CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
11451 CVE-2009-0266 119 Exec Code Overflow 2009-01-26 2009-01-26
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in Triologic Media Player 8.0.0.0 allows user-assisted remote attackers to execute arbitrary code via a long string in a .m3l playlist file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
11452 CVE-2009-0264 119 Overflow 2009-01-26 2017-08-07
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the Registry Setting Tool in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier has unknown impact and attack vectors.
11453 CVE-2009-0263 119 DoS Exec Code Overflow 2009-01-23 2017-10-18
10.0
None Remote Low Not required Complete Complete Complete
Multiple buffer overflows in Winamp 5.541 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a large Common Chunk (COMM) header value in an AIFF file and (2) a large invalid value in an MP3 file.
11454 CVE-2009-0262 119 Exec Code Overflow 2009-01-23 2017-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in Triologic Media Player 7 and 8.0.0.0 allows user-assisted remote attackers to execute arbitrary code via a long string in a .m3u playlist file. NOTE: some of these details are obtained from third party information.
11455 CVE-2009-0261 119 Exec Code Overflow 2009-01-23 2017-09-28
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in EffectMatrix Total Video Player 1.31 allows user-assisted attackers to execute arbitrary code via a Skins\DefaultSkin\DefaultSkin.ini file with a large ColumnHeaderSpan value.
11456 CVE-2009-0259 399 DoS Exec Code Mem. Corr. 2009-01-22 2017-09-28
9.3
Admin Remote Medium Not required Complete Complete Complete
The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the wild in December 2008, as demonstrated by 2008-crash.doc.rar, and a similar issue to CVE-2008-4841.
11457 CVE-2009-0258 20 Exec Code 2009-01-22 2017-08-07
10.0
None Remote Low Not required Complete Complete Complete
The Indexed Search Engine (indexed_search) system extension in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to execute arbitrary commands via a crafted filename containing shell metacharacters, which is not properly handled by the command-line indexer.
11458 CVE-2009-0254 119 Exec Code Overflow 2009-01-22 2009-02-05
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted attackers to execute arbitrary code via an invalid Flexible Image Transport System (FITS) file. NOTE: some of these details are obtained from third party information.
11459 CVE-2009-0246 119 Exec Code Overflow 2009-01-22 2018-10-11
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted attackers to execute arbitrary code via an invalid Radiance RGBE (aka .hdr) file.
11460 CVE-2009-0238 94 Exec Code 2009-02-25 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC.
11461 CVE-2009-0235 119 Exec Code Overflow Mem. Corr. 2009-04-15 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the Word 97 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Word 97 file that triggers memory corruption, related to use of inconsistent integer data sizes for an unspecified length field, aka "WordPad Word 97 Text Converter Stack Overflow Vulnerability."
11462 CVE-2009-0232 189 Exec Code Overflow 2009-07-15 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table, aka "Embedded OpenType Font Integer Overflow Vulnerability."
11463 CVE-2009-0231 119 Exec Code Overflow 2009-07-15 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table in a data record that triggers an integer truncation and a heap-based buffer overflow, aka "Embedded OpenType Font Heap Overflow Vulnerability."
11464 CVE-2009-0230 264 +Priv 2009-06-10 2018-10-12
9.0
None Remote Low Single system Complete Complete Complete
The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows remote authenticated users to gain privileges via a crafted RPC message that triggers loading of a DLL file from an arbitrary directory, aka "Print Spooler Load Library Vulnerability."
11465 CVE-2009-0228 119 Exec Code Overflow 2009-06-10 2018-10-12
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the EnumeratePrintShares function in Windows Print Spooler Service (win32spl.dll) in Microsoft Windows 2000 SP4 allows remote printer servers to execute arbitrary code via a crafted ShareName in a response to an RPC request, related to "printing data structures," aka "Buffer Overflow in Print Spooler Vulnerability."
11466 CVE-2009-0227 119 Exec Code Overflow Mem. Corr. 2009-05-12 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the PowerPoint 4.2 conversion filter (PP4X32.DLL) in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via a large number of structures in sound data in a file that uses a PowerPoint 4.0 native file format, leading to memory corruption, aka "Legacy File Format Vulnerability," a different vulnerability than CVE-2009-0222, CVE-2009-0223, CVE-2009-0226, and CVE-2009-1137.
11467 CVE-2009-0226 119 Exec Code Overflow Mem. Corr. 2009-05-12 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the PowerPoint 4.2 conversion filter in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via a long string in sound data in a file that uses a PowerPoint 4.0 native file format, leading to memory corruption, aka "Legacy File Format Vulnerability," a different vulnerability than CVE-2009-0222, CVE-2009-0223, CVE-2009-0227, and CVE-2009-1137.
11468 CVE-2009-0225 94 1 Exec Code Mem. Corr. 2009-05-12 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Office PowerPoint 2002 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 95 native file format, leading to improper "array indexing" and memory corruption, aka "PP7 Memory Corruption Vulnerability."
