CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
13501 CVE-2007-5546 119 DoS Exec Code Overflow 2007-10-18 2018-10-15
9.3
Admin Remote Medium Not required Complete Complete Complete
Multiple stack-based buffer overflows in TIBCO SmartPGM FX allow remote attackers to execute arbitrary code or cause a denial of service (service stop and file-transfer outage) via unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.
13502 CVE-2007-5543 119 1 Exec Code Overflow 2009-03-18 2009-03-18
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590.
13503 CVE-2007-5542 119 1 Exec Code Overflow 2009-03-18 2009-03-18
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in Miranda IM 0.6.8 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590.
13504 CVE-2007-5541 20 Exec Code 2007-10-17 2017-07-28
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Opera before 9.24, when using an "external" newsgroup or e-mail client, allows remote attackers to execute arbitrary commands via unknown vectors.
13505 CVE-2007-5539 +Priv 2007-10-17 2017-07-28
9.0
None Remote Low Single system Complete Complete Complete
Unspecified vulnerability in Cisco Unified Intelligent Contact Management Enterprise (ICME), Unified ICM Hosted (ICMH), Unified Contact Center Enterprise (UCCE), Unified Contact Center Hosted (UCCH), and System Unified Contact Center Enterprise (SUCCE) 7.1(5) allows remote authenticated users to gain privileges, and read reports or change the SUCCE configuration, via certain web interfaces, aka CSCsj55686.
13506 CVE-2007-5538 119 DoS Exec Code Overflow 2007-10-17 2017-07-28
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712.
13507 CVE-2007-5535 2007-10-17 2017-07-28
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in newbb_plus in RunCms 1.5.2 has unknown impact and attack vectors.
13508 CVE-2007-5534 2007-10-17 2012-10-22
9.0
None Remote Low Single system Complete Complete Complete
Unspecified vulnerability in the HCM component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9 Bundle 13 9.0 Bundle 3 has unknown impact and remote attack vectors, aka PSE_HCM01.
13509 CVE-2007-5531 2007-10-17 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Oracle Help for Web, as used in Oracle Application Server, Oracle Database 10.2.0.3, and Enterprise Manager 10.1.0.6, has unknown impact and remote attack vectors, aka EM02.
13510 CVE-2007-5530 2007-10-17 2012-10-22
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Database Control component in Oracle Database 10.1.0.5 and 10.2.0.3, and Enterprise Manager, has unknown impact and remote attack vectors, aka EM01.
13511 CVE-2007-5528 2007-10-17 2012-10-22
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in Oracle E-Business Suite 12.0.2 have unknown impact and attack vectors related to (1) Public Sector Human Resources (APP03) and (2) Quoting component (APP06).
13512 CVE-2007-5526 2007-10-17 2012-10-22
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.0.2, 10.1.2.2, and 10.1.4.1, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS11.
13513 CVE-2007-5491 22 Dir. Trav. 2007-10-17 2008-09-05
9.0
None Remote Low Single system Complete Complete Complete
Directory traversal vulnerability in the translation module (translator.php) in SiteBar 3.3.8 allows remote authenticated users to chmod arbitrary files to 0777 via ".." sequences in the lang parameter.
13514 CVE-2007-5487 119 Exec Code Overflow 2007-10-16 2017-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in COWON America jetAudio Basic 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a long URL in an EXTM3U section of a .m3u file.
13515 CVE-2007-5483 2007-10-16 2017-07-28
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Administrative Scripting Tools (such as wsadmin or ANT) in IBM WebSphere Application Server 5.x and 6.0.x has unknown impact and attack vectors.
13516 CVE-2007-5476 2007-10-17 2017-07-28
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, when running on Opera before 9.24 on Mac OS X, has unknown "Highly Severe" impact and unknown attack vectors.
13517 CVE-2007-5467 189 DoS Exec Code Overflow 2007-10-15 2017-09-28
10.0
None Remote Low Not required Complete Complete Complete
Integer overflow in eXtremail 2.1.1 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long USER command containing "%s" sequences to the pop3 port (110/tcp), which are expanded to "%%s" before being used in the memmove function, possibly due to an incomplete fix for CVE-2001-1078.
13518 CVE-2007-5466 119 Exec Code Overflow 2007-10-15 2017-09-28
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in eXtremail 2.1.1 and earlier allow remote attackers to (1) have an unknown impact by sending multiple long strings to the IMAP port (143/tcp); (2) execute arbitrary code via a long string in an IMAP AUTHENTICATE PLAIN action, involving the ifParseAuthPlain function; (3) execute arbitrary code via a long LOGIN command to the admin interface port (4501/tcp); or (4) execute arbitrary code via a long string in an IMAP AUTHENTICATE LOGIN (aka CRAM-MD5 authentication) action, involving the ifProcImapAuth1 function.
