LiveActive security incident?Get immediate response
CVE archive

August 2011

Browse CVE records published in August 2011, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 393 matching CVEs · Page 1 of 8.

Critical · CVSS 9.3

CVE-2011-10032: Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57

Sunway ForceControl version 6.1 SP3 and earlier contains a stack-based buffer overflow vulnerability in the SNMP NetDBServer service, which listens on TCP port 2001. The flaw is triggered when the service receives a specially crafted packet using opcode 0x57 with an overly long payload. Due to improper bounds checking during packet parsing, attacker-controlled data overwrites the Structured Exception Handler (SEH), allowing arbitrary code execution in the context of the service. This vulnerability can be exploited remotely without authentication and may lead to full system compromise on affected Windows hosts.

Published Aug 30, 2025 · Updated May 15, 2026

High · CVSS 8.4

CVE-2011-10030: Foxit PDF Reader < 4.3.1.0218 JavaScript File Write

Foxit PDF Reader <  4.3.1.0218 exposes a JavaScript API function, createDataObject(), that allows untrusted PDF content to write arbitrary files anywhere on disk. By embedding a malicious PDF that calls this API, an attacker can drop executables or scripts into privileged folders, leading to code execution the next time the system boots or the user logs in.

Published Aug 20, 2025 · Updated May 15, 2026

High · CVSS 8.7

CVE-2011-10029: Solar FTP Server <= 2.1.1 Malformed USER Denial of Service

Solar FTP Server fails to properly handle format strings passed to the USER command. When a specially crafted string containing format specifiers is sent, the server crashes due to a read access violation in the __output_1() function of sfsservice.exe. This results in a denial of service (DoS) condition.

Published Aug 20, 2025 · Updated May 15, 2026

High · CVSS 8.7

CVE-2011-10028: RealNetworks Arcade Games StubbyUtil.ProcessMgr ActiveX Arbitrary Code Execution

The RealNetworks RealArcade platform includes an ActiveX control (InstallerDlg.dll, version 2.6.0.445) that exposes a method named Exec via the StubbyUtil.ProcessMgr COM object. This method allows remote attackers to execute arbitrary commands on a victim's Windows machine without proper validation or restrictions. This platform was sometimes referred to or otherwise known as RealArcade or Arcade Games and has since consolidated with RealNetworks' platform, GameHouse.

Published Aug 20, 2025 · Updated May 15, 2026

High · CVSS 8.4

CVE-2011-10027: AOL Desktop 9.6 RTX Stack-Based Buffer Overflow

AOL Desktop 9.6 contains a buffer overflow vulnerability in its Tool\rich.rct component when parsing .rtx files. By embedding an overly long string in a hyperlink tag, an attacker can trigger a stack-based buffer overflow due to the use of unsafe strcpy operations. This allows remote attackers to execute arbitrary code when a victim opens a malicious .rtx file. AOL Desktop is end-of-life and no longer supported. Users are encouraged to migrate to AOL Desktop Gold or alternative platforms.

Published Aug 20, 2025 · Updated May 15, 2026

Critical · CVSS 9.3

CVE-2011-10026: Spreecommerce < 0.50.x API RCE

Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API's search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the search[instance_eval] parameter, which is dynamically invoked using Ruby’s send method. This flaw enables unauthenticated attackers to execute commands on the server.

Published Aug 20, 2025 · Updated May 15, 2026

High · CVSS 8.5

CVE-2011-10025: Subtitle Processor 7.7.1 .m3u SEH Unicode Buffer Overflow

Subtitle Processor 7.7.1 contains a buffer overflow vulnerability in its .m3u file parser. When a crafted playlist file is opened, the application converts input to Unicode and copies it to a fixed-size stack buffer without proper bounds checking. This allows an attacker to overwrite the Structured Exception Handler (SEH) and execute arbitrary code.

Published Aug 20, 2025 · Updated May 15, 2026

High · CVSS 8.6

CVE-2011-10022: SPlayer 3.7 Content-Type Header Buffer Overflow

SPlayer version 3.7 and earlier is vulnerable to a stack-based buffer overflow when processing HTTP responses containing an overly long Content-Type header. The vulnerability occurs due to improper bounds checking on the header value, allowing an attacker to overwrite the Structured Exception Handler (SEH) and execute arbitrary code. Exploitation requires the victim to open a media file that triggers an HTTP request to a malicious server, which responds with a crafted Content-Type header.

Published Aug 20, 2025 · Updated May 15, 2026

High · CVSS 8.4

CVE-2011-10021: Magix Musik Maker <= v16 .mmm Stack-Based Buffer Overflow

Magix Musik Maker 16 is vulnerable to a stack-based buffer overflow due to improper handling of .mmm arrangement files. The vulnerability arises from an unsafe strcpy() operation that fails to validate input length, allowing attackers to overwrite the Structured Exception Handler (SEH). By crafting a malicious .mmm file, an attacker can trigger the overflow when the file is opened, potentially leading to arbitrary code execution. This vulnerability was remediated in version 17.

