CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
12601 CVE-2008-3020 399 Exec Code 2008-08-12 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works 8 do not properly parse the length of a BMP file, which allows remote attackers to execute arbitrary code via a crafted BMP file, aka the "Malformed BMP Filter Vulnerability."
12602 CVE-2008-3019 399 Exec Code 2008-08-12 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of an Encapsulated PostScript (EPS) file, which allows remote attackers to execute arbitrary code via a crafted EPS file, aka the "Malformed EPS Filter Vulnerability."
12603 CVE-2008-3018 94 Exec Code 2008-08-12 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file, aka the "Malformed PICT Filter Vulnerability," a different vulnerability than CVE-2008-3021.
12604 CVE-2008-3015 189 Exec Code Overflow 2008-09-10 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a BMP image file with a malformed BitMapInfoHeader that triggers a buffer overflow, aka "GDI+ BMP Integer Overflow Vulnerability."
12605 CVE-2008-3014 119 Exec Code Overflow 2008-09-10 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed WMF image file that triggers improper memory allocation, aka "GDI+ WMF Buffer Overrun Vulnerability."
12606 CVE-2008-3013 399 Exec Code 2008-09-10 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka "GDI+ GIF Parsing Vulnerability."
12607 CVE-2008-3012 119 Exec Code Overflow Mem. Corr. 2008-09-10 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 does not properly perform memory allocation, which allows remote attackers to execute arbitrary code via a malformed EMF image file, aka "GDI+ EMF Memory Corruption Vulnerability."
12608 CVE-2008-3010 200 Exec Code +Info 2008-12-10 2018-10-12
10.0
Admin Remote Low Not required Complete Complete Complete
Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through credential-reflection attacks, by sending an authentication request, aka "ISATAP Vulnerability."
12609 CVE-2008-3009 255 Exec Code 2008-12-10 2018-10-12
10.0
Admin Remote Low Not required Complete Complete Complete
Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1, 9, and 2008 do not properly use the Service Principal Name (SPN) identifier when validating replies to authentication requests, which allows remote servers to execute arbitrary code via vectors that employ NTLM credential reflection, aka "SPN Vulnerability."
12610 CVE-2008-3008 119 Exec Code Overflow 2008-09-10 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argument to the GetDetailsString method, aka "Windows Media Encoder Buffer Overrun Vulnerability."
12611 CVE-2008-3007 20 Exec Code 2008-09-10 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Argument injection vulnerability in a URI handler in Microsoft Office XP SP3, 2003 SP2 and SP3, 2007 Office System Gold and SP1, and Office OneNote 2007 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted onenote:// URL, aka "Uniform Resource Locator Validation Error Vulnerability."
12612 CVE-2008-3006 399 Exec Code 2008-08-12 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 Gold and SP3; Office Excel Viewer; Office Compatibility Pack 2007 Gold and SP1; Office SharePoint Server 2007 Gold and SP1; and Office 2004 and 2008 for Mac do not properly parse Country record values when loading Excel files, which allows remote attackers to execute arbitrary code via a crafted Excel file, aka the "Excel Record Parsing Vulnerability."
12613 CVE-2008-3005 20 Exec Code 2008-08-12 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Array index vulnerability in Microsoft Office Excel 2000 SP3 and 2002 SP3, and Office 2004 and 2008 for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted array index for a FORMAT record, aka the "Excel Index Array Vulnerability."
12614 CVE-2008-3004 20 Exec Code 2008-08-12 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3; Office Excel Viewer 2003; and Office 2004 and 2008 for Mac do not properly validate index values for AxesSet records when loading Excel files, which allows remote attackers to execute arbitrary code via a crafted Excel file, aka the "Excel Indexing Validation Vulnerability."
12615 CVE-2008-3001 94 Exec Code 2008-07-03 2017-08-07
9.3
None Remote Medium Not required Complete Complete Complete
The Aggregation module 5.x before 5.x-4.4 for Drupal allows remote attackers to upload files with arbitrary extensions, and possibly execute arbitrary code, via a crafted feed that allows upload of files with arbitrary extensions.
12616 CVE-2008-2992 119 Exec Code Overflow 2008-11-04 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104.
12617 CVE-2008-2959 119 Exec Code Overflow 2008-07-02 2017-09-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in a certain ActiveX control (vb6skit.dll) in Microsoft Visual Basic Enterprise Edition 6.0 SP6 might allow remote attackers to execute arbitrary code via a long lpstrLinkPath argument to the fCreateShellLink function.
12618 CVE-2008-2928 119 DoS Exec Code Overflow 2008-08-29 2017-09-28
10.0
None Remote Low Not required Complete Complete Complete
Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7.1 before SP7 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted Accept-Language HTTP header.
12619 CVE-2008-2910 119 Exec Code Overflow 2008-06-30 2017-09-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in the DXTTextOutEffect ActiveX control (aka the Text-Effect DXT Filter), as distributed in TextOut.dll 6.0.18.1 and mvtextout.dll, in muvee autoProducer 6.0 and 6.1 allows remote attackers to execute arbitrary code via a long FontSetting property value.
