Total
11643 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-1015 | 1 Apple | 1 Quicktime | 2024-11-21 | 6.8 MEDIUM | N/A |
| Buffer overflow in the data reference atom handling in Apple QuickTime before 7.4.5 allows remote attackers to execute arbitrary code via a crafted movie. | |||||
| CVE-2008-1010 | 1 Apple | 1 Safari | 2024-11-21 | 6.8 MEDIUM | N/A |
| Buffer overflow in WebKit, as used in Apple Safari before 3.1, allows remote attackers to execute arbitrary code via crafted regular expressions in JavaScript. | |||||
| CVE-2008-0997 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows user-assisted remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted PostScript Printer Description (PPD) file that is not properly handled when querying a network printer. | |||||
| CVE-2008-0992 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | 5.8 MEDIUM | N/A |
| Array index error in pax in Apple Mac OS X 10.5.2 allows context-dependent attackers to execute arbitrary code via an archive with a crafted length value. | |||||
| CVE-2008-0987 | 1 Apple | 4 Aperture, Iphoto, Mac Os X and 1 more | 2024-11-21 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in Image Raw in Apple Mac OS X 10.5.2, and Digital Camera RAW Compatibility before Update 2.0 for Aperture 2 and iPhoto 7.1.2, allows remote attackers to execute arbitrary code via a crafted Adobe Digital Negative (DNG) image. | |||||
| CVE-2008-0985 | 1 Google | 1 Android Sdk | 2024-11-21 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the GIF library in the WebKit framework for Google Android SDK m3-rc37a and earlier allows remote attackers to execute arbitrary code via a crafted GIF file whose logical screen height and width are different than the actual height and width. | |||||
| CVE-2008-0973 | 1 Double-take Software | 1 Double-take | 2024-11-21 | 7.5 HIGH | N/A |
| Buffer overflow in Double-Take (aka HP StorageWorks Storage Mirroring) 4.5.0.1629, and other 4.5.0.x versions, allows remote attackers to have an unknown impact via a packet with a long string in the username field. | |||||
| CVE-2008-0964 | 1 Sun | 3 Opensolaris, Solaris, Sunos | 2024-11-21 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via a crafted SMB packet. | |||||
| CVE-2008-0962 | 1 Emc | 1 Diskxtender | 2024-11-21 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in the File System Manager for EMC DiskXtender 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted request to the RPC interface. | |||||
| CVE-2008-0959 | 4 Alivemedia, Online Media Technologies, Orion Studios and 1 more | 6 Alive Mp3 Wav Converter, Nctaudioeditor Activex Control, Nctaudiostudio Activex Control and 3 more | 2024-11-21 | 6.8 MEDIUM | N/A |
| Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioInformation2 ActiveX control in NCTAudioInformation2.dll, as used in (1) Power Audio CD Grabber 1.0, (2) Power Audio CD Burner 1.02, (3) CinematicMP3 1.4.0.0, (4) Alive MP3 WAV Converter 3.9.3.2, and possibly other products, allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2008-0958 | 1 Nctsoft | 1 Nctaudioeditor Activex Control | 2024-11-21 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the Online Media Technologies NCTSoft NCTAudioGrabber2 ActiveX control in NCTAudioGrabber2.dll allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2008-0957 | 1 Photostockplus | 1 Photostockplus Uploader Tool | 2024-11-21 | 6.8 MEDIUM | N/A |
| Multiple stack-based buffer overflows in the PhotoStockPlus Uploader Tool ActiveX control (PSPUploader.ocx) allow remote attackers to execute arbitrary code via unspecified initialization parameters. | |||||
| CVE-2008-0956 | 2 Backweb, Logitech | 2 Backweb, Desktop Manager | 2024-11-21 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in the BackWeb Lite Install Runner ActiveX control in the BackWeb Web Package ActiveX object in LiteInstActivator.dll in BackWeb before 8.1.1.87, as used in Logitech Desktop Manager (LDM) before 2.56, allow remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2008-0955 | 1 Creative | 1 Creative Software Autoupdate Engine | 2024-11-21 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the Creative Software AutoUpdate Engine ActiveX control in CTSUEng.ocx allows remote attackers to execute arbitrary code via a long CacheFolder property value. | |||||
| CVE-2008-0948 | 1 Mit | 1 Kerberos 5 | 2024-11-21 | 9.3 HIGH | N/A |
| Buffer overflow in the RPC library (lib/rpc/rpc_dtablesize.c) used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.2.2, and probably other versions before 1.3, when running on systems whose unistd.h does not define the FD_SETSIZE macro, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering a large number of open file descriptors. | |||||
| CVE-2008-0947 | 1 Mit | 1 Kerberos 5 | 2024-11-21 | 10.0 HIGH | N/A |
| Buffer overflow in the RPC library used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.4 through 1.6.3 allows remote attackers to execute arbitrary code by triggering a large number of open file descriptors. | |||||
| CVE-2008-0935 | 1 Novell | 2 Iprint, Iprint Client | 2024-11-21 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the Novell iPrint Control ActiveX control in ienipp.ocx in Novell iPrint Client before 4.34 allows remote attackers to execute arbitrary code via a long argument to the ExecuteRequest method. | |||||
| CVE-2008-0924 | 1 Novell | 1 Edirectory | 2024-11-21 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the DoLBURPRequest function in libnldap in ndsd in Novell eDirectory 8.7.3.9 and earlier, and 8.8.1 and earlier in the 8.8.x series, allows remote attackers to cause a denial of service (daemon crash or CPU consumption) or execute arbitrary code via a long delRequest LDAP Extended Request message, probably involving a long Distinguished Name (DN) field. | |||||
| CVE-2008-0912 | 1 Sybase | 2 Mobilink, Sql Anywhere | 2024-11-21 | 10.0 HIGH | N/A |
| Multiple heap-based buffer overflows in mlsrv10.exe in Sybase MobiLink 10.0.1.3629 and earlier, as used by SQL Anywhere Developer Edition 10.0.1.3415 and probably other products, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a long (1) username, (2) version, or (3) remote ID. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2008-0888 | 1 Info-zip | 1 Unzip | 2024-11-21 | 9.3 HIGH | N/A |
| The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data. | |||||