CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
11951 CVE-2009-1138 399 Exec Code 2009-06-10 2019-04-30
10.0
None Remote Low Not required Complete Complete Complete
The LDAP service in Active Directory on Microsoft Windows 2000 SP4 does not properly free memory for LDAP and LDAPS requests, which allows remote attackers to execute arbitrary code via a request that uses hexadecimal encoding, whose associated memory is not released, related to a "DN AttributeValue," aka "Active Directory Invalid Free Vulnerability." NOTE: this issue is probably a memory leak.
11952 CVE-2009-1137 119 Exec Code Overflow Mem. Corr. 2009-05-12 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 4.0 native file format, leading to memory corruption, aka "Legacy File Format Vulnerability," a different vulnerability than CVE-2009-0222, CVE-2009-0223, CVE-2009-0226, and CVE-2009-0227.
11953 CVE-2009-1136 94 Exec Code 2009-07-15 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
The Microsoft Office Web Components Spreadsheet ActiveX control (aka OWC10 or OWC11), as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceleration (ISA) Server 2004 SP3 and 2006 Gold and SP1, and Office Small Business Accounting 2006, when used in Internet Explorer, allows remote attackers to execute arbitrary code via a crafted call to the msDataSourceObject method, as exploited in the wild in July and August 2009, aka "Office Web Components HTML Script Vulnerability."
11954 CVE-2009-1135 264 +Priv Bypass 2009-07-15 2018-10-12
9.0
None Remote Low Single system Complete Complete Complete
Microsoft Internet Security and Acceleration (ISA) Server 2006 Gold and SP1, when Radius OTP is enabled, uses the HTTP-Basic authentication method, which allows remote attackers to gain the privileges of an arbitrary account, and access published web pages, via vectors involving attempted access to a network resource behind the ISA Server, aka "Radius OTP Bypass Vulnerability."
11955 CVE-2009-1134 94 Exec Code 2009-06-10 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Excel in 2007 Microsoft Office System SP1 and SP2; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a BIFF file with a malformed Qsir (0x806) record object, aka "Record Pointer Corruption Vulnerability."
11956 CVE-2009-1133 119 Exec Code Overflow 2009-08-12 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client) running RDP 5.0 through 6.1 on Windows, and Remote Desktop Connection Client for Mac 2.0, allows remote attackers to execute arbitrary code via unspecified parameters, aka "Remote Desktop Connection Heap Overflow Vulnerability."
11957 CVE-2009-1132 119 Exec Code Overflow 2009-09-08 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in the Wireless LAN AutoConfig Service (aka Wlansvc) in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a malformed wireless frame, aka "Wireless Frame Parsing Remote Code Execution Vulnerability."
11958 CVE-2009-1131 119 Exec Code Overflow Mem. Corr. 2009-05-12 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Multiple stack-based buffer overflows in Microsoft Office PowerPoint 2000 SP3 allow remote attackers to execute arbitrary code via a large amount of data associated with unspecified atoms in a PowerPoint file that triggers memory corruption, aka "Data Out of Bounds Vulnerability."
11959 CVE-2009-1130 119 Exec Code Overflow 2009-05-12 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a crafted structure in a Notes container in a PowerPoint file that causes PowerPoint to read more data than was allocated when creating a C++ object, leading to an overwrite of a function pointer, aka "Heap Corruption Vulnerability."
11960 CVE-2009-1129 119 Exec Code Overflow Mem. Corr. 2009-05-12 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Multiple stack-based buffer overflows in the PowerPoint 95 importer (PP7X32.DLL) in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allow remote attackers to execute arbitrary code via an inconsistent record length in sound data in a file that uses a PowerPoint 95 (PPT95) native file format, aka "PP7 Memory Corruption Vulnerability," a different vulnerability than CVE-2009-1128.
11961 CVE-2009-1128 94 Exec Code Mem. Corr. 2009-05-12 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 95 native file format, leading to memory corruption, aka "PP7 Memory Corruption Vulnerability," a different vulnerability than CVE-2009-1129.
11962 CVE-2009-1119 119 Exec Code Overflow 2009-04-15 2018-10-10
10.0
None Remote Low Not required Complete Complete Complete
Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote attackers to execute arbitrary code via a crafted message to (1) ctrlservice.exe or (2) rep_srv.exe, possibly related to an integer overflow.
11963 CVE-2009-1098 119 Exec Code Overflow 2009-03-25 2018-10-10
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files or execute arbitrary code via a crafted GIF image, aka CR 6804998.