12620 CVE-2008-2908 119 Exec Code Overflow 2008-06-30 2017-08-07
9.3
Admin Remote Medium Not required Complete Complete Complete
Multiple stack-based buffer overflows in a certain ActiveX control in ienipp.ocx in Novell iPrint Client for Windows before 4.36 allow remote attackers to execute arbitrary code via a long value of the (1) operation, (2) printer-url, or (3) target-frame parameter. NOTE: some of these details are obtained from third party information.
12621 CVE-2008-2899 2008-06-27 2017-08-07
10.0
Admin Remote Low Not required Complete Complete Complete
Unspecified vulnerability in includes/classes/page.php in j00lean-CMS 1.03 has unknown impact and attack vectors.
12622 CVE-2008-2898 22 Dir. Trav. File Inclusion 2008-06-27 2017-09-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Directory traversal vulnerability in includes/header.php in Hedgehog-CMS 1.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the c_temp_path parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.
12623 CVE-2008-2894 22 Dir. Trav. 2008-06-27 2017-08-07
9.3
None Remote Medium Not required Complete Complete Complete
Directory traversal vulnerability in the FTP client in NCH Software Classic FTP 1.02 for Windows allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345.
12624 CVE-2008-2888 94 Exec Code File Inclusion 2008-06-27 2017-09-28
10.0
None Remote Low Not required Complete Complete Complete
Multiple PHP remote file inclusion vulnerabilities in MiGCMS 2.0.5, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[application][app_root] parameter to (1) collection.class.php and (2) content_image.class.php in lib/obj/.
12625 CVE-2008-2886 94 Exec Code File Inclusion 2008-06-27 2017-09-28
9.3
None Remote Medium Not required Complete Complete Complete
PHP remote file inclusion vulnerability in include/plugins/jrBrowser/purchase.php in Jamroom 3.3.0 through 3.3.5, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the jamroom[jm_dir] parameter.
12626 CVE-2008-2885 94 Exec Code File Inclusion 2008-06-27 2017-09-28
9.3
Admin Remote Medium Not required Complete Complete Complete
PHP remote file inclusion vulnerability in src/browser/resource/categories/resource_categories_view.php in Open Digital Assets Repository System (ODARS) 1.0.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the CLASSES_ROOT parameter.
12627 CVE-2008-2884 94 Exec Code File Inclusion 2008-06-27 2018-10-11
9.3
None Remote Medium Not required Complete Complete Complete
PHP remote file inclusion vulnerability in display.php in RSS-aggregator allows remote attackers to execute arbitrary PHP code via a URL in the path parameter. NOTE: some of these details are obtained from third party information.
12628 CVE-2008-2880 119 Exec Code Overflow 2008-06-26 2017-08-07
9.3
Admin Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in the IBM AFP Viewer Plug-in 2.0.7.1 and 3.2.1.1 allows remote attackers to execute arbitrary code via a long SRC property value. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
12629 CVE-2008-2851 119 Overflow 2008-06-25 2017-08-07
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in OFF System before 0.19.14 allow remote attackers to have an unknown impact via unspecified vectors related to "parsing of http headers."
12630 CVE-2008-2833 287 Bypass 2008-06-24 2017-09-28
10.0
Admin Remote Low Not required Complete Complete Complete
admin/upload.php in le.cms 1.4 and earlier allows remote attackers to bypass administrative authentication, and upload and execute arbitrary files in images/, via a nonzero value for the submit0 parameter in conjunction with filenames in the filename and upload parameters.
12631 CVE-2008-2832 94 Exec Code 2008-06-24 2017-09-28
10.0
Admin Remote Low Not required Complete Complete Complete
Unrestricted file upload vulnerability in calendar_admin.asp in Full Revolution aspWebCalendar 2008 allows remote attackers to upload and execute arbitrary code via the FILE1 parameter in an uploadfileprocess action, probably followed by a direct request to the file in calendar/eventimages/.
12632 CVE-2008-2828 119 DoS Exec Code Overflow 2008-06-23 2017-08-07
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in tmsnc allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an MSN packet with a UBX command containing a large UBX payload length field.
12633 CVE-2008-2824 264 2008-06-23 2017-08-07
10.0
Admin Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Extensible Interface Platform in Web Services in Xerox WorkCentre 7655, 7665, and 7675 allows remote attackers to make configuration changes via unknown vectors.
12634 CVE-2008-2822 22 Dir. Trav. 2008-06-23 2017-08-07
9.3
None Remote Medium Not required Complete Complete Complete
Multiple directory traversal vulnerabilities in the FTP client in 3D-FTP Client 8.01 (8.0 build 1) allow remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a (1) LIST or (2) MLSD command.
