CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 1999(Execute Code)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2001-0679 Exec Code Overflow 1999-11-08 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote attacker to execute arbitrary code by sending a long HELO command to the server.
2 CVE-2000-0370 Exec Code 1999-01-29 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metacharacters in the -D option for the rmail command.
3 CVE-2000-0353 Exec Code 1999-06-28 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded file from a malicious web server, which is then executed by Pine.
4 CVE-2000-0352 Exec Code 1999-11-18 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL.
5 CVE-2000-0330 Exec Code 1999-11-12 2008-09-10
7.6
Admin Remote High Not required Complete Complete Complete
The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via a long file name string, aka the "File Access URL" vulnerability.
6 CVE-2000-0327 Exec Code 1999-10-21 2008-09-10
7.6
Admin Remote High Not required Complete Complete Complete
Microsoft Virtual Machine (VM) allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, aka the "Virtual Machine Verifier" vulnerability.
7 CVE-2000-0325 Exec Code 1999-08-20 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability.
8 CVE-2000-0165 Exec Code Overflow 1999-11-13 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
The Delegate application proxy has several buffer overflows which allow a remote attacker to execute commands.
9 CVE-2000-0043 Exec Code Overflow 1999-12-30 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in CamShot WebCam HTTP server allows remote attackers to execute commands via a long GET request.
10 CVE-2000-0042 DoS Exec Code Overflow 1999-12-29 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute commands via a long HELO command.
11 CVE-2000-0016 DoS Exec Code Overflow 1999-10-01 2008-09-10
5.0
None Remote Low Not required None None Partial
Buffer overflow in Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service or execute commands via a long username.
12 CVE-2000-0012 Exec Code Overflow 1999-12-27 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in w3-msql CGI program in miniSQL package allows remote attackers to execute commands.
13 CVE-2000-0011 Exec Code Overflow 1999-12-31 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands via a long GET request.
14 CVE-2000-0010 Exec Code 1999-12-26 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter.
15 CVE-2000-0009 Exec Code 1999-12-29 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
The bna_pass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands.
16 CVE-2000-0002 Exec Code Overflow 1999-12-22 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in ZBServer Pro 1.50 allows remote attackers to execute commands via a long GET request.
17 CVE-1999-1588 1 Exec Code Overflow 1999-12-31 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in nlps_server in Sun Solaris x86 2.4, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code as root via a long string beginning with "NLPS:002:002:" to the listen (aka System V listener) port, TCP port 2766.
18 CVE-1999-1583 Exec Code Overflow 1999-09-30 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hostname command line argument.
19 CVE-1999-1578 Exec Code Overflow 1999-09-24 2008-09-05
5.1
None Remote High Not required Partial Partial Partial
Buffer overflow in Registration Wizard ActiveX control (regwizc.dll, InvokeRegWizard) 3.0.0.0 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands.
20 CVE-1999-1577 Exec Code Overflow 1999-10-31 2008-09-05
5.1
None Remote High Not required Partial Partial Partial
Buffer overflow in HHOpen ActiveX control (hhopen.ocx) 1.0.0.1 for Internet Explorer 4.01 and 5 allows remote attackers to execute arbitrary commands via long arguments to the OpenHelp method.
21 CVE-1999-1576 Exec Code Overflow 1999-09-27 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx, PDF.PdfCtrl.1) 1.3.188 for Acrobat Reader 4.0 allows remote attackers to execute arbitrary code via the pdf.setview method.
22 CVE-1999-1575 Exec Code 1999-09-10 2008-09-05
5.1
None Remote High Not required Partial Partial Partial
The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.
23 CVE-1999-1560 Exec Code 1999-07-20 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Vulnerability in a script in Texas A&M University (TAMU) Tiger allows local users to execute arbitrary commands as the Tiger user, usually root.
24 CVE-1999-1553 Exec Code Overflow 1999-05-01 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in XCmail 0.99.6 with autoquote enabled allows remote attackers to execute arbitrary commands via a long subject line.
25 CVE-1999-1551 DoS Exec Code Overflow 1999-03-02 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL.
26 CVE-1999-1549 Exec Code 1999-11-16 2008-09-05
5.0
None Remote Low Not required Partial None None
Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands.
27 CVE-1999-1542 Exec Code 1999-10-04 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
RPMMail before 1.4 allows remote attackers to execute commands via an e-mail message with shell metacharacters in the "MAIL FROM" command.
28 CVE-1999-1541 Exec Code 1999-10-04 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
shell-lock in Cactus Software Shell Lock allows local users to read or modify decoded shell files before they are executed, via a symlink attack on a temporary file.
