Total
11642 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0619 | 1 Qnx | 1 Rtos | 2024-11-21 | 4.6 MEDIUM | N/A |
| Multiple stack-based buffer overflows in QNX Neutrino RTOS 6.3.0 allow local users to execute arbitrary code via long (1) ABLPATH or (2) ABLANG environment variables in the libAP library (libAp.so.2) or (3) a long PHOTON_PATH environment variable to the setitem function in the libph library. | |||||
| CVE-2006-0481 | 1 Greg Roelofs | 1 Libpng | 2024-11-21 | 5.0 MEDIUM | N/A |
| Heap-based buffer overflow in the alpha strip capability in libpng 1.2.7 allows context-dependent attackers to cause a denial of service (crash) when the png_do_strip_filler function is used to strip alpha channels out of the image. | |||||
| CVE-2006-0459 | 1 Westes | 1 Flex | 2024-11-21 | 7.5 HIGH | N/A |
| flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator (flex) before 2.5.33 does not allocate enough memory for grammars containing (1) REJECT statements or (2) trailing context rules, which causes flex to generate code that contains a buffer overflow that might allow context-dependent attackers to execute arbitrary code. | |||||
| CVE-2006-0359 | 1 Counterpath | 1 Eyebeam Sip Softphone | 2024-11-21 | 7.5 HIGH | N/A |
| Buffer overflow in CounterPath eyeBeam SIP Softphone allows remote attackers to (1) cause a denial of service (device crash) via SIP INVITE commands with a long header field name sent during startup and (2) cause a denial of service (device hang or crash) via SIP INVITE commands with a long header field name sent during a call. | |||||
| CVE-2006-0323 | 1 Realnetworks | 4 Helix Player, Realone Player, Realplayer and 1 more | 2024-11-21 | 9.3 HIGH | N/A |
| Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations. | |||||
| CVE-2006-0301 | 1 Xpdf | 1 Xpdf | 2024-11-21 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Splash.cc in xpdf, as used in other products such as (1) poppler, (2) kdegraphics, (3) gpdf, (4) pdfkit.framework, and others, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap. | |||||
| CVE-2006-0179 | 1 Cisco | 1 Ip Phone 7940 | 2024-11-21 | 5.0 MEDIUM | N/A |
| The Cisco IP Phone 7940 allows remote attackers to cause a denial of service (reboot) via a large amount of TCP SYN packets (syn flood) to arbitrary ports, as demonstrated to port 80. | |||||
| CVE-2006-0097 | 1 Php | 1 Php | 2024-11-21 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the create_named_pipe function in libmysql.c in PHP 4.3.10 and 4.4.x before 4.4.3 for Windows allows attackers to execute arbitrary code via a long (1) arg_host or (2) arg_unix_socket argument, as demonstrated by a long named pipe variable in the host argument to the mysql_connect function. | |||||
| CVE-2006-0056 | 1 Pam-mysql | 1 Pam-mysql | 2024-11-21 | 7.5 HIGH | N/A |
| Double free vulnerability in the authentication and authentication token alteration code in PAM-MySQL 0.6.x before 0.6.2 and 0.7.x before 0.7pre3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted passwords, which lead to a double free of a pointer that was created by the pam_get_item function. NOTE: this issue only occurs in certain configurations in which there are multiple PAM modules, PAM-MySQL is not evaluated first, and there are no requisite modules before PAM-MySQL. | |||||
| CVE-2006-0034 | 1 Microsoft | 5 Distributed Transaction Coordinator, Windows 2000, Windows 2003 Server and 2 more | 2024-11-21 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the CRpcIoManagerServer::BuildContext function in msdtcprx.dll for Microsoft Distributed Transaction Coordinator (MSDTC) for Windows NT 4.0 and Windows 2000 SP2 and SP3 allows remote attackers to execute arbitrary code via a long fifth argument to the BuildContextW or BuildContext opcode, which triggers a bug in the NdrAllocate function, aka the MSDTC Invalid Memory Access Vulnerability. | |||||
| CVE-2006-0031 | 1 Microsoft | 1 Office | 2024-11-21 | 5.1 MEDIUM | N/A |
| Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed record with a modified length value, which leads to memory corruption. | |||||
| CVE-2006-0025 | 1 Microsoft | 1 Windows Media Player | 2024-11-21 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Microsoft Windows Media Player 9 and 10 allows remote attackers to execute arbitrary code via a PNG image with a large chunk size. | |||||
| CVE-2006-0021 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2024-11-21 | 7.8 HIGH | N/A |
| Microsoft Windows XP SP1 and SP2, and Server 2003 up to SP1, allows remote attackers to cause a denial of service (hang) via an IGMP packet with an invalid IP option, aka the "IGMP v3 DoS Vulnerability." | |||||
| CVE-2006-0010 | 1 Microsoft | 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more | 2024-11-21 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type (EOT) web font that triggers the overflow during decompression. | |||||
| CVE-2006-0007 | 1 Microsoft | 1 Office | 2024-11-21 | 9.3 HIGH | N/A |
| Buffer overflow in GIFIMP32.FLT, as used in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via a crafted GIF image that triggers memory corruption when it is parsed. | |||||
| CVE-2006-0006 | 1 Microsoft | 7 Windows 2000, Windows 2003 Server, Windows 98 and 4 more | 2024-11-21 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data. | |||||
| CVE-2006-0005 | 1 Microsoft | 7 Windows-nt, Windows 2000, Windows 2000 Advanced Server and 4 more | 2024-11-21 | 9.3 HIGH | N/A |
| Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute. | |||||
| CVE-2006-0001 | 1 Microsoft | 2 Office, Publisher | 2024-11-21 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Microsoft Publisher 2000 through 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted PUB file, which causes an overflow when parsing fonts. | |||||
| CVE-2005-4882 | 1 Philippe Jounin | 1 Tftpd32 | 2024-11-21 | 5.0 MEDIUM | N/A |
| tftpd in Philippe Jounin Tftpd32 2.74 and earlier, as used in Wyse Simple Imager (WSI) and other products, allows remote attackers to cause a denial of service (daemon crash) via a long filename in a TFTP read (aka RRQ or get) request, a different vulnerability than CVE-2002-2226. | |||||
| CVE-2005-4873 | 1 Cups | 1 Cups | 2024-11-21 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the phpcups PHP module for CUPS 1.1.23rc1 might allow context-dependent attackers to execute arbitrary code via vectors that result in long function parameters, as demonstrated by the cups_get_dest_options function in phpcups.c. | |||||