11964 CVE-2009-1097 119 Exec Code Overflow Mem. Corr. 2009-03-25 2018-10-10
9.3
None Remote Medium Not required Complete Complete Complete
Multiple buffer overflows in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via (1) a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen, aka CR 6804996; and (2) a crafted GIF image from which unspecified values are used in calculation of offsets, leading to object-pointer corruption, aka CR 6804997.
11965 CVE-2009-1096 119 Exec Code Overflow 2009-03-25 2018-10-10
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers.
11966 CVE-2009-1095 189 Exec Code Overflow 2009-03-25 2018-10-10
10.0
None Remote Low Not required Complete Complete Complete
Integer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers.
11967 CVE-2009-1094 Exec Code 2009-03-25 2018-10-10
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the LDAP implementation in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.1_24 and earlier; and 1.4.2_19 and earlier allows remote LDAP servers to execute arbitrary code via unknown vectors related to serialized data.
11968 CVE-2009-1092 399 Exec Code 2009-03-25 2018-10-10
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in the LIVEAUDIO.LiveAudioCtrl.1 ActiveX control in LIVEAU~1.OCX 7.0 for GeoVision DVR systems allows remote attackers to execute arbitrary code by calling the GetAudioPlayingTime method with certain arguments.
11969 CVE-2009-1088 94 Exec Code 2009-03-25 2018-10-10
9.0
None Remote Low Single system Complete Complete Complete
Hannon Hill Cascade Server 5.7 and other versions allows remote authenticated users to execute arbitrary programs or Java code via a crafted XSLT stylesheet with "extension elements and extension functions" that trigger code execution by Xalan-Java, as demonstrated using xalan://java.lang.Runtime.
11970 CVE-2009-1087 20 Exec Code 2009-03-25 2017-09-28
9.3
None Remote Medium Not required Complete Complete Complete
Multiple argument injection vulnerabilities in PPLive.exe in PPLive 1.9.21 and earlier allow remote attackers to execute arbitrary code via a UNC share pathname in the LoadModule argument to the (1) synacast, (2) Play, (3) pplsv, or (4) ppvod URI handler. NOTE: some of these details are obtained from third party information.
11971 CVE-2009-1083 94 Exec Code 2009-03-25 2009-10-06
9.0
None Remote Low Single system Complete Complete Complete
Sun Java System Identity Manager (IdM) 7.0 through 8.0 on Linux, AIX, Solaris, and HP-UX permits "control characters" in the passwords of user accounts, which allows remote attackers to execute arbitrary commands via vectors involving "resource adapters."
11972 CVE-2009-1082 20 +Priv 2009-03-25 2009-03-25
9.0
Admin Remote Low Single system Complete Complete Complete
Sun Java System Identity Manager (IdM) 7.0 through 8.0 allows remote authenticated users to gain privileges by submitting crafted commands to the Admin Console, as demonstrated by privileges for account creation and other administrative capabilities, related to the saveNoValidate action and saveNoValidateAllowedFormsAndWorkflows IDs.
11973 CVE-2009-1071 119 DoS Exec Code Overflow 2009-03-26 2017-10-03
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in Icarus 2.0 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted Portable Game Notation (.pgn) file.
11974 CVE-2009-1068 119 DoS Exec Code Overflow 2009-03-26 2018-10-10
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in BS.Player (bsplayer) 2.32 Build 975 Free and 2.34 Build 980 PRO and earlier allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long hostname in a .bsl playlist file.
11975 CVE-2009-1062 20 Exec Code Mem. Corr. 2009-03-24 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to trigger memory corruption and possibly execute arbitrary code via unknown attack vectors related to JBIG2, a different vulnerability than CVE-2009-0193 and CVE-2009-1061.
11976 CVE-2009-1061 20 Exec Code 2009-03-24 2018-11-08
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to execute arbitrary code via unknown attack vectors related to JBIG2 and "input validation," a different vulnerability than CVE-2009-0193 and CVE-2009-1062.
11977 CVE-2009-1060 Exec Code 2009-03-24 2017-08-16
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Charlie Miller during a PWN2OWN competition at CanSecWest 2009.
11978 CVE-2009-1059 119 Exec Code Overflow 2009-03-24 2017-09-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in Trident PowerZip 7.2 might allow remote attackers to execute arbitrary code via a crafted .zip file. NOTE: CVE has not investigated whether the specified file.zip file can be used for exploitation of this product.
11979 CVE-2009-1058 119 Exec Code Overflow 2009-03-24 2017-09-28
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in ZipGenius might allow remote attackers to execute arbitrary code via a crafted .zip file that triggers an SEH overwrite. NOTE: it is possible that this overlaps CVE-2005-3317. NOTE: CVE has not investigated whether the specified file.zip file can be used for exploitation of this product.
