CVE-2011-2089

Public exploit
Stack-based buffer overflow in the SetActiveXGUID method in the VersionInfo ActiveX control in GenVersion.dll 8.0.138.0 in the WebHMI subsystem in ICONICS BizViz 9.x before 9.22 and GENESIS32 9.x before 9.22 allows remote attackers to execute arbitrary code via a long string in the argument. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
50.75%
Published
2011-05-13
Updated
2017-08-29
Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket.
Max CVSS
7.5
EPSS Score
1.86%
Published
2011-05-31
Updated
2017-08-17
Multiple stack-based buffer overflows in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allow remote attackers to execute arbitrary code via crafted packet content accompanying a (1) DATA or (2) ERROR opcode.
Max CVSS
10.0
EPSS Score
9.22%
Published
2011-05-13
Updated
2013-07-17
Stack-based buffer overflow in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long mode field.
Max CVSS
10.0
EPSS Score
6.77%
Published
2011-05-13
Updated
2019-10-09
Stack-based buffer overflow in the logging functionality in dbman.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via vectors related to a received action.
Max CVSS
10.0
EPSS Score
6.77%
Published
2011-05-13
Updated
2019-10-09
Stack-based buffer overflow in img.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a crafted length field in a packet.
Max CVSS
10.0
EPSS Score
6.86%
Published
2011-05-13
Updated
2013-08-28
Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remote attackers to bypass intended access restrictions in opportunistic circumstances via a TCP connection, related to improper handling of invalid port numbers.
Max CVSS
6.8
EPSS Score
0.51%
Published
2011-05-03
Updated
2011-09-07
Google Chrome before 11.0.696.71 does not properly implement the GPU command buffer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Max CVSS
10.0
EPSS Score
1.32%
Published
2011-05-26
Updated
2020-05-22
Multiple integer overflows in the SVG Filters implementation in WebCore in WebKit in Google Chrome before 11.0.696.68 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
Max CVSS
7.5
EPSS Score
0.69%
Published
2011-05-16
Updated
2020-05-22
Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl call.
Max CVSS
6.9
EPSS Score
0.04%
Published
2011-05-09
Updated
2023-02-13
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed bm message.
Max CVSS
10.0
EPSS Score
77.39%
Published
2011-05-07
Updated
2018-10-09
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed omniiaputil message.
Max CVSS
10.0
EPSS Score
87.10%
Published
2011-05-07
Updated
2018-10-09
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed HPFGConfig message.
Max CVSS
10.0
EPSS Score
85.44%
Published
2011-05-07
Updated
2018-10-09
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed stutil message.
Max CVSS
10.0
EPSS Score
85.44%
Published
2011-05-07
Updated
2018-10-09
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_INTEGUTIL message.
Max CVSS
10.0
EPSS Score
87.10%
Published
2011-05-07
Updated
2018-10-09
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_SCRIPT message.
Max CVSS
10.0
EPSS Score
85.44%
Published
2011-05-07
Updated
2018-10-09
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed GET_FILE message.
Max CVSS
10.0
EPSS Score
85.44%
Published
2011-05-07
Updated
2018-10-09
Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_BAR message.
Max CVSS
10.0
EPSS Score
85.44%
Published
2011-05-07
Updated
2018-10-09
The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method.
Max CVSS
6.8
EPSS Score
88.66%
Published
2011-05-13
Updated
2018-10-09
Heap-based buffer overflow in the MP4_ReadBox_skcr function in libmp4.c in the MP4 demultiplexer in VideoLAN VLC media player 1.x before 1.1.9 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted MP4 file.
Max CVSS
6.8
EPSS Score
9.27%
Published
2011-05-03
Updated
2017-09-19
Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call.
Max CVSS
4.9
EPSS Score
0.04%
Published
2011-05-03
Updated
2023-02-13
Heap-based buffer overflow in the is_gpt_valid function in fs/partitions/efi.c in the Linux kernel 2.6.38 and earlier allows physically proximate attackers to cause a denial of service (OOPS) or possibly have unspecified other impact via a crafted size of the EFI GUID partition-table header on removable media.
Max CVSS
4.9
EPSS Score
0.39%
Published
2011-05-03
Updated
2018-10-09

CVE-2011-1574

Public exploit
Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file.
Max CVSS
6.8
EPSS Score
31.18%
Published
2011-05-09
Updated
2023-02-13
Multiple stack consumption vulnerabilities in the kernel in NetBSD 4.0, 5.0 before 5.0.3, and 5.1 before 5.1.1, when IPsec is enabled, allow remote attackers to cause a denial of service (memory corruption and panic) or possibly have unspecified other impact via a crafted (1) IPv4 or (2) IPv6 packet with nested IPComp headers.
Max CVSS
6.8
EPSS Score
2.51%
Published
2011-05-09
Updated
2011-09-07
Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR.
Max CVSS
9.3
EPSS Score
6.10%
Published
2011-05-31
Updated
2018-10-09
52 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!