CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
17001 CVE-2006-1359 94 DoS Exec Code 2006-03-23 2018-10-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 and 7 Beta 2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a certain createTextRange call on a checkbox object, which results in a dereference of an invalid table pointer.
17002 CVE-2006-1318 94 Exec Code 2014-09-19 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office document, aka "Microsoft Office Control Vulnerability."
17003 CVE-2006-1316 94 Exec Code Mem. Corr. 2006-07-11 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with malformed string that triggers memory corruption related to record lengths, aka "Microsoft Office Parsing Vulnerability," a different vulnerability than CVE-2006-2389.
17004 CVE-2006-1311 Exec Code Mem. Corr. 2007-02-13 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption.
17005 CVE-2006-1309 94 Exec Code Mem. Corr. 2006-07-13 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted LABEL record that triggers memory corruption.
17006 CVE-2006-1308 94 Exec Code 2006-07-13 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted FNGROUPCOUNT value.
17007 CVE-2006-1306 94 Exec Code 2006-07-13 2018-10-18
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted BIFF record with an attacker-controlled array index that is used for a function pointer, aka "Malformed OBJECT record Vulnerability."
17008 CVE-2006-1304 94 Exec Code Overflow 2006-07-13 2018-10-18
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted COLINFO record, which triggers the overflow during a "data filling operation."
17009 CVE-2006-1303 94 Exec Code Mem. Corr. 2006-06-13 2018-10-18
9.3
None Remote Medium Not required Complete Complete Complete
Multiple unspecified vulnerabilities in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allow remote attackers to execute arbitrary code by instantiating certain COM objects from Wmm2fxa.dll as ActiveX controls including (1) DXImageTransform.Microsoft.MMSpecialEffect1Input, (2) DXImageTransform.Microsoft.MMSpecialEffect1Input.1, (3) DXImageTransform.Microsoft.MMSpecialEffect2Inputs, (4) DXImageTransform.Microsoft.MMSpecialEffect2Inputs.1, (5) DXImageTransform.Microsoft.MMSpecialEffectInplace1Input, and (6) DXImageTransform.Microsoft.MMSpecialEffectInplace1Input.1, which causes memory corruption during garbage collection.
17010 CVE-2006-1302 119 Exec Code Overflow Mem. Corr. 2006-07-13 2018-10-18
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with certain crafted fields in a SELECTION record, which triggers memory corruption, aka "Malformed SELECTION record Vulnerability."
17011 CVE-2006-1301 94 Exec Code Mem. Corr. 2006-07-13 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted SELECTION record that triggers memory corruption, a different vulnerability than CVE-2006-1302.
17012 CVE-2006-1276 Bypass 2006-03-19 2017-07-20
10.0
None Remote Low Not required Complete Complete Complete
admin.php in Himpfen Consulting Company PHP SimpleNEWS 1.0.0 allows remote attackers to bypass authentication by setting the admin parameter in a cookie.
17013 CVE-2006-1255 DoS Exec Code Overflow 2006-03-19 2017-07-20
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the IMAP service in Mercur Messaging 5.0 SP3 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string to the (1) LOGIN or (2) SELECT command, a different set of attack vectors and possibly a different vulnerability than CVE-2003-1177.
17014 CVE-2006-1254 2006-03-19 2017-07-20
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in BorderWare MXtreme 5.0 and 6.0 allows remote attackers to have an unknown impact via unknown attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
17015 CVE-2006-1250 2006-03-19 2011-03-08
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the Webmail module in Winmail before 4.3 has unknown impact and unknown remote attack vectors.
17016 CVE-2006-1190 Exec Code 2006-04-11 2018-10-12
10.0
None Remote Low Not required Complete Complete Complete
Microsoft Internet Explorer 5.01 through 6 does not always return the correct IOleClientSite information when dynamically creating an embedded object, which could cause Internet Explorer to run the object in the wrong security context or zone, and allow remote attackers to execute arbitrary code.
17017 CVE-2006-1189 119 Exec Code Overflow Mem. Corr. 2006-04-11 2018-10-12
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via a crafted URL with an International Domain Name (IDN) using double-byte character sets (DBCS), aka the "Double Byte Character Parsing Memory Corruption Vulnerability."
17018 CVE-2006-1186 Exec Code Mem. Corr. 2006-04-11 2018-10-12
10.0
None Remote Low Not required Complete Complete Complete
Microsoft Internet Explorer 5.01 through 6 allows remote attackers to execute arbitrary code via by instantiating the (1) Mdt2gddr.dll, (2) Mdt2dd.dll, and (3) Mdt2gddo.dll COM objects as ActiveX controls, which leads to memory corruption.
