CVE Daily
← All tags

Tag: Remote Code Execution

All CVEs associated with "Remote Code Execution". Page 329/345 • 41310 CVEs.

Subscribe CVEs: RSS for “Remote Code Execution”  ·  RSS (High+Critical only)

About “Remote Code Execution”

A curated feed of “Remote Code Execution”-related CVEs appears below. We currently track 41310 CVEs for this tag (all time). In the last 365 days, 4654 were published. Average CVSS is 8.3 (all time; 8.2 over 365d), and 86% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-94 - Improper Control of Generation of Code ('Code Injection'), CWE-434 - Unrestricted Upload of File with Dangerous Type, CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').

In our taxonomy this topic maps to a VERY HIGH impact class. Common exploitation patterns for this weakness can lead to very high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2005-10-14
High

CVE-2005-3197

Stack-based buffer overflow in PWIWrapper.dll for Webroot Desktop Firewall before 1.3.0build52 allows local users to execute arbitrary code as SYSTEM by sending a crafted DeviceIoControl command, the…

CVSS: 7.2 CWE: N/A View on NVD
2005-10-13
High

CVE-2005-2933

Buffer overflow in the mail_valid_net_parse_work function in mail.c for Washington's IMAP Server (UW-IMAP) before imap-2004g allows remote attackers to execute arbitrary code via a mailbox name conta…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2943

Stack-based buffer overflow in sendmail in XMail before 1.22 allows remote attackers to execute arbitrary code via a long -t command line option.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-3185

Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is ena…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2005-3190

Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1985

The Client Service for NetWare (CSNW) on Microsoft Windows 2000 SP4, XP SP1 and Sp2, and Server 2003 SP1 and earlier, allows remote attackers to execute arbitrary code due to an "unchecked buffer" wh…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1987

Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-…

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2005-2120

Stack-based buffer overflow in the Plug and Play (PnP) service (UMPNPMGR.DLL) in Microsoft Windows 2000 SP4, and XP SP1 and SP2, allows remote or local authenticated attackers to execute arbitrary co…

CVSS: 6.5 CWE: N/A View on NVD
2005-10-12
Critical

CVE-2005-2715

Format string vulnerability in the Java user interface service (bpjava-msvc) daemon for VERITAS NetBackup Data and Business Center 4.5FP and 4.5MP, and NetBackup Enterprise/Server/Client 5.0, 5.1, an…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2005-1978

COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
2005-10-07
Medium

CVE-2005-3178

Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow user-assisted attackers to execute arbitrary code via a long title name in a NIFF file, which triggers the overflow during (1) zoom…

CVSS: 5.1 CWE: N/A View on NVD
2005-10-05
High

CVE-2005-3154

Format string vulnerability in the logging functionality in BitDefender AntiVirus 7.2 through 9 allows remote attackers to cause a denial of service and possibly execute arbitrary code via format str…

CVSS: 7.5 CWE: CWE-134 - Use of Externally-Controlled Format String View on NVD
High

CVE-2005-3155

Buffer overflow in the W3C logging for MailEnable Enterprise 1.1 and Professional 1.6 allows remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-3150

Format string vulnerability in the Log_Flush function in Weex 2.6.1.5, 2.6.1, and possibly other versions allows remote FTP servers to execute arbitrary code via format strings in filenames.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-3151

Buffer overflow in blenderplay in Blender Player 2.37a allows attackers to execute arbitrary code via a long command line argument.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2005-3142

Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1.1 allows remote attackers to execute arbitrary code via a CAB file with large records after the hea…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2005-2758

Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2005-2961

Buffer overflow in the get_string_ahref function for ProZilla 1.3.7.4 and possibly earlier, with the -ftpsearch option enabled, allows remote servers to execute arbitrary code via a search response w…

CVSS: 7.5 CWE: N/A View on NVD
2005-10-04
High

CVE-2005-3135

Buffer overflow in Virtools Web Player 3.0.0.100 and earlier allows remote attackers to execute arbitrary code via a long filename.

