CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
12951 CVE-2008-1497 119 Exec Code Overflow 2008-03-25 2018-10-11
9.0
Admin Remote Low Single system Complete Complete Complete
Stack-based buffer overflow in the IMAP service in NetWin SurgeMail 38k4-4 and earlier allows remote authenticated users to execute arbitrary code via long arguments to the LSUB command.
12952 CVE-2008-1491 119 Exec Code Overflow 2008-03-25 2018-10-11
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the DPC Proxy server (DpcProxy.exe) in ASUS Remote Console (aka ARC or ASMB3) 2.0.0.19 and 2.0.0.24 allows remote attackers to execute arbitrary code via a long string to TCP port 623.
12953 CVE-2008-1490 119 Exec Code Overflow 2008-03-25 2017-08-07
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in a certain Aurigma ActiveX control in ImageUploader4.ocx 4.1.36.0, as used with Piczo (aka Pizco) and possibly other online services, allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a long Action property, a different CLSID than CVE-2008-0659.
12954 CVE-2008-1472 119 DoS Exec Code Overflow 2008-03-24 2018-10-11
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the ListCtrl ActiveX Control (ListCtrl.ocx), as used in multiple CA products including BrightStor ARCserve Backup R11.5, Desktop Management Suite r11.1 through r11.2, and Unicenter products r11.1 through r11.2, allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a long argument to the AddColumn method.
12955 CVE-2008-1465 89 Exec Code Sql 2008-03-24 2017-09-28
9.3
Admin Remote Medium Not required Complete Complete Complete
SQL injection vulnerability in the Detodas Restaurante (com_restaurante) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php, a different product than CVE-2008-0562.
12956 CVE-2008-1457 20 Exec Code 2008-08-13 2018-10-30
9.0
None Remote Low Single system Complete Complete Complete
The Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate per-user subscriptions, which allows remote authenticated users to execute arbitrary code via a crafted event subscription request.
12957 CVE-2008-1456 20 Exec Code 2008-08-13 2018-10-30
9.0
Admin Remote Low Single system Complete Complete Complete
Array index vulnerability in the Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote authenticated users to execute arbitrary code via a crafted event subscription request that is used to access an array of function pointers.
12958 CVE-2008-1454 2008-07-08 2018-10-12
9.4
None Remote Low Not required None Complete Complete
Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 allows remote attackers to conduct cache poisoning attacks via unknown vectors related to accepting "records from a response that is outside the remote server's authority," aka "DNS Cache Poisoning Vulnerability," a different vulnerability than CVE-2008-1447.
12959 CVE-2008-1446 189 Exec Code Overflow 2008-10-14 2019-07-03
9.0
None Remote Low Single system Complete Complete Complete
Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to execute arbitrary code via an HTTP POST request that triggers an outbound IPP connection from a web server to a machine operated by the attacker, aka "Integer Overflow in IPP Service Vulnerability."
12960 CVE-2008-1444 119 Exec Code Overflow 2008-06-11 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in Microsoft DirectX 7.0 and 8.1 on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a Synchronized Accessible Media Interchange (SAMI) file with crafted parameters for a Class Name variable, aka the "SAMI Format Parsing Vulnerability."
12961 CVE-2008-1442 119 Exec Code Overflow Mem. Corr. 2008-06-11 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in the substringData method in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code, related to an unspecified manipulation of a DOM object before a call to this method, aka the "HTML Objects Memory Corruption Vulnerability."
12962 CVE-2008-1436 264 +Priv 2008-04-21 2018-10-30
9.0
Admin Remote Low Single system Complete Complete Complete
Microsoft Windows XP Professional SP2, Vista, and Server 2003 and 2008 does not properly assign activities to the (1) NetworkService and (2) LocalService accounts, which might allow context-dependent attackers to gain privileges by using one service process to capture a resource from a second service process that has a LocalSystem privilege-escalation ability, related to improper management of the SeImpersonatePrivilege user right, as originally reported for Internet Information Services (IIS), aka Token Kidnapping.
