| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option. |
| Buffer overflow in the http_parse_hex function in libz/misc.c in Zervit Webserver 0.02 allows remote attackers to cause a denial of service (daemon crash) via a long URI, related to http.c. |
| Buffer overflow in SYS.DBMS_DRS in Oracle Database 9.2.0.7 and 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via the GET_PROPERTY function in SYS.DBMS_DRS, aka DB03. |
| Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request. |
| Heap-based buffer overflow in the PdvrAtl.PdvrOcx.1 ActiveX control (pdvratl.dll) in DVRHOST Web CMS OCX 1.0.1.25 allows remote attackers to execute arbitrary code via a long second argument to the TimeSpanFormat method. |
| A certain ActiveX control in npUpload.dll in DivX Player 6.6.0 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) via a long argument to the SetPassword method. |
| Stack-based buffer overflow in an ActiveX control in najdisitoolbar.dll in Najdi.si Toolbar 2.0.4.1 allows remote attackers to cause a denial of service (browser crash) or execute arbitrary code via a long Document.Location property value. |
| Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) long string parameters to the OpenView5.exe CGI program; (2) a long string parameter to the OpenView5.exe CGI program, related to ov.dll; or a long string parameter to the (3) getcvdata.exe, (4) ovlaunch.exe, or (5) Toolbar.exe CGI program. |
| Stack-based buffer overflow in Mini-stream Ripper 3.0.1.1 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file. |
| Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used. |
| Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors. |
| Multiple buffer overflows in Openwsman 1.2.0 and 2.0.0 allow remote attackers to execute arbitrary code via a crafted "Authorization: Basic" HTTP header. |
| Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, which causes vtable entries to be overwritten. |
| Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attackers to execute arbitrary code via an XML file containing a long string as "an argument in the XSL input." |
| Multiple buffer overflows in Princeton WordNet (wn) 3.0 allow context-dependent attackers to execute arbitrary code via (1) a long argument on the command line; a long (2) WNSEARCHDIR, (3) WNHOME, or (4) WNDBVERSION environment variable; or (5) a user-supplied dictionary (aka data file). NOTE: since WordNet itself does not run with special privileges, this issue only crosses privilege boundaries when WordNet is invoked as a third party component. |
| Stack-based buffer overflow in Microsoft DirectX 7.0 and 8.1 on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a Synchronized Accessible Media Interchange (SAMI) file with crafted parameters for a Class Name variable, aka the "SAMI Format Parsing Vulnerability." |
| Multiple heap-based buffer overflows in Empire Server before 4.3.15 allow remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to a "coordinate normalization bug." NOTE: some of these details are obtained from third party information. |
| OpenBase 10.0.5 and earlier allows remote authenticated users to trigger a free of an arbitrary memory location via long strings in a SELECT statement. NOTE: this might be a buffer overflow, but it is not clear. |
| Stack-based buffer overflow in Aurigma Image Uploader ActiveX control (ImageUploader4.ocx) 4.5.70 and earlier, as used in MySpace MySpaceUploader.ocx 1.0.0.4, allows remote attackers to execute arbitrary code via a long Action property. |
| Mozilla Firefox 3.0.x, 3.5, and 3.5.1 on Windows allows remote attackers to cause a denial of service (uncaught exception and application crash) via a long Unicode string argument to the write method. NOTE: this was originally reported as a stack-based buffer overflow. NOTE: on Linux and Mac OS X, a crash resulting from this long string reportedly occurs in an operating-system library, not in Firefox. |
