CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
14401 CVE-2006-3651 Exec Code 2006-10-10 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted attackers to execute arbitrary code via a crafted mail merge file, a different vulnerability than CVE-2006-3647 and CVE-2006-4693.
14402 CVE-2006-3650 94 Exec Code 2006-10-10 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac do not properly parse the length of a chart record, which allows remote user-assisted attackers to execute arbitrary code via a Word document with an embedded malformed chart record that triggers an overwrite of pointer values with values from the document, a different vulnerability than CVE-2006-3434, CVE-2006-3864, and CVE-2006-3868.
14403 CVE-2006-3647 189 Exec Code Overflow 2006-10-10 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Integer overflow in Microsoft Word 2000, 2002, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string in a Word document, which overflows a 16-bit integer length value, aka "Memmove Code Execution," a different vulnerability than CVE-2006-3651 and CVE-2006-4693.
14404 CVE-2006-3632 119 DoS Exec Code Overflow 2006-07-21 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector.
14405 CVE-2006-3628 134 DoS Exec Code 2006-07-21 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) ANSI MAP, (2) Checkpoint FW-1, (3) MQ, (4) XML, and (5) NTP dissectors.
14406 CVE-2006-3601 +Priv 2006-07-18 2016-11-28
10.0
Admin Remote Low Not required Complete Complete Complete
** UNVERIFIABLE ** Unspecified vulnerability in an unspecified DNN Modules module for DotNetNuke (.net nuke) allows remote attackers to gain privileges via unspecified vectors, as used in an attack against the Microsoft France web site. NOTE: due to the lack of details and uncertainty about which product is affected, this claim is not independently verifiable.
14407 CVE-2006-3573 134 Exec Code 2006-07-13 2018-10-18
10.0
None Remote Low Not required Complete Complete Complete
Format string vulnerability in the WriteText function in agl_text.cpp in Milan Mimica Sparklet 0.9.4 and earlier allows remote attackers to execute arbitrary code via format string specifiers in a player nickname.
14408 CVE-2006-3553 Exec Code Bypass 2006-07-12 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
PlaNet Concept planetNews allows remote attackers to bypass authentication and execute arbitrary code via a direct request to news/admin/planetnews.php.
14409 CVE-2006-3498 Exec Code Overflow 2006-08-02 2017-07-19
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in bootpd in the DHCP component for Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to execute arbitrary code via a crafted BOOTP request.
14410 CVE-2006-3448 119 Exec Code Overflow 2007-02-13 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in the Step-by-Step Interactive Training in Microsoft Windows 2000 SP4, XP SP2 and Professional, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a long Syllabus string in crafted bookmark link files (cbo, cbl, or .cbm), a different issue than CVE-2005-1212.
14411 CVE-2006-3441 Exec Code Overflow 2006-08-08 2018-10-12
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the DNS Client service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted record response. NOTE: while MS06-041 implies that there is a single issue, there are multiple vectors, and likely multiple vulnerabilities, related to (1) a heap-based buffer overflow in a DNS server response to the client, (2) a DNS server response with malformed ATMA records, and (3) a length miscalculation in TXT, HINFO, X25, and ISDN records.
14412 CVE-2006-3440 Exec Code Overflow 2006-08-08 2018-10-12
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the Winsock API in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via unknown vectors, aka "Winsock Hostname Vulnerability."
14413 CVE-2006-3439 Exec Code Overflow 2006-08-08 2018-10-12
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314.
14414 CVE-2006-3438 Exec Code Overflow 2006-08-08 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Hyperlink Object Library (hlink.dll), possibly a buffer overflow, allows user-assisted attackers to execute arbitrary code via crafted hyperlinks that are not properly handled when hlink.dll "uses a file containing a malformed function," aka "Hyperlink Object Function Vulnerability."
14415 CVE-2006-3435 94 Exec Code 2006-10-10 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
PowerPoint in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac does not properly parse the slide notes field in a document, which allows remote user-assisted attackers to execute arbitrary code via crafted data in this field, which triggers an erroneous object pointer calculation that uses data from within the document. NOTE: this issue is different than other PowerPoint vulnerabilities including CVE-2006-4694.