12963 CVE-2008-1435 94 Exec Code 2008-07-08 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulnerability."
12964 CVE-2008-1434 399 Exec Code Mem. Corr. 2008-05-13 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors, related to a "memory handling error" that triggers memory corruption.
12965 CVE-2008-1423 189 DoS Exec Code Overflow 2008-05-16 2017-09-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow.
12966 CVE-2008-1393 255 2008-03-19 2018-10-11
10.0
Admin Remote Low Not required Complete Complete Complete
Plone CMS 3.0.5, and probably other 3.x versions, places a base64 encoded form of the username and password in the __ac cookie for the admin account, which makes it easier for remote attackers to obtain administrative privileges by sniffing the network.
12967 CVE-2008-1392 16 2008-03-19 2018-10-11
10.0
Admin Remote Low Not required Complete Complete Complete
The default configuration of VMware Workstation 6.0.2, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 makes the console of the guest OS accessible through anonymous VIX API calls, which has unknown impact and attack vectors.
12968 CVE-2008-1390 255 2008-03-24 2018-10-11
9.3
Admin Remote Medium Not required Complete Complete Complete
The AsteriskGUI HTTP server in Asterisk Open Source 1.4.x before 1.4.19-rc3 and 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6, AsteriskNOW before 1.0.2, Appliance Developer Kit before revision 104704, and s800i 1.0.x before 1.1.0.2 generates insufficiently random manager ID values, which makes it easier for remote attackers to hijack a manager session via a series of ID guesses.
12969 CVE-2008-1380 399 DoS 2008-04-17 2018-10-11
9.3
Admin Remote Medium Not required Complete Complete Complete
The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service (garbage collector crash) and possibly have other impacts via a crafted web page. NOTE: this is due to an incorrect fix for CVE-2008-1237.
12970 CVE-2008-1377 189 Exec Code 2008-06-16 2018-10-11
9.0
Admin Remote Low Single system Complete Complete Complete
The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.
12971 CVE-2008-1369 264 +Priv 2008-03-18 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and T5220 servers has /etc/default/login and /etc/ssh/sshd_config files that configure root logins in a manner unintended by the vendor, which allows remote attackers to gain privileges via unspecified vectors.
12972 CVE-2008-1335 Bypass 2008-03-13 2008-12-10
9.3
Admin Remote Medium Not required Complete Complete Complete
The ipsec4_get_ulp function in the kernel in NetBSD 2.0 through 3.1 and NetBSD-current before 20071028, when the fast_ipsec subsystem is enabled, allows remote attackers to bypass the IPsec policy by sending packets from a source machine with a different endianness than the destination machine, a different vulnerability than CVE-2006-0905.
12973 CVE-2008-1331 20 Exec Code 2008-04-02 2019-08-14
10.0
None Remote Low Not required Complete Complete Complete
cgi-data/FastJSData.cgi in OmniPCX Office with Internet Access services OXO210 before 210/091.001, OXO600 before 610/014.001, and other versions, allows remote attackers to execute arbitrary commands and "obtain OXO resources" via shell metacharacters in the id2 parameter.
12974 CVE-2008-1329 Exec Code 2008-04-07 2018-10-11
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the NetBackup service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary commands, related to "insufficient verification of file uploads."
12975 CVE-2008-1328 119 Exec Code Overflow 2008-04-07 2018-10-11
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in the LGServer service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary code via unspecified "command arguments."
12976 CVE-2008-1320 119 DoS Exec Code Overflow 2008-03-13 2018-10-11
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in ASG-Sentry Network Manager 7.0.0 and earlier allow remote attackers to execute arbitrary code or cause a denial of service (crash) via (1) a long request to FxIAList on TCP port 6162, or (2) an SNMP request with a long community string to FxAgent on UDP port 6161.
