CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 8 and 8.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
451 CVE-2009-1016 Overflow 2009-04-15 2017-08-16
8.5
None Remote Medium Single system Complete Complete Complete
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote authenticated users to affect confidentiality, integrity, and availability, related to IIS. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is a stack-based buffer overflow involving an unspecified Server Plug-in and a crafted SSL certificate.
452 CVE-2009-0865 22 Dir. Trav. 2009-03-10 2017-10-18
8.8
None Remote Medium Not required None Complete Complete
Directory traversal vulnerability in the SnapShotToFile method in the GeoVision LiveX (aka LiveX_v8200) ActiveX control 8.1.2 and 8.2.0 in LIVEX_~1.OCX allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in the argument, possibly involving the PlayX and SnapShotX methods.
453 CVE-2009-0618 DoS +Priv +Info 2009-02-26 2009-03-03
8.5
None Remote Low Not required Partial None Complete
Unspecified vulnerability in the Java agent in Cisco Application Networking Manager (ANM) before 2.0 Update A allows remote attackers to gain privileges, and cause a denial of service (service outage) by stopping processes, or obtain sensitive information by reading configuration files.
454 CVE-2009-0244 22 Exec Code Dir. Trav. 2009-01-21 2018-10-11
8.5
None Remote Medium Single system Complete Complete Complete
Directory traversal vulnerability in the OBEX FTP Service in the Microsoft Bluetooth stack in Windows Mobile 6 Professional, and probably Windows Mobile 5.0 for Pocket PC and 5.0 for Pocket PC Phone Edition, allows remote authenticated users to list arbitrary directories, and create or read arbitrary files, via a .. (dot dot) in a pathname. NOTE: this can be leveraged for code execution by writing to a Startup folder.
455 CVE-2008-7300 264 Bypass 2011-10-04 2012-05-14
8.5
None Remote Medium Single system Complete Complete Complete
The labeled networking implementation in Solaris Trusted Extensions in Sun Solaris 10 and OpenSolaris snv_39 through snv_67, when a labeled zone is in the installed state, allows remote authenticated users to bypass a Mandatory Access Control (MAC) policy and obtain access to the global zone.
456 CVE-2008-6638 16 2009-04-07 2017-09-28
8.8
None Remote Medium Not required None Complete Complete
Insecure method vulnerability in the Versalsoft HTTP Image Uploader ActiveX control (UUploaderSvrD.dll 6.0.0.35) allows remote attackers to delete arbitrary files via the RemoveFileOrDir method.
457 CVE-2008-6496 264 2009-03-19 2017-09-28
8.8
None Remote Medium Not required None Complete Complete
Insecure method vulnerability in the VSPDFEditorX.VSPDFEdit ActiveX control in VSPDFEditorX.ocx 1.0.200.0 in VISAGESOFT eXPert PDF EditorX allows remote attackers to create or overwrite arbitrary files via the first argument to the extractPagesToFile method.
458 CVE-2008-6424 22 Dir. Trav. 2009-03-06 2017-08-16
8.8
None Remote Medium Not required None Complete Complete
Directory traversal vulnerability in FFFTP 1.96b allows remote FTP servers to create or overwrite arbitrary files via a response to an FTP LIST command with a filename that contains a .. (dot dot).
459 CVE-2008-6367 20 Exec Code 2009-03-02 2017-09-28
8.5
Admin Remote Medium Single system Complete Complete Complete
Unrestricted file upload vulnerability in Photos/create_album.php in Social Groupie allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in Member_images/.
460 CVE-2008-6207 20 Exec Code 2009-02-19 2017-08-16
8.5
Admin Remote Medium Single system Complete Complete Complete
Unrestricted file upload vulnerability in form_upload.php in PHPG Upload 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
461 CVE-2008-5695 20 Exec Code 2008-12-19 2017-09-28
8.5
Admin Remote Medium Single system Complete Complete Complete
wp-admin/options.php in WordPress MU before 1.3.2, and WordPress 2.3.2 and earlier, does not properly validate requests to update an option, which allows remote authenticated users with manage_options and upload_files capabilities to execute arbitrary code by uploading a PHP script and adding this script's pathname to active_plugins.
462 CVE-2008-5686 287 Exec Code 2008-12-19 2009-01-06
8.5
Admin Remote Medium Single system Complete Complete Complete
IBM Tivoli Provisioning Manager (TPM) before 5.1.1.1 IF0006, when its LDAP service is shared with other applications, does not require that an LDAP user be listed in the TPM user records, which allows remote authenticated users to execute SOAP commands that access arbitrary TPM functionality, as demonstrated by running provisioning workflows.