14416 CVE-2006-3434 Exec Code Mem. Corr. 2006-10-10 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string that triggers memory corruption.
14417 CVE-2006-3423 20 Exec Code 2006-07-06 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
WebEx Downloader ActiveX Control and WebEx Downloader Java before 2.1.0.0 do not validate downloaded components, which allows remote attackers to execute arbitrary code via a website that activates the GpcUrlRoot and GpcIniFileName ActiveX controls to cause the client to download a DLL file.
14418 CVE-2006-3308 XSS 2006-06-28 2017-07-19
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in the wpprop code for Project EROS bbsengine before 20060622-0315 has unknown impact and remote attack vectors via [img] tags, possibly cross-site scripting (XSS).
14419 CVE-2006-3291 16 2006-06-28 2017-07-19
9.3
Admin Remote Medium Not required Complete Complete Complete
The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all security and password configurations and allows remote attackers to access the system.
14420 CVE-2006-3232 2006-06-27 2009-06-17
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in IBM WebSphere Application Server before 6.0.2.11 has unknown impact and attack vectors because the "UserNameToken cache was improperly used."
14421 CVE-2006-3228 Exec Code Overflow 2006-06-26 2017-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in in_midi.dll for WinAmp 2.90 up to 5.23, including 5.21, allows remote attackers to execute arbitrary code via a crafted .mid (MIDI) file.
14422 CVE-2006-3203 255 +Priv 2006-06-23 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
The installation of Ultimate PHP Board (UPB) 1.9.6 and earlier includes a default administrator login account and password, which allows remote attackers to gain privileges.
14423 CVE-2006-3134 Exec Code Overflow 2006-06-27 2017-07-19
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in GraceNote CDDBControl ActiveX Control, as used by multiple products that use Gracenote CDDB, allows remote attackers to execute arbitrary code via a long option string.
14424 CVE-2006-3086 119 DoS Exec Code Overflow 2006-06-19 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName function in Microsoft Hyperlink Object Library (hlink.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long hyperlink, as demonstrated using an Excel worksheet with a long link in Unicode, aka "Hyperlink COM Object Buffer Overflow Vulnerability." NOTE: this is a different issue than CVE-2006-3059.
14425 CVE-2006-3059 Exec Code 2006-06-17 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors. NOTE: this is a different vulnerability than CVE-2006-3086.
14426 CVE-2006-3017 2006-06-14 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations.
14427 CVE-2006-3016 Sql XSS Http R.Spl. 2006-06-14 2018-10-18
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in session.c in PHP before 5.1.3 has unknown impact and attack vectors, related to "certain characters in session names," including special characters that are frequently associated with CRLF injection, SQL injection, cross-site scripting (XSS), and HTTP response splitting vulnerabilities. NOTE: while the nature of the vulnerability is unspecified, it is likely that this is related to a violation of an expectation by PHP applications that the session name is alphanumeric, as implied in the PHP manual for session_name().
14428 CVE-2006-2869 2006-06-06 2017-07-19
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the CHM unpacker in avast! before 4.7.844 has unknown impact and remote attack vectors.
14429 CVE-2006-2807 2006-06-05 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
ASPwebSoft Speedy Asp Discussion Forum allows remote attackers to change the password of any account via a modified account id and possibly arbitrary values of the name, email, country, password, and passwordre parameters to profileupdate.asp.
14430 CVE-2006-2787 +Priv 2006-06-02 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.
14431 CVE-2006-2780 94 DoS Exec Code Overflow Mem. Corr. 2006-06-02 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Integer overflow in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via "jsstr tagify," which leads to memory corruption.
14432 CVE-2006-2779 94 DoS Exec Code Mem. Corr. 2006-06-02 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Mozilla Firefox and Thunderbird before 1.5.0.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) nested <option> tags in a select tag, (2) a DOMNodeRemoved mutation event, (3) "Content-implemented tree views," (4) BoxObjects, (5) the XBL implementation, (6) an iframe that attempts to remove itself, which leads to memory corruption.
