| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView 1.91 and 1.92, (2) NConvert 4.85, and (3) libgfl280.dll in GFL SDK 2.870 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file. |
| Multiple stack-based buffer overflows in in_mp3.dll in Winamp 5.21, 5.5, and 5.51 allow remote attackers to execute arbitrary code via a long (1) artist or (2) name tag in Ultravox streaming metadata, related to construction of stream titles. |
| Multiple buffer overflows in htmsr.dll in the HTML speed reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes 7.0.2 and 7.0.3, allow remote attackers to execute arbitrary code via an HTML document with (1) "large chunks of data," or a long URL in the (2) BACKGROUND attribute of a BODY element or (3) SRC attribute of an IMG element. |
| Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) long string parameters to the OpenView5.exe CGI program; (2) a long string parameter to the OpenView5.exe CGI program, related to ov.dll; or a long string parameter to the (3) getcvdata.exe, (4) ovlaunch.exe, or (5) Toolbar.exe CGI program. |
| Directory traversal vulnerability in OpenView5.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to read arbitrary files via directory traversal sequences in the Action parameter. |
| Stack-based buffer overflow in XnView 1.92 and 1.92.1 allows user-assisted remote attackers to execute arbitrary code via a long FontName parameter in a slideshow (.sld) file, a different vector than CVE-2008-1461. |
| Integer overflow in Orb Networks Orb 2.00.1014 and Winamp Remote BETA allows remote attackers to execute arbitrary code via an RPC request that specifies a large number of array dimensions, which triggers a heap-based buffer overflow. |
| The Web UI interface in (1) BitTorrent before 6.0.3 build 8642 and (2) uTorrent before 1.8beta build 10524 allows remote attackers to cause a denial of service (application crash) via an HTTP request with a malformed Range header. |
| Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in Evolution 2.12.3 and earlier allows remote attackers to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field. |
| Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter. |
| Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.0 through 7.0 allows local users to gain privileges via unknown vectors related to file change notifications in the TPRoot, NNTPFile\Root, or WWWRoot folders. |
| Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 through 6.0 allows remote attackers to execute arbitrary code via crafted inputs to ASP pages. |
| Unspecified vulnerability in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via crafted HTML layout combinations, aka "HTML Rendering Memory Corruption Vulnerability." |
| Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory Corruption Vulnerability." |
| Unspecified vulnerability in an ActiveX control (dxtmsft.dll) in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via a crafted image, aka "Argument Handling Memory Corruption Vulnerability." |
| Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft Windows XP SP2, Server 2003 SP1 and SP2, and Vista allows remote attackers to execute arbitrary code via a crafted WebDAV response. |
| Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka "Macro Validation Vulnerability," a different vulnerability than CVE-2007-3490. |
| An ActiveX control (Messenger.UIAutomation.1) in Windows Messenger 4.7 and 5.1 is marked as safe-for-scripting, which allows remote attackers to control the Messenger application, and "change state," obtain contact information, and establish audio or video connections without notification via unknown vectors. |
| The (1) VBScript (VBScript.dll) and (2) JScript (JScript.dll) scripting engines 5.1 and 5.6, as used in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2, do not properly decode script, which allows remote attackers to execute arbitrary code via unknown vectors. |
| Unspecified vulnerability in the TCP/IP support in Microsoft Windows Vista allows remote DHCP servers to cause a denial of service (hang and restart) via a crafted DHCP packet. |