• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-119

CVE-2007-4974

February 26, 2023 by

Heap-based buffer overflow in the flac_buffer_copy function in libsndfile 1.0.17 and earlier might allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data containing a block with a size that exceeds the previous block size.

CVE-2007-4992

February 26, 2023 by

Stack-based buffer overflow in the process_packet function in fbserver.exe in Firebird SQL 2.0.2 allows remote attackers to execute arbitrary code via a long request to TCP port 3050.

CVE-2007-4938

February 26, 2023 by

Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large “indx truck size” and nEntriesInuse values, and a certain wLongsPerEntry value.

CVE-2007-4939

February 26, 2023 by

Heap-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with an “indx truck size” of 0xffffffff, and certain wLongsPerEntry and nEntriesInuse values.

CVE-2007-4943

February 26, 2023 by

Multiple buffer overflows in a certain ActiveX control in sparser.dll in Baofeng Storm 2.8 and earlier allow remote attackers to execute arbitrary code via malformed input in an unknown set of arguments or property values, a different DLL than CVE-2007-4816. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVE-2007-4903

February 26, 2023 by

Multiple buffer overflows in a certain ActiveX control in CryptoX.dll 2.0 and earlier in the Ultra Crypto Component allow remote attackers to execute arbitrary code via (1) a long string in the first argument to the AcquireContext method or (2) an unspecified vector to the DeleteContext method.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 131
  • Go to page 132
  • Go to page 133
  • Go to page 134
  • Go to page 135
  • Interim pages omitted …
  • Go to page 452
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE