clever Database Comparer 2.2 ActiveX control (comparerax.ocx) allows remote attackers to execute arbitrary code via a long argument to the ConnectToDatabase functio…

CVSS: 9.3 CWE: N/A View on NVD
High

CVE-2007-2652

Multiple unspecified vulnerabilities in Free-SA before 1.2.2 allow remote attackers to execute arbitrary code via unspecified vectors involving certain (1) sprintf and (2) vsprintf calls in (a) r_ind…

CVSS: 7.5 CWE: N/A View on NVD
2007-05-13
Critical

CVE-2007-0748

Heap-based buffer overflow in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allows remote attackers to execute arbitrary code via multiple trackID values in a SETUP R…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2007-0749

Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitra…

CVSS: 10.0 CWE: N/A View on NVD
2007-05-11
Critical

CVE-2007-2616

Stack-based buffer overflow in the SSL version of the NMDMC.EXE service in Novell NetMail 3.52e FTF2 and probably earlier allows remote attackers to execute arbitrary code via a crafted request.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2007-2623

Multiple buffer overflows in RControl.dll in Remote Display Dev kit 1.2.1.0 allow remote attackers to cause a denial of service (Internet Explorer 7 crash) via (1) a long first argument to the connec…

CVSS: 7.8 CWE: N/A View on NVD
Critical

CVE-2007-2601

Buffer overflow in a certain ActiveX control in the GDivX Zenith Player AviFixer class in fix.dll 1.0.0.1 allows remote attackers to execute arbitrary code via a long SetInputFile property value.

CVSS: 9.3 CWE: N/A View on NVD
High

CVE-2007-2602

Buffer overflow in MIBEXTRA.EXE in Ipswitch WhatsUp Gold 11 allows attackers to cause a denial of service (application crash) or execute arbitrary code via a long MIB filename argument. NOTE: If the…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2007-2606

Multiple buffer overflows in Firebird 2.1 allow attackers to trigger memory corruption and possibly have other unspecified impact via certain input processed by (1) config\ConfigFile.cpp or (2) msgs\…

CVSS: 7.8 CWE: N/A View on NVD
Critical

CVE-2007-2522

Stack-based buffer overflow in the inoweb Console Server in CA Anti-Virus for the Enterprise r8, Threat Manager r8, Anti-Spyware for the Enterprise r8, and Protection Suites r3 allows remote attacker…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2007-2523

CA Anti-Virus for the Enterprise r8 and Threat Manager r8 before 20070510 use weak permissions (NULL security descriptor) for the Task Service shared file mapping, which allows local users to modify…

CVSS: 7.2 CWE: N/A View on NVD
2007-05-10
Critical

CVE-2007-2582

Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) service in IBM DB2 9.x and earlier allow remote attackers to (1) execute arbitrary code via a crafted packet to the DB2JDS service on…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-2584

Buffer overflow in the IsOldAppInstalled function in the McSubMgr.McSubMgr Subscription Manager ActiveX control (MCSUBMGR.DLL) in McAfee SecurityCenter before 6.0.25 and 7.x before 7.2.147 allows rem…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2007-2585

Stack-based buffer overflow in the Verify function in the BarCodeWiz ActiveX control 2.0 and 2.52 (BarcodeWiz.dll) allows remote attackers to execute arbitrary code via a long argument.

CVSS: 9.3 CWE: N/A View on NVD
Critical

CVE-2007-2588

Multiple buffer overflows in the Office Viewer OCX ActiveX control (oa.ocx) 3.2 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long argument to t…

CVSS: 9.3 CWE: N/A View on NVD
2007-05-09
Medium

CVE-2007-2576

Buffer overflow in the East Wind Software advdaudio.ocx 1.5.1.1 ActiveX control allows user-assisted remote attackers to execute arbitrary code via a long OpenDVD property value. NOTE: this issue mi…

CVSS: 6.8 CWE: N/A View on NVD
Critical

CVE-2007-2563

Buffer overflow in the AddFile function in VersalSoft HTTP File Upload ActiveX control (UFileUploaderD.dll) allows remote attackers to execute arbitrary code via a long argument.

CVSS: 9.3 CWE: N/A View on NVD
Critical

CVE-2007-2564

Multiple stack-based buffer overflows in the Sienzo Digital Music Mentor (DMM) 2.6.0.4 ActiveX control (DSKernel2.dll) allow remote attackers to execute arbitrary code via a long argument to the (1)…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2007-2567

Buffer overflow in the SaveBarCode function in the Taltech Tal Bar Code ActiveX control allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS: 9.3 CWE: N/A View on NVD
High

CVE-2007-1864

Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2007-2510

Buffer overflow in the make_http_soap_request function in PHP before 5.2.2 has unknown impact and remote attack vectors, possibly related to "/" (slash) characters.

CVSS: 5.1 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2007-2511

Buffer overflow in the user_filter_factory_create function in PHP before 5.2.2 has unknown impact and local attack vectors.

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2007-2533

Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allow remote attackers to execute arbitrary code via a crafted RPC message processed by the (1) the RPC…

CVSS: 10.0 CWE: N/A View on NVD
2007-05-08
High

CVE-2007-0323

Buffer overflow in the SetLanguage function in Research In Motion (RIM) TeamOn Import Object ActiveX control (TOImport.dll) allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2007-2508

Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to (1) TCP port 5168, whic…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2007-2526

Heap-based buffer overflow in the ConnectAsyncEx function in VNC Viewer ActiveX control (scvncctrl.dll) in the SmartCode VNC Manager 3.6 allows remote attackers to execute arbitrary code via a long a…

CVSS: 9.3 CWE: N/A View on NVD
Critical

CVE-2007-2528

Buffer overflow in AgRpcCln.dll for Trend Micro ServerProtect 5.58 for Windows before Security Patch 3 Build 1176 allows remote attackers to execute arbitrary code via unknown vectors related to RPC…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2007-0215

Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a .XLS BIFF file with a malformed Name…

CVSS: 7.6 CWE: N/A View on NVD
2007-05-07
Critical

CVE-2007-2239

Stack-based buffer overflow in the SaveBMP method in the AXIS Camera Control (aka CamImage) ActiveX control before 2.40.0.0 in AxisCamControl.ocx in AXIS 2100, 2110, 2120, 2130 PTZ, 2420, 2420-IR, 24…

CVSS: 9.3 CWE: N/A View on NVD
2007-05-04
Critical

CVE-2007-2505

Stack-based buffer overflow in InterVations MailCOPA 8.01 20070323 allows user-assisted remote attackers to execute arbitrary code via a long command line argument, as demonstrated by a long string i…

CVSS: 9.3 CWE: N/A View on NVD