CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
14451 CVE-2006-1735 264 Exec Code 2006-04-14 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.
14452 CVE-2006-1730 189 Exec Code Overflow 2006-04-14 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow.
14453 CVE-2006-1728 Exec Code 2006-04-14 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypto.generateCRMFRequest method.
14454 CVE-2006-1726 264 Exec Code Bypass 2006-04-14 2018-10-18
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForEach method.
14455 CVE-2006-1668 Exec Code 2006-04-07 2017-10-18
9.0
Admin Remote Low Single system Complete Complete Complete
newimage.php in Eric Gerdes Crafty Syntax Image Gallery (CSIG) (aka PHP thumbnail Photo Gallery) 3.1g and earlier allows remote authenticated users to upload and execute arbitrary PHP code via a multipart/form-data POST with a .jpg filename in the fullimage parameter and the ext parameter set to .php.
14456 CVE-2006-1652 119 DoS Exec Code Overflow 2006-04-06 2018-10-18
9.0
Admin Remote Low Single system Complete Complete Complete
Multiple buffer overflows in (a) UltraVNC (aka [email protected]) 1.0.1 and earlier and (b) tabbed_viewer 1.29 (1) allow user-assisted remote attackers to execute arbitrary code via a malicious server that sends a long string to a client that connects on TCP port 5900, which triggers an overflow in Log::ReallyPrint; and (2) allow remote attackers to cause a denial of service (server crash) via a long HTTP GET request to TCP port 5800, which triggers an overflow in VNCLog::ReallyPrint.
14457 CVE-2006-1629 Exec Code 2006-04-06 2017-07-19
9.0
Admin Remote Low Single system Complete Complete Complete
OpenVPN 2.0 through 2.0.5 allows remote malicious servers to execute arbitrary code on the client by using setenv with the LD_PRELOAD environment variable.
14458 CVE-2006-1615 134 Exec Code 2006-04-06 2017-07-19
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple format string vulnerabilities in the logging code in Clam AntiVirus (ClamAV) before 0.88.1 might allow remote attackers to execute arbitrary code. NOTE: as of 20060410, it is unclear whether this is a vulnerability, as there is some evidence that the arguments are actually being sanitized properly.
14459 CVE-2006-1604 2006-04-04 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Exponent CMS before 0.96.5 RC 1 has unknown impact and remote attack vectors related to variables that are not "typecasted."
14460 CVE-2006-1545 Exec Code 2006-03-30 2018-10-18
9.0
Admin Remote Low Single system Complete Complete Complete
Direct static code injection vulnerability in admin/config.php in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allows remote authenticated administrators to execute code by inserting the code into variables that are stored in admin/config.php.
14461 CVE-2006-1540 94 DoS Exec Code Overflow 2006-03-30 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
MSO.DLL in Microsoft Office 2000, Office XP (2002), and Office 2003 allows user-assisted attackers to cause a denial of service and execute arbitrary code via multiple attack vectors, as originally demonstrated using a crafted document record with a malformed string, as demonstrated by replacing a certain "01 00 00 00" byte sequence with an "FF FF FF FF" byte sequence, possibly causing an invalid array index, in (1) an Excel .xls document, which triggers an access violation in ole32.dll; (2) an Excel .xlw document, which triggers an access violation in excel.exe; (3) a Word document, which triggers an access violation in mso.dll in winword.exe; and (4) a PowerPoint document, which triggers an access violation in powerpnt.txt. NOTE: after the initial disclosure, this issue was demonstrated by triggering an integer overflow using an inconsistent size for a Unicode "Sheet Name" string.
14462 CVE-2006-1523 2006-04-12 2016-10-17
10.0
None Remote Low Not required Complete Complete Complete
The __group_complete_signal function in the RCU signal handling (signal.c) in Linux kernel 2.6.16, and possibly other versions, has unknown impact and attack vectors related to improper use of BUG_ON.
14463 CVE-2006-1381 +Priv 2006-03-24 2017-07-19
10.0
Admin Remote Low Not required Complete Complete Complete
Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical files, which allows local users to gain SYSTEM privileges by modifying tmlisten.exe.
