CVE Daily
← All tags

Tag: Remote Code Execution

All CVEs associated with "Remote Code Execution". Page 330/345 • 41310 CVEs.

Subscribe CVEs: RSS for “Remote Code Execution”  ·  RSS (High+Critical only)

About “Remote Code Execution”

A curated feed of “Remote Code Execution”-related CVEs appears below. We currently track 41310 CVEs for this tag (all time). In the last 365 days, 4654 were published. Average CVSS is 8.3 (all time; 8.2 over 365d), and 86% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-94 - Improper Control of Generation of Code ('Code Injection'), CWE-434 - Unrestricted Upload of File with Dangerous Type, CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').

In our taxonomy this topic maps to a VERY HIGH impact class. Common exploitation patterns for this weakness can lead to very high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2005-07-19
High

CVE-2005-2305

DG Remote Control Server 1.6.2 allows remote attackers to cause a denial of service (crash or CPU consumption) and possibly execute arbitrary code via a long message to TCP port 1071 or 1073, possibl…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2308

The JPEG decoder in Microsoft Internet Explorer allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via certain crafted JPEG images, as…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2005-2310

Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions before 5.094, allows remote attackers to execute arbitrary code via an MP3 file with a long ID3v2 tag such as (1) ARTIST or (2) TIT…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2005-2321

PHP remote file inclusion vulnerability in CaLogic 1.2.2 allows remote attackers to execute arbitrary code via the CLPATH parameter to (1) cl_minical.php, (2) clmcpreload.php, (3) mcconfig.php, or (4…

CVSS: 7.5 CWE: N/A View on NVD
2005-07-18
High

CVE-2005-1175

Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execut…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2005-1689

Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions.

CVSS: 9.8 CWE: CWE-415 - Double Free View on NVD
High

CVE-2005-2278

Stack-based buffer overflow in the IMAP daemon (imapd) in MailEnable Professional 1.54 allows remote authenticated users to execute arbitrary code via the status command with a long mailbox name.

CVSS: 7.2 CWE: N/A View on NVD
2005-07-13
High

CVE-2005-2250

Buffer overflow in Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary code via a long filename in an OBEX file share.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2251

PHP remote file inclusion vulnerability in secure.php in PHPSecurePages (phpSP) 0.28beta and earlier allows remote attackers to execute arbitrary code via the cfgProgDir parameter, a variant of CVE-2…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2258

PHP remote file inclusion vulnerability in photolist.inc.php in Squito Gallery 1.33 allows remote attackers to execute arbitrary code via the photoroot parameter.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2005-2259

The dispallclosed2 function in dispallclosed.pl for multiple USANet Creations products, including (1) USANet Shopping Mall Software, (2) Domain Name Auction Software, (3) Standard Classified Ads Soft…

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2005-2262

Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers to execute arbitrary code by tricking the user into using the "Set As Wallpaper" (in Firefox) or "Set as Background" (in Netscape)…

CVSS: 5.1 CWE: N/A View on NVD
Medium

CVE-2005-2265

Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 and 7.2 allows remote attackers to cause a denial of service (access violation and crash), and possibly execute arbitrary code, by calli…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2005-2267

Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2270

Firefox before 1.0.5 and Mozilla before 1.7.9 does not properly clone base objects, which allows remote attackers to execute arbitrary code by navigating the prototype chain to reach a privileged obj…

CVSS: 7.5 CWE: N/A View on NVD
2005-07-12
High

CVE-2005-0564

Stack-based buffer overflow in Microsoft Word 2000 and Word 2002, and Microsoft Works Suites 2000 through 2004, might allow remote attackers to execute arbitrary code via a .doc file with long font i…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1219

Buffer overflow in the Microsoft Color Management Module for Windows allows remote attackers to execute arbitrary code via an image with crafted ICC profile format tags.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2216

PHP remote file inclusion vulnerability in gals.php in PhotoGal Photo Gallery 1.5 and earlier allows remote attackers to execute arbitrary code via the news_file parameter.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-2232

Buffer overflow in invscout in IBM AIX 5.1.0 through 5.3.0 might allow local users to execute arbitrary code via a long command line argument.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2005-2233

Buffer overflow in multiple "p" commands in IBM AIX 5.1, 5.2 and 5.3 might allow local users to execute arbitrary code via long command line arguments to (1) penable or other hard-linked files includ…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2005-2234

Buffer overflow in the getlvname command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2005-2235

Buffer overflow in the diagTasksWebSM command in IBM AIX 5.1, 5.2 and 5.3, might allow local users to execute arbitrary code via long command line arguments.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2005-2236

Format string vulnerability in the paginit command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via format strings in command line arguments.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2005-2237

Format string vulnerability in the swcons command in IBM AIX 5.3, and possibly other versions, might allow local users to execute arbitrary code via long command line arguments.