12635 CVE-2008-2821 22 Dir. Trav. 2008-06-23 2017-08-07
9.3
None Remote Medium Not required Complete Complete Complete
Directory traversal vulnerability in the FTP client in Glub Tech Secure FTP before 2.5.16 on Windows allows remote FTP servers to create or overwrite arbitrary files via a ..\ (dot dot backslash) in a response to a LIST command, a related issue to CVE-2002-1345.
12636 CVE-2008-2811 399 DoS Exec Code Overflow 2008-07-07 2018-10-11
10.0
None Remote Low Not required Complete Complete Complete
The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose display requires more pixels than nscoord_MAX, related to nsBlockFrame::DrainOverflowLines.
12637 CVE-2008-2799 399 DoS Exec Code 2008-07-07 2018-10-11
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors related to the JavaScript engine.
12638 CVE-2008-2798 399 DoS Exec Code 2008-07-07 2018-10-11
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown vectors related to the layout engine.
12639 CVE-2008-2786 119 Overflow 2008-06-19 2017-08-07
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in Firefox 3.0 and 2.0.x has unknown impact and attack vectors. NOTE: due to lack of details as of 20080619, it is not clear whether this is the same issue as CVE-2008-2785. A CVE identifier has been assigned for tracking purposes.
12640 CVE-2008-2785 189 Exec Code Overflow 2008-06-19 2018-10-11
9.3
Admin Remote Medium Not required Complete Complete Complete
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote attackers to execute arbitrary code via a large number of references to a common CSS object, leading to a counter overflow and a free of in-use memory, aka ZDI-CAN-349.
12641 CVE-2008-2779 22 Exec Code Dir. Trav. 2008-06-19 2017-08-07
9.3
None Remote Medium Not required Complete Complete Complete
Directory traversal vulnerability in GlobalSCAPE CuteFTP Home 8.2.0 Build 02.26.2008.4 and CuteFTP Pro 8.2.0 Build 04.01.2008.1 allows remote FTP servers to create or overwrite arbitrary files via ..\ (dot dot backslash) sequences in responses to LIST commands, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder.
12642 CVE-2008-2745 119 Exec Code Overflow 2008-06-17 2017-09-28
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in BiAnno ActiveX Control (BiAnno.ocx) in Black Ice Software Annotation Plugin 10.95 allows remote attackers to execute arbitrary code via a long parameter to the AnnoSaveToTiff method.
12643 CVE-2008-2712 20 Exec Code 2008-06-16 2018-11-01
9.3
None Remote Medium Not required Complete Complete Complete
Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3) xpm.vim, (4) gzip_vim, and (5) netrw. NOTE: the originally reported version was 7.1.314, but the researcher actually found this set of issues in 7.1.298. NOTE: the zipplugin issue (originally vector 2 in this identifier) has been subsumed by CVE-2008-3075.
12644 CVE-2008-2705 287 Bypass 2008-06-16 2017-08-07
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Sun Java System Access Manager (AM) 7.1, when used with certain versions and configurations of Sun Directory Server Enterprise Edition (DSEE), allows remote attackers to bypass authentication via unspecified vectors.
12645 CVE-2008-2703 119 Exec Code Overflow 2008-06-13 2018-10-11
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attackers to execute arbitrary code via "spoofed server responses" that contain a long string after the NM_A_SZ_TRANSACTION_ID field name.
12646 CVE-2008-2702 22 Exec Code Dir. Trav. 2008-06-13 2017-11-22
9.3
None Remote Medium Not required Complete Complete Complete
Directory traversal vulnerability in the FTP client in ALTools ESTsoft ALFTP 4.1 beta 2 and 5.0 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345. NOTE: this can be leveraged for code execution by writing to a Startup folder.
12647 CVE-2008-2693 119 Exec Code Overflow 2008-06-13 2017-09-28
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the BITIFF.BITiffCtrl.1 ActiveX control in BITiff.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via a long first argument to the SetByteOrder method.
12648 CVE-2008-2690 94 Exec Code File Inclusion 2008-06-13 2017-08-07
9.3
None Remote Medium Not required Complete Complete Complete
Multiple PHP remote file inclusion vulnerabilities in BrowserCRM 5.002.00, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the bcrm_pub_root parameter to (1) kb.php, (2) login.php, (3) index.php, (4) contact_view.php, and (5) contact.php in pub/, different vectors than CVE-2008-2689. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
12649 CVE-2008-2689 94 Exec Code File Inclusion 2008-06-13 2017-09-28
10.0
None Remote Low Not required Complete Complete Complete
PHP remote file inclusion vulnerability in pub/clients.php in BrowserCRM 5.002.00 allows remote attackers to execute arbitrary PHP code via a URL in the bcrm_pub_root parameter.
12650 CVE-2008-2684 94 Exec Code Mem. Corr. 2008-06-12 2017-09-28
9.3
Admin Remote Medium Not required Complete Complete Complete
The BIDIB.BIDIBCtrl.1 ActiveX control in BIDIB.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via long strings in the two arguments to the DownloadImageFileURL method, which trigger memory corruption. NOTE: some of these details are obtained from third party information.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.