14464 CVE-2006-1371 94 2006-03-23 2017-10-10
9.0
Admin Remote Low Single system Complete Complete Complete
Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5 and earlier allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using (1) manager.php, (2) standalonemanager.php, and (3) images.php.
14465 CVE-2006-1370 Overflow 2006-03-23 2017-07-19
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, RealPlayer 8, and RealPlayer Enterprise before 20060322 allows remote attackers to have an unknown impact via a malicious Mimio boardCast (mbc) file.
14466 CVE-2006-1368 119 DoS Overflow Mem. Corr. 2006-03-23 2018-10-03
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (kmalloc'd memory corruption) via a remote NDIS response to OID_GEN_SUPPORTED_LIST, which causes memory to be allocated for the reply data but not the reply structure.
14467 CVE-2006-1359 94 DoS Exec Code 2006-03-22 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer.
14468 CVE-2006-1318 94 Exec Code 2014-09-19 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office document, aka "Microsoft Office Control Vulnerability."
14469 CVE-2006-1316 94 Exec Code Mem. Corr. 2006-07-11 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with malformed string that triggers memory corruption related to record lengths, aka "Microsoft Office Parsing Vulnerability," a different vulnerability than CVE-2006-2389.
14470 CVE-2006-1311 Exec Code Mem. Corr. 2007-02-13 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption.
14471 CVE-2006-1309 94 Exec Code Mem. Corr. 2006-07-13 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted LABEL record that triggers memory corruption.
14472 CVE-2006-1308 94 Exec Code 2006-07-13 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted FNGROUPCOUNT value.
14473 CVE-2006-1306 94 Exec Code 2006-07-13 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted BIFF record with an attacker-controlled array index that is used for a function pointer, aka "Malformed OBJECT record Vulnerability."
14474 CVE-2006-1304 94 Exec Code Overflow 2006-07-13 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted COLINFO record, which triggers the overflow during a "data filling operation."
14475 CVE-2006-1303 94 Exec Code Mem. Corr. 2006-06-13 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Multiple unspecified vulnerabilities in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allow remote attackers to execute arbitrary code by instantiating certain COM objects from Wmm2fxa.dll as ActiveX controls including (1) DXImageTransform.Microsoft.MMSpecialEffect1Input, (2) DXImageTransform.Microsoft.MMSpecialEffect1Input.1, (3) DXImageTransform.Microsoft.MMSpecialEffect2Inputs, (4) DXImageTransform.Microsoft.MMSpecialEffect2Inputs.1, (5) DXImageTransform.Microsoft.MMSpecialEffectInplace1Input, and (6) DXImageTransform.Microsoft.MMSpecialEffectInplace1Input.1, which causes memory corruption during garbage collection.
14476 CVE-2006-1302 119 Exec Code Overflow Mem. Corr. 2006-07-13 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with certain crafted fields in a SELECTION record, which triggers memory corruption, aka "Malformed SELECTION record Vulnerability."
14477 CVE-2006-1301 94 Exec Code Mem. Corr. 2006-07-13 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted SELECTION record that triggers memory corruption, a different vulnerability than CVE-2006-1302.
14478 CVE-2006-1276 Bypass 2006-03-19 2017-07-19
10.0
Admin Remote Low Not required Complete Complete Complete
admin.php in Himpfen Consulting Company PHP SimpleNEWS 1.0.0 allows remote attackers to bypass authentication by setting the admin parameter in a cookie.
14479 CVE-2006-1255 DoS Exec Code Overflow 2006-03-18 2017-07-19
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string to the (1) LOGIN or (2) SELECT command, a different set of attack vectors and possibly a different vulnerability than CVE-2003-1177.
14480 CVE-2006-1254 2006-03-18 2017-07-19
10.0
Admin Remote Low Not required Complete Complete Complete
Unspecified vulnerability in BorderWare MXtreme 5.0 and 6.0 allows remote attackers to have an unknown impact via unknown attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
14481 CVE-2006-1250 2006-03-18 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Webmail module in Winmail before 4.3 has unknown impact and unknown remote attack vectors.
14482 CVE-2006-1190 Exec Code 2006-04-11 2018-10-12
10.0
Admin Remote Low Not required Complete Complete Complete
Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and allow remote attackers to execute arbitrary code.
