Vulnerability & Exploit Database

Displaying entries 1 - 10 of 20 in total

Results for: CVE-2007-2444 Back to search

Sun Patch: JDS 3_x86: Macromedia Flash Player Plugin Patch Vulnerability

  • Severity: 10
  • Published: March 15, 2011

The NetStream class in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228 on Windows, Mac OS X, and Linux; Flash Player before 10.3.183.18 and 11.x before 11.2.202.223 on Solaris; Flash Player before 11.1.111.8 on Android 2.x and 3.x; and AIR before 3.2.0.2070 allows attackers to execute arbitrary code or cause a denial o...

Sun Patch: JDS 3: Macromedia Flash Player Plugin Patch Vulnerability

  • Severity: 10
  • Published: March 15, 2011

The NetStream class in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228 on Windows, Mac OS X, and Linux; Flash Player before 10.3.183.18 and 11.x before 11.2.202.223 on Solaris; Flash Player before 11.1.111.8 on Android 2.x and 3.x; and AIR before 3.2.0.2070 allows attackers to execute arbitrary code or cause a denial o...

SUSE-SA:2007:031: samba security problems Vulnerability

  • Severity: 10
  • Published: May 21, 2007

Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFil...

USN-460-1: Samba vulnerabilities Vulnerability

  • Severity: 10
  • Published: May 14, 2007

Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFil...

SUSE Linux Security Advisory: SUSE-SR:2007:011 Vulnerability

  • Severity: 10
  • Published: May 14, 2007

Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notify_option_type_data), (3) LsarAddPrivilegesToAccount (lsa_io_privilege_set), (4) NetSetFil...

SUSE Linux Security Vulnerability: CVE-2007-2444 Vulnerability

  • Severity: 7
  • Published: May 14, 2007

Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.

Sun Patch: SunOS 5.10_x86: Samba patch Vulnerability

  • Severity: 10
  • Published: May 14, 2007

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.

Sun Patch: SunOS 5.10: Samba patch Vulnerability

  • Severity: 10
  • Published: May 14, 2007

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.

Sun Patch: SunOS 5.9_x86: Samba Patch Vulnerability

  • Severity: 10
  • Published: May 14, 2007

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.

Sun Patch: SunOS 5.9: Samba Patch Vulnerability

  • Severity: 10
  • Published: May 14, 2007

The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call.