CVSS: 7.5 CWE: N/A View on NVD
2005-09-30
High

CVE-2005-3060

Buffer overflow in getconf in IBM AIX 5.2 to 5.3 allows local users to execute arbitrary code via unknown vectors.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2005-3114

Buffer overflow in the ActiveX control for NateOn Messenger (NateonDownloadManager.ocx) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long thi…

CVSS: 7.5 CWE: N/A View on NVD
2005-09-28
Medium

CVE-2005-3099

Unspecified vulnerability in the (1) Xsun and (2) Xprt commands in Solaris 7, 8, 9, and 10 allows local users to execute arbitrary code.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2005-3092

Heap-based buffer overflow in Image-Line Software FL Studio 5.0.1 allows remote attackers to execute arbitrary code via a .flp file that contains a long path to a (1) .mid or (2) .wav file.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-3094

Avi Alkalay man-cgi script allows remote attackers to execute arbitrary code via shell metacharacters in the topic parameter.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2964

Stack-based buffer overflow in AbiWord before 2.2.10 allows attackers to execute arbitrary code via the RTF import mechanism.

CVSS: 7.5 CWE: N/A View on NVD
2005-09-27
Medium

CVE-2005-2710

Format string vulnerability in Real HelixPlayer and RealPlayer 10 allows remote attackers to execute arbitrary code via the (1) image handle or (2) timeformat attribute in a RealPix (.rp) or RealText…

CVSS: 5.1 CWE: N/A View on NVD
High

CVE-2005-3061

Multiple stack-based buffer overflows in PowerArchiver 8.10 through 9.5 Beta 4 and Beta 5 allow remote attackers to execute arbitrary code via a long filename in a (1) ACE or (2) ARJ archive.

CVSS: 7.5 CWE: N/A View on NVD
2005-09-24
Critical

CVE-2005-3051

Stack-based buffer overflow in the ARJ plugin (arj.dll) 3.9.2.0 for 7-Zip 3.13, 4.23, and 4.26 BETA, as used in products including Turbo Searcher, allows remote attackers to execute arbitrary code vi…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2005-09-23
High

CVE-2005-2701

Heap-based buffer overflow in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to execute arbitrary code via an XBM image file that ends in a large number of spaces instea…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2702

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2705

Integer overflow in the JavaScript engine in Firefox before 1.0.7 and Mozilla Suite before 1.7.12 might allow remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
2005-09-22
High

CVE-2005-3031

Buffer overflow in vxFtpSrv 0.9.7 allows remote attackers to execute arbitrary code via a long USER name.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-3032

Buffer overflow in vxTftpSrv 1.7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TFTP request with a long filename argument.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-3033

Stack-based buffer overflow in vxWeb 1.1.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request.

CVSS: 7.5 CWE: N/A View on NVD
2005-09-21
High

CVE-2005-3029

Stack-based buffer overflow in AhnLab V3Pro 2004 build 6.0.0.383, V3 VirusBlock 2005 build 6.0.0.383, and V3Net for Windows Server 6.0 build 6.0.0.383 allows remote attackers to execute arbitrary cod…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-3013

Buffer overflow in liby2util in Yet another Setup Tool (YaST) for SuSE Linux 9.3 allows local users to execute arbitrary code via a long Loc entry.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2005-2764

Multiple buffer overflows in OpenTTD before 0.4.0.1 allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

CVSS: 7.5 CWE: N/A View on NVD
2005-09-20
High

CVE-2005-2920

Buffer overflow in libclamav/upx.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to execute arbitrary code via a crafted UPX packed executable.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2996

Multiple heap-based and stack-based buffer overflows in certain DCOM server components in VERITAS Storage Exec Storage Exec 5.3 before Hotfix 9 and StorageCentral 5.2 before Hot Fix 2 allow remote at…

CVSS: 7.5 CWE: N/A View on NVD
2005-09-16
Medium

CVE-2005-2947

Buffer overflow in KillProcess 2.20 and earlier allows user-assisted attackers to execute arbitrary code via an exe file with a long FileDescription in the version resource.

CVSS: 5.1 CWE: N/A View on NVD
Medium

CVE-2005-2955

config.inc.php in ATutor 1.5.1, and possibly earlier versions, uses an incomplete blacklist to check for dangerous file extensions, which allows authenticated administrators or educators to execute a…

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2005-2957

Stack-based buffer overflow in AVIRA Desktop for Windows 1.00.00.68 with AVPACK32.DLL 6.31.0.3, when archive scanning is enabled, allows remote attackers to execute arbitrary code via a long filename…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2877

The history (revision control) function in TWiki 02-Sep-2004 and earlier allows remote attackers to execute arbitrary code via shell metacharacters, as demonstrated via the rev parameter to TWikiUser…

CVSS: 7.5 CWE: N/A View on NVD
2005-09-15
Medium

CVE-2005-2495

Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image.

