Buffer overflow in BreakPoint Software Hex Workshop 5.1.4 allows user-assisted attackers to cause a denial of service and possibly execute arbitrary code via a long mapping reference in a Color Mapping (.cmap) file.
Max CVSS
9.3
EPSS Score
0.62%
Published
2008-12-30
Updated
2017-09-29
Stack-based buffer overflow in IntelliTamper 2.07 and 2.08 allows remote attackers to execute arbitrary code via a MAP file containing a long URL, possibly a related issue to CVE-2006-2494.
Max CVSS
9.3
EPSS Score
10.68%
Published
2008-12-30
Updated
2017-09-29
Stack-based buffer overflow in BulletProof FTP Client allows user-assisted attackers to execute arbitrary code via a .bps file (aka Session-File) with a long second line, possibly a related issue to CVE-2008-5753.
Max CVSS
9.3
EPSS Score
6.97%
Published
2008-12-30
Updated
2017-09-29
Stack-based buffer overflow in BulletProof FTP Client 2.63 and 2010 allows user-assisted attackers to execute arbitrary code via a bookmark file entry with a long host name, which appears as a host parameter within the quick-connect bar.
Max CVSS
9.3
EPSS Score
0.88%
Published
2008-12-30
Updated
2017-09-29
Integer overflow in quartz.dll in the DirectShow framework in Microsoft Windows Media Player (WMP) 9, 10, and 11, including 11.0.5721.5260, allows remote attackers to cause a denial of service (application crash) via a crafted (1) WAV, (2) SND, or (3) MID file. NOTE: this has been incorrectly reported as a code-execution vulnerability. NOTE: it is not clear whether this issue is related to CVE-2008-4927.
Max CVSS
4.3
EPSS Score
18.80%
Published
2008-12-29
Updated
2018-10-11
Stack-based buffer overflow in skin.c in CoolPlayer 2.17 through 2.19 allows remote attackers to execute arbitrary code via a large PlaylistSkin value in a skin file.
Max CVSS
9.3
EPSS Score
13.46%
Published
2008-12-26
Updated
2018-10-11
Buffer overflow in SAWStudio 3.9i allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long SAWSTUDIO PREFERENCES STRUCT value in a .prf (preferences) file.
Max CVSS
10.0
EPSS Score
7.04%
Published
2008-12-26
Updated
2017-09-29

CVE-2008-5711

Public exploit
Heap-based buffer overflow in the Facebook PhotoUploader ActiveX control 5.0.14.0 and earlier allows remote attackers to execute arbitrary code via a long FileMask property value.
Max CVSS
9.3
EPSS Score
28.38%
Published
2008-12-24
Updated
2017-09-29
Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel before 2.6.28-rc1 might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.
Max CVSS
7.2
EPSS Score
0.04%
Published
2008-12-22
Updated
2018-10-03
Heap-based buffer overflow in the Phoenician Casino FlashAX ActiveX control 1.0.0.7 allows remote attackers to execute arbitrary code via a long argument to the SetID method.
Max CVSS
9.3
EPSS Score
5.66%
Published
2008-12-19
Updated
2017-09-29
Multiple buffer overflows in Opera before 9.63 might allow (1) remote attackers to execute arbitrary code via a crafted text area, or allow (2) user-assisted remote attackers to execute arbitrary code via a long host name in a file: URL. NOTE: this might overlap CVE-2008-5178.
Max CVSS
9.3
EPSS Score
10.43%
Published
2008-12-19
Updated
2018-10-11