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2005-2244

The aupair service (aupair.exe) in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 allows remote attackers to execute arbitrary code o…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2005-2246

Multiple PHP remote file inclusion vulnerabilities in iPhotoAlbum 1.1 allow remote attackers to execute arbitrary code via the (1) doc_path parameter to getpage.php or (2) set_menu parameter to lib/s…

CVSS: 7.5 CWE: N/A View on NVD
2005-07-11
Low

CVE-2005-1768

Race condition in the ia32 compatibility code for the execve system call in Linux kernel 2.4 before 2.4.31 and 2.6 before 2.6.6 allows local users to cause a denial of service (kernel panic) and poss…

CVSS: 3.7 CWE: N/A View on NVD
High

CVE-2005-2198

PHP remote file inclusion vulnerability in lang.php in SPiD before 1.3.1 allows remote attackers to execute arbitrary code via the lang_path parameter.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2199

PHP remote file inclusion vulnerability in inc/functions.inc.php in PPA web photo gallery 0.5.6 allows remote attackers to execute arbitrary code via the config[ppa_root_path] variable.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2210

Stack-based buffer overflow in Internet Download Manager 4.05 allows remote attackers to execute arbitrary code via a long URL.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-2213

Buffer overflow in the mms_interp_header function in mms.c in MMS Ripper before 0.6.4 might allow remote attackers to execute arbitrary code via a file with more than 20 streams.

CVSS: 7.5 CWE: N/A View on NVD
2005-07-06
High

CVE-2005-2155

PHP remote file inclusion vulnerability in EasyPHPCalendar 6.1.5 and earlier allows remote attackers to execute arbitrary code via the serverPath parameter.

CVSS: 7.5 CWE: N/A View on NVD
2005-07-05
Medium

CVE-2005-1625

Stack-based buffer overflow in the UnixAppOpenFilePerform function in Adobe Reader 5.0.9 and 5.0.10 for Unix allows remote attackers to execute arbitrary code via a PDF document with a long /Filespec…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2005-2081

Stack-based buffer overflow in the function that parses commands in Asterisk 1.0.7, when the 'write = command' option is enabled, allows remote attackers to execute arbitrary code via a command that…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2005-2087

Internet Explorer 5.01 SP4 up to 6 on various Windows operating systems, including IE 6.0.2900.2180 on Windows XP, allows remote attackers to cause a denial of service (application crash) and possibl…

CVSS: 5.0 CWE: CWE-399 View on NVD
Medium

CVE-2005-2136

Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set (1) world-readable permissions for /etc/shadow and (2) world-writable permissions for /bin/busybox, which allows lo…

CVSS: 4.6 CWE: CWE-863 - Incorrect Authorization View on NVD
2005-06-29
Medium

CVE-2005-2071

traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of -g arguments or (2) a malformed -s argument with…

CVSS: 4.6 CWE: CWE-264 View on NVD
2005-06-28
Medium

CVE-2005-1766

Heap-based buffer overflow in rtffplin.cpp in RealPlayer 10.5 6.0.12.1056 on Windows, and 10, 10.0.1.436, and other versions before 10.0.5 on Linux, allows remote attackers to execute arbitrary code…

CVSS: 5.1 CWE: N/A View on NVD
High

CVE-2005-2051

Buffer overflow in the VERITAS Backup Exec Web Administration Console (BEWAC) 9.0 4367 through 10.0 rev. 5484 allows remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-2052

Heap-based buffer overflow in vidplin.dll in RealPlayer 10 and 10.5 (6.0.12.1040 through 1069), RealOne Player v1 and v2, RealPlayer 8 and RealPlayer Enterprise allows remote attackers to execute arb…

CVSS: 5.1 CWE: N/A View on NVD
2005-06-20
Medium

CVE-2005-2040

Multiple buffer overflows in the getterminaltype function in telnetd for Heimdal before 0.6.5 may allow remote attackers to execute arbitrary code, a different vulnerability than CVE-2005-0468 and CV…

CVSS: 5.0 CWE: N/A View on NVD
2005-06-18
High

CVE-2005-0773

Stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for Netware allows remote attackers to execute arbitrary code via a CONNECT_…

CVSS: 7.5 CWE: N/A View on NVD
2005-06-16
High

CVE-2005-1721

Buffer overflow in the legacy client support for AFP Server for Mac OS X 10.4.1 allows attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1965

PHP remote file inclusion vulnerability in siteframe.php for Broadpool Siteframe allows remote attackers to execute arbitrary code via a URL in the LOCAL_PATH parameter.