CVSS: 5.1 CWE: CWE-189 View on NVD
High

CVE-2005-2658

Buffer overflow in utility.cpp in Turquoise SuperStat (turqstat) 2.2.4 and earlier might allow remote NNTP servers to execute arbitrary code via a date with a long month.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2799

Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request.

CVSS: 7.5 CWE: N/A View on NVD
2005-09-14
High

CVE-2005-2903

Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a lo…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-2490

Stack-based buffer overflow in the sendmsg function call in the Linux kernel 2.6 before 2.6.13.1 allows local users to execute arbitrary code by calling sendmsg and modifying the message contents in…

CVSS: 4.6 CWE: N/A View on NVD
2005-09-13
High

CVE-2005-2878

Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command.

CVSS: 7.5 CWE: N/A View on NVD
2005-09-09
High

CVE-2005-2871

Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and pos…

CVSS: 7.5 CWE: N/A View on NVD
2005-09-08
High

CVE-2005-2870

Unknown vulnerability in the net-svc script on Solaris 10 allows remote authenticated users to execute arbitrary code on a DHCP client via certain DHCP responses.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2841

Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of servic…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2842

Buffer overflow in dwrcs.exe in DameWare Mini Remote Control before 4.9.0 allows remote attackers to execute arbitrary code via the username.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2844

Buffer overflow in MMClient.exe in Indiatimes Messenger 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long group name argument…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2856

Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including (1) ALZip 5.51 through 6.11, (2) Servant Salamander 2.0 an…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2005-09-06
High

CVE-2005-2763

Multiple format string vulnerabilities in OpenTTD before 0.4.0.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

CVSS: 7.5 CWE: N/A View on NVD
2005-09-02
High

CVE-2005-2767

Buffer overflow in LeapFTP allows remote attackers to execute arbitrary code via a long Host string in a Site Queue (.lsq) file.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2768

Heap-based buffer overflow in the Sophos Antivirus Library, as used by Sophos Antivirus, PureMessage, MailMonitor, and other products, allows remote attackers to execute arbitrary code via a Visio fi…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2772

Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via (1) a long "+VIEWS:" reply, which is not properly han…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-2774

Format string vulnerability in Lithium II mod 1.24 for Quake 2 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via format string specifiers in…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2005-1857

Format string vulnerability in simpleproxy before 3.4 allows remote malicious HTTP proxies to execute arbitrary code via format string specifiers in a reply.

CVSS: 7.5 CWE: N/A View on NVD
2005-08-30
High

CVE-2005-2720

Stack-based buffer overflow in the ACE archive decompression library (vrAZace.dll) in HAURI Anti-Virus products including ViRobot Expert 4.0, Advanced Server, Linux Server 2.0, and LiveCall, when com…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2733

upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
2005-08-29
High

CVE-2005-2718

Buffer overflow in ad_pcm.c in MPlayer 1.0pre7 and earlier allows remote attackers to execute arbitrary code via crafted PCM audio data, as demonstrated using a video file with an audio header contai…

CVSS: 7.5 CWE: N/A View on NVD
2005-08-26
Medium

CVE-2005-2693

cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2005-2694

Buffer overflow in WinAce 2.6.0.5, and possibly earlier versions, allows remote attackers to execute arbitrary code via a temporary (.tmp) file that contains an entry with a long file name.

CVSS: 7.5 CWE: N/A View on NVD
2005-08-24
Medium

CVE-2005-1843

VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, allows local users to load arbitrary libraries and execut…

CVSS: 4.6 CWE: N/A View on NVD
2005-08-23
High

CVE-2005-2491

Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products such as Python, Ethereal, and PHP, allows attackers to execute arbitrary code…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2634

Buffer overflow in the Log-SCR function in the "Log to Screen" feature in WinFtp Server 1.6.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary c…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2639

Buffer overflow in Chris Moneymaker's World Poker Championship 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long nickname.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2642

Buffer overflow in the mutt_decode_xbit function in Handler.c for Mutt 1.5.10 allows remote attackers to execute arbitrary code, possibly due to interactions with libiconv or gettext.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2644

Buffer overflow in JaguarEditControl.dll in Isemarket JaguarControl allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Jtext field.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2651

gorum/prod.php in Zorum 3.5 allows remote attackers to execute arbitrary code via shell metacharacters in the argv parameter.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2665