14433 CVE-2006-2630 Exec Code Overflow 2006-05-27 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors.
14434 CVE-2006-2547 Exec Code 2006-05-23 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the sapdba command in SAP with Informix before 700, and 700 up to patch 100, allows local users to execute arbitrary commands via unknown vectors related to "insecure environment variable" handling.
14435 CVE-2006-2496 DoS Exec Code Overflow 2006-05-19 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in iMonitor 2.4 in Novell eDirectory 8.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown attack vectors.
14436 CVE-2006-2433 2006-05-17 2009-06-17
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and 6.0.2.7 has unknown impact and attack vectors related to the "administrative console".
14437 CVE-2006-2430 +Priv 2006-05-17 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 records user credentials in plaintext in addNode.log, which allows attackers to gain privileges.
14438 CVE-2006-2429 2006-05-17 2009-06-17
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and 6.0.2.7 has unknown impact and remote attack vectors related to "HTTP request handlers".
14439 CVE-2006-2389 94 Exec Code Mem. Corr. 2006-07-11 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with a malformed property that triggers memory corruption related to record lengths, aka "Microsoft Office Property Vulnerability," a different vulnerability than CVE-2006-1316.
14440 CVE-2006-2388 94 Exec Code 2006-07-13 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via malformed cell comments, which lead to modification of "critical data offsets" during the rebuilding process.
14441 CVE-2006-2383 Exec Code 2006-06-13 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX control, which causes Internet Explorer to crash in a way that enables the code execution.
14442 CVE-2006-2382 119 Exec Code Overflow Mem. Corr. 2006-06-13 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via crafted UTF-8 encoded HTML that results in size discrepancies during conversion to Unicode, aka "HTML Decoding Memory Corruption Vulnerability."
14443 CVE-2006-2379 119 Exec Code Overflow 2006-06-13 2019-04-30
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing.
14444 CVE-2006-2373 264 Exec Code 2006-06-13 2018-10-12
10.0
Admin Remote Low Not required Complete Complete Complete
The Server Message Block (SMB) driver (MRXSMB.SYS) in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows local users to execute arbitrary code by calling the MrxSmbCscIoctlOpenForCopyChunk function with the METHOD_NEITHER method flag and an arbitrary address, possibly for kernel memory, aka the "SMB Driver Elevation of Privilege Vulnerability."
14445 CVE-2006-2372 119 Exec Code Overflow 2006-07-11 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the DHCP Client service for Microsoft Windows 2000 SP4, Windows XP SP1 and SP2, and Server 2003 up to SP1 allows remote attackers to execute arbitrary code via a crafted DHCP response.
14446 CVE-2006-2324 Exec Code 2006-05-11 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
180solutions Zango downloads "required Adware components" without checking integrity or authenticity, which might allow context-dependent attackers to execute arbitrary code by subverting the DNS resolution of static.zangocash.com.
14447 CVE-2006-2306 XSS 2006-05-11 2017-07-19
9.3
None Remote Medium Not required Complete Complete Complete
Cross-site scripting (XSS) vulnerability in moreinfo.asp in EPublisherPro allows remote attackers to inject arbitrary web script or HTML via the title parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
14448 CVE-2006-2304 Exec Code Overflow 2006-05-11 2018-10-18
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple integer overflows in the DPRPC library (DPRPCW32.DLL) in Novell Client 4.83 SP3, 4.90 SP2 and 4.91 SP2 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. NOTE: this was originally reported to be a buffer overflow by Novell, but the original cause is an integer overflow.
14449 CVE-2006-2273 2006-05-11 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
The InstallProduct routine in the Verisign VUpdater.Install (aka i-Nav) ActiveX control does not verify Microsoft Cabinet (.CAB) files, which allows remote attackers to run an arbitrary executable file.
14450 CVE-2006-2218 Exec Code Mem. Corr. 2006-05-05 2018-10-18
9.3
Admin Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Internet Explorer 6.0 on Microsoft Windows XP SP2 allows remote attackers to execute arbitrary code via "exceptional conditions" that trigger memory corruption, as demonstrated using an exception handler and nested object tags, a variant of CVE-2006-1992.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.