CVSS: 7.5 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD
2005-06-15
Medium

CVE-2005-2041

Buffer overflow in addschup in HAURI ViRobot 2.0, and possibly other products, allows remote attackers to execute arbitrary code via a long ViRobot_ID cookie (HTTP_COOKIE).

CVSS: 5.0 CWE: N/A View on NVD
2005-06-14
High

CVE-2005-1206

Buffer overflow in the Server Message Block (SMB) functionality for Microsoft Windows 2000, XP SP1 and SP2, and Server 2003 and SP1 allows remote attackers to execute arbitrary code via unknown vecto…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1207

Buffer overflow in the Web Client service in Microsoft Windows XP and Windows Server 2003 allows remote authenticated users to execute arbitrary code via a crafted WebDAV request containing special p…

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2005-1208

Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a la…

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2005-1211

Buffer overflow in the PNG image rendering component of Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted PNG file.

CVSS: 5.1 CWE: N/A View on NVD
High

CVE-2005-1212

Buffer overflow in Microsoft Step-by-Step Interactive Training (orun32.exe) allows remote attackers to execute arbitrary code via a bookmark link file (.cbo, cbl, or .cbm extension) with a long User…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1213

Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-1214

Microsoft Agent allows remote attackers to spoof trusted Internet content and execute arbitrary code by disguising security prompts on a malicious Web page.

CVSS: 5.1 CWE: N/A View on NVD
2005-06-13
High

CVE-2005-1935

Heap-based buffer overflow in the BERDecBitString function in Microsoft ASN.1 library (MSASN1.DLL) allows remote attackers to execute arbitrary code via nested constructed bit strings, which leads to…

CVSS: 7.5 CWE: N/A View on NVD
2005-06-11
High

CVE-2005-1953

Heap-based buffer overflow in the CGI extension for Pico Server (pServ) 3.3 allows remote attackers to execute arbitrary code via a long HTTP request.

CVSS: 7.5 CWE: N/A View on NVD
2005-06-09
High

CVE-2005-1873

Multiple buffer overflows in Crob FTP 3.6.1, and possibly earlier versions, allow remote attackers to execute arbitrary code via (1) an FTP command with a large string followed by the RMD command wit…

CVSS: 7.5 CWE: N/A View on NVD
2005-06-08
High

CVE-2005-1757

Buffer overflow in the Modweb agent for Novell NetMail 3.52 before 3.52C, when renaming folders, may allow attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1758

Buffer overflow in the IMAP command continuation function in Novell NetMail 3.52 before 3.52C may allow remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1941

SilverCity before 0.9.5-r1 installs (1) cgi-styler-form.py, (2) cgi-styler.py, and (3) source2html.py with read and write world permissions, which allows local users to execute arbitrary code.

CVSS: 7.8 CWE: CWE-276 - Incorrect Default Permissions View on NVD
2005-06-03
High

CVE-2005-1872

Buffer overflow in the administrative console in IBM WebSphere Application Server 5.x, when the global security option is enabled, allows remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
2005-06-02
Low

CVE-2005-1903

Buffer overflow in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to execute arbitrary code via a long CREATE command.

CVSS: 2.1 CWE: N/A View on NVD
2005-06-01
Low

CVE-2005-1790

Microsoft Internet Explorer 6 SP2 6.0.2900.2180 and 6.0.2800.1106, and earlier versions, allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a Javascript BODY…

CVSS: 2.6 CWE: CWE-399 View on NVD
Critical

CVE-2005-1812

Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote attackers to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Re…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2005-1814

Stack-based buffer overflow in PicoWebServer 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long URL.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-1815

Multiple buffer overflows in Hummingbird Connectivity inetD 10.0.0.1 and 9.0.0.4 allows attackers to cause a denial of service and possibly execute arbitrary code via (1) an FTP command with a long a…

CVSS: 5.0 CWE: N/A View on NVD
2005-05-31
High

CVE-2005-1770

Buffer overflow in the Aavmker4 device driver in Avast! Antivirus 4.6 and possibly other versions allows local users to cause a denial of service (system crash) and possibly execute arbitrary code vi…

CVSS: 7.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2005-1773

Multiple unknown vulnerabilities in L-Soft LISTSERV 14.3, 1.8e, and 1.8d allow remote attackers to execute arbitrary code or cause a denial of service. NOTE: this candidate may be SPLIT in the futur…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1776

Buffer overflow in the READ_TCP_STRING function in game_message_functions.cpp in the network plugin for C'Nedra 0.4.0 and earlier allows remote attackers to execute arbitrary code via a long text str…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1796

Format string vulnerability in the curses_msg function in the Ncurses interface (ec_curses.c) for Ettercap before 0.7.3 allows remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
2005-05-28
High

CVE-2005-1806

Format string vulnerability in PeerCast 0.1211 and earlier allows remote attackers to execute arbitrary code via format strings in the URL.