Stack-based buffer overflow in expires.c in Elm 2.5 PL5 through PL7, and possibly other versions, allows remote attackers to execute arbitrary code via an e-mail message with a long Expires header.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2005-2668

Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allow remote attackers to execute arbitrary code via unk…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2005-2679

Buffer overflow in Sysinternals Process Explorer 9.23, and other versions before 9.25, allows local users to execute arbitrary code via a long CompanyName field in the VersionInfo information in a ru…

CVSS: 10.0 CWE: N/A View on NVD
2005-08-19
High

CVE-2005-2127

Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that refe…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2005-2501

Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2 allows external user-assisted attackers to execute arbitrary code via a crafted Rich Text Format (RTF) file.

CVSS: 7.6 CWE: N/A View on NVD
Medium

CVE-2005-2502

Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in applications such as TextEdit, allows external user-assisted attackers to execute arbitrary code via a crafted Microsoft Word file.

CVSS: 5.1 CWE: N/A View on NVD
High

CVE-2005-2505

Buffer overflow in CoreFoundation in Mac OS X 10.3.9 allows attackers to execute arbitrary code via command line arguments to an application that uses CoreFoundation.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2507

Buffer overflow in Directory Services in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2514

Buffer overflow in ping in Mac OS X 10.3.9 allows local users to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2518

Buffer overflow in servermgrd in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary code during authentication.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-2521

Buffer overflow in traceroute in Mac OS X 10.3.9 allows local users to execute arbitrary code via unknown vectors.

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2005-2522

Safari in WebKit in Mac OS X 10.4 to 10.4.2 directly accesses URLs within PDF files without the normal security checks, which allows remote attackers to execute arbitrary code via links in a PDF file.

CVSS: 5.1 CWE: N/A View on NVD
High

CVE-2005-2627

Multiple integer underflows in Kismet before 2005-08-R1 allow remote attackers to execute arbitrary code via (1) kernel headers in a pcap file or (2) data frame dissection, which leads to heap-based…

CVSS: 7.5 CWE: N/A View on NVD
2005-08-17
High

CVE-2005-2597

AOL Client Software 9.0 uses insecure permissions for its installation path, which allows local users to execute arbitrary code with SYSTEM privileges by replacing ACSD.exe with a malicious program.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2005-2616

Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote attackers to execute arbitrary code via the path parameter to (1) initialize.php, (2) customize.php, (3) form.php, or (4) index.…

CVSS: 7.5 CWE: N/A View on NVD
2005-08-16
Critical

CVE-2005-2103

Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an away message with a…

CVSS: 9.8 CWE: CWE-131 - Incorrect Calculation of Buffer Size View on NVD
High

CVE-2005-2470

Buffer overflow in a "core application plug-in" for Adobe Reader 5.1 through 7.0.2 and Acrobat 5.0 through 7.0.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary c…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-2558

Stack-based buffer overflow in the init_syms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions…

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2005-2559

doping.php in ePing plugin 1.02 and earlier for e107 portal allows remote attackers to execute arbitrary code or overwrite files via (1) shell metacharacters in the eping_count parameter or (2) restr…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2572

MySQL, when running on Windows, allows remote authenticated users with insert privileges on the mysql.func table to cause a denial of service (server hang) and possibly execute arbitrary code via (1)…

CVSS: 8.5 CWE: N/A View on NVD
2005-08-12
High

CVE-2005-2549

Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) full vCard data, (2) co…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2550

Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the calendar entries such as task lis…

CVSS: 7.5 CWE: N/A View on NVD
2005-08-10
High

CVE-2005-0058

Buffer overflow in the Telephony Application Programming Interface (TAPI) for Microsoft Windows 98, Windows 98 SE, Windows ME, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to el…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2005-1983

Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and loc…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2005-1984

Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via a malicious message.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-1988

Unknown vulnerability in Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to execute arbitrary code via a web site or an HTML e-mail containing a crafted JPEG image that causes memory corr…

CVSS: 5.1 CWE: N/A View on NVD
Medium

CVE-2005-1990

Internet Explorer 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference cer…

CVSS: 5.1 CWE: N/A View on NVD
2005-08-08
High

CVE-2005-2500

Buffer overflow in the xdr_xcode_array2 function in xdr.c in Linux kernel 2.6.12, as used in SuSE Linux Enterprise Server 9, might allow remote attackers to cause a denial of service and possibly exe…

