Total
11642 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-0038 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Vista and 1 more | 2024-11-21 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a large length value in the second (or later) anih block of a RIFF .ANI, cur, or .ico file, which results in memory corruption when processing cursors, animated cursors, and icons, a variant of CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this might be a duplicate of CVE-2007-1765; if so, then CVE-2007-0038 should be preferred. | |||||
| CVE-2007-0034 | 1 Microsoft | 2 Office, Outlook | 2024-11-21 | 9.3 HIGH | N/A |
| Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches (OSS) file that triggers memory corruption, aka "Microsoft Outlook Advanced Find Vulnerability." | |||||
| CVE-2007-0018 | 33 Altdo, Americanshareware, Audio Edit Magic and 30 more | 81 Convert Mp3 Master, Mp3 Record And Edit Audio Master, Mp3 Wav Converter and 78 more | 2024-11-21 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as used by multiple products, allows remote attackers to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include (1) NCTsoft NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice; (2) Magic Audio Recorder, Music Editor, and Audio Converter; (3) Aurora Media Workshop; DB Audio Mixer And Editor; (4) J. Hepple Products including Fx Audio Editor and others; (5) EXPStudio Audio Editor; (6) iMesh; (7) Quikscribe; (8) RMBSoft AudioConvert and SoundEdit Pro 2.1; (9) CDBurnerXP; (10) Code-it Software Wave MP3 Editor and aBasic Editor; (11) Movavi VideoMessage, DVD to iPod, and others; (12) SoftDiv Software Dexster, iVideoMAX, and others; (13) Sienzo Digital Music Mentor (DMM); (14) MP3 Normalizer; (15) Roemer Software FREE and Easy Hi-Q Recorder, and Easy Hi-Q Converter; (16) Audio Edit Magic; (17) Joshua Video and Audio Converter; (18) Virtual CD; (19) Cheetah CD and DVD Burner; (20) Mystik Media AudioEdit Deluxe, Blaze Media, and others; (21) Power Audio Editor; (22) DanDans Digital Media Full Audio Converter, Music Editing Master, and others; (23) Xrlly Software Text to Speech Makerand Arial Sound Recorder / Audio Converter; (24) Absolute Sound Recorder, Video to Audio Converter, and MP3 Splitter; (25) Easy Ringtone Maker; (26) RecordNRip; (27) McFunSoft iPod Audio Studio, Audio Recorder for Free, and others; (28) MP3 WAV Converter; (29) BearShare 6.0.2.26789; and (30) Oracle Siebel SimBuilder and CRM 7.x. | |||||
| CVE-2007-0016 | 1 Netfarer | 1 Movieplay | 2024-11-21 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in MoviePlay 4.76 allows remote attackers to execute arbitrary code via a long filename in a LST file. | |||||
| CVE-2007-0009 | 3 Canonical, Debian, Mozilla | 6 Ubuntu Linux, Debian Linux, Firefox and 3 more | 2024-11-21 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via invalid "Client Master Key" length values. | |||||
| CVE-2007-0005 | 2 Linux, Omnikey.aaitg | 2 Linux Kernel, Omnikey Cardman 4040 | 2024-11-21 | 6.9 MEDIUM | N/A |
| Multiple buffer overflows in the (1) read and (2) write handlers in the Omnikey CardMan 4040 driver in the Linux kernel before 2.6.21-rc3 allow local users to gain privileges. | |||||
| CVE-2007-0002 | 1 Libwpd | 1 Libwpd Library | 2024-11-21 | 9.3 HIGH | N/A |
| Multiple heap-based buffer overflows in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allow user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted WordPerfect file in which values to loop counters are not properly handled in the (1) WP3TablesGroup::_readContents and (2) WP5DefinitionGroup_DefineTablesSubGroup::WP5DefinitionGroup_DefineTablesSubGroup functions. NOTE: the integer overflow has been split into CVE-2007-1466. | |||||
| CVE-2006-7222 | 1 Guliverkli | 1 Media Player Classic | 2024-11-21 | 6.8 MEDIUM | N/A |
