CVE-2009-1430

Public exploit
Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process.
Max CVSS
9.3
EPSS Score
97.21%
Published
2009-04-29
Updated
2018-10-10

CVE-2009-1429

Public exploit
The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function.
Max CVSS
10.0
EPSS Score
97.03%
Published
2009-04-29
Updated
2017-08-17

CVE-2009-1350

Public exploit
Unspecified vulnerability in xtagent.exe in Novell NetIdentity Client before 1.2.4 allows remote attackers to execute arbitrary code by establishing an IPC$ connection to the XTIERRPCPIPE named pipe, and sending RPC messages that trigger a dereference of an arbitrary pointer.
Max CVSS
10.0
EPSS Score
96.40%
Published
2009-04-21
Updated
2018-10-10

CVE-2009-1260

Public exploit
Multiple stack-based buffer overflows in UltraISO 9.3.3.2685 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted (1) CCD or (2) IMG file.
Max CVSS
9.3
EPSS Score
91.36%
Published
2009-04-07
Updated
2017-09-29

CVE-2008-4830

Public exploit
Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI 6.40 Patch 29 (KWEDIT.DLL 6400.1.1.41) and 7.10 Patch 5 (KWEDIT.DLL 7100.1.1.43) allows remote attackers to (1) overwrite arbitrary files via the SaveDocumentAs method or (2) read or execute arbitrary files via the OpenDocument method.
Max CVSS
9.3
EPSS Score
31.48%
Published
2009-04-16
Updated
2018-10-11

CVE-2007-4475

Public exploit
Stack-based buffer overflow in EAI WebViewer3D ActiveX control (webviewer3d.dll) in SAP AG SAPgui before 7.10 Patch Level 9 allows remote attackers to execute arbitrary code via a long argument to the SaveViewToSessionFile method.
Max CVSS
9.3
EPSS Score
96.11%
Published
2009-04-01
Updated
2017-07-29

CVE-2007-2238

Public exploit
Multiple stack-based buffer overflows in the Whale Client Components ActiveX control (WhlMgr.dll), as used in Microsoft Intelligent Application Gateway (IAG) before 3.7 SP2, allow remote attackers to execute arbitrary code via long arguments to the (1) CheckForUpdates or (2) UpdateComponents methods.
Max CVSS
9.3
EPSS Score
95.48%
Published
2009-04-16
Updated
2017-07-29
The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code that calls this method with crafted integer arguments.
Max CVSS
9.3
EPSS Score
96.04%
Published
2009-04-30
Updated
2018-11-08
Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka CoolPlayer+ Portable) 2.19.1 allows remote attackers to execute arbitrary code via a skin file (skin.ini) with a large PlaylistSkin parameter. NOTE: this may overlap CVE-2008-5735.
Max CVSS
9.3
EPSS Score
4.07%
Published
2009-04-27
Updated
2017-09-29
Multiple unspecified vulnerabilities in the Server component in OCS Inventory NG before 1.02 have unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.38%
Published
2009-04-27
Updated
2009-04-28
Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka CoolPlayer+ Portable) 2.19.6 and earlier allows remote attackers to execute arbitrary code via a long string in a malformed playlist (.m3u) file. NOTE: this may overlap CVE-2008-3408.
Max CVSS
9.3
EPSS Score
7.08%
Published
2009-04-27
Updated
2018-02-22
XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service.
Max CVSS
9.3
EPSS Score
95.19%
Published
2009-04-29
Updated
2019-09-20
Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL.
Max CVSS
10.0
EPSS Score
19.14%
Published
2009-04-23
Updated
2009-09-16
Stack-based buffer overflow in ape_plugin.plg in Xilisoft Video Converter 3.1.53.0704n and 5.1.23.0402 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .cue file.
Max CVSS
9.3
EPSS Score
6.21%
Published
2009-04-22
Updated
2017-09-29
dig.php in GScripts.net DNS Tools allows remote attackers to execute arbitrary commands via shell metacharacters in the host parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
10.0
EPSS Score
0.25%
Published
2009-04-22
Updated
2009-04-23
apt-get in apt before 0.7.21 does not check for the correct error code from gpgv, which causes apt to treat a repository as valid even when it has been signed with a key that has been revoked or expired, which might allow remote attackers to trick apt into installing malicious repositories.
Max CVSS
10.0
EPSS Score
2.27%
Published
2009-04-21
Updated
2020-01-08
Stack-based buffer overflow in Elecard AVC HD Player allows remote attackers to execute arbitrary code via a long MP3 filename in a playlist (.xpl) file.
Max CVSS
9.3
EPSS Score
14.36%
Published
2009-04-21
Updated
2017-09-29
Stack-based buffer overflow in Dawningsoft PowerCHM 5.7 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an HTML file with a link to a long URL, as demonstrated by a .rar URL.
Max CVSS
9.3
EPSS Score
9.01%
Published
2009-04-21
Updated
2017-09-29
Heap-based buffer overflow in Apollo 37zz allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long URI in a playlist (.m3u) file.
Max CVSS
9.3
EPSS Score
6.21%
Published
2009-04-21
Updated
2017-09-29
Integer overflow in Microsoft Windows Media Player (WMP) 11.0.5721.5260 allows remote attackers to cause a denial of service (application crash) via a crafted .mid file, as demonstrated by crash.mid.
Max CVSS
9.3
EPSS Score
2.29%
Published
2009-04-17
Updated
2017-09-29
Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary code via a long filename in a playlist (.pls) file.
Max CVSS
9.3
EPSS Score
6.92%
Published
2009-04-17
Updated
2017-09-29
Stack-based buffer overflow in Mini-stream Shadow Stream Recorder 3.0.1.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
Max CVSS
9.3
EPSS Score
7.86%
Published
2009-04-17
Updated
2017-12-13
Stack-based buffer overflow in Mini-stream RM-MP3 Converter 3.0.0.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
Max CVSS
9.3
EPSS Score
10.98%
Published
2009-04-17
Updated
2017-09-29
Stack-based buffer overflow in Mini-stream WM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
Max CVSS
9.3
EPSS Score
10.98%
Published
2009-04-17
Updated
2017-09-29
Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.
Max CVSS
9.3
EPSS Score
10.98%
Published
2009-04-17
Updated
2017-09-29
94 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!