The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date |
---|---|---|---|
CVE-2009-0225 | Microsoft Office PowerPoint 2002 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 95 native file format, leading to improper array indexing and memory corruption, aka PP7 Memory Corruption Vulnerability. | High | May 16, 2009 |
CVE-2009-0226 | Stack-based buffer overflow in the PowerPoint 4.2 conversion filter in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via a long string in sound data in a file that uses a PowerPoint 4.0 native file format, leading to memory corruption, aka Legacy File Format Vulnerability, a different vulnerability than CVE-2009-0222, CVE-2009-0223, CVE-2009-0227, and CVE-2009-1137. | High | May 15, 2009 |
CVE-2009-0227 | Stack-based buffer overflow in the PowerPoint 4.2 conversion filter (PP4X32.DLL) in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via a large number of structures in sound data in a file that uses a PowerPoint 4.0 native file format, leading to memory corruption, aka Legacy File Format Vulnerability, a different vulnerability than CVE-2009-0222, CVE-2009-0223, CVE-2009-0226, and CVE-2009-1137. | High | May 16, 2009 |
CVE-2009-0228 | Stack-based buffer overflow in the EnumeratePrintShares function in Windows Print Spooler Service (win32spl.dll) in Microsoft Windows 2000 SP4 allows remote printer servers to execute arbitrary code via a a crafted ShareName in a response to an RPC request, related to printing data structures, aka Buffer Overflow in Print Spooler Vulnerability. | High | Jun 13, 2009 |
CVE-2009-0230 | The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows remote authenticated users to gain privileges via a crafted RPC message that triggers loading of a DLL file from an arbitrary directory, aka Print Spooler Load Library Vulnerability. | High | Jun 13, 2009 |
CVE-2009-0231 | Heap-based buffer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table in a data record, aka Embedded OpenType Font Heap Overflow Vulnerability. | High | Jul 15, 2009 |
CVE-2009-0232 | Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table, aka Embedded OpenType Font Integer Overflow Vulnerability. | High | Jul 15, 2009 |
CVE-2009-0235 | Stack-based buffer overflow in the Word 97 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted Word 97 file that triggers memory corruption, aka WordPad Word 97 Text Converter Stack Overflow Vulnerability. | High | Apr 18, 2009 |
CVE-2009-0238 | Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document that triggers an access attempt on an invalid object, as exploited in the wild in February 2009 by Trojan.Mdropper.AC. | High | Feb 25, 2009 |
CVE-2009-0241 | Stack-based buffer overflow in the process_path function in gmetad/server.c in Ganglia 3.1.1 allows remote attackers to cause a denial of service (crash) via a request to the gmetad service with a long pathname. | High | Jan 21, 2009 |
CVE-2009-0242 | Ganglia 3.1.1 allows remote attackers to cause a denial of service via a request to the gmetad service with a path does not exist, which causes Ganglia to (1) perform excessive CPU computation and (2) send the entire tree, which consumes network bandwidth. | High | Jan 29, 2009 |
CVE-2009-0243 | Microsoft Windows does not properly enforce the Autorun and NoDriveTypeAutoRun registry values, which allows physically proximate attackers to execute arbitrary code by (1) inserting CD-ROM media, (2) inserting DVD media, (3) connecting a USB device, and (4) connecting a Firewire device; (5) allows user-assisted remote attackers to execute arbitrary code by mapping a network drive; and allows user-assisted attackers to execute arbitrary code by clicking on (6) an icon under My Computer\\Devices with Removable Storage and (7) an option in an AutoPlay dialog, related to the Autorun.inf file. NOTE: vectors 1 and 3 on Vista are already covered by CVE-2008-0951. | High | Jan 29, 2009 |
CVE-2009-0244 | Directory traversal vulnerability in the OBEX FTP Service in the Microsoft Bluetooth stack in Windows Mobile 6 Professional, and probably Windows Mobile 5.0 for Pocket PC and 5.0 for Pocket PC Phone Edition, allows remote authenticated users to list arbitrary directories, and create or read arbitrary files, via a .. (dot dot) in a pathname. NOTE: this can be leveraged for code execution by writing to a Startup folder. | High | Jan 29, 2009 |
CVE-2009-0246 | Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted attackers to execute arbitrary code via an invalid Radiance RGBE (aka .hdr) file. | High | Jan 29, 2009 |