CVSS: 7.5 CWE: N/A View on NVD
2005-05-27
High

CVE-2005-1795

The filecopy function in misc.c in Clam AntiVirus (ClamAV) before 0.85, on Mac OS, allows remote attackers to execute arbitrary code via a virus in a filename that contains shell metacharacters, whic…

CVSS: 7.5 CWE: CWE-20 - Improper Input Validation View on NVD
2005-05-26
Medium

CVE-2005-0150

Firefox before 1.0 allows the user to store a (1) javascript: or (2) data: URLs as a Livefeed bookmark, then executes it in the security context of the currently loaded page when the user later acces…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2005-1520

Buffer overflow in the header_get_field_name function in header.c for GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a crafted e-ma…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1521

Integer overflow in the fetch_io function of the imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via a partial message…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1523

Format string vulnerability in imap4d server in GNU Mailutils 0.5 and 0.6, and other versions before 0.6.90, allows remote attackers to execute arbitrary code via format string specifiers in the comm…

CVSS: 7.5 CWE: N/A View on NVD
2005-05-25
Critical

CVE-2005-1255

Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allow remote attackers to e…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2005-1256

Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated user…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2005-1543

Multiple stack-based and heap-based buffer overflows in Remote Management authentication (zenrem32.exe) on Novell ZENworks 6.5 Desktop and Server Management, ZENworks for Desktops 4.x, ZENworks for S…

CVSS: 7.5 CWE: N/A View on NVD
2005-05-24
High

CVE-2005-1692

Format string vulnerability in gxine 0.4.1 through 0.4.4, and other versions down to 0.3, allows remote attackers to execute arbitrary code via a ram file with a URL whose hostname contains format st…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1702

Format string vulnerability in Warrior Kings: Battles 1.23 and earlier and Warrior Kings 1.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a nickname.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-1704

Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafte…

CVSS: 4.6 CWE: CWE-189 View on NVD
Critical

CVE-2005-1738

Format string vulnerability in the logPrintBadfile function in delbadfiles.c Iron Bars SHell (ibsh) before 0.3d allows users to "access files outside the home directory" and possibly execute arbitrar…

CVSS: 10.0 CWE: N/A View on NVD
2005-05-20
Medium

CVE-2005-1679

Stack-based buffer overflow in the error directive in picasm 1.12b and earlier allows attackers to execute arbitrary code via a long error message.

CVSS: 5.1 CWE: N/A View on NVD
Low

CVE-2005-1683

Buffer overflow in winword.exe 10.2627.6714 and earlier in Microsoft Word for the Macintosh, before SP3 for Word 2002, allows remote attackers to cause a denial of service and possibly execute arbitr…

CVSS: 2.6 CWE: N/A View on NVD
2005-05-18
High

CVE-2005-1666

Multiple buffer overflows in Orenosv HTTP/FTP Server 0.8.1 allow remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via long arguments to FTP c…

CVSS: 7.5 CWE: N/A View on NVD
2005-05-17
High

CVE-2005-1307

The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to exe…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2005-1589

The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2005-1626

Multiple buffer overflows in handlers.c for Pico Server (pServ) before 3.3 may allow attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1632

Cheetah 0.9.15 and 0.9.16 searches the /tmp directory for modules before using the paths in the PYTHONPATH variable, which allows local users to execute arbitrary code via a malicious module in /tmp/.

CVSS: 7.2 CWE: N/A View on NVD
2005-05-16
High

CVE-2005-1248

Buffer overflow in Apple iTunes before 4.8 allows remote attackers to execute arbitrary code via a crafted MPEG4 file.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2005-1596

index.php in Fusion SBX 1.2 and earlier does not properly use the extract function, which allows remote attackers to bypass authentication by setting the is_logged parameter or execute arbitrary code…

CVSS: 10.0 CWE: N/A View on NVD
2005-05-14
High

CVE-2005-1544

Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to execute arbitrary code via a TIFF file with a malformed BitsPerSample tag.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-1545

Integer overflow in the ELF parser in HT Editor before 0.8.0 allows remote attackers to execute arbitrary code via a crafted ELF file, which leads to a heap-based buffer overflow.

