Total
12000 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-1775 | 1 Atari | 1 Terminator 3 War Of The Machines | 2023-12-10 | 5.0 MEDIUM | N/A |
Terminator 3: War of the Machines 1.16 and earlier allows remote attackers to cause a denial of service (application crash) via a large nickname. | |||||
CVE-2005-2930 | 1 Jed Wing | 1 Chm Lib | 2023-12-10 | 5.1 MEDIUM | N/A |
Stack-based buffer overflow in the _chm_find_in_PMGL function in chm_lib.c for chmlib before 0.36, as used in products such as KchmViewer, allows user-assisted attackers to execute arbitrary code via a CHM file containing a long element, a different vulnerability than CVE-2005-3318. | |||||
CVE-2005-3832 | 1 Speedproject | 2 Speedcommander, Squeez | 2023-12-10 | 5.1 MEDIUM | N/A |
Stack-based buffer overflow in (1) CxUux60.dll and (2) CxUux60u.dll, as used in SpeedProject products including (a) Squeez 5.0 Build 4285, and (b) SpeedCommander 11.0 Build 4430 and 10.51 Build 4430, allows user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename. | |||||
CVE-2006-0301 | 1 Xpdf | 1 Xpdf | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap. | |||||
CVE-2004-1258 | 1 Moinejf | 1 Abcm2ps | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in the put_words function in subs.c for abcm2ps 3.7.20 allows remote attackers to execute arbitrary code via crafted ABC files. | |||||
CVE-2005-4867 | 1 Ibm | 1 Db2 Universal Database | 2023-12-10 | 9.3 HIGH | N/A |
Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter. | |||||
CVE-2006-1550 | 1 Dia | 1 Dia | 2023-12-10 | 7.6 HIGH | N/A |
Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid (1) color index, (2) number of points, or (3) depth. | |||||
CVE-2005-3192 | 1 Xpdf | 1 Xpdf | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01, as used in products such as (1) Poppler, (2) teTeX, (3) KDE kpdf, and (4) pdftohtml, (5) KOffice KWord, (6) CUPS, and (7) libextractor allows remote attackers to execute arbitrary code via a PDF file with an out-of-range numComps (number of components) field. | |||||
CVE-2006-2382 | 1 Microsoft | 1 Internet Explorer | 2023-12-10 | 10.0 HIGH | N/A |
Heap-based buffer overflow in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via crafted UTF-8 encoded HTML that results in size discrepancies during conversion to Unicode, aka "HTML Decoding Memory Corruption Vulnerability." | |||||
CVE-2005-1123 | 1 Monkey-project | 1 Monkey | 2023-12-10 | 5.0 MEDIUM | N/A |
Monkey daemon (monkeyd) before 0.9.1 allows remote attackers to cause a denial of service (memory corruption) via a request for a zero byte file. | |||||
CVE-2006-1148 | 1 Peercast | 1 Peercast | 2023-12-10 | 7.5 HIGH | N/A |
Multiple stack-based buffer overflows in the procConnectArgs function in servmgr.cpp in PeerCast before 0.1217 allow remote attackers to execute arbitrary code via an HTTP GET request with a long (1) parameter name or (2) value in a URL, which triggers the overflow in the nextCGIarg function in servhs.cpp. | |||||
CVE-2006-2238 | 1 Apple | 1 Quicktime | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted BMP file that triggers the overflow in the ReadBMP function. NOTE: this issue was originally included as item 3 in CVE-2006-1983, but it has been given a separate identifier because it is a distinct issue. | |||||
CVE-2005-2127 | 2 Ati, Microsoft | 6 Catalyst Driver, .net Framework, Office and 3 more | 2023-12-10 | 7.5 HIGH | N/A |
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, as originally demonstrated using the (1) DDS Library Shape Control (Msdds.dll) COM object, and other objects including (2) Blnmgrps.dll, (3) Ciodm.dll, (4) Comsvcs.dll, (5) Danim.dll, (6) Htmlmarq.ocx, (7) Mdt2dd.dll (as demonstrated using a heap corruption attack with uninitialized memory), (8) Mdt2qd.dll, (9) Mpg4ds32.ax, (10) Msadds32.ax, (11) Msb1esen.dll, (12) Msb1fren.dll, (13) Msb1geen.dll, (14) Msdtctm.dll, (15) Mshtml.dll, (16) Msoeacct.dll, (17) Msosvfbr.dll, (18) Mswcrun.dll, (19) Netshell.dll, (20) Ole2disp.dll, (21) Outllib.dll, (22) Psisdecd.dll, (23) Qdvd.dll, (24) Repodbc.dll, (25) Shdocvw.dll, (26) Shell32.dll, (27) Soa.dll, (28) Srchui.dll, (29) Stobject.dll, (30) Vdt70.dll, (31) Vmhelper.dll, and (32) Wbemads.dll, aka a variant of the "COM Object Instantiation Memory Corruption vulnerability." | |||||
CVE-2006-1060 | 1 Xzgv | 1 Xzgv | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in zgv before 5.8 and xzgv before 0.8 might allow user-assisted attackers to execute arbitrary code via a JPEG image with more than 3 output components, such as a CMYK or YCCK color space, which causes less memory to be allocated than required. | |||||
CVE-2006-1043 | 1 Microsoft | 2 Visual Interdev, Visual Studio | 2023-12-10 | 5.1 MEDIUM | N/A |
Stack-based buffer overflow in Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 allows user-assisted attackers to execute arbitrary code via a long DataProject field in a (1) Visual Studio Database Project File (.dbp) or (2) Visual Studio Solution (.sln). | |||||
CVE-2006-0359 | 1 Counterpath | 1 Eyebeam Sip Softphone | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in CounterPath eyeBeam SIP Softphone allows remote attackers to (1) cause a denial of service (device crash) via SIP INVITE commands with a long header field name sent during startup and (2) cause a denial of service (device hang or crash) via SIP INVITE commands with a long header field name sent during a call. | |||||
CVE-2006-0007 | 1 Microsoft | 1 Office | 2023-12-10 | 9.3 HIGH | N/A |
Buffer overflow in GIFIMP32.FLT, as used in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via a crafted GIF image that triggers memory corruption when it is parsed. | |||||
CVE-2003-1558 | 1 Fefe | 1 Fnord | 2023-12-10 | 5.0 MEDIUM | N/A |
Buffer overflow in httpd.c of fnord 1.6 allows remote attackers to create a denial of service (crash) and possibly execute arbitrary code via a long CGI request passed to the do_cgi function. | |||||
CVE-2004-0330 | 1 Solarwinds | 1 Serv-u File Server | 2023-12-10 | 10.0 HIGH | N/A |
Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command. | |||||
CVE-2003-1382 | 1 Instantservers Inc. | 1 Ismail | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in ISMail 1.4.3 and earlier allow remote attackers to execute arbitrary code via long domain names in (1) MAIL FROM or (2) RCPT TO fields. |