CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

52 matches found

Cvelist•added 2007/06/20 7:0 p.m.•19 views

CVE-2007-3285

Mozilla Firefox before 2.0.0.5, when run on Windows, allows remote attackers to bypass file type checks and possibly execute programs via a 1 file:/// or 2 resource: URI with a dangerous extension, followed by a NULL byte %00 and a safer extension, which causes Firefox to treat the requested file...

9.3AI score0.0196EPSS

Exploits3References22

Cvelist•added 2006/09/05 11:0 p.m.•20 views

CVE-2006-4542

Webmin before 1.296 and Usermin before 1.226 do not properly handle a URL with a null "%00" character, which allows remote attackers to conduct cross-site scripting XSS, read CGI program source code, list directories, and possibly execute programs...

6AI score0.02523EPSS

Exploits0References16

NVD•added 2004/12/23 5:0 a.m.•14 views

CVE-2004-0873

Apple iChat AV 2.1, AV 2.0, and 1.0.1 allows remote attackers to execute arbitrary programs via a "link" that references the program...

7.5CVSS7AI score0.00636EPSS

Exploits0References2

Cvelist•added 2004/11/24 5:0 a.m.•15 views

CVE-2004-1021

iCal before 1.5.4 on Mac OS X 10.2.3, and other later versions, does not alert the user when handling calendars that use alarms, which allows attackers to execute programs and send e-mail via alarms...

6.8AI score0.00489EPSS

Exploits0References2

NVD•added 2004/04/15 4:0 a.m.•14 views

CVE-2004-0364

The WrapNISUM ActiveX component WrapUM.dll in Norton Internet Security 2004 is marked safe for scripting, which allows remote attackers to execute arbitrary programs via the LaunchURL method...

7.5CVSS7.4AI score0.03034EPSS

Exploits0References8

NVD•added 2003/12/31 5:0 a.m.•17 views

CVE-2003-1378

Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone set to Internet Zone, allows remote attackers to execute arbitrary programs via an HTML email with the CODEBASE parameter set to the program, a vulnerability similar to CAN-2002-0077...

8.8CVSS7.2AI score0.42304EPSS

Exploits1References4

NVD•added 2001/07/21 4:0 a.m.•16 views

CVE-2001-0002

Internet Explorer 5.5 and earlier allows remote attackers to obtain the physical location of cached content and open the content in the Local Computer Zone, then use compiled HTML help .chm files to execute arbitrary programs...

7.5CVSS7AI score0.25604EPSS

Exploits0References6

securityvulns•added 2001/01/16 12:0 a.m.•31 views

Windows Media Player 7 and IE java vulnerability - executing arbitrary programs

Georgi Guninski security advisory 35, 2001 Windows Media Player 7 and IE java vulnerability - executing arbitrary programs Systems affected: Windows Media Player 7 and IE Risk: High Date: 15 January 2001 Legal Notice: This Advisory is Copyright c 2000 Georgi Guninski. You may distribute it...

0.8AI score

Exploits0

NVD•added 2001/01/09 5:0 a.m.•9 views

CVE-2000-1161

The installation of AdCycle banner management system leaves the build.cgi program in a web-accessible directory, which allows remote attackers to execute the program and view passwords or delete databases...

7.5CVSS6.9AI score0.00654EPSS

Exploits0References2

Cvelist•added 1999/09/29 4:0 a.m.•12 views

CVE-1999-0177

The uploader program in the WebSite web server allows a remote attacker to execute arbitrary programs...

7.3AI score0.00555EPSS

Exploits0References1

NVD•added 1999/03/17 5:0 a.m.•12 views

CVE-1999-0422

In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set...

4.6CVSS6.6AI score0.00073EPSS

Exploits0References1