| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Stack-based buffer overflow in (1) uTorrent 1.7.7 build 8179 and earlier and (2) BitTorrent 6.0.3 build 8642 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Created By field in a .torrent file. |
| Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via unspecified vectors. NOTE: this might be related to CVE-2007-3676. |
| Buffer overflow in the GomManager (GomWeb Control) ActiveX control in GomWeb3.dll 1.0.0.12 in Gretech Online Movie Player (GOM Player) 2.1.6.3499 allows remote attackers to execute arbitrary code via a long argument to the OpenUrl method. |
| Buffer overflow in the backend of XenSource Xen Para Virtualized Frame Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted description of a shared framebuffer. |
| Stack-based buffer overflow in MixVibes 7.043 Pro allows remote attackers to cause a denial of service (crash) via a long string in a .vib file. |
| Multiple stack-based buffer overflows in the awApi4.AnswerWorks.1 ActiveX control in awApi4.dll 4.0.0.42, as used by Vantage Linguistics AnswerWorks, and Intuit Clearly Bookkeeping, ProSeries, QuickBooks, Quicken, QuickTax, and TurboTax, allow remote attackers to execute arbitrary code via long arguments to the (1) GetHistory, (2) GetSeedQuery, (3) SetSeedQuery, and possibly other methods. NOTE: some of these details are obtained from third party information. |
| Heap-based buffer overflow in OtsAV DJ trial version 1.85.64.0, Radio trial version 1.85.64.0, TV trial version 1.85.64.0, and Free version 1.77.001 allows remote attackers to execute arbitrary code via a long playlist in an Ots File List (.ofl) file. |
| Multiple stack-based buffer overflows in Sarg might allow attackers to execute arbitrary code via unknown vectors, probably a crafted Squid log file. |
| Heap-based buffer overflow in the CamImage.CamImage.1 ActiveX control in AxisCamControl.ocx in AXIS Camera Control 2.40.0.0 allows remote attackers to execute arbitrary code via a long image_pan_tilt property value. |
| mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not prevent stack expansion from entering into reserved kernel page memory, which allows local users to cause a denial of service (OOPS) via unspecified vectors. |
| Buffer overflow in the kernel in Apple Mac OS X 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a crafted AppleTalk response packet. |
| Stack-based buffer overflow in B Labs Bopup Communication Server 3.2.26.5460 allows remote attackers to execute arbitrary code via a crafted request to TCP port 19810. |
| Buffer overflow in the Microsoft HeartbeatCtl ActiveX control in HRTBEAT.OCX allows remote attackers to execute arbitrary code via the Host argument to an unspecified method. |
| Stack-based buffer overflow in Foundation in Apple Mac OS X 10.4.11 allows context-dependent attackers to execute arbitrary code via a "long pathname with an unexpected structure" that triggers the overflow in NSFileManager. |
| Heap-based buffer overflow in the XML parsing functionality in talk.dll in Cerulean Studios Trillian Pro before 3.1.10.0 allows remote attackers to execute arbitrary code via a malformed attribute in an IMG tag. |
| Heap-based buffer overflow in the FTP subsystem in Sun Java System Web Proxy Server 4.0 through 4.0.7 allows remote attackers to execute arbitrary code via a crafted HTTP GET request. |
| Stack-based buffer overflow in AppKit in Apple Mac OS X 10.4.11 allows user-assisted remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted PostScript Printer Description (PPD) file that is not properly handled when querying a network printer. |
| Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl. |
| Stack-based buffer overflow in skin.c in CoolPlayer 2.17 through 2.19 allows remote attackers to execute arbitrary code via a large PlaylistSkin value in a skin file. |
| Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment. |
