CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
14901 CVE-2007-5928 119 Overflow 2007-11-09 2008-09-05
9.0
Admin Remote Low Single system Complete Complete Complete
OpenBase 10.0.5 and earlier allows remote authenticated users to trigger a free of an arbitrary memory location via long strings in a SELECT statement. NOTE: this might be a buffer overflow, but it is not clear.
14902 CVE-2007-5929 119 DoS Exec Code Overflow 2007-11-09 2017-07-28
9.0
Admin Remote Low Single system Complete Complete Complete
Buffer overflow in OpenBase 10.0.5 and earlier might allow remote authenticated users to execute arbitrary code or cause a denial of service (daemon crash) by creating a stored procedure with a long name and invoking this procedure, which triggers heap corruption.
14903 CVE-2007-5972 119 Overflow 2007-12-05 2010-05-27
9.0
Admin Remote Low Single system Complete Complete Complete
Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store this key.
14904 CVE-2007-6033 264 2007-11-19 2008-11-15
9.0
Admin Remote Low Single system Complete Complete Complete
Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everyone/Full Control), which allows remote authenticated attackers, and possibly anonymous users, to execute arbitrary programs.
14905 CVE-2007-6237 287 2007-12-04 2018-10-15
9.0
Admin Remote Low Single system Complete Complete Complete
cp.php in DeluxeBB 1.09 does not verify that the membercookie parameter corresponds to the authenticated member during a profile update, which allows remote authenticated users to change the e-mail addresses of arbitrary accounts via a modified membercookie parameter, a different vector than CVE-2006-4078. NOTE: this can be leveraged for administrative access by requesting password-reset e-mail through a lostpw action to misc.php.
14906 CVE-2008-0086 119 Exec Code Overflow 2008-07-08 2018-10-15
9.0
Admin Remote Low Single system Complete Complete Complete
Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE 2000) SP4, and 2000 Desktop Engine (WMSDE) allows remote authenticated users to execute arbitrary code via a crafted SQL expression.
14907 CVE-2008-0106 119 Exec Code Overflow 2008-07-08 2018-10-15
9.0
Admin Remote Low Single system Complete Complete Complete
Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 Express Edition SP1 and SP2, allows remote authenticated users to execute arbitrary code via a crafted insert statement.
14908 CVE-2008-0107 189 Exec Code Overflow Mem. Corr. 2008-07-08 2018-10-15
9.0
None Remote Low Single system Complete Complete Complete
Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 allows remote authenticated users to execute arbitrary code via a (1) SMB or (2) WebDAV pathname for an on-disk file (aka stored backup file) with a crafted record size value, which triggers a heap-based buffer overflow, aka "SQL Server Memory Corruption Vulnerability."
14909 CVE-2008-0590 119 DoS Exec Code Overflow 2008-02-05 2019-08-13
9.0
Admin Remote Low Single system Complete Complete Complete
Buffer overflow in Ipswitch WS_FTP Server with SSH 6.1.0.0 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long opendir command.
14910 CVE-2008-0699 Exec Code 2008-02-11 2018-11-01
9.0
Admin Remote Low Single system Complete Complete Complete
Unspecified vulnerability in the ADMIN_SP_C procedure (SYSPROC.ADMIN_SP_C) in IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unspecified attack vectors.
14911 CVE-2008-0892 20 Exec Code 2008-04-16 2018-10-30
9.0
Admin Remote Low Single system Complete Complete Complete
The replication monitor CGI script (repl-monitor-cgi.pl) in Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, allows remote attackers to execute arbitrary commands.
14912 CVE-2008-0962 119 Exec Code Overflow 2008-04-14 2017-08-07
9.0
Admin Remote Low Single system Complete Complete Complete
Stack-based buffer overflow in the File System Manager for EMC DiskXtender 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted request to the RPC interface.
14913 CVE-2008-0963 134 Exec Code 2008-04-14 2017-08-07
9.0
Admin Remote Low Single system Complete Complete Complete
Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted message to the RPC interface.
14914 CVE-2008-1276 119 Exec Code Overflow 2008-03-10 2018-10-11
9.0
None Remote Low Single system Complete Complete Complete
Multiple buffer overflows in the IMAP service (MEIMAPS.EXE) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allow remote authenticated attackers to execute arbitrary code via long arguments to the (1) FETCH, (2) EXAMINE, and (3) UNSUBSCRIBE commands.
