MidnightBSD

Advisories for ollydbg

CVE-2004-0733 HIGH

Format string vulnerability in OllyDbg 1.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers that are directly provided to the OutputDebugString function call.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ollydbg ollydbg 1.0.8b
ollydbg ollydbg 1.0.6
ollydbg ollydbg 1.10
ollydbg ollydbg 1.0.9
CVE-2005-0826 MEDIUM

OllyDbg 1.10 and earlier allows remote attackers to cause a denial of service (application crash) via a dynamic link library (DLL) with a long filename.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ollydbg ollydbg 1.09
ollydbg ollydbg 1.06
ollydbg ollydbg 1.08b
ollydbg ollydbg 1.10
CVE-2024-11495

Buffer overflow vulnerability in OllyDbg, version 1.10, which could allow a local attacker to execute arbitrary code due to lack of proper bounds checking.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-coordination@incibe.es 7.5 HIGH CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H 0.8 6.0

Products Affected

Vendor Product Version
ollydbg ollydbg 1.10