CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
13551 CVE-2007-3312 Dir. Trav. 2007-06-21 2017-10-10
9.0
Admin Remote Low Single system Complete Complete Complete
Directory traversal vulnerability in admin/plugin_manager.php in Jasmine CMS 1.0 allows remote authenticated administrators to include and execute arbitrary local files a .. (dot dot) in the u parameter. NOTE: a separate vulnerability could be leveraged to make this issue exploitable by remote unauthenticated attackers.
13552 CVE-2007-3305 Exec Code Overflow 2007-06-20 2017-07-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in Cerulean Studios Trillian 3.x before 3.1.6.0 allows remote attackers to execute arbitrary code via a message sent through the MSN protocol, or possibly other protocols, with a crafted UTF-8 string, which triggers improper memory allocation for word wrapping when a window width is used as a buffer size, a different vulnerability than CVE-2007-2478.
13553 CVE-2007-3302 Exec Code 2007-07-25 2018-10-16
9.3
Admin Remote Medium Not required Complete Complete Complete
The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3.0 SP1 before 3.0.5.81, in CA (formerly Computer Associates) eTrust Intrusion Detection allows remote attackers to load arbitrary DLLs on a client system, and execute code from these DLLs, via unspecified "scriptable functions."
13554 CVE-2007-3300 Bypass 2007-06-20 2017-07-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive.
13555 CVE-2007-3296 2007-06-20 2008-11-15
9.3
None Remote Medium Not required Complete Complete Complete
The ThunderServer.webThunder.1 ActiveX control in xunlei Web Thunderbolt 1.7.3.109 allows remote attackers to download arbitrary files and conduct other unauthorized actions by invoking dangerous methods.
13556 CVE-2007-3290 +Info 2007-06-20 2017-10-10
9.3
Admin Remote Medium Not required Complete Complete Complete
categoria.php in LiveCMS 3.4 and earlier allows remote attackers to obtain sensitive information via a ' (quote) character in the cid parameter, which reveals the path in a forced SQL error message.
13557 CVE-2007-3280 2007-06-19 2018-10-16
9.0
Admin Remote Low Single system Complete Complete Complete
The Database Link library (dblink) in PostgreSQL 8.1 implements functions via CREATE statements that map to arbitrary libraries based on the C programming language, which allows remote authenticated superusers to map and execute a function from any library, as demonstrated by using the system function in libc.so.6 to gain shell access.
13558 CVE-2007-3279 2007-06-19 2018-10-16
10.0
Admin Remote Low Not required Complete Complete Complete
PostgreSQL 8.1 and probably later versions, when the PL/pgSQL (plpgsql) language has been created, grants certain plpgsql privileges to the PUBLIC domain, which allows remote attackers to create and execute functions, as demonstrated by functions that perform local brute-force password guessing attacks, which may evade intrusion detection.
13559 CVE-2007-3277 2007-06-19 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the localization before 1.2 module for WIKINDX allows attackers to access certain administrative capabilities via unknown vectors.
13560 CVE-2007-3270 Exec Code File Inclusion 2007-06-19 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
PHP remote file inclusion vulnerability in Includes/global.inc.php in phpMyInventory 2.8 allows remote attackers to execute arbitrary PHP code via a URL in the strIncludePrefix parameter.
13561 CVE-2007-3266 Dir. Trav. 2007-06-19 2018-10-16
9.0
None Remote Low Not required Complete Partial Partial
Directory traversal vulnerability in webif.cgi in ifnet WEBIF allows remote attackers to include and execute arbitrary local files a .. (dot dot) in the outconfig parameter.
13562 CVE-2007-3264 2007-06-19 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the PD tools component in IBM WebSphere Application Server (WAS) 6.1.0.7 and earlier has unknown impact and attack vectors.
13563 CVE-2007-3263 2007-06-19 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6.1.0.7 and earlier has unknown impact and attack vectors, related to "incorrect authorization on a remote interface to the SDO repository."
13564 CVE-2007-3260 +Priv 2007-06-19 2017-07-28
9.0
Admin Remote Low Single system Complete Complete Complete
HP System Management Homepage (SMH) before 2.1.9 for Linux, when used with Novell eDirectory, assigns the eDirectory members to the root group, which allows remote authenticated eDirectory users to gain privileges.
13565 CVE-2007-3232 2007-06-14 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
The IBM TotalStorage DS400 with firmware 4.15 uses a blank password for the (1) root, (2) user, (3) manager, (4) administrator, and (5) operator accounts, which allows remote attackers to gain login access via certain Linux daemons, including a telnet daemon on a nonstandard port, tcp/6000.
13566 CVE-2007-3216 119 Exec Code Overflow XSS 2007-06-14 2018-10-16
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands.
13567 CVE-2007-3210 Exec Code Overflow 2007-06-14 2017-07-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in nptoken.mox in the Cellosoft Tokens Object 2.0.0.6 extension for Vitalize! allows remote attackers to execute arbitrary code via a long string argument to the RemoveChr method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
13568 CVE-2007-3208 Exec Code 2007-06-14 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
CRLF injection vulnerability in Yet another Bulletin Board (YaBB) 2.1 allows remote attackers to obtain administrative access via requests to (1) register.pl or (2) profile.pl that write CRLF sequences to a .vars file. NOTE: this can be leveraged to execute arbitrary code.
13569 CVE-2007-3193 Bypass 2007-06-12 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
lib/WikiUser/LDAP.php in PhpWiki before 1.3.13p1, when the configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, might allow remote attackers to bypass authentication via an empty password, which causes ldap_bind to return true when used with certain LDAP implementations.
13570 CVE-2007-3192 2007-06-12 2018-10-16
9.4
None Remote Low Not required Complete Complete None
admin/setup.php in Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to read and modify configuration settings via a direct request.
13571 CVE-2007-3191 +Info 2007-06-12 2018-10-16
9.4
None Remote Low Not required Complete Complete None
Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to obtain configuration information via a direct request to admin/adm/test.php, which calls the phpinfo function.
13572 CVE-2007-3186 264 Exec Code 2007-06-12 2018-10-16
9.3
Admin Remote Medium Not required Complete Complete Complete
Apple Safari Beta 3.0.1 for Windows allows remote attackers to execute arbitrary commands via shell metacharacters in a URI in the SRC of an IFRAME, as demonstrated using a gopher URI.
13573 CVE-2007-3181 Exec Code Overflow 2007-06-12 2017-07-28
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute arbitrary code via a large p_cnct_count value in a p_cnct structure in a connect (0x01) request to port 3050/tcp, related to "an InterBase version of gds32.dll."
13574 CVE-2007-3180 119 Overflow 2007-06-12 2018-10-16
9.4
None Remote Low Not required Complete Complete None
Buffer overflow in Help and Support Center before 4.4 C on HP Windows systems allows remote attackers to read or write arbitrary files via unknown vectors.
13575 CVE-2007-3169 119 DoS Exec Code Overflow 2007-06-11 2017-10-10
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in a certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20, and other versions before 5.0, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) or execute arbitrary code via a long first argument to the HttpDownloadFile method.
13576 CVE-2007-3155 2007-06-11 2017-07-28
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in eGroupWare before 1.2.107-2 has unknown impact and attack vectors related to ADOdb. NOTE: due to lack of details from the vendor, it is uncertain whether this issue is already covered by another CVE identifier.
13577 CVE-2007-3154 2007-06-11 2017-07-28
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Walter Zorn wz_tooltip.js (aka wz_tooltips) before 4.01, as used by eGroupWare before 1.2.107-2 and other packages, has unknown impact and remote attack vectors.
13578 CVE-2007-3150 2007-06-11 2008-11-15
9.3
Admin Remote Medium Not required Complete Complete Complete
Google Desktop allows user-assisted remote attackers to execute arbitrary programs via a man-in-the-middle attack that injects JavaScript, a www.google.com search IFRAME, and a META HTTP-EQUIV="refresh" that targets a www.google.com search for a local .exe file, which is displayed in the "results stored on your computer" portion of the search results, and when clicked invokes Google Desktop to execute this file.
13579 CVE-2007-3148 119 Exec Code Overflow 2007-06-11 2018-10-16
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in the Yahoo! Webcam Viewer ActiveX control in ywcvwr.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the receive method.
13580 CVE-2007-3147 119 Exec Code Overflow 2007-06-11 2018-10-16
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ywcupl.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the send method. NOTE: some of these details are obtained from third party information.
13581 CVE-2007-3111 Exec Code Overflow 2007-06-07 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the Provideo Camimage ActiveX control in ISSCamControl.dll 1.0.1.5, when Internet Explorer 6 is used on Windows 2000 SP4, allows remote attackers to execute arbitrary code via a long URL property value.
13582 CVE-2007-3095 Bypass 2007-06-06 2017-07-28
9.0
Admin Remote Low Single system Complete Complete Complete
Unspecified vulnerability in Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, allows attackers to "disable the authentication system" and bypass authentication via unknown vectors.
13583 CVE-2007-3094 Exec Code 2007-06-06 2018-10-30
9.0
Admin Remote Low Single system Complete Complete Complete
Unspecified vulnerability in the authentication mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote authenticated users to execute arbitrary code via unspecified vectors, related to the WBEM server.
13584 CVE-2007-3093 Exec Code 2007-06-06 2018-10-30
10.0
Admin Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote attackers to execute arbitrary code via unspecified vectors, related to the WBEM server.
13585 CVE-2007-3092 2007-06-06 2018-10-16
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 allows remote attackers to spoof the URL bar, and page properties including SSL certificates, by interrupting page loading through certain use of location DOM objects and setTimeout calls. NOTE: this issue can be leveraged for phishing and other attacks.