11980 CVE-2009-1057 119 Exec Code Overflow Mem. Corr. 2009-03-24 2017-09-28
10.0
None Remote Low Not required Complete Complete Complete
MicroSmarts Enterprise ZipItFast! 3.0 allows remote attackers to execute arbitrary code via a crafted .zip file that triggers memory corruption, related to a "format string buffer overflow." NOTE: CVE has not investigated whether the specified file.zip file can be used for exploitation of this product.
11981 CVE-2009-1054 Exec Code 2009-03-24 2017-08-16
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in JustSystems Ichitaro 13, 2004 through 2008, Lite2, and Ichitaro viewer 5.1.5.0 and earlier allows remote attackers to execute arbitrary code via a crafted file, as exploited in the wild by Trojan.Tarodrop.H in March 2009.
11982 CVE-2009-1048 287 Bypass 2009-08-14 2018-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820 with firmware 6.5 before 6.5.20, 7.1 before 7.1.39, and 7.3 before 7.3.14 allows remote attackers to bypass authentication, and reconfigure the phone or make arbitrary use of the phone, via a (1) http or (2) https request with 127.0.0.1 in the Host header.
11983 CVE-2009-1044 399 Exec Code 2009-03-23 2018-10-10
9.3
None Remote Medium Not required Complete Complete Complete
Mozilla Firefox 3.0.7 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors related to the _moveToEdgeShift XUL tree method, which triggers garbage collection on objects that are still in use, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.
11984 CVE-2009-1043 Exec Code 2009-03-23 2017-08-16
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.
11985 CVE-2009-1042 Exec Code 2009-03-23 2017-08-16
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.
11986 CVE-2009-1040 119 Exec Code Overflow 2009-03-20 2017-09-28
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in WinAsm Studio 5.1.5.0 allows user-assisted remote attackers to execute arbitrary code via a crafted project (.wap) file.
11987 CVE-2009-1034 89 Exec Code Sql 2009-03-20 2017-08-16
10.0
None Remote Low Not required Complete Complete Complete
SQL injection vulnerability in the Tasklist module 5.x-1.x before 5.x-1.3 and 5.x-2.x before 5.x-2.0-alpha1, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via values in the URI.
11988 CVE-2009-1029 119 Exec Code Overflow 2009-03-19 2018-10-10
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in POP Peeper 3.4.0.0 and earlier allows remote POP3 servers to execute arbitrary code via a long Date header, related to Imap.dll.
11989 CVE-2009-1028 119 Exec Code Overflow 2009-03-19 2017-09-28
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in ediSys eZip Wizard 3.0 allows remote attackers to execute arbitrary code via a crafted .zip file.
11990 CVE-2009-1022 119 DoS Exec Code Overflow Mem. Corr. 2009-03-19 2018-10-10
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in the Preview/ Set Segment function in Gretech GOMlab GOM Encoder 1.0.0.11 and earlier allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a long text field in a subtitle (.srt) file.
11991 CVE-2009-1020 2009-07-14 2017-08-16
9.0
None Remote Low Single system Complete Complete Complete
Unspecified vulnerability in the Network Foundation component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
11992 CVE-2009-1012 Overflow 2009-04-15 2017-08-16
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in an unspecified plug-in that parses HTTP requests, which leads to a heap-based buffer overflow.
11993 CVE-2009-1006 2009-04-15 2012-10-22
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.2 and earlier, with SDK/JRE 1.4.2, JRE/JDK 5, and JRE/JDK 6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
11994 CVE-2009-0979 2009-04-15 2012-10-22
9.0
None Remote Low Single system Complete Complete Complete
Unspecified vulnerability in the Resource Manager component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
11995 CVE-2009-0957 119 DoS Exec Code Overflow 2009-06-02 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JP2 image.
11996 CVE-2009-0956 399 DoS Exec Code 2009-06-02 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Apple QuickTime before 7.6.2 does not properly initialize memory before use in handling movie files, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie containing a user data atom of size zero.
11997 CVE-2009-0955 94 DoS Exec Code 2009-06-02 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted image description atoms in an Apple video file, related to a "sign extension issue."
11998 CVE-2009-0954 119 DoS Exec Code Overflow 2009-06-02 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in Apple QuickTime before 7.6.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a movie file containing crafted Clipping Region (CRGN) atom types.
11999 CVE-2009-0953 119 DoS Exec Code Overflow 2009-06-02 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.
12000 CVE-2009-0952 119 DoS Exec Code Overflow 2009-06-02 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted compressed PSD image.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.