| Buffer overflow in the CFLICStream::_deltachunk function in FLICSource.cpp in Media Player Classic (MPC) 6.4.9.0 allows user-assisted remote attackers to execute arbitrary code via a crafted FLI file. | |||||
| CVE-2006-7221 | 1 Fsp | 1 C Library | 2024-11-21 | 5.0 MEDIUM | N/A |
| Multiple off-by-one errors in fsplib.c in fsplib before 0.8 allow attackers to cause a denial of service via unspecified vectors involving the (1) name and (2) d_name entry attributes. | |||||
| CVE-2006-7157 | 1 Google | 1 Earth | 2024-11-21 | 7.1 HIGH | N/A |
| Buffer overflow in Google Earth v4.0.2091 (beta) allows remote user-assisted attackers to cause a denial of service (crash) via a KML or KMZ file with a long href element. | |||||
| CVE-2006-6884 | 1 Winzip | 1 Winzip | 2024-11-21 | 9.3 HIGH | N/A |
| Buffer overflow in the WZFILEVIEW.FileViewCtrl.61 ActiveX control (aka Sky Software "FileView" ActiveX control) for WinZip 10.0 Build 6667 allows remote attackers to execute arbitrary code via a long argument to the CreateNewFolderFromName method, a different vulnerability than CVE-2006-5198. | |||||
| CVE-2006-6881 | 1 Stavros Markou | 1 Atmelwlandriver | 2024-11-21 | 7.5 HIGH | N/A |
| Buffer overflow in the Get_Wep function in cofvnet.c for ATMEL Linux PCI PCMCIA USB Drivers drivers 3.4.1.1 corruption allows attackers to execute arbitrary code via a long name argument. | |||||
| CVE-2006-6749 | 1 Openser | 1 Openser | 2024-11-21 | 9.3 HIGH | N/A |
| Buffer overflow in the parse_expression function in parse_config in OpenSER 1.1.0 allows attackers to have an unknown impact via a long str parameter. | |||||
| CVE-2006-6696 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Vista and 1 more | 2024-11-21 | 6.9 MEDIUM | N/A |
| Double free vulnerability in Microsoft Windows 2000, XP, 2003, and Vista allows local users to gain privileges by calling the MessageBox function with a MB_SERVICE_NOTIFICATION message with crafted data, which sends a HardError message to Client/Server Runtime Server Subsystem (CSRSS) process, which is not properly handled when invoking the UserHardError and GetHardErrorText functions in WINSRV.DLL. | |||||
| CVE-2006-6685 | 1 Pedro Lineu Orso | 1 Chetcpasswd | 2024-11-21 | 7.2 HIGH | N/A |
| Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd 2.3.3 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long REMOTE_ADDR environment variable. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-6684 | 1 Pedro Lineu Orso | 1 Chetcpasswd | 2024-11-21 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Pedro Lineu Orso chetcpasswd before 2.4 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long X-Forwarded-For HTTP header. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2006-6652 | 2 Apple, Netbsd | 2 Mac Os X, Netbsd | 2024-11-21 | 9.0 HIGH | N/A |
| Buffer overflow in the glob implementation (glob.c) in libc in NetBSD-current before 20050914, NetBSD 2.* and 3.* before 20061203, and Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion. | |||||
| CVE-2006-6500 | 3 Canonical, Debian, Mozilla | 5 Ubuntu Linux, Debian Linux, Firefox and 2 more | 2024-11-21 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by setting the CSS cursor to certain images that cause an incorrect size calculation when converting to a Windows bitmap. | |||||
| CVE-2006-6442 | 1 Aol | 1 Aol Client Software | 2024-11-21 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the SetClientInfo function in the CDDBControlAOL.CDDBAOLControl ActiveX control (cddbcontrol.dll), as used in America Online (AOL) 7.0 4114.563, 8.0 4129.230, and 9.0 Security Edition 4156.910, and possibly other products, allows remote attackers to execute arbitrary code via a long ClientId argument. | |||||
| CVE-2006-6418 | 1 Hp | 1 Tru64 | 2024-11-21 | 7.2 HIGH | N/A |
| Buffer overflow in the POSIX Threads library (libpthread) on HP Tru64 UNIX 4.0F PK8, 4.0G PK4, and 5.1A PK6 allows local users to gain root privileges via a long PTHREAD_CONFIG environment variable. | |||||