OSVDB: The Open Source Vulnerability Database

Creditee: Derek Soeder

Known Contact Information:

(as of 2006-05-09)

Known Affiliations:

eEye Digital Security (as of 2002-11-20)

Disclosed Vulnerabilities (25):

Disc. Date	OSVDB ID	CVEID	Title
2007-08-14	36390	2007-1749	Microsoft Windows Vector Markup Language (VML) VGX.DLL CDownloadSink Class Overflow
2007-04-10	37635	2007-1973	Microsoft Windows Virtual DOS Machine (VDM) PhysicalMemory Race Condition Local Privilege Escalation
2007-04-10	34011	2007-1206	Microsoft Windows Kernel Mapped Memory Local Privilege Escalation
2007-04-10	34008	2007-1209	Microsoft Windows Vista CSRSS Local Privilege Escalation
2006-12-07	31788	2006-6385	Intel LAN Driver OID Handler Local Privilege Escalation
2006-12-06	31055	2006-5856	Adobe Download Manager AOM File Handling Section Name Overflow
2006-08-24	30834	2006-3873	Microsoft IE URLMON.DLL Long URL HTTP Redirect Overflow
2006-08-23	28132	2006-3869	Microsoft IE HTTP 1.1 URL Parsing Overflow
2006-07-13	27158	2006-3623	McAfee ePolicy Orchestrator /spipe/pkg Traversal Arbitrary File Write
2006-05-24	25846	2006-2630	Symantec Client Security / AntiVirus Management Interface Remote Overflow
2006-05-09	25335	2006-0034	Microsoft Windows Distributed Transaction Coordinator (DTC) CRpcIoManagerServer::BuildContext Function Remote Overflow
2006-05-09	25336	2006-1184	Microsoft Windows Distributed Transaction Coordinator (DTC) BuildContextW Request DoS
2005-12-13	18823	2005-2827	Microsoft Windows Kernel APC Queue Manipulation Local Privilege Escalation
2005-10-11	18830	2005-2120	Microsoft Windows UMPNPMGR wsprintfW Remote Overflow
2005-06-14	17308	2005-1206	Microsoft Windows Server Message Block (SMB) Remote Code Execution
2005-02-08	13600	2005-0045	Microsoft Windows SMB Transaction Data Overflow
2004-10-12	10691	2004-0208	Microsoft Windows Virtual DOS Machine Subsystem Local Privilege Escalation
2004-06-10	6851	2004-0550	RealPlayer embd3260.dll URL Parsing Overflow
2004-05-12	6099	2004-0445 2004-0444	Symantec Multiple Firewall NBNS Response Processing Overflow
2004-05-12	6100	2004-0445	Symantec Multiple Firewall DNS Response DoS
2004-05-02	5745	2004-0431	Apple QuickTime (QuickTime.qts) .mov File sample-to-chunk Table Data Handling Overflow
2004-04-13	5257	2003-0910	Microsoft Windows Local Descriptor Table Privilege Escalation
2004-04-13	5258	2004-0118	Microsoft Windows Virtual DOS Machine Privilege Escalation
2004-02-10	3902	2003-0818	Microsoft Windows ASN.1 Library Integer Overflow
2002-11-20	7846	2002-1185	Microsoft IE PNG Invalid Length Code DoS

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.