14915 CVE-2008-1277 20 DoS 2008-03-10 2018-10-11
9.0
None Remote Low Single system Complete Complete Complete
The IMAP service (MEIMAPS.exe) in MailEnable Professional Edition and Enterprise Edition 3.13 and earlier allows remote attackers to cause a denial of service (crash) via (1) SEARCH and (2) APPEND commands without required arguments, which triggers a NULL pointer dereference.
14916 CVE-2008-1377 189 Exec Code 2008-06-16 2018-10-11
9.0
Admin Remote Low Single system Complete Complete Complete
The (1) SProcRecordCreateContext and (2) SProcRecordRegisterClients functions in the Record extension and the (3) SProcSecurityGenerateAuthorization function in the Security extension in the X server 1.4 in X.Org X11R7.3 allow context-dependent attackers to execute arbitrary code via requests with crafted length values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.
14917 CVE-2008-1436 264 +Priv 2008-04-21 2018-10-30
9.0
Admin Remote Low Single system Complete Complete Complete
Microsoft Windows XP Professional SP2, Vista, and Server 2003 and 2008 does not properly assign activities to the (1) NetworkService and (2) LocalService accounts, which might allow context-dependent attackers to gain privileges by using one service process to capture a resource from a second service process that has a LocalSystem privilege-escalation ability, related to improper management of the SeImpersonatePrivilege user right, as originally reported for Internet Information Services (IIS), aka Token Kidnapping.
14918 CVE-2008-1446 189 Exec Code Overflow 2008-10-14 2019-07-03
9.0
None Remote Low Single system Complete Complete Complete
Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to execute arbitrary code via an HTTP POST request that triggers an outbound IPP connection from a web server to a machine operated by the attacker, aka "Integer Overflow in IPP Service Vulnerability."
14919 CVE-2008-1456 20 Exec Code 2008-08-13 2018-10-30
9.0
Admin Remote Low Single system Complete Complete Complete
Array index vulnerability in the Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote authenticated users to execute arbitrary code via a crafted event subscription request that is used to access an array of function pointers.
14920 CVE-2008-1457 20 Exec Code 2008-08-13 2018-10-30
9.0
None Remote Low Single system Complete Complete Complete
The Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 does not properly validate per-user subscriptions, which allows remote authenticated users to execute arbitrary code via a crafted event subscription request.
14921 CVE-2008-1497 119 Exec Code Overflow 2008-03-25 2018-10-11
9.0
Admin Remote Low Single system Complete Complete Complete
Stack-based buffer overflow in the IMAP service in NetWin SurgeMail 38k4-4 and earlier allows remote authenticated users to execute arbitrary code via long arguments to the LSUB command.
14922 CVE-2008-1498 119 Exec Code Overflow 2008-03-25 2017-09-28
9.0
None Remote Low Single system Complete Complete Complete
Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3.8k4-4 and earlier allows remote authenticated users to execute arbitrary code via a long first argument to the LIST command.
14923 CVE-2008-1665 Exec Code 2008-07-17 2017-08-07
9.0
None Remote Low Single system Complete Complete Complete
Multiple unspecified vulnerabilities in HP Select Identity (HPSI) Active Directory Bidirectional LDAP Connector 2.20, 2.20.001, 2.20.002, and 2.30 allow remote attackers to execute arbitrary code via unspecified vectors.
14924 CVE-2008-1725 2008-04-11 2017-09-28
9.0
None Remote Medium Not required Partial Complete Complete
The IBizEBank.FIProfile.1 ActiveX control in fiprofile20.ocx in IBiz E-Banking Integrator (formerly IBiz OFX Integrator) 2.0.2932 exposes the unsafe WriteOFXDataFile method, which allows remote attackers to overwrite arbitrary files via a full pathname in the argument. NOTE: some of these details are obtained from third party information.
14925 CVE-2008-1814 2008-04-16 2018-10-11
9.0
Admin Remote Low Single system Complete Complete Complete
Unspecified vulnerability in the Oracle Secure Enterprise Search or Ultrasearch component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3 and 10.1.2.2; and Oracle Collaboration Suite 10.1.2; has unknown impact and remote attack vectors, aka DB04.
14926 CVE-2008-1817 Sql 2008-04-16 2018-10-11
9.0
Admin Remote Low Single system Complete Complete Complete
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 have unknown impact and remote attack vectors related to (1) SDO_IDX in the Spatial component, aka DB07; and (2) Core RDBMS, aka DB10. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB07 is SQL injection.