13519 CVE-2007-5452 89 Exec Code Sql 2007-10-14 2017-09-28
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple SQL injection vulnerabilities in php-stats.recjs.php in Php-Stats 0.1.9.2 allow remote attackers to execute arbitrary SQL commands via the (1) ip or (2) t parameter.
13520 CVE-2007-5450 119 DoS Overflow 2007-10-14 2017-09-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Safari on the Apple iPod touch (aka iTouch) and iPhone 1.1.1 allows user-assisted remote attackers to cause a denial of service (application crash), and enable filesystem browsing by the local user, via a certain TIFF file.
13521 CVE-2007-5419 16 2007-10-12 2018-10-15
10.0
Admin Remote Low Not required Complete Complete Complete
The 3Com 3CRWER100-75 router with 1.2.10ww software, when enabling an optional virtual server, configures this server to accept all source IP addresses on the external (Internet) interface unless the user selects other options, which might expose the router to unintended incoming traffic from remote attackers, as demonstrated by setting up a virtual server on port 80, which allows remote attackers to access the web management interface.
13522 CVE-2007-5406 DoS 2008-04-10 2018-10-15
9.3
None Remote Medium Not required Complete Complete Complete
kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted .ag file.
13523 CVE-2007-5405 119 Exec Code Overflow 2008-04-10 2018-10-15
9.3
None Remote Medium Not required Complete Complete Complete
Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with (1) a long ENCODING attribute in a *BEGIN tag, (2) a long token, or (3) the initial *BEGIN tag.
13524 CVE-2007-5400 119 Exec Code Overflow 2008-07-28 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in the Shockwave Flash (SWF) frame handling in RealNetworks RealPlayer 10.5 Build 6.0.12.1483 might allow remote attackers to execute arbitrary code via a crafted SWF file.
13525 CVE-2007-5399 119 Exec Code Overflow 2008-04-10 2018-10-15
9.3
None Remote Medium Not required Complete Complete Complete
Multiple heap-based buffer overflows in emlsr.dll in the EML reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, allow remote attackers to execute arbitrary code via a long (1) To, (2) Cc, (3) Bcc, (4) From, (5) Date, (6) Subject, (7) Priority, (8) Importance, or (9) X-MSMail-Priority header; (10) a long string at the beginning of an RFC2047 encoded-word in a header; (11) a long text string in an RFC2047 encoded-word in a header; or (12) a long Subject header, related to creation of an associated filename.
13526 CVE-2007-5398 119 Exec Code Overflow 2007-11-16 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requests followed by a WINS Name Query request.
13527 CVE-2007-5395 119 Exec Code Overflow 2007-11-07 2018-10-15
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the separate_word function in tokenize.c in Link Grammar 4.1b and possibly other versions, as used in AbiWord Link Grammar 4.2.4, allows remote attackers to execute arbitrary code via a long word, as reachable through the separate_sentence function.
13528 CVE-2007-5394 119 Exec Code Overflow 2008-10-30 2018-10-15
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in AldFs32.dll in Adobe PageMaker 7.0.1 and 7.0.2 allows user-assisted remote attackers to execute arbitrary code via a .PMD file with a crafted font structure, a different vulnerability than CVE-2007-5169 and CVE-2007-6432.
13529 CVE-2007-5393 119 Exec Code Overflow 2007-11-07 2017-09-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.
13530 CVE-2007-5392 119 Exec Code Overflow 2007-11-07 2017-09-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.
13531 CVE-2007-5391 287 2007-10-12 2008-11-15
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in HP Select Identity 4.01 through 4.01.010 and 4.10 through 4.13.001 allows remote attackers to obtain unspecified access via unknown vectors.
13532 CVE-2007-5383 287 Bypass CSRF 2007-10-11 2018-10-15
10.0
Admin Remote Low Not required Complete Complete Complete
The Thomson/Alcatel SpeedTouch 7G router, as used for the BT Home Hub 6.2.6.B and earlier, allows remote attackers on an intranet to bypass authentication and gain administrative access via vectors including a '/' (slash) character at the end of the PATH_INFO to cgi/b, aka "double-slash auth bypass." NOTE: remote attackers outside the intranet can exploit this by leveraging a separate CSRF vulnerability. NOTE: SpeedTouch 780 might also be affected by some of these issues.
13533 CVE-2007-5382 264 +Priv 2007-10-11 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
The conversion utility for converting CiscoWorks Wireless LAN Solution Engine (WLSE) 4.1.91.0 and earlier to Cisco Wireless Control System (WCS) creates administrator accounts with default usernames and passwords, which allows remote attackers to gain privileges.