CVSS: 5.1 CWE: N/A View on NVD
Medium

CVE-2005-1546

Buffer overflow in the PE parser in HT Editor before 0.8.0 allows remote attackers to execute arbitrary code via a crafted PE file.

CVSS: 5.1 CWE: N/A View on NVD
2005-05-12
Medium

CVE-2005-0969

Heap-based buffer overflow in the syscall emulation functionality in Mac OS X before 10.3.9 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via craf…

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2005-0972

Integer overflow in the searchfs system call in Mac OS X 10.3.9 and earlier allows local users to execute arbitrary code via crafted parameters.

CVSS: 7.2 CWE: N/A View on NVD
2005-05-11
High

CVE-2005-1261

Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1263

The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2005-1478

Format string vulnerability in dSMTP (dsmtp.exe) in DMail 3.1a allows remote attackers to execute arbitrary code via format string specifiers in the xtellmail command.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-1507

Buffer overflow in the Tomcat plugin in 4d WebSTAR 5.33 and 5.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL.

CVSS: 5.0 CWE: N/A View on NVD
Critical

CVE-2005-1513

Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly…

CVSS: 9.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
Medium

CVE-2005-1514

commands.c in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SMTP c…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2005-1515

Integer signedness error in the qmail_put and substdio_put functions in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of ser…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2005-1580

users.ini.php in BoastMachine 3.0 does not properly restrict the types of files that can be uploaded, which allows remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
2005-05-09
Medium

CVE-2005-1476

Firefox 1.0.3 allows remote attackers to execute arbitrary Javascript in other domains by using an IFRAME and causing the browser to navigate to a previous javascript: URL, which can lead to arbitrar…

CVSS: 5.1 CWE: N/A View on NVD
Medium

CVE-2005-1477

The install function in Firefox 1.0.3 allows remote web sites on the browser's whitelist, such as update.mozilla.org or addon.mozilla.org, to execute arbitrary Javascript with chrome privileges, lead…

CVSS: 5.1 CWE: N/A View on NVD
2005-05-06
High

CVE-2005-1471

Heap-based buffer overflow in RSA SecurID Web Agent 5, 5.2, and 5.3 allows remote attackers to execute arbitrary code via crafted chunked-encoding data.

CVSS: 7.5 CWE: N/A View on NVD
2005-05-05
High

CVE-2005-1461

Multiple buffer overflows in the (1) SIP, (2) CMIP, (3) CMP, (4) CMS, (5) CRMF, (6) ESS, (7) OCSP, (8) X.509, (9) ISIS, (10) DISTCC, (11) FCELS, (12) Q.931, (13) NCP, (14) TCAP, (15) ISUP, (16) MEGAC…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2005-1462

Double free vulnerability in the ICEP dissector in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2005-1463

Multiple format string vulnerabilities in the (1) DHCP and (2) ANSI A dissectors in Ethereal before 0.10.11 may allow remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
2005-05-04
High

CVE-2005-0594

Buffer overflow in the Netinfo Setup Tool (NeST) allows local users to execute arbitrary code.

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2005-1194

Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287.

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2005-1336

Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable.

CVSS: 4.6 CWE: N/A View on NVD
2005-05-03
High

CVE-2005-1343

Stack-based buffer overflow in the VPN daemon (vpnd) for Mac OS X before 10.3.9 allows local users to execute arbitrary code via a long -i (Server_id) argument.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2005-1391

Buffer overflow in the add_port function in APSIS Pound 1.8.2 and earlier allows remote attackers to execute arbitrary code via a long Host HTTP header.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-1393

Multiple buffer overflows in ArcGIS for ESRI ArcInfo Workstation 9.0 allow local users to execute arbitrary code via long command line arguments to (1) asmaster, (2) asuser, (3) asutility, (4) se, or…

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2005-1401

Format string vulnerability in the client for Mtp-Target 1.2.2 and earlier allows remote attackers to execute arbitrary code via game messages or other text.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2005-1415

Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote authenticated users to execute arbitrary code via a long FTP command.

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2005-1433

Multiple unknown vulnjerabilities HP OpenView Event Correlation Services (OV ECS) 3.32 and 3.33 allow attackers to cause a denial of service or execute arbitrary code.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2005-1434

Multiple unknown vulnerabilities in OpenView Network Node Manager (OV NNM) 6.2, 6.4, 7.01, and 7.50 allow attackers to cause a denial of service or execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2005-1442

Buffer overflow in the Lotus Notes client for Domino 6.5 before 6.5.4 and 6.0 before 6.0.5 allows local users to cause a denial of service (client crash) and possibly execute arbitrary code via the N…

CVSS: 4.6 CWE: N/A View on NVD