Published Aug 20, 2025 · Updated May 15, 2026

High · CVSS 8.7

CVE-2011-10020: Kaillera 0.86 Server DoS via Malformed UDP Packet

Kaillera Server version 0.86 is vulnerable to a denial-of-service condition triggered by sending a malformed UDP packet after the initial handshake. Once a client sends a valid HELLO0.83 packet and receives a response, any subsequent malformed packet causes the server to crash and become unresponsive. This flaw stems from improper input validation in the server’s UDP packet handler, allowing unauthenticated remote attackers to disrupt service availability.

Published Aug 20, 2025 · Updated May 15, 2026

Critical · CVSS 10

CVE-2011-10019: Spreecommerce < 0.60.2 Search Parameter RCE

Spreecommerce versions prior to 0.60.2 contains a remote command execution vulnerability in its search functionality. The application fails to properly sanitize input passed via the search[send][] parameter, which is dynamically invoked using Ruby’s send method. This allows attackers to execute arbitrary shell commands on the server without authentication.

Published Aug 13, 2025 · Updated May 15, 2026

Critical · CVSS 10

CVE-2011-10017: Snort Report nmap.php/nbtscan.php RCE

Snort Report versions < 1.3.2 contains a remote command execution vulnerability in the nmap.php and nbtscan.php scripts. These scripts fail to properly sanitize user input passed via the target GET parameter, allowing attackers to inject arbitrary shell commands. Exploitation requires no authentication and can result in full compromise of the underlying system.

Published Aug 13, 2025 · Updated May 15, 2026

Critical · CVSS 9.3

CVE-2011-10015: Cytel Studio <= 9.0 .CY3 File Stack Buffer Overflow

Cytel Studio version 9.0 and earlier is vulnerable to a stack-based buffer overflow triggered by parsing a malformed .CY3 file. The vulnerability occurs when the application copies user-controlled strings into a fixed-size stack buffer (256 bytes) without proper bounds checking. Exploitation allows arbitrary code execution when the crafted file is opened.

Published Aug 13, 2025 · Updated May 15, 2026

Critical · CVSS 10

CVE-2011-10011: WeBid 1.0.2 converter.php Remote PHP Code Injection

WeBid 1.0.2 contains a remote code injection vulnerability in the converter.php script, where unsanitized input in the to parameter of a POST request is written directly into includes/currencies.php. This allows unauthenticated attackers to inject arbitrary PHP code, resulting in persistent remote code execution when the modified script is accessed or included by the application.

Published Aug 13, 2025 · Updated May 15, 2026

Critical · CVSS 9.4

CVE-2011-10010: QuickShare File Server 1.2.1 Path Traversal RCE

QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to improper sanitation of user-supplied file paths. Authenticated users can exploit this flaw by submitting crafted sequences to access or write files outside the intended virtual directory. When the "Writable" option is enabled (default during account creation), this allows attackers to upload arbitrary files to privileged locations such as system32, enabling remote code execution via MOF injection or executable placement.

Published Aug 13, 2025 · Updated May 15, 2026

High · CVSS 8.4

CVE-2011-10023: MJM QuickPlayer <= 2010 .s3m Stack-Based Buffer Overflow

MJM QuickPlayer (likely now referred to as MJM Player) version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitrary code. Exploitation is achieved via a crafted payload that bypasses DEP and ASLR protections using ROP techniques, and requires user interaction to open the file.

Published Aug 20, 2025 · Updated May 14, 2026

Critical · CVSS 10

CVE-2011-10013: Traq 2.0–2.3 admincp/common.php RCE

Traq versions 2.0 through 2.3 contain a remote code execution vulnerability in the admincp/common.php script. The flawed authorization logic fails to halt execution after a failed access check, allowing unauthenticated users to reach admin-only functionality. This can be exploited via plugins.php to inject and execute arbitrary PHP code.

Published Aug 13, 2025 · Updated May 14, 2026

High · CVSS 8.4

CVE-2011-10024: MJM Core Player 2011 .s3m File Stack-Based Buffer Overflow

MJM Core Player (likely now referred to as MJM Player) 2011 is vulnerable to a stack-based buffer overflow when parsing specially crafted .s3m music files. The vulnerability arises from improper bounds checking in the file parser, allowing an attacker to overwrite memory on the stack and execute arbitrary code. Exploitation is triggered when a user opens a malicious .s3m file, and the exploit bypasses DEP and ASLR protections using a ROP chain.

Published Aug 20, 2025 · Updated Apr 7, 2026

Critical · CVSS 10

CVE-2011-10018: myBB 1.6.4 Backdoor Arbitrary Command Execution

myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The backdoor allowed remote attackers to execute arbitrary PHP code by injecting payloads into a specially crafted collapsed cookie. This vulnerability was introduced during packaging and was not part of the intended application logic. Exploitation requires no authentication and results in full compromise of the web server under the context of the web application.