463 CVE-2008-5617 264 Bypass 2008-12-16 2017-08-07
8.5
None Remote Low Not required None Partial Complete
The ACL handling in rsyslog 3.12.1 to 3.20.0, 4.1.0, and 4.1.1 does not follow $AllowedSender directive, which allows remote attackers to bypass intended access restrictions and spoof log messages or create a large number of spurious messages.
464 CVE-2008-4919 20 2008-11-04 2017-09-28
8.8
None Remote Medium Not required None Complete Complete
Insecure method vulnerability in VISAGESOFT eXPert PDF Viewer X ActiveX control (VSPDFViewerX.ocx) 3.0.990.0 allows remote attackers to overwrite arbitrary files via a full pathname to the savePageAsBitmap method.
465 CVE-2008-4878 20 Exec Code 2008-11-01 2017-09-28
8.5
None Remote Medium Single system Complete Complete Complete
Unrestricted file upload vulnerability in the "Add Image Macro" feature in WebCards 1.3 allows remote authenticated administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the uploaded file.
466 CVE-2008-4735 94 Exec Code File Inclusion 2008-10-24 2017-09-28
8.5
Admin Remote Medium Single system Complete Complete Complete
PHP remote file inclusion vulnerability in header.php in Concord Asset, Software, and Ticket system (CoAST) 0.95 allows remote attackers to execute arbitrary PHP code via a URL in the sections_file parameter.
467 CVE-2008-4555 119 DoS Exec Code Overflow Mem. Corr. 2008-10-14 2018-10-11
8.5
Admin Remote Medium Single system Complete Complete Complete
Stack-based buffer overflow in the push_subg function in parser.y (lib/graph/parser.c) in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a DOT file with a large number of Agraph_t elements.
468 CVE-2008-4425 22 Dir. Trav. 2008-10-03 2017-09-28
8.8
None Remote Medium Not required None Complete Complete
Directory traversal vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 allows remote attackers to delete arbitrary files via directory traversal sequences in the file parameter within a delfile action.
469 CVE-2008-4395 119 Exec Code Overflow 2008-11-06 2017-08-07
8.3
None Local Network Low Not required Complete Complete Complete
Multiple buffer overflows in the ndiswrapper module 1.53 for the Linux kernel 2.6 allow remote attackers to execute arbitrary code by sending packets over a local wireless network that specify long ESSIDs.
470 CVE-2008-4314 200 DoS +Info 2008-12-01 2009-08-19
8.5
None Remote Low Not required Complete None Partial
smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to read arbitrary memory and cause a denial of service via crafted (1) trans, (2) trans2, and (3) nttrans requests, related to a "cut&paste error" that causes an improper bounds check to be performed.
471 CVE-2008-4269 399 Exec Code 2008-12-10 2018-10-12
8.5
Admin Remote Medium Single system Complete Complete Complete
The search-ms protocol handler in Windows Explorer in Microsoft Windows Vista Gold and SP1 and Server 2008 uses untrusted parameter data obtained from incorrect parsing, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "Windows Search Parsing Vulnerability."
472 CVE-2008-4268 399 Exec Code 2008-12-10 2018-10-12
8.5
Admin Remote Medium Single system Complete Complete Complete
The Windows Search component in Microsoft Windows Vista Gold and SP1 and Server 2008 does not properly free memory during a save operation for a Windows Search file, which allows remote attackers to execute arbitrary code via a crafted saved-search file, aka "Windows Saved Search Vulnerability."
473 CVE-2008-4260 399 Exec Code Mem. Corr. 2008-12-10 2018-10-12
8.5
None Remote Medium Single system Complete Complete Complete
Microsoft Internet Explorer 7 sometimes attempts to access a deleted object, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
474 CVE-2008-4258 399 Exec Code Mem. Corr. 2008-12-10 2018-10-12
8.5
None Remote Medium Single system Complete Complete Complete
Microsoft Internet Explorer 5.01 SP4 and 6 SP1 does not properly validate parameters during calls to navigation methods, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Parameter Validation Memory Corruption Vulnerability."
475 CVE-2008-4256 399 Exec Code Mem. Corr. 2008-12-10 2018-10-12
8.5
None Remote Medium Single system Complete Complete Complete
The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "Charts Control Memory Corruption Vulnerability."