CVE-2009-0252 | Multiple SQL injection vulnerabilities in default.asp in Enthrallweb eReservations allow remote attackers to execute arbitrary SQL commands via the (1) Login parameter (aka username field) or the (2) Password parameter (aka password field). NOTE: some of these details are obtained from third party information. | High | Jan 22, 2009 |
CVE-2009-0254 | Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted attackers to execute arbitrary code via an invalid Flexible Image Transport System (FITS) file. NOTE: some of these details are obtained from third party information. | High | Jan 29, 2009 |
CVE-2009-0256 | Session fixation vulnerability in the authentication library in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to hijack web sessions via unspecified vectors related to (1) frontend and (2) backend authentication. | High | Jan 29, 2009 |
CVE-2009-0258 | Unspecified vulnerability in the Indexed Search Engine (indexed_search) system extension in TYPO3 4.0.0 through 4.0.9, 4.1.0 through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to execute arbitrary commands via unknown vectors related to the command-line indexer. | High | Jan 29, 2009 |
CVE-2009-0259 | The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows remnote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the wild in December 2008, as demonstrated by 2008-crash.doc.rar, and a similar issue to CVE-2008-4841. | High | Jan 29, 2009 |
CVE-2009-0261 | Stack-based buffer overflow in EffectMatrix Total Video Player 1.31 allows user-assisted attackers to execute arbitrary code via a Skins\\DefaultSkin\\DefaultSkin.ini file with a large ColumnHeaderSpan value. | High | Jan 29, 2009 |
CVE-2009-0262 | Stack-based buffer overflow in Triologic Media Player 7 and 8.0.0.0 allows user-assisted remote attackers to execute arbitrary code via a long string in a .m3u playlist file. NOTE: some of these details are obtained from third party information. | High | Jan 26, 2009 |
CVE-2009-0263 | Multiple buffer overflows in Winamp 5.541 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a large Common Chunk (COMM) header value in an AIFF file and (2) a large invalid value in an MP3 file. | High | Jan 26, 2009 |
CVE-2009-0264 | Buffer overflow in the Registry Setting Tool in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier has unknown impact and attack vectors. | High | Jan 26, 2009 |
CVE-2009-0266 | Stack-based buffer overflow in Triologic Media Player 8.0.0.0 allows user-assisted remote attackers to execute arbitrary code via a long string in a .m3l playlist file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | High | Jan 26, 2009 |
CVE-2009-0270 | Stack-based buffer overflow in PXEService.exe in Fujitsu SystemcastWizard Lite 2.0A, 2.0, 1.9, and earlier allows remote attackers to execute arbitrary code via a large PXE protocol request in a UDP packet. | High | Jan 26, 2009 |
CVE-2009-0277 | Unspecified vulnerability in the kernel in OpenSolaris snv_100 through snv_102 on the Sun UltraSPARC T2 and T2+ sun4v platforms allows local users to cause a denial of service (panic) via unknown vectors. | High | Jan 27, 2009 |
CVE-2009-0279 | SQL injection vulnerability in comentar.php in Pardal CMS 0.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | High | Jan 27, 2009 |
CVE-2009-0280 | Asp Project Management 1.0 allows remote attackers to bypass authentication and gain administrative access by setting the crypt cookie to 1. | High | Jan 27, 2009 |
CVE-2009-0281 | SQL injection vulnerability in login.aspx in WarHound Walking Club allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. | High | Jan 27, 2009 |
CVE-2009-0282 | Integer overflow in Ralink Technology USB wireless adapter (RT73) 3.08 for Windows, and other wireless card drivers including rt2400, rt2500, rt2570, and rt61, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Probe Request packet with a long SSID, possibly related to an integer signedness error. | High | Jan 29, 2009 |
CVE-2009-0284 | SQL injection vulnerability in category.php in Flax Article Manager 1.1 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | High | Jan 27, 2009 |
CVE-2009-0287 | SQL injection vulnerability in lib/patUser.php in KEEP Toolkit before 2.5.1 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password. | High | Jan 27, 2009 |
CVE-2009-0291 | Directory traversal vulnerability in fc.php in OpenX 2.6.3 allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the MAX_type parameter. | High | Jan 28, 2009 |
CVE-2009-0292 | SQL injection vulnerability in show_cat2.php in SHOP-INET 4 allows remote attackers to execute arbitrary SQL commands via the grid parameter. | High | Jan 28, 2009 |