CVE-2008-5664

Public exploit
Stack-based buffer overflow in Realtek Media Player (aka Realtek Sound Manager, RtlRack, or rtlrack.exe) 1.15.0.0 allows remote attackers to execute arbitrary code via a crafted playlist (PLA) file.
Max CVSS
9.3
EPSS Score
91.35%
Published
2008-12-19
Updated
2017-09-29
Multiple buffer overflows in Sun Java Wireless Toolkit (WTK) for CLDC 2.5.2 and earlier allow downloaded programs to execute arbitrary code via unknown vectors.
Max CVSS
9.3
EPSS Score
1.43%
Published
2008-12-17
Updated
2017-08-08
Format string vulnerability in the vinagre_utils_show_error function (src/vinagre-utils.c) in Vinagre 0.5.x before 0.5.2 and 2.x before 2.24.2 might allow remote attackers to execute arbitrary code via format string specifiers in a crafted URI or VNC server response.
Max CVSS
6.8
EPSS Score
16.48%
Published
2008-12-17
Updated
2018-10-11
Stack-based buffer overflow in the demux_open_vqf function in libmpdemux/demux_vqf.c in MPlayer 1.0 rc2 before r28150 allows remote attackers to execute arbitrary code via a malformed TwinVQ file.
Max CVSS
10.0
EPSS Score
17.94%
Published
2008-12-17
Updated
2018-10-11
Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is not properly handled during Unicode conversion, related to the (1) mb_convert_encoding, (2) mb_check_encoding, (3) mb_convert_variables, and (4) mb_parse_str functions.
Max CVSS
10.0
EPSS Score
3.74%
Published
2008-12-23
Updated
2018-10-11
Off-by-one error in the rfc822_output_char function in the RFC822BUFFER routines in the University of Washington (UW) c-client library, as used by the UW IMAP toolkit before imap-2007e and other applications, allows context-dependent attackers to cause a denial of service (crash) via an e-mail message that triggers a buffer overflow.
Max CVSS
4.3
EPSS Score
0.25%
Published
2008-12-23
Updated
2017-08-08
The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to (1) a reachable assertion or (2) an integer overflow.
Max CVSS
10.0
EPSS Score
1.79%
Published
2008-12-17
Updated
2018-11-08

CVE-2008-5492

Public exploit
Heap-based buffer overflow in the PDFVIEW.PdfviewCtrl.1 ActiveX control in pdfview.ocx 2.0.0.1 in VeryDOC PDF Viewer OCX Control allows remote attackers to execute arbitrary code via a long first argument to the OpenPDF method. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
88.15%
Published
2008-12-12
Updated
2017-09-29
Stack-based buffer overflow in SAN Manager Master Agent service (aka msragent.exe) in EMC Control Center 5.2 SP5 and 6.0 allows remote attackers to execute arbitrary code via multiple SST_CTGTRANS requests.
Max CVSS
10.0
EPSS Score
39.05%
Published
2008-12-10
Updated
2018-10-11

CVE-2008-5416

Public exploit
Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2 allows remote authenticated users to cause a denial of service (access violation exception) or execute arbitrary code by calling the sp_replwritetovarbin extended stored procedure with a set of invalid parameters that trigger memory overwrite, aka "SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability."
Max CVSS
9.0
EPSS Score
96.92%
Published
2008-12-10
Updated
2018-10-12
Unspecified vulnerability in the pdf.xmd module in (1) BitDefender Free Edition 10 and Antivirus Standard 10, (2) BullGuard Internet Security 8.5, and (3) Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, possibly related to included compressed streams that were processed with the ASCIIHexDecode filter. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
20.88%
Published
2008-12-10
Updated
2017-10-19
Buffer overflow in the data management protocol in Symantec Backup Exec for Windows Servers 11.0 (aka 11d) builds 6235 and 7170, 12.0 build 1364, and 12.5 build 2213 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors. NOTE: this can be exploited by unauthenticated remote attackers by leveraging CVE-2008-5407.
Max CVSS
9.0
EPSS Score
1.65%
Published
2008-12-10
Updated
2017-08-08
Stack-based buffer overflow in Apple QuickTime Player 7.5.5 and iTunes 8.0.2.20 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a MOV file with "long arguments," related to an "off by one overflow."
Max CVSS
9.3
EPSS Score
2.89%
Published
2008-12-10
Updated
2017-09-29

CVE-2008-5405

Public exploit
Stack-based buffer overflow in the RDP protocol password decoder in Cain & Abel 4.9.23 and 4.9.24, and possibly earlier, allows remote attackers to execute arbitrary code via an RDP file containing a long string.
Max CVSS
9.3
EPSS Score
86.67%
Published
2008-12-10
Updated
2017-09-29
694 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!