14927 CVE-2008-1821 Overflow 2008-04-16 2018-10-11
9.0
Admin Remote Low Single system Complete Complete Complete
Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.0.1.5 FIPS+, and 10.1.0.5 has unknown impact and remote attack vectors related to SYS.DBMS_AQJMS_INTERNAL, aka DB15. NOTE: the previous information was obtained from the April 2008 CPU. Oracle has not commented on reliable researcher claims that DB15 is for multiple buffer overflows in the (1) AQ$_REGISTER and (2) AQ$_UNREGISTER procedures.
14928 CVE-2008-1828 2008-04-16 2018-10-11
9.0
None Remote Low Single system Complete Complete Complete
Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.19, 8.48.16, and 8.49.09 has unknown impact and remote authenticated attack vectors, aka PSE01.
14929 CVE-2008-1829 2008-04-16 2018-10-11
9.0
Admin Remote Low Single system Complete Complete Complete
Unspecified vulnerability in the PeopleSoft HCM Recruiting component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.8 SP1 has unknown impact and remote attack vectors, aka PSE02.
14930 CVE-2008-1830 2008-04-16 2018-10-11
9.0
None Remote Low Single system Complete Complete Complete
Unspecified vulnerability in the PeopleSoft HCM ePerformance component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9 and 9.0 has unknown impact and remote attack vectors, aka PSE03.
14931 CVE-2008-1866 94 2008-04-17 2017-09-28
9.0
Admin Remote Low Single system Complete Complete Complete
admin/modif_config.php in Blog Pixel Motion (aka PixelMotion) does not require admin authentication, which allows remote authenticated users to upload arbitrary PHP scripts in a ZIP archive, which is written to templateZip/ and then automatically extracted under templates/ for execution via a direct request.
14932 CVE-2008-1988 20 2008-04-27 2017-08-07
9.0
Admin Remote Low Single system Complete Complete Complete
Unrestricted file upload vulnerability in the file_upload function in core/misc.class.php in EncapsGallery 2.0.2 allows remote authenticated administrators to upload and execute arbitrary PHP files by uploading a file with an executable extension, then accessing it via a direct request to the file in the rwx_gallery directory. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
14933 CVE-2008-1997 94 Exec Code 2008-04-28 2018-10-11
9.0
Admin Remote Low Single system Complete Complete Complete
Unspecified vulnerability in the ADMIN_SP_C2 procedure in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unknown vectors. NOTE: the ADMIN_SP_C issue is already covered by CVE-2008-0699.
14934 CVE-2008-2053 2008-05-22 2017-08-07
9.0
Admin Remote Low Single system Complete Complete Complete
Unspecified vulnerability in Cisco Unified Customer Voice Portal (CVP) 4.0.x before 4.0(2)_ES14, 4.1.x before 4.1(1)_ES11, and 7.x before 7.0(1) allows remote authenticated users with administrator role privileges to create, modify, or delete a superuser account.
14935 CVE-2008-2081 22 Dir. Trav. 2008-05-05 2017-09-28
9.0
Admin Remote Low Single system Complete Complete Complete
Directory traversal vulnerability in index.php in Siteman 2.0.x2 allows remote authenticated administrators to include and execute arbitrary local files via a .. (dot dot) in the module parameter.
14936 CVE-2008-2097 119 Overflow +Priv 2008-06-05 2018-10-11
9.0
Admin Remote Low Single system Complete Complete Complete
Buffer overflow in the openwsman management service in VMware ESXi 3.5 and ESX 3.5 allows remote authenticated users to gain privileges via an "invalid Content-Length."
14937 CVE-2008-2216 264 2008-05-14 2017-09-28
9.0
None Remote Low Single system Complete Complete Complete
Unrestricted file upload vulnerability in src/yopy_upload.php in Project-Based Calendaring System (PBCS) 0.7.1 allows remote authenticated users to upload arbitrary files to tmp/uploads.
14938 CVE-2008-2273 +Priv 2008-05-16 2018-10-11
9.0
Admin Remote Low Single system Complete Complete Complete
Unspecified vulnerability in the TACACS authentication component in Aruba Mobility Controller 3.1.x, 3.2.x, and 3.3.x allows remote authenticated users to gain privileges via unknown vectors.
