Critical
CVE-2004-0005
Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be wri…
Tag: Remote Code Execution
All CVEs associated with "Remote Code Execution". Page 337/345 • 41309 CVEs.
Subscribe CVEs: RSS for “Remote Code Execution” · RSS (High+Critical only)
About “Remote Code Execution”
A curated feed of “Remote Code Execution”-related CVEs appears below. We currently track 41309 CVEs for this tag (all time). In the last 365 days, 4654 were published. Average CVSS is 8.3 (all time; 8.2 over 365d), and 86% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-94 - Improper Control of Generation of Code ('Code Injection'), CWE-434 - Unrestricted Upload of File with Dangerous Type, CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').
In our taxonomy this topic maps to a VERY HIGH impact class. Common exploitation patterns for this weakness can lead to very high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2004-03-03
High
CVE-2004-0006
Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo w…
High
CVE-2004-0007
Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of ser…
High
CVE-2004-0008
Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers…
Critical
CVE-2004-0039
Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP…
Critical
CVE-2004-0040
Stack-based buffer overflow in Check Point VPN-1 Server 4.1 through 4.1 SP6 and Check Point SecuRemote/SecureClient 4.1 through 4.1 build 4200 allows remote attackers to execute arbitrary code via an…
High
CVE-2004-0078
Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cert…
Critical
CVE-2004-0083
Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token,…
Critical
CVE-2004-0084
Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malfo…
Critical
CVE-2004-0097
Multiple vulnerabilities in PWLib before 1.6.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.…
High
CVE-2004-0104
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
High
CVE-2004-0105
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
Medium
CVE-2004-0115
VirtualPC_Services in Microsoft Virtual PC for Mac 6.0 through 6.1 allows local attackers to truncate and overwrite arbitrary files, and execute arbitrary code, via a symlink attack on the VPCService…
2004-02-23
High
CVE-2004-0324
Confirm 0.62 and earlier could allow remote attackers to execute arbitrary code via an e-mail header that contains shell metacharacters such as ", `, |, ;, or $.
2004-02-17
Critical
CVE-2003-0819
Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 t…
Critical
CVE-2003-0903
Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2.5 through 2.8 allows remote attackers to execute arbitrary code via a malformed UDP response to a broadcast request.
High
CVE-2003-0966
Buffer overflow in the frm command in elm 2.5.6 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code via a long Subject line.
High
CVE-2003-0988
Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file.
High
CVE-2003-1030
Buffer overflow in DameWare Mini Remote Control before 3.73 allows remote attackers to execute arbitrary code via a long pre-authentication request to TCP port 6129.
High
CVE-2004-0054
Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrate…
High
CVE-2004-0056
Multiple vulnerabilities in the H.323 protocol implementation for Nortel Networks Business Communications Manager (BCM), Succession 1000 IP Trunk and IP Peer Networking, and 802.11 Wireless IP Gatewa…
High
CVE-2004-0069
Format string vulnerability in HD Soft Windows FTP Server 1.6 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the username, which is processed by the wsc…
Medium
CVE-2004-0095
McAfee ePolicy Orchestrator agent allows remote attackers to cause a denial of service (memory consumption and crash) and possibly execute arbitrary code via an HTTP POST request with an invalid Cont…
2004-02-09
Medium
CVE-2004-2093
Buffer overflow in the open_socket_out function in socket.c for rsync 2.5.7 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long RSYNC_PR…
2004-02-08
High
CVE-2004-1244
Windows Media Player 9 allows remote attackers to execute arbitrary code via a PNG file containing large (1) width or (2) height values, aka the "PNG Processing Vulnerability."
2004-02-06
Medium
CVE-2004-2086
Stack-based buffer overflow in results.stm for Sambar Server before the 6.0 production release allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an…
2004-02-03
High
CVE-2004-0043
Buffer overflow in Yahoo Instant Messenger 5.6.0.1351 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename in the download…
High
CVE-2004-0045
Buffer overflow in the ARTpost function in art.c in the control message handling code for INN 2.4.0 may allow remote attackers to execute arbitrary code.
2004-01-29
High
CVE-2004-2034
Buffer overflow in the (1) WTHoster and (2) WebDriver modules in WildTangent Web Driver 4.0 allows remote attackers to execute arbitrary code via a long filename.