29 CVE-1999-1539 DoS Exec Code Overflow 1999-11-10 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in FTP server in QPC Software's QVT/Term Plus versions 4.2d and 4.3 and QVT/Net 4.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long (1) user name or (2) password.
30 CVE-1999-1535 DoS Exec Code Overflow 1999-07-20 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in AspUpload.dll in Persits Software AspUpload before 1.4.0.2 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument in the HTTP request.
31 CVE-1999-1531 Exec Code Overflow 1999-11-02 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag.
32 CVE-1999-1529 Exec Code Overflow 1999-11-07 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
A buffer overflow exists in the HELO command in Trend Micro Interscan VirusWall SMTP gateway 3.23/3.3 for NT, which may allow an attacker to execute arbitrary code.
33 CVE-1999-1523 DoS Exec Code Overflow 1999-10-04 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Sambar Web Server 4.2.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request.
34 CVE-1999-1521 Exec Code Overflow 1999-09-12 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP servers are vulnerable to a buffer overflow attack in the MAIL FROM command that may allow a remote attacker to execute arbitrary code on the server.
35 CVE-1999-1516 Exec Code Overflow 1999-09-02 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
A buffer overflow in TenFour TFS Gateway SMTP mail server 3.2 allows an attacker to crash the mail server and possibly execute arbitrary code by offering more than 128 bytes in a MAIL FROM string.
36 CVE-1999-1512 Exec Code 1999-12-31 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
The AMaViS virus scanner 0.2.0-pre4 and earlier allows remote attackers to execute arbitrary commands as root via an infected mail message with shell metacharacters in the reply-to field.
37 CVE-1999-1511 DoS Exec Code Overflow 1999-11-10 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of service (crash) and possibly execute arbitrary commands via (1) a long PASS command in the POP3 service, (2) a long HELO command in the SMTP service, or (3) a long user name in the Control Service.
38 CVE-1999-1510 DoS Exec Code Overflow 1999-05-17 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or (3) CWD commands.
39 CVE-1999-1484 Exec Code Overflow 1999-09-24 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.ocx) allows a remote attacker to execute arbitrary commands via the methods (1) vAddNewsServer or (2) bIsNewsServerConfigured.
40 CVE-1999-1469 Exec Code Overflow 1999-09-30 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in w3-auth CGI program in miniSQL package allows remote attackers to execute arbitrary commands via an HTTP request with (1) a long URL, or (2) a long User-Agent MIME header.
41 CVE-1999-1457 Exec Code Overflow 1999-11-16 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in thttpd HTTP server before 2.04-31 allows remote attackers to execute arbitrary commands via a long date string, which is not properly handled by the tdate_parse function.
42 CVE-1999-1405 Exec Code 1999-02-17 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a.
43 CVE-1999-1376 Exec Code Overflow 1999-01-14 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in fpcount.exe in IIS 4.0 with FrontPage Server Extensions allows remote attackers to execute arbitrary commands.
44 CVE-1999-1334 Exec Code Overflow 1999-12-31 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in filter command in Elm 2.4 allows attackers to execute arbitrary commands via (1) long From: headers, (2) long Reply-To: headers, or (3) via a long -f (filterfile) command line argument.
45 CVE-1999-1333 Exec Code 1999-12-31 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
automatic download option in ncftp 2.4.2 FTP client in Red Hat Linux 5.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the names of files that are to be downloaded.
46 CVE-1999-1290 DoS Exec Code Overflow 1999-12-31 2008-09-05
5.1
None Remote High Not required Partial Partial Partial
Buffer overflow in nftp FTP client version 1.40 allows remote malicious FTP servers to cause a denial of service, and possibly execute arbitrary commands, via a long response string.
47 CVE-1999-1241 Exec Code 1999-05-06 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Internet Explorer, with a security setting below Medium, allows remote attackers to execute arbitrary commands via a malicious web page that uses the FileSystemObject ActiveX object.
48 CVE-1999-1237 Exec Code Overflow 1999-06-06 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods.
49 CVE-1999-1226 DoS Exec Code 1999-10-28 2008-09-10
2.6
None Remote High Not required None None Partial
Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key.
50 CVE-1999-1206 Exec Code 1999-12-31 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
SystemSoft SystemWizard package in HP Pavilion PC with Windows 98, and possibly other platforms and operating systems, installs two ActiveX controls that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via a malicious web page that references (1) the Launch control, or (2) the RegObj control.
Total number of vulnerabilities : 112   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.