13586 CVE-2007-3071 Exec Code Overflow 2007-06-06 2017-07-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in the GetWebStoreURL function in a certain ActiveX control in eSellerateControl365.dll 3.6.5.0 in eSellerate SDK allows user-assisted remote attackers to execute arbitrary code via a long first argument.
13587 CVE-2007-3047 2007-06-05 2018-10-16
10.0
Admin Remote Low Not required Complete Complete Complete
The Vonage VoIP Telephone Adapter has a default administrator username "user" and password "user," which allows remote attackers to obtain administrative access.
13588 CVE-2007-3041 Exec Code Mem. Corr. 2007-08-14 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in the pdwizard.ocx ActiveX object for Internet Explorer 5.01, 6 SP1, and 7 allows remote attackers to execute arbitrary code via unknown vectors related to Microsoft Visual Basic 6 objects and memory corruption, aka "ActiveX Object Memory Corruption Vulnerability."
13589 CVE-2007-3040 119 Exec Code Overflow 2007-09-11 2018-10-16
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in agentdpv.dll 2.0.0.3425 in Microsoft Agent on Windows 2000 SP4 allows remote attackers to execute arbitrary code via a crafted URL to the Agent (Agent.Control) ActiveX control, which triggers an overflow within the Agent Service (agentsrv.exe) process, a different issue than CVE-2007-1205.
13590 CVE-2007-3039 119 Exec Code Overflow 2007-12-11 2018-10-16
9.0
Admin Remote Low Single system Complete Complete Complete
Stack-based buffer overflow in the Microsoft Message Queuing (MSMQ) service in Microsoft Windows 2000 Server SP4, Windows 2000 Professional SP4, and Windows XP SP2 allows attackers to execute arbitrary code via a long string in an opnum 0x06 RPC call to port 2103. NOTE: this is remotely exploitable on Windows 2000 Server.
13591 CVE-2007-3034 189 Exec Code Overflow 2007-08-14 2018-10-16
9.3
None Remote Medium Not required Complete Complete Complete
Integer overflow in the AttemptWrite function in Graphics Rendering Engine (GDI) on Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted metafile (image) with a large record length value, which triggers a heap-based buffer overflow.
13592 CVE-2007-3029 Exec Code Mem. Corr. 2007-07-10 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Excel 2002 SP3 and 2003 SP2 allows user-assisted remote attackers to execute arbitrary code via a malformed Excel file containing multiple active worksheets, which results in memory corruption.
13593 CVE-2007-3027 Exec Code Mem. Corr. 2007-06-12 2018-10-16
9.3
Admin Remote Medium Not required Complete Complete Complete
Race condition in Microsoft Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code by causing Internet Explorer to install multiple language packs in a way that triggers memory corruption, aka "Language Pack Installation Vulnerability."
13594 CVE-2007-3026 Exec Code Overflow 2007-07-25 2018-10-16
9.3
Admin Remote Medium Not required Complete Complete Complete
Integer overflow in Panda Software AdminSecure allows remote attackers to execute arbitrary code via crafted packets with modified length values to TCP ports 19226 or 19227, resulting in a heap-based buffer overflow.
13595 CVE-2007-3023 2007-06-07 2012-10-30
10.0
None Remote Low Not required Complete Complete Complete
unsp.c in ClamAV before 0.90.3 and 0.91 before 0.91rc1 does not properly calculate the end of a certain buffer, with unknown impact and remote attack vectors.
13596 CVE-2007-3010 20 Exec Code 2007-09-18 2018-10-16
10.0
None Remote Low Not required Complete Complete Complete
masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during a ping action.
13597 CVE-2007-2987 119 Exec Code Overflow 2007-06-01 2011-09-20
9.3
Admin Remote Medium Not required Complete Complete Complete
Multiple buffer overflows in certain ActiveX controls in sasatl.dll in Zenturi ProgramChecker allow remote attackers to execute arbitrary code via unspecified vectors, possibly involving the (1) DebugMsgLog or (2) DoFileProperties methods.
13598 CVE-2007-2985 264 Exec Code Bypass +Info 2007-06-01 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
Pheap 2.0 allows remote attackers to bypass authentication by setting a pheap_login cookie value to the administrator's username, which can be used to (1) obtain sensitive information, including the administrator password, via settings.php or (2) upload and execute arbitrary PHP code via an update_doc action in edit.php.
13599 CVE-2007-2983 119 Exec Code Overflow 2007-10-25 2017-07-28
9.3
None Remote Medium Not required Complete Complete Complete
Multiple buffer overflows in the British Telecommunications Consumer webhelper ActiveX control before 2.0.0.8 in btwebcontrol.dll allow remote attackers to execute arbitrary code via unspecified vectors.
13600 CVE-2007-2982 Exec Code Overflow 2007-05-31 2017-07-28
9.3
Admin Remote Medium Not required Complete Complete Complete
Multiple buffer overflows in the British Telecommunications Business Connect webhelper ActiveX control before 1.0.0.7 in btbconnectwebcontrol.dll allow remote attackers to execute arbitrary code via unspecified vectors.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.