CVSS: 7.5 CWE: N/A View on NVD
2005-08-07
High

CVE-2005-2484

Buffer overflow in the rdb_query function for Denora IRC Stats 1.0 might allow attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
2005-08-05
High

CVE-2005-1272

Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Backup Agent for SQL Server 11.0 allows remote attackers to execute arbitrary code via a long string se…

CVSS: 7.5 CWE: N/A View on NVD
2005-08-04
Medium

CVE-2005-2456

Array index overflow in the xfrm_sk_policy_insert function in xfrm_user.c in Linux kernel 2.6 allows local users to cause a denial of service (oops or deadlock) and possibly execute arbitrary code vi…

CVSS: 5.5 CWE: CWE-667 - Improper Locking View on NVD
2005-08-03
High

CVE-2005-2346

Buffer overflow in Novell GroupWise 6.5 Client allows remote attackers to execute arbitrary code via a GWVW02xx.INI language file with a long entry, as demonstrated using a long ES02TKS.VEW value in…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2005-2425

Stack-based buffer overflow in Ares FileShare 1.1 allows remote attackers or local users to execute arbitrary code via a (1) long history parameter in the configuration file (ares.conf) or (2) long s…

CVSS: 10.0 CWE: N/A View on NVD
Low

CVE-2005-2451

Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary co…

CVSS: 2.1 CWE: N/A View on NVD
2005-08-02
High

CVE-2005-2079

Heap-based buffer overflow in the Admin Plus Pack Option for VERITAS Backup Exec 9.0 through 10.0 for Windows Servers allows remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
2005-08-01
Medium

CVE-2005-2407

A design error in Opera 8.01 and earlier allows user-assisted attackers to execute arbitrary code by overlaying a malicious new window above a file download dialog box, then tricking the user into do…

CVSS: 5.1 CWE: CWE-1021 - Improper Restriction of Rendered UI Layers or Frames View on NVD
High

CVE-2005-2409

Format string vulnerability in util.c in nbsmtp 0.99 and earlier, while running in debug mode, allows remote attackers to execute arbitrary code via format string specifiers that are not properly han…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2410

Format string vulnerability in the nm_info_handler function in Network Manager may allow remote attackers to execute arbitrary code via format string specifiers in a Wireless Access Point identifier,…

CVSS: 7.5 CWE: N/A View on NVD
2005-07-27
Medium

CVE-2005-2335

Buffer overflow in the POP3 client in Fetchmail before 6.2.5.2 allows remote POP3 servers to cause a denial of service and possibly execute arbitrary code via long UIDL responses. NOTE: a typo in an…

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2005-2385

Buffer overflow in a third-party compression library (UNACEV2.DLL), as used in avast! Antivirus Home/Professional Edition 4.6.665 and Server Edition 4.6.460, allows remote attackers to execute arbitr…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2387

Multiple stack-based buffer overflows in GoodTech SMTP server 5.16 allow remote attackers to execute arbitrary code via (1) a RCPT TO command with a long DNS name, or (2) a large number of RCPT TO co…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2388

Buffer overflow in a certain USB driver, as used on Microsoft Windows, allows attackers to execute arbitrary code.

CVSS: 7.2 CWE: N/A View on NVD
2005-07-26
High

CVE-2005-1852

Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service…

CVSS: 7.5 CWE: CWE-189 View on NVD
High

CVE-2005-2369

Multiple integer signedness errors in libgadu, as used in ekg before 1.6rc2 and other packages, may allow remote attackers to cause a denial of service or execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2372

Oracle Forms 4.5 through 10g starts form executables from arbitrary directories and executes them as the Oracle or System user, which allows attackers to execute arbitrary code by uploading a malicio…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2005-2373

Buffer overflow in SlimFTPd 3.15 and 3.16 allows remote authenticated users to execute arbitrary code via a long directory name to (1) LIST, (2) DELE or (3) RNFR commands.

CVSS: 7.2 CWE: N/A View on NVD
2005-07-19
Medium

CVE-2005-2297

Stack-based buffer overflow in TreeAction.do in Sybase EAServer 4.2.5 through 5.2 allows remote authenticated users to execute arbitrary code via a large javascript parameter.

CVSS: 4.6 CWE: N/A View on NVD