11469 CVE-2009-0224 94 Exec Code Mem. Corr. 2009-05-12 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; PowerPoint Viewer 2003 and 2007 SP1 and SP2; PowerPoint in Microsoft Office 2004 for Mac and 2008 for Mac; Open XML File Format Converter for Mac; Microsoft Works 8.5 and 9.0; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 do not properly validate PowerPoint files, which allows remote attackers to execute arbitrary code via multiple crafted BuildList records that include ChartBuild containers, which triggers memory corruption, aka "Memory Corruption Vulnerability."
11470 CVE-2009-0223 94 Exec Code Mem. Corr. 2009-05-12 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 4.0 native file format, leading to memory corruption, aka "Legacy File Format Vulnerability," a different vulnerability than CVE-2009-0222, CVE-2009-0226, CVE-2009-0227, and CVE-2009-1137.
11471 CVE-2009-0222 94 2 Exec Code Mem. Corr. 2009-05-12 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 4.0 native file format, leading to a "pointer overwrite" and memory corruption, aka "Legacy File Format Vulnerability," a different vulnerability than CVE-2009-0223, CVE-2009-0226, CVE-2009-0227, and CVE-2009-1137.
11472 CVE-2009-0221 189 Exec Code Overflow 2009-05-12 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Integer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a PowerPoint file containing a crafted record type for "collaboration information for different slides" that contains a field that specifies a large number of records, which triggers an under-allocated buffer and a heap-based buffer overflow, aka "Integer Overflow Vulnerability."
11473 CVE-2009-0220 119 Exec Code Overflow 2009-05-12 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Multiple stack-based buffer overflows in the PowerPoint 4.0 importer (PP4X32.DLL) in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allow remote attackers to execute arbitrary code via crafted formatting data for paragraphs in a file that uses a PowerPoint 4.0 native file format, related to (1) an incorrect calculation from a record header, or (2) an interget that is used to specify the number of bytes to copy, aka "Legacy File Format Vulnerability."
11474 CVE-2009-0219 399 Exec Code 2009-01-20 2009-02-05
9.3
None Remote Medium Not required Complete Complete Complete
The PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 performs delete operations on uninitialized pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted data stream in a .pdf file.
11475 CVE-2009-0218 Exec Code 2009-04-13 2017-08-07
9.3
None Remote Medium Not required Complete Complete Complete
Insecure method vulnerability in Particle Software IntraLaunch Application Launcher ActiveX control in IntraLaunch.ocx, as used in LDRA TBbrowse and possibly other products, allows remote attackers to execute arbitrary code via unknown vectors.
11476 CVE-2009-0216 255 Bypass 2009-02-13 2017-08-07
10.0
Admin Remote Low Not required Complete Complete Complete
GE Fanuc iFIX 5.0 and earlier relies on client-side authentication involving a weakly encrypted local password file, which allows remote attackers to bypass intended access restrictions and start privileged server login sessions by recovering a password or by using a modified program module.
11477 CVE-2009-0215 119 Exec Code Overflow 2009-03-25 2017-08-07
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the GetXMLValue method in the IBM Access Support ActiveX control in IbmEgath.dll, as distributed on IBM and Lenovo computers, allows remote attackers to execute arbitrary code via unspecified vectors.
11478 CVE-2009-0214 +Priv 2009-02-08 2018-10-11
9.0
Admin Remote Low Single system Complete Complete Complete
Unspecified vulnerability in the WebFGServer application in AREVA e-terrahabitat 5.7 and earlier allows remote authenticated users to gain privileges via unknown vectors, aka PD32022.
11479 CVE-2009-0210 119 DoS Exec Code Overflow 2009-02-08 2018-10-11
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the MLF application in AREVA e-terrahabitat 5.7 and earlier allows remote attackers to execute arbitrary commands or cause a denial of service (system crash) via unspecified vectors, aka PD28578.
11480 CVE-2009-0208 94 Exec Code 2009-02-26 2009-02-27
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in HP Virtual Rooms Client before 7.0.1, when running on Windows, allows remote attackers to execute arbitrary code via unknown vectors.
11481 CVE-2009-0202 94 Exec Code Overflow 2009-06-11 2018-10-11
9.3
Admin Remote Medium Not required Complete Complete Complete
Array index error in FL21WIN.DLL in the PowerPoint Freelance Windows 2.1 Translator in Microsoft PowerPoint 2000 and 2002 allows remote attackers to execute arbitrary code via a Freelance file with unspecified "layout information" that triggers a heap-based buffer overflow.
11482 CVE-2009-0201 119 Exec Code Overflow 2009-09-02 2018-10-11
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to "table parsing."
11483 CVE-2009-0200 189 Exec Code Overflow 2009-09-02 2018-10-11
9.3
None Remote Medium Not required Complete Complete Complete
Integer underflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow.