17019 CVE-2006-1123 Exec Code Sql 2006-03-09 2018-10-18
10.0
None Remote Low Not required Complete Complete Complete
SQL injection vulnerability in D2KBlog 1.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the memName parameter in a cookie.
17020 CVE-2006-1085 Exec Code +Priv Bypass 2006-03-09 2018-10-18
10.0
None Remote Low Not required Complete Complete Complete
admin.php in PHP-Stats 0.1.9.1 and earlier allows remote attackers to bypass authentication, gain administrator privileges, and execute arbitrary PHP code by modifying the option[admin_pass] parameter and setting the pass_cookie to the MD5 hash of the specified password.
17021 CVE-2006-1069 +Priv 2006-03-07 2011-03-08
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the session handling for Geeklog 1.4.x before 1.4.0sr2, 1.3.11 before 1.3.11sr5, 1.3.9 before 1.3.9sr5, and possibly earlier versions allows attackers to gain privileges as arbitrary users via unknown vectors.
17022 CVE-2006-1047 2006-03-07 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the "Remember Me login functionality" in Joomla! 1.0.7 and earlier has unknown impact and attack vectors.
17023 CVE-2006-1038 Overflow 2006-03-07 2017-07-20
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in SecureCRT 5.0.4 and earlier and SecureFX 3.0.4 and earlier allows remote attackers to have an unknown impact when a Unicode string is converted to a "narrow" string.
17024 CVE-2006-1017 2006-03-07 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
The c-client library 2000, 2001, or 2004 for PHP before 4.4.4 and 5.x before 5.1.5 do not check the (1) safe_mode or (2) open_basedir functions, and when used in applications that accept user-controlled input for the mailbox argument to the imap_open function, allow remote attackers to obtain access to an IMAP stream data structure and conduct unauthorized IMAP actions.
17025 CVE-2006-1002 255 2006-03-06 2018-10-18
10.0
None Remote Low Not required Complete Complete Complete
NETGEAR WGT624 Wireless DSL router has a default account of super_username "Gearguy" and super_passwd "Geardog", which allows remote attackers to modify the configuration. NOTE: followup posts have suggested that this might not occur with all WGT624 routers.
17026 CVE-2006-1000 Exec Code Sql Bypass 2006-03-06 2018-10-18
10.0
None Remote Low Not required Complete Complete Complete
Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 and earlier allow remote attackers to execute arbitrary SQL commands and bypass authentication via the (1) newsid parameter to newsdetailsview.asp and (2) password parameter to login.asp.
17027 CVE-2006-0992 Exec Code Overflow 2006-04-14 2018-10-18
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon. NOTE: due to a typo, the original ZDI advisory accidentally referenced CVE-2006-0092. This is the correct identifier.
17028 CVE-2006-0990 Exec Code Overflow 2006-03-28 2018-10-18
9.0
None Remote Low ??? Complete Complete Complete
Stack-based buffer overflow in the NetBackup Catalog daemon (bpdbm) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors.
17029 CVE-2006-0989 Exec Code Overflow 2006-03-28 2018-10-18
9.0
None Remote Low ??? Complete Complete Complete
Stack-based buffer overflow in the volume manager daemon (vmd) in Veritas NetBackup Enterprise Server 5.0 through 6.0 and DataCenter and BusinesServer 4.5FP and 4.5MP allows attackers to execute arbitrary code via unknown vectors.
17030 CVE-2006-0979 2006-03-03 2017-07-20
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the local weblog publisher in Nidelven IT Issue Dealer before 0.9.96 has unknown impact and attack vectors.
17031 CVE-2006-0884 20 Bypass +Info 2006-02-24 2018-10-18
9.3
None Remote Medium Not required Complete Complete Complete
The WYSIWYG rendering engine ("rich mail" editor) in Mozilla Thunderbird 1.0.7 and earlier allows user-assisted attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail.
17032 CVE-2006-0874 2006-02-24 2017-07-20
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in Intensive Point iUser Ecommerce before 2.2 have unspecified vectors and impact, as addressed by "Urgent secure fixes". NOTE: this might be a duplicate of CVE-2006-0854, but the vendor announcement for this issue (from January 8, 2005) is too vague to be sure, and CVE-2006-0854 does not provide version information.