CVE-2009-0293 | SQL injection vulnerability in profile_view.php in Wazzum Dating Software, possibly 2.0, allows remote attackers to execute arbitrary SQL commands via the userid parameter. | High | Jan 29, 2009 |
CVE-2009-0296 | SQL injection vulnerability in shop_display_products.php in Script Toko Online 5.01 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. | High | Jan 28, 2009 |
CVE-2009-0297 | SQL injection vulnerability in login_check.asp in ClickAuction allows remote attackers to execute arbitrary SQL commands via the (1) txtEmail and (2) txtPassword parameters. NOTE: some of these details are obtained from third party information. | High | Jan 29, 2009 |
CVE-2009-0298 | Heap-based buffer overflow in MW6 Technologies Barcode ActiveX control (Barcode.MW6Barcode.1, Barcode.dll) 3.0.0.1 allows remote attackers to execute arbitrary code via a long Supplement property. | High | Jan 29, 2009 |
CVE-2009-0299 | SQL injection vulnerability in index.php in Groone GLinks 2.1 allows remote attackers to execute arbitrary SQL commands via the cat parameter. | High | Jan 28, 2009 |
CVE-2009-0304 | The kernel in Sun Solaris 10 and 11 snv_101b, and OpenSolaris before snv_108, allows remote attackers to cause a denial of service (system crash) via a crafted IPv6 packet, related to an insufficient validation security vulnerability, as demonstrated by SunOSipv6.c. | High | Jan 31, 2009 |
CVE-2009-0305 | Buffer overflow in the Research in Motion RIM AxLoader ActiveX control in AxLoader.ocx and AxLoader.dll in BlackBerry Application Web Loader 1.0 allows remote attackers to execute arbitrary code via unspecified vectors. | High | Feb 11, 2009 |
CVE-2009-0306 | Buffer overflow in the IBM Lotus Notes Intellisync ActiveX control in lnresobject.dll in BlackBerry Desktop Manager in Research In Motion (RIM) BlackBerry Desktop Software before 5.0.1 allows remote attackers to execute arbitrary code via a crafted web page. NOTE: some of these details are obtained from third party information. | High | Nov 12, 2009 |
CVE-2009-0310 | Buffer overflow in SUSE blinux (aka sbl) in SUSE openSUSE 10.3 through 11.0 has unknown impact and attack vectors related to incoming data and authentication-strings.Following information confirms LOCAL Access Vector reported in Hyperlink Record 1058524:http://xforce.iss.net/xforce/xfdb/48797 The SUSE blinux (sbl) package is vulnerable to a buffer overflow. By sending a specially-crafted request, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. | High | Feb 22, 2009 |
CVE-2009-0311 | The Backbone service (ftbackbone.exe) in EMC AutoStart before 5.3 SP2 allows remote attackers to execute arbitrary code via a packet with a crafted value that is dereferenced as a function pointer. | High | Jan 28, 2009 |
CVE-2009-0323 | Multiple stack-based buffer overflows in W3C Amaya Web Browser 10.0 and 11.0 allow remote attackers to execute arbitrary code via (1) a long type parameter in an input tag, which is not properly handled by the EndOfXmlAttributeValue function; (2) an HTML GI in a start tag, which is not properly handled by the ProcessStartGI function; and unspecified vectors in (3) html2thot.c and (4) xml2thot.c, related to the msgBuffer variable. NOTE: these are different vectors than CVE-2008-6005. | High | Jan 29, 2009 |
CVE-2009-0324 | Multiple SQL injection vulnerabilities in BibCiter 1.4 allow remote attackers to execute arbitrary SQL commands via the (1) idp parameter to reports/projects.php, the (2) idc parameter to reports/contacts.php, and the (3) idu parameter to reports/users.php. | High | Jan 29, 2009 |
CVE-2009-0326 | SQL injection vulnerability in login.php in Dark Age CMS 0.2c beta allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | High | Jan 29, 2009 |
CVE-2009-0327 | SQL injection vulnerability in readbible.php in Free Bible Search PHP Script 1.0 allows remote attackers to execute arbitrary SQL commands via the version parameter. | High | Jan 29, 2009 |
CVE-2009-0329 | SQL injection vulnerability in the PcCookBook (com_pccookbook) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the recipe_id parameter in a viewrecipe action to index.php, a different vector than CVE-2008-0844. | High | Jan 29, 2009 |
CVE-2009-0331 | Directory traversal vulnerability in gallery/comment.php in Enhanced Simple PHP Gallery (ESPG) 1.72 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. NOTE: the vulnerability may be in my little homepage Comment script. If so, then this should not be treated as a vulnerability in ESPG. | High | Jan 30, 2009 |