12977 CVE-2008-1319 Exec Code 2008-03-13 2018-10-11
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path and argument injection vulnerability in the VersantD service in Versant Object Database 7.0.1.3 and earlier, as used in Borland CaliberRM and probably other products, allows remote attackers to execute arbitrary commands via a request to TCP port 5019 with a modified VERSANT_ROOT field.
12978 CVE-2008-1310 22 Dir. Trav. 2008-03-12 2017-08-07
10.0
None Remote Low Not required Complete Complete Complete
Directory traversal vulnerability in the TFTP server in PacketTrap Networks pt360 Tool Suite 1.1.33.1.0, and other versions before 2.0.3900.0, allows remote attackers to read and overwrite arbitrary files via directory traversal sequences in the pathname.
12979 CVE-2008-1309 399 DoS Exec Code 2008-03-12 2018-10-11
9.3
None Remote Medium Not required Complete Complete Complete
The RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, RealPlayer 10.5 before build 6.0.12.1675, and RealPlayer 11 before 11.0.3 build 6.0.14.806 does not properly manage memory for the (1) Console or (2) Controls property, which allows remote attackers to execute arbitrary code or cause a denial of service (browser crash) via a series of assignments of long string values, which triggers an overwrite of freed heap memory.
12980 CVE-2008-1307 119 Exec Code Overflow 2008-03-12 2017-09-28
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in the KUpdateObj2 Class ActiveX control in UpdateOcx2.dll in Beijing KingSoft Antivirus Online Update Module 2007.12.29.29 allows remote attackers to execute arbitrary code via a long argument to the SetUninstallName method.
12981 CVE-2008-1282 119 Exec Code Overflow 2008-03-10 2017-08-07
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in the BFup ActiveX control (BFup.dll) in B21Soft BFup before 1.0.802.29 allows remote attackers to execute arbitrary code via a long FilePath parameter.
12982 CVE-2008-1277 20 DoS 2008-03-10 2018-10-11
9.0
None Remote Low Single system Complete Complete Complete
The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference.
12983 CVE-2008-1276 119 Exec Code Overflow 2008-03-10 2018-10-11
9.0
None Remote Low Single system Complete Complete Complete
Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands.
12984 CVE-2008-1268 287 2008-03-10 2018-10-11
10.0
Admin Remote Low Not required Complete Complete Complete
The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password.
12985 CVE-2008-1262 287 2008-03-10 2018-10-11
10.0
Admin Remote Low Not required Complete Complete Complete
The administration panel on the Airspan WiMax ProST 4.1 antenna with 6.5.38.0 software does not verify authentication credentials, which allows remote attackers to (1) upload malformed firmware or (2) bind the antenna to a different WiMAX base station via unspecified requests to forms under process_adv/.
12986 CVE-2008-1259 287 Bypass 2008-03-10 2018-10-11
9.3
Admin Remote Medium Not required Complete Complete Complete
The Zyxel P-2602HW-D1A router with 3.40(AJZ.1) firmware maintains authentication state by IP address, which allows remote attackers to bypass authentication by establishing a session from a source IP address of a user who previously authenticated within the previous 5 minutes.
12987 CVE-2008-1256 2008-03-10 2018-10-11
10.0
Admin Remote Low Not required Complete Complete Complete
The ZyXEL P-660HW series router has "admin" as its default password, which allows remote attackers to gain administrative access.
12988 CVE-2008-1255 264 Bypass 2008-03-10 2018-10-11
10.0
Admin Remote Low Not required Complete Complete Complete
The ZyXEL P-660HW series router maintains authentication state by IP address, which allows remote attackers to bypass authentication by establishing a session from a source IP address of a previously authenticated user.
12989 CVE-2008-1252 200 +Info 2008-03-10 2018-10-11
10.0
Admin Remote Low Not required Complete Complete Complete
b_banner.stm (aka the login page) on the Deutsche Telekom Speedport W500 DSL router allows remote attackers to obtain the logon password by reading the pwd field in the HTML source.