11484 CVE-2009-0199 119 Exec Code Overflow 2009-09-08 2018-10-11
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in the VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows might allow remote attackers to execute arbitrary code via a video file with crafted dimensions (aka framebuffer parameters).
11485 CVE-2009-0198 119 DoS Exec Code Overflow Mem. Corr. 2009-06-11 2018-10-11
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF file that contains JBIG2 text region segments with Huffman encoding.
11486 CVE-2009-0197 189 DoS Exec Code Overflow 2009-04-09 2018-10-11
9.3
None Remote Medium Not required Complete Complete Complete
Integer overflow in the FORMATS Plugin before 4.23 for IrfanView allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large XPM file that triggers a heap-based buffer overflow.
11487 CVE-2009-0196 119 Exec Code Overflow 2009-04-16 2018-10-11
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in the big2_decode_symbol_dict function (jbig2_symbol_dict.c) in the JBIG2 decoding library (jbig2dec) in Ghostscript 8.64, and probably earlier versions, allows remote attackers to execute arbitrary code via a PDF file with a JBIG2 symbol dictionary segment with a large run length value.
11488 CVE-2009-0194 264 +Info 2009-05-11 2018-10-11
9.3
None Remote Medium Not required Complete Complete Complete
The domain-locking implementation in the GARMINAXCONTROL.GarminAxControl_t.1 ActiveX control in npGarmin.dll in the Garmin Communicator Plug-In 2.6.4.0 does not properly enforce the restrictions that (1) download and (2) upload requests come from a web site specified by the user, which allows remote attackers to obtain sensitive information or reconfigure Garmin GPS devices via unspecified vectors related to a "synchronisation error."
11489 CVE-2009-0193 119 Exec Code Overflow 2009-03-24 2018-11-08
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a PDF file with a malformed JBIG2 symbol dictionary segment, a different vulnerability than CVE-2009-1061 and CVE-2009-1062.
11490 CVE-2009-0191 94 Exec Code 2009-03-10 2018-10-11
9.3
None Remote Medium Not required Complete Complete Complete
Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 3.0.2009.1301, does not properly handle a JBIG2 symbol dictionary segment with zero new symbols, which allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a dereference of an uninitialized memory location.
11491 CVE-2009-0188 399 DoS Exec Code Mem. Corr. 2009-06-02 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie composed of a Sorenson 3 video file.
11492 CVE-2009-0187 119 Exec Code Overflow 2009-02-26 2018-10-11
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in Orbit Downloader 2.8.2 and 2.8.3, and possibly other versions before 2.8.5, allows remote attackers to execute arbitrary code via a crafted HTTP URL with a long host name, which is not properly handled when constructing a "Connecting" log message.
11493 CVE-2009-0186 189 Exec Code Overflow 2009-03-04 2018-10-11
9.3
Admin Remote Medium Not required Complete Complete Complete
Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow.
11494 CVE-2009-0185 119 DoS Exec Code Overflow 2009-06-02 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file.
11495 CVE-2009-0184 119 Exec Code Overflow 2009-02-03 2018-10-11
9.3
Admin Remote Medium Not required Complete Complete Complete
Multiple buffer overflows in the torrent parsing implementation in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allow remote attackers to execute arbitrary code via (1) a long file name within a torrent file, (2) a long tracker URL in a torrent file, or (3) a long comment in a torrent file.
11496 CVE-2009-0183 119 Exec Code Overflow 2009-02-03 2018-10-11
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in Remote Control Server in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allows remote attackers to execute arbitrary code via a long Authorization header in an HTTP request.
11497 CVE-2009-0182 119 Exec Code Overflow 2009-01-20 2017-09-28
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in VUPlayer 2.49 and earlier allows user-assisted attackers to execute arbitrary code via a long URL in a File line in a .pls file, as demonstrated by an http URL on a File1 line.
11498 CVE-2009-0181 119 Overflow 2009-01-20 2018-10-11
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in VUPlayer allows user-assisted attackers to have an unknown impact via a long file, as demonstrated by a file composed entirely of 'A' characters.
11499 CVE-2009-0178 2009-01-20 2017-08-07
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in IBM Hardware Management Console (HMC) 7 release 3.2.0 SP1 has unknown impact and attack vectors.
11500 CVE-2009-0176 119 Exec Code Overflow 2009-01-20 2009-05-18
9.3
None Remote Medium Not required Complete Complete Complete
Multiple heap-based buffer overflows in the PDF distiller in the Attachment Service in Research in Motion (RIM) BlackBerry Enterprise Server (BES) 4.1.3 through 4.1.6, BlackBerry Professional Software 4.1.4, and BlackBerry Unite! before 1.0.3 bundle 28 allow user-assisted remote attackers to execute arbitrary code via (1) a crafted stream in a .pdf file, related to "symWidths"; or (2) a crafted data stream in a .pdf file, related to "bitmaps."
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.