Medium
CVE-2004-2133
Certain third-party packages for CVSup 16.1h, such as SuSE Linux, contain untrusted paths in the ELF RPATH fields of certain executables, which could allow local users to execute arbitrary code by ca…
2004-01-27
High
CVE-2004-2131
Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment var…
2004-01-20
High
CVE-2003-0969
mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an mp3 file that passes certain strings to the printf function, possibly triggering a format string v…
High
CVE-2003-1023
Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code du…
High
CVE-2004-0011
Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code.
High
CVE-2004-0014
Multiple buffer overflows in the nd WebDAV interface 0.8.2 and earlier allows remote web servers to execute arbitrary code via certain long strings.
2004-01-05
High
CVE-2003-0963
Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls…
High
CVE-2003-0978
Format string vulnerability in gpgkeys_hkp (experimental HKP interface) for the GnuPG (gpg) client 1.2.3 and earlier, and 1.3.3 and earlier, allows remote attackers or a malicious keyserver to cause…
High
CVE-2003-0982
Buffer overflow in the authentication module for Cisco ACNS 4.x before 4.2.11, and 5.x before 5.0.5, allows remote attackers to execute arbitrary code via a long password.
High
CVE-2003-0999
Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute arbitrary code or read or write arbitrary files.
2004-01-03
High
CVE-2004-1784
Buffer overflow in the web server of Webcam Watchdog 3.63 allows remote attackers to execute arbitrary code via a long HTTP GET request.
2003-12-31
Medium
CVE-2003-1066
Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (syslogd crash) and possibly execute arbitrary code via long syslog UDP packets.
Critical
CVE-2003-1083
Stack-based buffer overflow in Monit 1.4 to 4.1 allows remote attackers to execute arbitrary code via a long HTTP request.
High
CVE-2003-1091
Integer overflow in MP3Broadcaster for Apple QuickTime/Darwin Streaming Server 4.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed ID3…
High
CVE-2003-1094
BEA WebLogic Server and Express version 7.0 SP3 may follow certain code execution paths that result in an incorrect current user, such as in the frequent use of JNDI initial contexts, which could all…
Low
CVE-2003-1099
shar on HP-UX B.11.00, B.11.04, and B.11.11 creates temporary files with predictable names in /tmp, which allows local users to cause a denial of service and possibly execute arbitrary code via a sym…
Critical
CVE-2003-1104
Buffer overflow in IBM Tivoli Firewall Toolbox (TFST) 1.2 allows remote attackers to execute arbitrary code via unknown vectors.
Medium
CVE-2003-1108
The Session Initiation Protocol (SIP) implementation in Alcatel OmniPCX Enterprise 5.0 Lx allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE m…
High
CVE-2003-1109
The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote at…
High
CVE-2003-1110
The Session Initiation Protocol (SIP) implementation in Columbia SIP User Agent (sipc) 1.74 and other versions before sipc 2.0 build 2003-02-21 allows remote attackers to cause a denial of service or…
High
CVE-2003-1111
The Session Initiation Protocol (SIP) implementation in multiple dynamicsoft products including y and certain demo products for AppEngine allows remote attackers to cause a denial of service or execu…
High
CVE-2003-1112
The Session Initiation Protocol (SIP) implementation in Ingate Firewall and Ingate SIParator before 3.1.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via…
High
CVE-2003-1113
The Session Initiation Protocol (SIP) implementation in IPTel SIP Express Router 0.8.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted…
High
CVE-2003-1114
The Session Initiation Protocol (SIP) implementation in Mediatrix Telecom VoIP Access Devices and Gateways running SIPv2.4 and SIPv4.3 firmware allows remote attackers to cause a denial of service or…
High
CVE-2003-1115
The Session Initiation Protocol (SIP) implementation in Nortel Networks Succession Communication Server 2000, when using SIP-T, allows remote attackers to cause a denial of service and possibly execu…
High
CVE-2003-1117
Buffer overflow in RealSystem Server 6.x, 7.x and 8.x, and RealSystem Proxy 8.x, related to URL error handling, allows remote attackers to cause a denial of service and possibly execute arbitrary cod…
High
CVE-2003-1118
Buffer overflow in the SETI@home client 3.03 and other versions allows remote attackers to cause a denial of service (client crash) and execute arbitrary code via a spoofed server response containing…
Low
CVE-2003-1122
ScriptLogic 4.01, and possibly other versions before 4.14, uses insecure permissions for the LOGS$ share, which allows users to modify log records and possibly execute arbitrary code.