12990 CVE-2008-1250 352 XSS CSRF 2008-03-10 2018-10-11
9.3
Admin Remote Medium Not required Complete Complete Complete
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface on the central phone server for the Snom 320 SIP Phone allow remote attackers to perform actions as the phone user, as demonstrated by inserting an address-book entry containing an XSS sequence.
12991 CVE-2008-1249 20 DoS 2008-03-10 2018-10-11
9.4
None Remote Low Not required None Complete Complete
snomControl.swf in the central phone server for the Snom 320 SIP Phone allows remote attackers to cause a denial of service (application crash and corruption of call logs) via a "'); (double quote, quote, close parenthesis, semicolon) sequence in the "Call a number" field.
12992 CVE-2008-1247 264 2008-03-10 2018-10-11
10.0
Admin Remote Low Not required Complete Complete Complete
The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allows remote attackers to perform arbitrary administrative actions via a direct request to (1) Advanced.tri, (2) AdvRoute.tri, (3) Basic.tri, (4) ctlog.tri, (5) ddns.tri, (6) dmz.tri, (7) factdefa.tri, (8) filter.tri, (9) fw.tri, (10) manage.tri, (11) ping.tri, (12) PortRange.tri, (13) ptrigger.tri, (14) qos.tri, (15) rstatus.tri, (16) tracert.tri, (17) vpn.tri, (18) WanMac.tri, (19) WBasic.tri, or (20) WFilter.tri. NOTE: the Security.tri vector is already covered by CVE-2006-5202.
12993 CVE-2008-1244 287 2008-03-10 2018-10-11
10.0
Admin Remote Low Not required Complete Complete Complete
cgi-bin/setup_dns.exe on the Belkin F5D7230-4 router with firmware 9.01.10 does not require authentication, which allows remote attackers to perform administrative actions, as demonstrated by changing a DNS server via the dns1_1, dns1_2, dns1_3, and dns1_4 parameters. NOTE: it was later reported that F5D7632-4V6 with firmware 6.01.08 is also affected.
12994 CVE-2008-1242 264 Bypass 2008-03-10 2018-10-11
10.0
Admin Remote Low Not required Complete Complete Complete
The control panel on the Belkin F5D7230-4 router with firmware 9.01.10 maintains authentication state by IP address, which allows remote attackers to bypass authentication by establishing a session from a source IP address of a previously authenticated user, a different vulnerability than CVE-2005-3802.
12995 CVE-2008-1235 Exec Code 2008-03-27 2018-10-11
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via unknown vectors that cause JavaScript to execute with the wrong principal, aka "Privilege escalation via incorrect principals."
12996 CVE-2008-1231 22 Dir. Trav. +Info 2008-03-10 2017-09-28
9.3
None Remote Medium Not required Complete Complete Complete
Directory traversal vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote attackers to include and execute arbitrary local .jsp files, and obtain sensitive information, via a .. (dot dot) in the editor parameter.
12997 CVE-2008-1230 264 2008-03-10 2017-09-28
9.3
None Remote Medium Not required Complete Complete Complete
Unrestricted file upload vulnerability in JSPWiki 2.4.104 and 2.5.139 allows remote attackers to upload and execute arbitrary .jsp files via an unspecified manipulation that attaches a .jsp file to an "entry page."
12998 CVE-2008-1217 94 Exec Code 2008-03-08 2009-09-03
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH, and 8.0.x before 8.0.1 allows remote attackers to execute arbitrary code via a crafted attachment in an e-mail message sent over SMTP, a variant of CVE-2007-6706.
12999 CVE-2008-1210 119 DoS Exec Code Overflow 2008-03-07 2017-08-07
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the ctags parsing code in Programmer's Notepad before 2.0.8.718 allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted .c file, when the victim selects the Jump To dialog. NOTE: some of these details are obtained from third party information.
13000 CVE-2008-1200 Exec Code 2008-03-06 2008-09-05
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Access allows remote user-assisted attackers to execute arbitrary code via a crafted .MDB file, possibly related to Jet Engine (msjet40.dll). NOTE: this is probably a different issue than CVE-2007-6026.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.