CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
7751 CVE-2006-0020 189 DoS Exec Code Overflow Mem. Corr. 2006-01-10 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute code via a crafted WMF file with a manipulated WMF header size, possibly involving an integer overflow, a different vulnerability than CVE-2005-4560, and aka "WMF Image Parsing Memory Corruption Vulnerability."
7752 CVE-2006-0025 119 Exec Code Overflow 2006-06-13 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in Microsoft Windows Media Player 9 and 10 allows remote attackers to execute arbitrary code via a PNG image with a large chunk size.
7753 CVE-2006-0033 Exec Code Mem. Corr. 2006-07-11 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via a crafted PNG image that triggers memory corruption when it is parsed.
7754 CVE-2006-0200 134 Exec Code 2006-01-13 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages.
7755 CVE-2006-0323 119 Exec Code Overflow 2006-03-23 2018-10-19
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations.
7756 CVE-2006-0708 Exec Code Overflow 2006-02-15 2018-10-19
9.3
Admin Remote Medium Not required Complete Complete Complete
Multiple buffer overflows in NullSoft Winamp 5.13 and earlier allow remote attackers to execute arbitrary code via (1) an m3u file containing a long URL ending in .wma, (2) a pls file containing a File1 field with a long URL ending in .wma, or (3) an m3u file with a long filename, variants of CVE-2005-3188 and CVE-2006-0476.
7757 CVE-2006-0748 399 Exec Code 2006-04-14 2018-10-19
9.3
None Remote Medium Not required Complete Complete Complete
Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that results in a negative array index.
7758 CVE-2006-0749 399 DoS Exec Code Mem. Corr. 2006-04-14 2018-10-19
9.3
Admin Remote Medium Not required Complete Complete Complete
nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors involving a "particular sequence of HTML tags" that leads to memory corruption.
7759 CVE-2006-0884 20 Bypass +Info 2006-02-24 2018-10-18
9.3
None Remote Medium Not required Complete Complete Complete
The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail.
7760 CVE-2006-1017 2006-03-06 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
The c-client library 2000, 2001, or 2004 for PHP before 4.4.4 and 5.x before 5.1.5 do not check the (1) safe_mode or (2) open_basedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imap_open function, allow remote attackers to obtain access to an IMAP stream data structure and conduct unauthorized IMAP actions.
7761 CVE-2006-1301 94 Exec Code Mem. Corr. 2006-07-13 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted SELECTION record that triggers memory corruption, a different vulnerability than CVE-2006-1302.
7762 CVE-2006-1302 119 Exec Code Overflow Mem. Corr. 2006-07-13 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with certain crafted fields in a SELECTION record, which triggers memory corruption, aka "Malformed SELECTION record Vulnerability."
7763 CVE-2006-1303 94 Exec Code Mem. Corr. 2006-06-13 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Multiple unspecified vulnerabilities in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allow remote attackers to execute arbitrary code by instantiating certain COM objects from Wmm2fxa.dll as ActiveX controls including (1) DXImageTransform.Microsoft.MMSpecialEffect1Input, (2) DXImageTransform.Microsoft.MMSpecialEffect1Input.1, (3) DXImageTransform.Microsoft.MMSpecialEffect2Inputs, (4) DXImageTransform.Microsoft.MMSpecialEffect2Inputs.1, (5) DXImageTransform.Microsoft.MMSpecialEffectInplace1Input, and (6) DXImageTransform.Microsoft.MMSpecialEffectInplace1Input.1, which causes memory corruption during garbage collection.
7764 CVE-2006-1304 94 Exec Code Overflow 2006-07-13 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted COLINFO record, which triggers the overflow during a "data filling operation."
7765 CVE-2006-1306 94 Exec Code 2006-07-13 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted BIFF record with an attacker-controlled array index that is used for a function pointer, aka "Malformed OBJECT record Vulnerability."
7766 CVE-2006-1308 94 Exec Code 2006-07-13 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted FNGROUPCOUNT value.
7767 CVE-2006-1309 94 Exec Code Mem. Corr. 2006-07-13 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted LABEL record that triggers memory corruption.
7768 CVE-2006-1311 Exec Code Mem. Corr. 2007-02-13 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption.
7769 CVE-2006-1316 94 Exec Code Mem. Corr. 2006-07-11 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with malformed string that triggers memory corruption related to record lengths, aka "Microsoft Office Parsing Vulnerability," a different vulnerability than CVE-2006-2389.
7770 CVE-2006-1318 94 Exec Code 2014-09-19 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office document, aka "Microsoft Office Control Vulnerability."
7771 CVE-2006-1359 94 DoS Exec Code 2006-03-22 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer.
7772 CVE-2006-1370 Overflow 2006-03-23 2017-07-19
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, RealPlayer 8, and RealPlayer Enterprise before 20060322 allows remote attackers to have an unknown impact via a malicious Mimio boardCast (mbc) file.
7773 CVE-2006-1540 94 DoS Exec Code Overflow 2006-03-30 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
MSO.DLL in Microsoft Office 2000, Office XP (2002), and Office 2003 allows user-assisted attackers to cause a denial of service and execute arbitrary code via multiple attack vectors, as originally demonstrated using a crafted document record with a malformed string, as demonstrated by replacing a certain "01 00 00 00" byte sequence with an "FF FF FF FF" byte sequence, possibly causing an invalid array index, in (1) an Excel .xls document, which triggers an access violation in ole32.dll; (2) an Excel .xlw document, which triggers an access violation in excel.exe; (3) a Word document, which triggers an access violation in mso.dll in winword.exe; and (4) a PowerPoint document, which triggers an access violation in powerpnt.txt. NOTE: after the initial disclosure, this issue was demonstrated by triggering an integer overflow using an inconsistent size for a Unicode "Sheet Name" string.