476 CVE-2008-4254 189 Exec Code Overflow Mem. Corr. 2008-12-10 2018-10-12
8.5
None Remote Medium Single system Complete Complete Complete
Multiple integer overflows in the Hierarchical FlexGrid ActiveX control (mshflxgd.ocx) in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allow remote attackers to execute arbitrary code via crafted (1) Rows and (2) Cols properties to the (a) ExpandAll and (b) CollapseAll methods, related to access of incorrectly initialized objects and corruption of the "system state," aka "Hierarchical FlexGrid Control Memory Corruption Vulnerability."
477 CVE-2008-4253 399 Exec Code Mem. Corr. 2008-12-10 2018-10-12
8.5
Admin Remote Medium Single system Complete Complete Complete
The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "FlexGrid Control Memory Corruption Vulnerability."
478 CVE-2008-4252 264 Exec Code Mem. Corr. 2008-12-10 2018-10-12
8.5
Admin Remote Medium Single system Complete Complete Complete
The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the "system state," aka "DataGrid Control Memory Corruption Vulnerability."
479 CVE-2008-4096 20 Exec Code 2008-09-18 2017-08-07
8.5
None Remote Medium Single system Complete Complete Complete
libraries/database_interface.lib.php in phpMyAdmin before 2.11.9.1 allows remote authenticated users to execute arbitrary code via a request to server_databases.php with a sort_by parameter containing PHP sequences, which are processed by create_function.
480 CVE-2008-3806 264 DoS 2008-09-26 2017-09-28
8.5
None Remote Low Not required None Partial Complete
Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3805.
481 CVE-2008-3805 264 DoS 2008-09-26 2017-09-28
8.5
None Remote Low Not required None Partial Complete
Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3806.
482 CVE-2008-3592 94 Exec Code 2008-08-11 2017-09-28
8.5
None Remote Medium Single system Complete Complete Complete
Unrestricted file upload vulnerability in the File Manager in the admin panel in Twentyone Degrees Symphony 1.7.01 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension to a directory specified in the destination parameter, then accessing the uploaded file via a direct request, as demonstrated using workspace/masters/.
483 CVE-2008-3105 264 DoS 2008-07-09 2018-10-11
8.3
None Remote Medium Not required Partial Partial Complete
Unspecified vulnerability in the JAX-WS client and service in Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 6 and earlier allows remote attackers to access URLs or cause a denial of service via unknown vectors involving "processing of XML data" by a trusted application.
484 CVE-2008-2573 119 Exec Code Overflow 2008-06-06 2018-10-11
8.5
Admin Remote Medium Single system Complete Complete Complete
Stack-based buffer overflow in SFTP in freeSSHd 1.2.1 allows remote authenticated users to execute arbitrary code via a long directory name in an SSH_FXP_OPENDIR (aka opendir) command.
485 CVE-2008-2478 94 Exec Code 2008-05-28 2018-10-11
8.5
Admin Remote Medium Single system Complete Complete Complete
** DISPUTED ** scripts/wwwacct in cPanel 11.18.6 STABLE and earlier and 11.23.1 CURRENT and earlier allows remote authenticated users with reseller privileges to execute arbitrary code via shell metacharacters in the Email address field (aka Email text box). NOTE: the vendor disputes this, stating "I'm unable to reproduce such an issue on multiple servers running different versions of cPanel."
486 CVE-2008-2112 +Priv 2008-05-07 2017-08-07
8.5
Admin Remote Medium Single system Complete Complete Complete
Unspecified vulnerability in Sun Ray Kiosk Mode 4.0 allows local and remote authenticated Sun Ray administrators to gain root privileges via unknown vectors related to utconfig.
487 CVE-2008-1998 264 2008-04-28 2018-10-31
8.5
None Remote Medium Single system Complete Complete Complete
The NNSTAT (aka SYSPROC.NNSTAT) procedure in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 on Windows allows remote authenticated users to overwrite arbitrary files via the log file parameter.
488 CVE-2008-1453 20 Exec Code 2008-06-11 2018-10-12
8.3
None Local Network Low Not required Complete Complete Complete
The Bluetooth stack in Microsoft Windows XP SP2 and SP3, and Vista Gold and SP1, allows physically proximate attackers to execute arbitrary code via a large series of Service Discovery Protocol (SDP) packets.