Low
CVE-2003-1129
Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) ActiveX control before 1,0,0,45 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a URL wi…
Medium
CVE-2003-1165
Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with a long User-Agent header.
High
CVE-2003-1170
Format string vulnerability in main.cpp in kpopup 0.9.1 and 0.9.5pre2 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via format string specif…
High
CVE-2003-1171
Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 through 1.7.1 in Apache 2 allows remote attackers to execute arbitrary code via a server side script that sends a larg…
High
CVE-2003-1177
Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before SP3a allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) AUTH command to the…
High
CVE-2003-1228
Buffer overflow in the prepare_reply function in request.c for Mathopd 1.2 through 1.5b13, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) and possi…
Low
CVE-2003-1234
Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathco…
Critical
CVE-2003-1236
Multiple format string vulnerabilities in the logger function in netzio.c for Tanne 0.6.17 allows remote attackers to execute arbitrary code via format string specifiers in syslog.
High
CVE-2003-1247
Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fnam…
High
CVE-2003-1259
Buffer overflow in CuteFTP 4.2 and 5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner.
High
CVE-2003-1260
Buffer overflow in CuteFTP 5.0 allows remote attackers to execute arbitrary code via a long response to a LIST command.
Medium
CVE-2003-1262
Buffer overflow in the http_fetch function of HTTP Fetcher 1.0.0 and 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL request via a lon…
Critical
CVE-2003-1272
Multiple buffer overflows in Winamp 3.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .b4s file containing (1) a long playlist name or (2) a lo…
High
CVE-2003-1283
KaZaA Media Desktop (KMD) 2.0 launches advertisements in the Internet Explorer (IE) local security zone, which could allow remote attackers to view local files and possibly execute arbitrary code.
Medium
CVE-2003-1287
Sambar Server before 6.0 beta 3 allows attackers with physical access to execute arbitrary code via a request with an MS-DOS device name such as com1.pl, con.pl, or aux.pl, which causes Perl to read…
Medium
CVE-2003-1303
Buffer overflow in the imap_fetch_overview function in the IMAP functionality (php_imap.c) in PHP before 4.3.3 allows remote attackers to cause a denial of service (segmentation fault) and possibly e…
High
CVE-2003-1319
Multiple buffer overflows in SmartFTP 1.0.973, and other versions before 1.0.976, allow remote attackers to execute arbitrary code via (1) a long response to a PWD command, which triggers a stack-bas…
Medium
CVE-2003-1320
SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including…
High
CVE-2003-1321
Buffer overflow in Avant Browser 8.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long URL in an HTTP request.
Critical
CVE-2003-1322
Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long (1) EXAMINE, (2) DELETE, (3) SUBSCRIBE, (…
Critical
CVE-2003-1327
Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users…
Medium
CVE-2003-1331
Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a d…
High
CVE-2003-1332
Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-…
Critical
CVE-2003-1336
Buffer overflow in mIRC before 6.11 allows remote attackers to execute arbitrary code via a long irc:// URL.
High
CVE-2003-1337
Heap-based buffer overflow in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
Critical
CVE-2003-1339
Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotoshare, (b) eZmeeting, (c) eZnetwork, and (d) eZshare allows remote attackers to cause a denial of service (crash) or execute arbitra…
High
CVE-2003-1355
Buffer overflow in the remote console (rcon) in Battlefield 1942 1.2 and 1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long user name and…
High
CVE-2003-1360
Buffer overflow in the setupterm function of (1) lanadmin and (2) landiag programs of HP-UX 10.0 through 10.34 allows local users to execute arbitrary code via a long TERM environment variable.
Medium
CVE-2003-1368
Buffer overflow in the 32bit FTP client 9.49.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner.
Medium
CVE-2003-1369
Buffer overflow in ByteCatcher FTP client 1.04b allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner.
Medium
CVE-2003-1374
Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options.
High
CVE-2003-1375
Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument.