Published Aug 13, 2025 · Updated Apr 7, 2026

Critical · CVSS 9.3

CVE-2011-10016: Real Networks Netzip Classic 7.5.1.86 File Parsing Buffer Overflow

Real Networks Netzip Classic version 7.5.1.86 is vulnerable to a stack-based buffer overflow when parsing a specially crafted ZIP archive. The vulnerability is triggered when the application attempts to process a file name within the archive that exceeds the expected buffer size. Exploitation allows arbitrary code execution under the context of the victim user when the ZIP file is opened.

Published Aug 13, 2025 · Updated Apr 7, 2026

High · CVSS 8.7

CVE-2011-10014: GTA SA-MP server.cfg Buffer Overflow

GTA San Andreas Multiplayer (SA-MP) server version 0.3.1.1 is vulnerable to a stack-based buffer overflow triggered by parsing a malformed server.cfg configuration file. The vulnerability allows local attackers to execute arbitrary code when the server binary (samp-server.exe) processes a crafted echo directive containing excessive input. The original 'sa-mp.com' site is defunct, but the community maintains mirrors and forks that may be vulnerable.

Published Aug 13, 2025 · Updated Apr 7, 2026

High · CVSS 8.4

CVE-2011-10012: NetOp Remote Control Client 9.5 .dws File Buffer Overflow

NetOp (now part of Impero Software) Remote Control Client v9.5 is vulnerable to a stack-based buffer overflow when processing .dws configuration files. If a .dws file contains a string longer than 520 bytes, the application fails to perform proper bounds checking, allowing an attacker to execute arbitrary code when the file is opened.

Published Aug 13, 2025 · Updated Apr 7, 2026

High · CVSS 8.7

CVE-2011-10009: S40 CMS 0.4.2 Path Traversal

S40 CMS v0.4.2 contains a path traversal vulnerability in its index.php page handler. The p parameter is not properly sanitized, allowing attackers to traverse the file system and access arbitrary files outside the web root. This can be exploited remotely without authentication by appending traversal sequences and a null byte to bypass file extension checks.

Published Aug 13, 2025 · Updated Apr 7, 2026

Unknown · CVSS Not scored

CVE-2011-1978: Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly validate the System.Net.Sockets trust leve...

Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly validate the System.Net.Sockets trust level, which allows remote attackers to obtain sensitive information or trigger arbitrary outbound network traffic via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Socket Restriction Bypass Vulnerability."

Published Aug 10, 2011 · Updated Oct 17, 2024

Unknown · CVSS Not scored

CVE-2011-3951: The dpcm_decode_frame function in dpcm.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5....

The dpcm_decode_frame function in dpcm.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted stereo stream in a media file.

Published Aug 20, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2011-3945: The decode_frame function in the KVG1 decoder (kgv1dec.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0...

The decode_frame function in the KVG1 decoder (kgv1dec.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted media file.

Published Aug 20, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2011-5098: chef-server-api/app/controllers/clients.rb in Chef Server in Chef before 0.9.20, and 0.10.x before 0.10.6,...

chef-server-api/app/controllers/clients.rb in Chef Server in Chef before 0.9.20, and 0.10.x before 0.10.6, does not require administrative privileges for creating admin clients, which allows remote authenticated users to bypass intended access restrictions by leveraging read permission for the validation key and executing a knife client create command with the --admin option.

Published Aug 8, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2011-4447: The "encrypt wallet" feature in wxBitcoin and bitcoind 0.4.x before 0.4.1, and 0.5.0rc, does not properly i...

The "encrypt wallet" feature in wxBitcoin and bitcoind 0.4.x before 0.4.1, and 0.5.0rc, does not properly interact with the deletion functionality of BSDDB, which allows context-dependent attackers to obtain unencrypted private keys from Bitcoin wallet files by bypassing the BSDDB interface and reading entries that are marked for deletion.

Published Aug 6, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2011-1625: Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link switching (DLSw) feature is configured, allo...

Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link switching (DLSw) feature is configured, allows remote attackers to cause a denial of service (device crash) by sending a sequence of malformed packets and leveraging a "narrow timing window," aka Bug ID CSCtf74999, a different vulnerability than CVE-2007-0199, CVE-2008-1152, and CVE-2009-0629.

Published Aug 18, 2011 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2011-4579: The svq1_decode_frame function in the SVQ1 decoder (svq1dec.c) in libavcodec in FFmpeg 0.5.x before 0.5.7,...

The svq1_decode_frame function in the SVQ1 decoder (svq1dec.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (memory corruption) via a crafted SVQ1 stream, related to "dimensions changed."

Published Aug 20, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2011-5147: Static code injection vulnerability in ajax_save_name.php in the Ajax File Manager module in the tinymce pl...

Static code injection vulnerability in ajax_save_name.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and earlier allows remote attackers to inject arbitrary PHP code into data.php via the selected document, as demonstrated by a call to ajax_file_cut.php and then to ajax_save_name.php.

Published Aug 31, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2011-4352: Integer overflow in the vp3_dequant function in the VP3 decoder (vp3.c) in libavcodec in FFmpeg 0.5.x befor...

Integer overflow in the vp3_dequant function in the VP3 decoder (vp3.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VP3 stream, which triggers a buffer overflow.

Published Aug 20, 2012 · Updated Sep 17, 2024