489 CVE-2008-1332 264 2008-03-19 2018-10-11
8.8
None Remote Medium Not required Complete Complete None
Unspecified vulnerability in Asterisk Open Source 1.2.x before 1.2.27, 1.4.x before 1.4.18.1 and 1.4.19-rc3; Business Edition A.x.x, B.x.x before B.2.5.1, and C.x.x before C.1.6.2; AsteriskNOW 1.0.x before 1.0.2; Appliance Developer Kit before 1.4 revision 109393; and s800i 1.0.x before 1.1.0.2; allows remote attackers to access the SIP channel driver via a crafted From header.
490 CVE-2008-1000 22 Dir. Trav. 2008-03-18 2018-10-15
8.5
Admin Remote Medium Single system Complete Complete Complete
Directory traversal vulnerability in ContentServer.py in the Wiki Server in Apple Mac OS X 10.5.2 (aka Leopard) allows remote authenticated users to write arbitrary files via ".." sequences in file attachments.
491 CVE-2008-0727 119 Exec Code Overflow 2008-03-17 2018-10-15
8.5
None Remote Low Single system None Complete Complete
Multiple buffer overflows in oninit.exe in IBM Informix Dynamic Server (IDS) 7.x through 11.x allow (1) remote attackers to execute arbitrary code via a long password and (2) remote authenticated users to execute arbitrary code via a long DBPATH value.
492 CVE-2008-0295 119 DoS Exec Code Overflow 2008-01-16 2017-09-28
8.5
None Remote Medium Single system Complete Complete Complete
Heap-based buffer overflow in modules/access/rtsp/real_sdpplin.c in the Xine library, as used in VideoLAN VLC Media Player 0.8.6d and earlier, allows user-assisted remote attackers to cause a denial of service (crash) or execute arbitrary code via long Session Description Protocol (SDP) data.
493 CVE-2008-0277 20 Exec Code 2008-01-15 2017-08-07
8.5
Admin Remote Medium Single system Complete Complete Complete
Unspecified vulnerability in the Fileshare module for Drupal allows remote authenticated users with node-creation privileges to execute arbitrary code via unspecified vectors.
494 CVE-2008-0127 119 DoS Exec Code Overflow 2008-01-09 2018-10-15
8.8
None Remote Medium Not required None Complete Complete
The administration interface in McAfee E-Business Server 8.5.2 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a long initial authentication packet.
495 CVE-2008-0087 287 2008-04-08 2018-10-30
8.8
None Remote Medium Not required None Complete Complete
The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses.
496 CVE-2007-6593 119 Exec Code Overflow 2007-12-28 2018-10-15
8.8
None Remote Medium Not required Complete Complete None
Multiple stack-based buffer overflows in l123sr.dll in Autonomy (formerly Verity) KeyView SDK, as used by IBM Lotus Notes 5.x through 8.x, allow user-assisted remote attackers to execute arbitrary code via the (1) Length and (2) Value fields for certain Types in a Lotus 1-2-3 (.123) file in the Worksheet File (WKS) format, as demonstrated by a file with a crafted SRANGE record, a different vulnerability than CVE-2007-5909.
497 CVE-2007-6415 94 Exec Code Bypass 2008-01-24 2008-09-05
8.5
None Remote Low Single system Complete Complete None
scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute arbitrary code by invoking scp, as implemented by OpenSSH, with the -F and -o options.
498 CVE-2007-6350 264 Exec Code Bypass 2007-12-14 2011-08-08
8.5
None Remote Medium Single system Complete Complete Complete
scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison, (2) rsync, (3) svn, and (4) svnserve, as originally demonstrated by creating a Subversion (SVN) repository with malicious hooks, then using svn to trigger execution of those hooks.
499 CVE-2007-6181 119 Exec Code Overflow 2007-11-29 2018-10-26
8.5
Admin Remote Medium Single system Complete Complete Complete
Heap-based buffer overflow in cygwin1.dll in Cygwin 1.5.7 and earlier allows context-dependent attackers to execute arbitrary code via a filename with a certain length, as demonstrated by a remote authenticated user who uses the SCP protocol to send a file to the Cygwin machine, and thereby causes scp.exe on this machine to execute, and then overwrite heap memory with characters from the filename. NOTE: it is also reported that a related issue might exist in 1.5.7 through 1.5.19.
500 CVE-2007-6174 264 +Priv 2007-11-29 2017-07-28
8.5
Admin Remote Medium Single system Complete Complete Complete
PHPDevShell before 0.7.0 allows remote authenticated users to gain privileges via a crafted request to update a user profile. NOTE: some of these details are obtained from third party information.
Total number of vulnerabilities : 542   Page : 1 2 3 4 5 6 7 8 9 10 (This Page)11
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.