High
CVE-2003-1377
Buffer overflow in the reverse DNS lookup of Smart IRC Daemon (SIRCD) 0.4.0 and 0.4.4 allows remote attackers to execute arbitrary code via a client with a long hostname.
High
CVE-2003-1382
Buffer overflow in ISMail 1.4.3 and earlier allow remote attackers to execute arbitrary code via long domain names in (1) MAIL FROM or (2) RCPT TO fields.
High
CVE-2003-1387
Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, allows remote attackers to execute arbitrary code via a URL with a long username.
High
CVE-2003-1393
Buffer overflow in Gupta SQLBase 8.1.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long EXECUTE command.
Critical
CVE-2003-1395
Buffer overflow in KaZaA Media Desktop 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a response to the ad server.
Medium
CVE-2003-1396
Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a filename with a long extension.
High
CVE-2003-1407
Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command.
Low
CVE-2003-1426
Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME environment variable to Perl's @INC include array, which allows local users to execute arbitrary code by…
High
CVE-2003-1429
Buffer overflow in Proxomitron Naoko 4.4 allows remote attackers to execute arbitrary code via a long request.
Critical
CVE-2003-1432
Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via (1) a packet with a negative size val…
Medium
CVE-2003-1445
Stack-based buffer overflow in Far Manager 1.70beta1 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long pathname.
Medium
CVE-2003-1446
Buffer overflow in the save_into_file function in save.c for Rogue 5.2-2 allows local users to execute arbitrary code with games group privileges by setting a long HOME environment variable and invok…
Medium
CVE-2003-1451
Buffer overflow in Symantec Norton AntiVirus 2002 allows remote attackers to execute arbitrary code via an e-mail attachment with a compressed ZIP file that contains a file with a long filename.
Low
CVE-2003-1452
Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd pro…
High
CVE-2003-1455
Multiple buffer overflows in the launch_bcrelay function in pptpctrl.c in PoPToP 1.1.4-b1 through PoPToP 1.1.4-b3 allow local users to execute arbitrary code.
High
CVE-2003-1461
Buffer overflow in rwrite for HP-UX 11.0 could allow local users to execute arbitrary code via a long argument. NOTE: the vendor was unable to reproduce the problem on a system that had been patched…
Critical
CVE-2003-1470
Buffer overflow in IMAP service in MDaemon 6.7.5 and earlier allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a CREATE command with a long mailbox…
Medium
CVE-2003-1472
Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long banner.
Medium
CVE-2003-1473
Buffer overflow in LTris 1.0.1 of FreeBSD Ports Collection 2003-02-25 and earlier allows local users to execute arbitrary code with gid "games" permission via a long HOME environment variable.
High
CVE-2003-1474
slashem-tty in the FreeBSD Ports Collection is installed with write permissions for the games group, which allows local users with group games privileges to modify slashem-tty and execute arbitrary c…
Medium
CVE-2003-1500
PHP remote file inclusion vulnerability in _functions.php in cpCommerce 0.5f allows remote attackers to execute arbitrary code via the prefix parameter.
Critical
CVE-2003-1503
Buffer overflow in AOL Instant Messenger (AIM) 5.2.3292 allows remote attackers to execute arbitrary code via an aim:getfile URL with a long screen name.
Medium
CVE-2003-1552
Unrestricted file upload vulnerability in uploader.php in Uploader 1.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a dire…
High
CVE-2003-1557
Off-by-one buffer overflow in spamc of SpamAssassin 2.40 through 2.43, when using BSMTP mode ("-B"), allows remote attackers to execute arbitrary code via email containing headers with leading "." ch…
Medium
CVE-2003-1558
Buffer overflow in httpd.c of fnord 1.6 allows remote attackers to create a denial of service (crash) and possibly execute arbitrary code via a long CGI request passed to the do_cgi function.
2003-12-29
High
CVE-2003-1200
Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 through 6.8.5 allows remote attackers to execute arbitrary code via a long From parameter to Form2Raw.cgi.
2003-12-15
High
CVE-2003-0089
Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) sw…
High
CVE-2003-0812
Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to…
High
CVE-2003-0820
Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute…
High
CVE-2003-0821
Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model.
High
CVE-2003-0822
Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded…