| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in the client connection routine of libDtSvc.so.1 in CDE Subprocess Control Service (dtspcd) allows remote attackers to execute arbitrary commands. |
| A buffer overflow in Linux fetchmail before 5.8.6 allows remote attackers to execute arbitrary code via a large 'To:' field in an email header. |
| Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap. |
| Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via multiple vectors including (1) a long pathname that is not properly handled during file list parsing, (2) long pathnames that result from path variable expansion such as tilde expansion for the HOME environment variable, and (3) a long -f (aka reffile) command line argument. |
| Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available. |
| Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled. |
| Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename. |
| Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demonstrated using LOADPSP. |
| Multiple buffer overflows in Oracle 9i Database release 2, Release 1, 8i, 8.1.7, and 8.0.6 allow remote attackers to execute arbitrary code via (1) a long conversion string argument to the TO_TIMESTAMP_TZ function, (2) a long time zone argument to the TZ_OFFSET function, or (3) a long DIRECTORY parameter to the BFILENAME function. |
| Buffer overflow in PostMethod() function for Monkey HTTP Daemon (monkeyd) 0.6.1 and earlier allows remote attackers to execute arbitrary code via a POST request with a large body. |
| Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter. |
| The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute arbitrary code via a certain network request. |
| isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKMP packet with a malformed Cert Request payload, which causes an integer underflow that is used in a malloc operation that is not properly handled, as demonstrated by the Striker ISAKMP Protocol Test Suite. |
| Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive. |
| Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command. |
| Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet. |
| Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code. |
| Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute arbitrary code via a callto:// URL with a long non-existent username, a different vulnerability than CVE-2004-1777. |
| Multiple buffer overflows in the IMAP service in Mercury/32 4.01a allow remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via long arguments to the (1) EXAMINE, (2) SUBSCRIBE, (3) STATUS, (4) APPEND, (5) CHECK, (6) CLOSE, (7) EXPUNGE, (8) FETCH, (9) RENAME, (10) DELETE, (11) LIST, (12) SEARCH, (13) CREATE, or (14) UNSUBSCRIBE commands. |
| Buffer overflow in Serv-U FTP server before 5.0.0.6 allows remote attackers to cause a denial of service (crash) via a long -l parameter, which triggers an out-of-bounds read. |