13534 CVE-2007-5381 119 Exec Code Overflow 2007-10-11 2017-07-28
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message to be printed, as demonstrated by a telnet session to the LPD from a source port other than 515.
13535 CVE-2007-5372 89 Exec Code Sql 2007-10-11 2018-10-15
10.0
None Remote Low Not required Complete Complete Complete
Multiple SQL injection vulnerabilities in (a) LedgerSMB 1.0.0 through 1.2.7 and (b) DWS Systems SQL-Ledger 2.x allow remote attackers to execute arbitrary SQL commands via (1) the invoice quantity field or (2) the sort field.
13536 CVE-2007-5364 22 Dir. Trav. 2007-10-10 2018-10-15
10.0
None Remote Low Not required Complete Complete Complete
** DISPUTED ** Directory traversal vulnerability in payments/ideal_process.php in the iDEAL transaction handler in ViArt Shopping Cart allows remote attackers to have an unknown impact via directory traversal sequences in the filename parameter to the createCertFingerprint function. NOTE: this issue is disputed by CVE because PHP encounters a fatal function-call error on a direct request for payments/ideal_process.php.
13537 CVE-2007-5351 94 Exec Code 2007-12-11 2018-10-15
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Server Message Block Version 2 (SMBv2) signing support in Microsoft Windows Vista allows remote attackers to force signature re-computation and execute arbitrary code via a crafted SMBv2 packet, aka "SMBv2 Signing Vulnerability."
13538 CVE-2007-5348 189 Exec Code Overflow 2008-09-10 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via an image file with crafted gradient sizes in gradient fill input, which triggers a heap-based buffer overflow related to GdiPlus.dll and VGX.DLL, aka "GDI+ VML Buffer Overrun Vulnerability."
13539 CVE-2007-5338 264 2007-10-21 2018-10-15
9.3
None Remote Medium Not required Complete Complete Complete
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome action is performed.
13540 CVE-2007-5332 399 Mem. Corr. 2007-10-12 2018-10-15
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in (1) mediasvr and (2) caloggerd in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, have unknown impact and attack vectors related to memory corruption.
13541 CVE-2007-5331 94 Exec Code 2007-10-12 2018-10-15
10.0
None Remote Low Not required Complete Complete Complete
Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers.
13542 CVE-2007-5330 119 Exec Code Overflow Mem. Corr. 2007-10-12 2018-10-15
10.0
Admin Remote Low Not required Complete Complete Complete
The cadbd RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to (1) execute arbitrary code via stack-based buffer overflows in unspecified RPC procedures, and (2) trigger memory corruption related to the use of "handle" RPC arguments as pointers.
13543 CVE-2007-5329 399 Mem. Corr. 2007-10-12 2018-10-15
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption.
13544 CVE-2007-5328 264 Exec Code 2007-10-12 2018-10-15
10.0
Admin Remote Low Not required Complete Complete Complete
The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows attackers to execute arbitrary code by using certain "insecure method calls" to modify the file system and registry, aka "Privileged function exposure."
13545 CVE-2007-5327 119 Exec Code Overflow 2007-10-12 2018-10-15
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum.
13546 CVE-2007-5326 119 Exec Code Overflow 2007-10-12 2018-10-15
10.0
None Remote Low Not required Complete Complete Complete
Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.
13547 CVE-2007-5325 119 Exec Code Overflow 2007-10-12 2018-10-15
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in (1) the Message Engine and (2) AScore.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.
13548 CVE-2007-5323 119 Exec Code Overflow 2007-10-10 2017-07-28
10.0
None Remote Low Not required Complete Complete Complete
The RepliStor Server Service in EMC Replistor 6.1.3 allows remote attackers to execute arbitrary code via a size value that causes RepliStor to create a smaller buffer than expected, which triggers a buffer overflow when that buffer is used in a recv function call.
13549 CVE-2007-5279 119 Exec Code Overflow 2007-10-08 2017-07-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in ConeXware PowerArchiver before 10.20.21 might allow remote attackers to execute arbitrary code via a long filename in a BlackHole archive.
13550 CVE-2007-5257 119 Exec Code Overflow 2007-10-06 2017-09-28
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the EDraw.OfficeViewer ActiveX control in officeviewer.ocx in EDraw Office Viewer Component 5.3.220.1 and earlier allows remote attackers to execute arbitrary code via long strings in the first and second arguments to the FtpDownloadFile method, a different vector than CVE-2007-4821 and CVE-2007-3169.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.