C++ Exploits
245 exploits tracked across all sources.
NOW Sms Mms Gateway < 2007.06.27 - Memory Corruption
Multiple stack-based buffer overflows in Now SMS/MMS Gateway 2007.06.27 and earlier allow remote attackers to execute arbitrary code via a (1) long password in an Authorization header to the HTTP service or a (2) large packet to the SMPP service.
by Heretic2
ASUS Remote Console <2.0.0.19,2.0.0.24 - Buffer Overflow
Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 and 2.0.0.24 allows remote attackers to execute arbitrary code via a long string to TCP port 623.
by Heretic2
DivX Player <6.7.0.22 - Buffer Overflow
Stack-based buffer overflow in DivX Player 6.7 build 6.7.0.22 and earlier allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long subtitle in a .SRT file.
by lhoang8500
Microsoft Windows - Buffer Overflow
Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF or WMF image file with a malformed header that triggers an integer overflow, aka "GDI Heap Overflow Vulnerability."
by Lamhtz
CVSS 8.1
HP OpenView Network Node Manager (OV NNM) 7.5.1 - 'ovalarmsrv.exe' Remote Overflow
by Heretic2
Microsoft Windows - Buffer Overflow
Stack-based buffer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF image file with crafted filename parameters, aka "GDI Stack Overflow Vulnerability."
by Lamhtz
VLC 0.8.6e - Buffer Overflow
Stack-based buffer overflow in the ParseSSA function (modules/demux/subtitle.c) in VLC 0.8.6e allows remote attackers to execute arbitrary code via a long subtitle in an SSA file. NOTE: this issue is due to an incomplete fix for CVE-2007-6681.
by Mai Xuan Cuong
iTinySoft Studio Total Video Player <1.03 - Buffer Overflow
Stack-based buffer overflow in iTinySoft Studio Total Video Player 1.03, and possibly earlier, allows remote attackers to execute arbitrary code via a M3U playlist file that contains a long file name. NOTE: it was later reported that 1.20 and 1.30 are also affected.
by fl0 fl0w
GlobalLink 'GLChat.ocx' 2.5.1 - ActiveX Control 'ChatRoom()' Remote Buffer Overflow
by Knell
Microsoft Message Queuing - Memory Corruption
Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) service in Microsoft Windows 2000 Server SP4, Windows 2000 Professional SP4, and Windows XP SP2 allows attackers to execute arbitrary code via a long string in an opnum 0x06 RPC call to port 2103. NOTE: this is remotely exploitable on Windows 2000 Server.
by axis
Apple QuickTime <7.3.1 - Buffer Overflow
Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header.
by InTeL
Ipswitch Imail - Memory Corruption
Heap-based buffer overflow in iaspam.dll in the SMTP Server in Ipswitch IMail Server 8.01 through 8.11 allows remote attackers to execute arbitrary code via a set of four different e-mail messages with a long boundary parameter in a certain malformed Content-Type header line, the string "MIME" by itself on a line in the header, and a long Content-Transfer-Encoding header line.
by axis
Mercury (Pegasus) Mail 4.01 - RCE
Buffer overflow in the IMAP service of Mercury (Pegasus) Mail 4.01 allows remote attackers to execute arbitrary code via a long SELECT command.
by Heretic2
MercuryS SMTP <4.51 - Buffer Overflow
Stack-based buffer overflow in the MercuryS SMTP server in Mercury Mail Transport System, possibly 4.51 and earlier, allows remote attackers to execute arbitrary code via a long AUTH CRAM-MD5 string. NOTE: this might overlap CVE-2006-5961.
by ZhenHan.Liu
Diskeeper 9 - Info Disclosure/DoS
The administrative interface (aka DkService.exe) in Diskeeper 9 Professional, 2007 Pro Premier, and probably other versions exposes a memory comparison function via RPC over TCP, which allows remote attackers to (1) obtain sensitive information (process memory contents), as demonstrated by an attack that obtains module base addresses to defeat Address Space Layout Randomization (ASLR); or (2) cause a denial of service (application crash) via an out-of-bounds address.
by Pravus
Live for Speed S1-S2 - RCE
Multiple buffer overflows in Live for Speed (LFS) S1 and S2 allow user-assisted remote attackers to execute arbitrary code via (1) a .spr file (single player replay file) containing a long user name or (2) a .ply file containing a long number plate string, different vectors than CVE-2007-4140.
by n00b
Live for Speed S1-S2 - RCE
Multiple buffer overflows in Live for Speed (LFS) S1 and S2 allow user-assisted remote attackers to execute arbitrary code via (1) a .spr file (single player replay file) containing a long user name or (2) a .ply file containing a long number plate string, different vectors than CVE-2007-4140.
by n00b
Sap DB - Buffer Overflow
Multiple stack-based buffer overflows in waHTTP.exe (aka the SAP DB Web Server) in SAP DB, possibly 7.3 through 7.5, allow remote attackers to execute arbitrary code via (1) a certain cookie value; (2) a certain additional parameter, related to sapdbwa_GetQueryString; and other unspecified vectors related to "numerous other fields."
by Heretic2
Esri Arcsde - Buffer Overflow
Buffer overflow in the ArcSDE service (giomgr) in Environmental Systems Research Institute (ESRI) ArcGIS before 9.2 Service Pack 2, when using three tiered ArcSDE configurations, allows remote attackers to cause a denial of service (giomgr crash) and execute arbitrary code via long parameters in crafted requests.
by Heretic2
Acoustica Mp3 CD Burner - Buffer Overflow
Buffer overflow in Acoustica MP3 CD Burner 4.32 allows user-assisted remote attackers to execute arbitrary code via a .asx playlist file with a REF element containing a long string in the HREF attribute. NOTE: it was later claimed that 4.51 Build 147 is also affected.
by n00b
UltraISO <8.6.2.2011 - Buffer Overflow
Stack-based buffer overflow in UltraISO 8.6.2.2011 and earlier allows user-assisted remote attackers to execute arbitrary code via a long FILE string (filename) in a .cue file, a related issue to CVE-2007-2761. NOTE: some details are obtained from third party information.
by n00b
Microsoft Windows 2000 < 6 - Denial of Service
Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, which results in memory corruption when processing cursors, animated cursors, and icons, a similar issue to CVE-2005-0416, as originally demonstrated using Internet Explorer 6 and 7. NOTE: this issue might be a duplicate of CVE-2007-0038; if so, then use CVE-2007-0038 instead of this identifier.
by devcode
Frontbase Relational Database Server < 4.2.7 - Buffer Overflow
Buffer overflow in FrontBase Relational Database Server 4.2.7 and earlier allows remote authenticated users, with privileges for creating a stored procedure, to execute arbitrary code via a CREATE PROCEDURE request with a long procedure name.
by Heretic2
Daansystems Newsreactor - Buffer Overflow
Stack-based buffer overflow in DaanSystems NewsReactor 20070220.21 allows remote attackers to execute arbitrary code via a yEnc (yEncode) encoded article with a long filename.
by Marsu
Daansystems Newsreactor - Buffer Overflow
Stack-based buffer overflow in DaanSystems NewsReactor 20070220.21 allows remote attackers to execute arbitrary code via a yEnc (yEncode) encoded article with a long filename.
by Marsu
By Source