14939 CVE-2008-2360 189 Exec Code Overflow 2008-06-16 2018-10-11
9.0
None Remote Low Single system Complete Complete Complete
Integer overflow in the AllocateGlyph function in the Render extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to execute arbitrary code via unspecified request fields that are used to calculate a heap buffer size, which triggers a heap-based buffer overflow.
14940 CVE-2008-2392 20 2008-05-21 2018-10-31
9.0
Admin Remote Low Single system Complete Complete Complete
Unrestricted file upload vulnerability in WordPress 2.5.1 and earlier might allow remote authenticated administrators to upload and execute arbitrary PHP files via the Upload section in the Write Tabs area of the dashboard.
14941 CVE-2008-3538 Exec Code 2008-09-02 2017-08-07
9.0
None Remote Low Single system Complete Complete Complete
Unspecified vulnerability in HP Enterprise Discovery 2.0 through 2.52 on Windows allows remote authenticated users to execute arbitrary code via unknown vectors. NOTE: the initial description of this CVE was inadvertently associated with libxml2, but it should be for HP Enterprise Discovery.
14942 CVE-2008-3544 119 Exec Code Overflow 2008-10-13 2013-08-19
9.0
None Remote Low Not required Partial Partial Complete
Multiple stack-based buffer overflows in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, and possibly 7.01, 7.50, and 7.53, allow remote attackers to execute arbitrary code via a long (1) REQUEST_SEV_CHANGE (aka number 47), (2) REQUEST_SAVE_STATE (aka number 61), or (3) REQUEST_RESTORE_STATE (aka number 62) request to TCP port 2954.
14943 CVE-2008-3547 119 DoS Exec Code Overflow 2009-03-10 2017-08-07
9.0
Admin Remote Low Single system Complete Complete Complete
Buffer overflow in the server in OpenTTD 0.6.1 and earlier allows remote authenticated users to cause a denial of service (persistent game disruption) or possibly execute arbitrary code via vectors involving many long names for "companies and clients."
14944 CVE-2008-3618 264 2008-09-16 2017-08-07
9.0
None Remote Low Single system Complete Complete Complete
The File Sharing pane in the Sharing preference pane in Apple Mac OS X 10.5 through 10.5.4 does not inform users that the complete contents of their own home directories are shared for their own use, which might allow attackers to leverage other vulnerabilities and access files for which sharing was unintended.
14945 CVE-2008-3650 XSS 2008-08-12 2017-08-07
9.0
None Remote Low Single system Complete Complete Complete
Multiple unspecified vulnerabilities in Horde Groupware Webmail before Edition 1.1.1 (final) have unknown impact and attack vectors related to "unescaped output," possibly cross-site scripting (XSS), in the (1) object browser and (2) contact view.
14946 CVE-2008-4305 94 2008-12-23 2017-08-07
9.0
Admin Remote Low Single system Complete Complete Complete
Static code injection vulnerability in installation/setup.php in phpCollab 2.5 rc3 and earlier allows remote authenticated administrators to inject arbitrary PHP code into include/settings.php via the URI.
14947 CVE-2008-4415 264 Exec Code 2008-11-17 2012-10-30
9.0
None Remote Low Single system Complete Complete Complete
Unspecified vulnerability in HP Service Manager (HPSM) before 7.01.71 allows remote authenticated users to execute arbitrary code via unknown vectors.
14948 CVE-2008-4452 119 DoS Exec Code Overflow 2008-10-06 2017-09-28
9.0
None Remote Low Not required Partial Partial Complete
Buffer overflow in Cambridge Computer Corporation vxFtpSrv 2.0.3 allows remote attackers to cause a denial of service (crash and hang) and possibly execute arbitrary code via a long CWD request.
14949 CVE-2008-4501 22 Dir. Trav. 2008-10-08 2017-09-28
9.0
None Remote Low Single system Complete Complete Complete
Directory traversal vulnerability in the FTP server in Serv-U 7.0.0.1 through 7.3, including 7.2.0.1, allows remote authenticated users to overwrite or create arbitrary files via a ..\ (dot dot backslash) in the RNTO command.
14950 CVE-2008-4645 94 Exec Code 2008-10-21 2017-09-28
9.0
Admin Remote Low Single system Complete Complete Complete
plugins/event_tracer/event_list.php in PhpWebGallery 1.7.2 and earlier allows remote authenticated administrators to execute arbitrary PHP code via PHP sequences in the sort parameter, which is processed by create_function.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.