14483 CVE-2006-1189 119 Exec Code Overflow Mem. Corr. 2006-04-11 2018-10-12
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via a crafted URL with an International Domain Name (IDN) using double-byte character sets (DBCS), aka the "Double Byte Character Parsing Memory Corruption Vulnerability."
14484 CVE-2006-1186 Exec Code Mem. Corr. 2006-04-11 2018-10-12
10.0
Admin Remote Low Not required Complete Complete Complete
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption.
14485 CVE-2006-1123 Exec Code Sql 2006-03-09 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
SQL injection vulnerability in D2KBlog 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the memName parameter in a cookie.
14486 CVE-2006-1085 Exec Code +Priv Bypass 2006-03-08 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
admin.php in PHP-Stats 0.1.9.1 and earlier allows remote attackers to bypass authentication, gain administrator privileges, and execute arbitrary PHP code by modifying the option[admin_pass] parameter and setting the pass_cookie to the MD5 hash of the specified password.
14487 CVE-2006-1069 +Priv 2006-03-07 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the session handling for Geeklog 1.4.x before 1.4.0sr2, 1.3.11 before 1.3.11sr5, 1.3.9 before 1.3.9sr5, and possibly earlier versions allows attackers to gain privileges as arbitrary users via unknown vectors.
14488 CVE-2006-1047 2006-03-07 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the "Remember Me login functionality" in Joomla! 1.0.7 and earlier has unknown impact and attack vectors.
14489 CVE-2006-1038 Overflow 2006-03-07 2017-07-19
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier allows remote attackers to have an unknown impact when a Unicode string is converted to a "narrow" string.
14490 CVE-2006-1017 2006-03-06 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
The c-client library 2000, 2001, or 2004 for PHP before 4.4.4 and 5.x before 5.1.5 do not check the (1) safe_mode or (2) open_basedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imap_open function, allow remote attackers to obtain access to an IMAP stream data structure and conduct unauthorized IMAP actions.
14491 CVE-2006-1002 255 2006-03-06 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
NETGEAR WGT624 Wireless DSL router has a default account of super_username "Gearguy" and super_passwd "Geardog", which allows remote attackers to modify the configuration. NOTE: followup posts have suggested that this might not occur with all WGT624 routers.
14492 CVE-2006-1000 Exec Code Sql Bypass 2006-03-06 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 and earlier allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) newsid parameter to newsdetailsview.asp and (2) password parameter to login.asp.
14493 CVE-2006-0992 Exec Code Overflow 2006-04-14 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon. NOTE: due to a typo, the original ZDI advisory accidentally referenced CVE-2006-0092. This is the correct identifier.
14494 CVE-2006-0990 Exec Code Overflow 2006-03-27 2018-10-18
9.0
Admin Remote Low Single system Complete Complete Complete
Stack-based buffer overflow in the NetBackup Catalog daemon (bpdbm) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors.
14495 CVE-2006-0989 Exec Code Overflow 2006-03-27 2018-10-18
9.0
Admin Remote Low Single system Complete Complete Complete
Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors.
14496 CVE-2006-0979 2006-03-03 2017-07-19
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the local weblog publisher in Nidelven IT Issue Dealer before 0.9.96 has unknown impact and attack vectors.
14497 CVE-2006-0884 20 Bypass +Info 2006-02-24 2018-10-18
9.3
None Remote Medium Not required Complete Complete Complete
The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail.
14498 CVE-2006-0874 2006-02-24 2017-07-19
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in Intensive Point iUser Ecommerce before 2.2 have unspecified vectors and impact, as addressed by "Urgent secure fixes". NOTE: this might be a duplicate of CVE-2006-0854, but the vendor announcement for this issue (from January 8, 2005) is too vague to be sure, and CVE-2006-0854 does not provide version information.
14499 CVE-2006-0864 +Priv 2006-02-23 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
filescan in Global Hauri ViRobot 2.0 20050817 does not verify the Cookie HTTP header, which allows remote attackers to gain administrative privileges via an arbitrary cookie value.
14500 CVE-2006-0789 2006-02-19 2017-07-19
10.0
Admin Remote Low Not required Complete Complete Complete
Certain unspecified Kyocera printers have a default "admin" account with a blank password, which allows remote attackers to access an administrative menu via a telnet session.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.