17033 CVE-2006-0864 +Priv 2006-02-23 2018-10-18
10.0
None Remote Low Not required Complete Complete Complete
filescan in Global Hauri ViRobot 2.0 20050817 does not verify the Cookie HTTP header, which allows remote attackers to gain administrative privileges via an arbitrary cookie value.
17034 CVE-2006-0789 2006-02-19 2017-07-20
10.0
None Remote Low Not required Complete Complete Complete
Certain unspecified Kyocera printers have a default "admin" account with a blank password, which allows remote attackers to access an administrative menu via a telnet session.
17035 CVE-2006-0751 2006-02-18 2011-03-08
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the (1) Filesystem in USErspace (FUSE) client and (2) NOOFS daemon in in Network Object Oriented File System (NOOFS) before 0.9.0 have unspecified impact and attack vectors.
17036 CVE-2006-0749 399 DoS Exec Code Mem. Corr. 2006-04-14 2018-10-19
9.3
None Remote Medium Not required Complete Complete Complete
nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors involving a "particular sequence of HTML tags" that leads to memory corruption.
17037 CVE-2006-0748 399 Exec Code 2006-04-14 2018-10-19
9.3
None Remote Medium Not required Complete Complete Complete
Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that results in a negative array index.
17038 CVE-2006-0736 Exec Code Overflow 2006-02-27 2020-02-24
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors.
17039 CVE-2006-0708 Exec Code Overflow 2006-02-15 2018-10-19
9.3
None Remote Medium Not required Complete Complete Complete
Multiple buffer overflows in NullSoft Winamp 5.13 and earlier allow remote attackers to execute arbitrary code via (1) an m3u file containing a long URL ending in .wma, (2) a pls file containing a File1 field with a long URL ending in .wma, or (3) an m3u file with a long filename, variants of CVE-2005-3188 and CVE-2006-0476.
17040 CVE-2006-0698 Sql 2006-02-15 2017-07-20
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerabilities in Zen Cart before 1.2.7 allow remote attackers to cause unknown impact via unspecified vectors related to "other attempted exploits" other than SQL injection.
17041 CVE-2006-0697 264 2006-02-15 2013-01-03
10.0
None Remote Low Not required Complete Complete Complete
Zen Cart before 1.2.7 does not protect the admin/includes directory, which allows remote attackers to cause unknown impact via unspecified vectors, probably direct requests.
17042 CVE-2006-0686 +Priv 2006-02-15 2018-10-19
10.0
None Remote Low Not required Complete Complete Complete
add_user.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not check user privileges when adding a new administrative user, which allows remote attackers to gain unauthorized access.
17043 CVE-2006-0685 2006-02-15 2018-10-19
10.0
None Remote Low Not required Complete Complete Complete
The check_login function in login.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not exit when authentication fails, which allows remote attackers to gain unauthorized access.
17044 CVE-2006-0672 2006-02-13 2011-03-07
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in HP PSC 1210 All-in-One Drivers before 1.0.06 has unknown impact and attack vectors.
17045 CVE-2006-0665 2006-02-13 2011-03-08
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in (1) query_store.php and (2) manage_proj_create.php in Mantis before 1.0.0 has unknown impact and attack vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. An original vendor bug report is referenced, but not accessible to the general public.
17046 CVE-2006-0559 Exec Code 2006-04-04 2018-10-19
10.0
None Remote Low Not required Complete Complete Complete
Format string vulnerability in the SMTP server for McAfee WebShield 4.5 MR2 and earlier allows remote attackers to execute arbitrary code via format strings in the domain name portion of a destination address, which are not properly handled when a bounce message is constructed.
17047 CVE-2006-0411 +Priv 2006-01-25 2017-07-20
10.0
None Remote Low Not required Complete Complete Complete
claro_init_local.inc.php in Claroline 1.7.2 uses guessable session cookies (MD5 hash of connection time), which allows remote attackers to hijack sessions and possibly gain administrative privileges.
17048 CVE-2006-0323 119 Exec Code Overflow 2006-03-23 2018-10-19
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations.
17049 CVE-2006-0316 Exec Code Overflow 2006-01-19 2017-07-20
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in YGPPicFinder.DLL in AOL You've Got Pictures (YGP) Picture Finder Tool ActiveX Control, as used in AOL 8.0, 8.0 Plus, and 9.0 Classic, allows remote attackers to execute arbitrary code via unspecified vectors.
17050 CVE-2006-0303 2006-01-19 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the (1) publishing component, (2) Contact Component, (3) TinyMCE Compressor, and (4) other components in Joomla! 1.0.5 and earlier have unknown impact and attack vectors.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.