Searching second software vulnerabilities

BMC PATROL SNMP Agent before 3.2.07 allows loca

PATROL | before | Agent | SNMP | BMC |

BMC PATROL SNMP Agent before 3.2.07 allows local users to create arbitrary world-writeable files as root by specifying the target file as the second argument to the snmpmagt program.


Cabletron SmartSwitch Router (SSR) 8000 firmwar

SmartSwitch | Cabletron | Router |

Cabletron SmartSwitch Router (SSR) 8000 firmware 2.x can only handle 200 ARP requests per second allowing a denial of service attack to succeed with a flood of ARP requests exceeding that limit.


Microsoft Windows 2000 telnet service creates n

Microsoft | Windows |

Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the second of two variants of this vulnerability.


Unknown vulnerability in the Certificate Enroll

vulnerability | Certificate | Enrollment | Millennium | Microsoft | Windows | Edition | ActiveX | Unknown | Control | Second |

Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's system via HTML.


Croteam Serious Sam demo test 2 2.1a, Serious S

Serious | Croteam | demo | test | 21a | Sam |

Croteam Serious Sam demo test 2 2.1a, Serious Sam: the First Encounter 1.05, and Serious Sam: the Second Encounter 1.05 allow remote attackers to cause a denial of service (crash or freeze) via a TCP packet with an invalid first parameter.


Buffer overflow in the KSDWRTB function in the

dbms_system | function | overflow | package | KSDWRTB | Buffer |

Buffer overflow in the KSDWRTB function in the dbms_system package (dbms_system.ksdwrt) for Oracle 9i Database Server Release 2 9.2.0.3 and 9.2.0.4, 9i Release 1 9.0.1.4 and 9.0.1.5, and 8i Release 1 8.1.7.4, allows remote authorized users to execute arbitrary code via a long second argument.


Heap-based buffer overflow in the DVD subpictur

subpicture | Heap-based | attackers | arbitrary | xine-lib | overflow | earlier | decoder | execute | remote | allows | buffer | 1-rc5 | code | xine | via | DVD |

Heap-based buffer overflow in the DVD subpicture decoder in xine xine-lib 1-rc5 and earlier allows remote attackers to execute arbitrary code via a (1) DVD or (2) MPEG subpicture header where the second field reuses RLE data from the end of the first field.


Buffer overflow in the POP3 server in 1st Class

attackers | overflow | service | allows | remote | server | Buffer | denial | Class | cause | POP3 | Mail | 1st |

Buffer overflow in the POP3 server in 1st Class Mail Server 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an APOP USER command with a long second parameter (digest).


Format string vulnerability in IMAP4 in IA eMai

vulnerability | eMailServer | Corporate | Edition | string | Format | IMAP4 |

Format string vulnerability in IMAP4 in IA eMailServer Corporate Edition 5.2.2 build 1051 allows remote attackers to cause a denial of service (application crash) via a LIST command with format string specifiers as the second argument.


Second-order symlink vulnerability in eix-sync.

vulnerability | Second-order | eix-syncin | symlink | Ebuild | IndeX |

Second-order symlink vulnerability in eix-sync.in in Ebuild IndeX (eix) before 0.5.0_pre2 allows local users to overwrite arbitrary files via a symlink attack on the exi.X.sync temporary file, which is processed by the diff-eix program.


The (1) to_char and (2) to_date function in IBM


The (1) to_char and (2) to_date function in IBM DB2 8.1 allows local users to cause a denial of service (application crash) via an empty string in the second parameter, which causes a null pointer dereference.


mysqld in MySQL 4.1.x before 4.1.18, 5.0.x befo

before | mysqld | MySQL | 41x |

mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before 5.1.6 allows remote authorized users to cause a denial of service (crash) via a NULL second argument to the str_to_date function.


The Execute method in the ADODB.Connection 2.7

ADODBConnection | control | objects | ActiveX | Execute | method |

The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control objects (ADODB.Connection.2.7 and ADODB.Connection.2.8) in the Microsoft Data Access Components (MDAC) 2.5 SP3, 2.7 SP1, 2.8, and 2.8 SP1 does not properly track freed memory when the second argument is a BSTR, which allows remote attackers to cause a denial of service (Internet Explorer crash) and possibly execute arbitrary code via certain strings in the second and third arguments.


An ActiveX control in ierpplug.dll for RealNetw

RealNetworks | ierpplugdll | RealPlayer | ActiveX | control |

An ActiveX control in ierpplug.dll for RealNetworks RealPlayer 10.5 allows remote attackers to cause a denial of service (Internet Explorer 7 crash) by invoking the RealPlayer.OpenURLInPlayerBrowser method with a long second argument.


The cpdf_open function in the ClibPDF (cpdf) ex

cpdf_open | function | ClibPDF |

The cpdf_open function in the ClibPDF (cpdf) extension in PHP 4.4.6 allows context-dependent attackers to obtain sensitive information (script source code) via a long string in the second argument.


Multiple stack-based buffer overflows in Second

stack-based | overflows | ActiveGS | Multiple | Software | control | ActiveX | buffer | Second | Sight |

Multiple stack-based buffer overflows in Second Sight Software ActiveGS ActiveX control (ActiveGS.ocx) allow remote attackers to execute arbitrary code via unspecified vectors.


Stack-based buffer overflow in Second Sight Sof

Stack-based | ActiveMod | Software | overflow | ActiveX | control | buffer | Second | Sight |

Stack-based buffer overflow in Second Sight Software ActiveMod ActiveX control (ActiveMod.ocx) allows remote attackers to execute arbitrary code via unspecified vectors.


Absolute path traversal vulnerability in a cert

vulnerability | hpqvwocxdll | traversal | Absolute | control | ActiveX | certain | path |

Absolute path traversal vulnerability in a certain ActiveX control in hpqvwocx.dll 2.1.0.556 in Hewlett-Packard (HP) Digital Imaging allows remote attackers to create or overwrite arbitrary files via the second argument to the SaveToFile method.


Heap-based buffer overflow in the BlueSkychat (

BlueSkychat | Heap-based | overflow | buffer |

Heap-based buffer overflow in the BlueSkychat (BlueSkyCat) ActiveX control (V2.V2Ctrl.1) in v2.ocx 8.1.2.0 and earlier allows remote attackers to execute arbitrary code via a long string in the second argument to the ConnecttoServer method.


Buffer overflow in the nvUnifiedControl.AUnifie

nvUnifiedControlAUnifiedControl1 | nvUnifiedControldll | overflow | control | ActiveX | Buffer |

Buffer overflow in the nvUnifiedControl.AUnifiedControl.1 ActiveX control in nvUnifiedControl.dll 1.1.45.0 in ACTi Network Video Recorder (NVR) SP2 2.0 allows remote attackers to execute arbitrary code via a long second argument to the SetText method.


Software vulnerabilities results 1 to 20 of 58     
Page: 123