7774 CVE-2006-1726 264 Exec Code Bypass 2006-04-14 2018-10-18
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForEach method.
7775 CVE-2006-1728 Exec Code 2006-04-14 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypto.generateCRMFRequest method.
7776 CVE-2006-1730 189 Exec Code Overflow 2006-04-14 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via a large number in the CSS letter-spacing property that leads to a heap-based buffer overflow.
7777 CVE-2006-1735 264 Exec Code 2006-04-14 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javascript functions that are compiled with extra privileges.
7778 CVE-2006-1737 189 DoS Exec Code Overflow 2006-04-14 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Integer overflow in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary bytecode via JavaScript with a large regular expression.
7779 CVE-2006-1739 119 DoS Exec Code Overflow 2006-04-14 2018-10-18
9.3
None Remote Medium Not required Complete Complete Complete
The CSS border-rendering code in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain Cascading Style Sheets (CSS) that causes an out-of-bounds array write and buffer overflow.
7780 CVE-2006-2218 Exec Code Mem. Corr. 2006-05-05 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Internet Explorer 6.0 on Microsoft Windows XP SP2 allows remote attackers to execute arbitrary code via "exceptional conditions" that trigger memory corruption, as demonstrated using an exception handler and nested object tags, a variant of CVE-2006-1992.
7781 CVE-2006-2273 2006-05-11 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
The InstallProduct routine in the Verisign VUpdater.Install (aka i-Nav) ActiveX control does not verify Microsoft Cabinet (.CAB) files, which allows remote attackers to run an arbitrary executable file.
7782 CVE-2006-2306 XSS 2006-05-11 2017-07-19
9.3
None Remote Medium Not required Complete Complete Complete
Cross-site scripting (XSS) vulnerability in moreinfo.asp in EPublisherPro allows remote attackers to inject arbitrary web script or HTML via the title parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
7783 CVE-2006-2379 119 Exec Code Overflow 2006-06-13 2019-04-30
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing.
7784 CVE-2006-2383 Exec Code 2006-06-13 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX control, which causes Internet Explorer to crash in a way that enables the code execution.
7785 CVE-2006-2388 94 Exec Code 2006-07-13 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via malformed cell comments, which lead to modification of "critical data offsets" during the rebuilding process.
7786 CVE-2006-2389 94 Exec Code Mem. Corr. 2006-07-11 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with a malformed property that triggers memory corruption related to record lengths, aka "Microsoft Office Property Vulnerability," a different vulnerability than CVE-2006-1316.
7787 CVE-2006-2779 94 DoS Exec Code Mem. Corr. 2006-06-02 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) "Content-implemented tree views," (4) BoxObjects, (5) the XBL implementation, (6) an iframe that attempts to remove itself, which leads to memory corruption.
7788 CVE-2006-2780 94 DoS Exec Code Overflow Mem. Corr. 2006-06-02 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "jsstr tagify," which leads to memory corruption.
7789 CVE-2006-2787 +Priv 2006-06-02 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.
7790 CVE-2006-3016 Sql XSS Http R.Spl. 2006-06-14 2018-10-18
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in session.c in PHP before 5.1.3 has unknown impact and attack vectors, related to "certain characters in session names," including special characters that are frequently associated with CRLF injection, SQL injection, cross-site scripting (XSS), and HTTP response splitting vulnerabilities. NOTE: while the nature of the vulnerability is unspecified, it is likely that this is related to a violation of an expectation by PHP applications that the session name is alphanumeric, as implied in the PHP manual for session_name().
7791 CVE-2006-3017 2006-06-14 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations.
7792 CVE-2006-3059 Exec Code 2006-06-17 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors. NOTE: this is a different vulnerability than CVE-2006-3086.
7793 CVE-2006-3086 119 DoS Exec Code Overflow 2006-06-19 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName function in Microsoft Hyperlink Object Library (hlink.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long hyperlink, as demonstrated using an Excel worksheet with a long link in Unicode, aka "Hyperlink COM Object Buffer Overflow Vulnerability." NOTE: this is a different issue than CVE-2006-3059.
7794 CVE-2006-3134 Exec Code Overflow 2006-06-27 2017-07-19
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in GraceNote CDDBControl ActiveX Control, as used by multiple products that use Gracenote CDDB, allows remote attackers to execute arbitrary code via a long option string.
7795 CVE-2006-3228 Exec Code Overflow 2006-06-26 2017-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including 5.21, allows remote attackers to execute arbitrary code via a crafted .mid (MIDI) file.
7796 CVE-2006-3291 16 2006-06-28 2017-07-19
9.3
Admin Remote Medium Not required Complete Complete Complete
The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all security and password configurations and allows remote attackers to access the system.
7797 CVE-2006-3308 XSS 2006-06-28 2017-07-19
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in the wpprop code for Project EROS bbsengine before 20060622-0315 has unknown impact and remote attack vectors via [img] tags, possibly cross-site scripting (XSS).
7798 CVE-2006-3423 20 Exec Code 2006-07-06 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
WebEx Downloader ActiveX Control and WebEx Downloader Java before 2.1.0.0 do not validate downloaded components, which allows remote attackers to execute arbitrary code via a website that activates the GpcUrlRoot and GpcIniFileName ActiveX controls to cause the client to download a DLL file.
7799 CVE-2006-3434 Exec Code Mem. Corr. 2006-10-10 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string that triggers memory corruption.
7800 CVE-2006-3435 94 Exec Code 2006-10-10 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
PowerPoint in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac does not properly parse the slide notes field in a document, which allows remote user-assisted attackers to execute arbitrary code via crafted data in this field, which triggers an erroneous object pointer calculation that uses data from within the document. NOTE: this issue is different than other PowerPoint vulnerabilities including CVE-2006-4694.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.