CVE-2006-0223

CVE-2006-0223 - Directory traversal vulnerability in Shanghai TopCMM 123 Flash Chat Server Software 5.1 allows attackers to create or overwrite arbitrary files on the server via ".." (dot dot) sequences in the username field. ...
6 years ago

CVE-2009-1137 - Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 4.0 native file format, leading to memory corruption, aka "Legacy File Format ...
5 years ago

CVE-2009-0222 - Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 4.0 native file format, leading to a "pointer overwrite" and memory ...
5 years ago

CVE-2009-0223 - Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 4.0 native file format, leading to memory corruption, aka "Legacy File Format ...
5 years ago

CVE-2009-0227 - Stack-based buffer overflow in the PowerPoint 4.2 conversion filter (PP4X32.DLL) in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via a large number of structures in sound data in a ...
5 years ago

CVE-2009-0226 - Stack-based buffer overflow in the PowerPoint 4.2 conversion filter in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via a long string in sound data in a file that uses a PowerPoint 4.0 ...
5 years ago

Google Patches Six Vulnerabilities With First Chrome Update of 2024 - Google on Wednesday announced the first Chrome security update of 2024, which resolves six vulnerabilities, including four reported by external researchers. All the four externally reported security defects are high-severity memory safety flaws, but ...
6 months ago Securityweek.com

CVE-2012-0224 - Untrusted search path vulnerability in 7-Technologies (7T) AQUIS 1.5 and earlier allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2012-0223. Per: ...
12 years ago

CVE-2012-0223 - Untrusted search path vulnerability in 7-Technologies (7T) TERMIS 2.10 and earlier allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2012-0224. Per: ...
12 years ago

CVE-2017-0252 - A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from ...
7 years ago

CVE-2017-0223 - A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. aka "Scripting Engine Memory Corruption Vulnerability". This vulnerability is unique from ...
6 years ago

CVE-2007-0316 - Multiple SQL injection vulnerabilities in All In One Control Panel (AIOCP) 1.3.010 and earlier, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) xuser_name parameter to ...
6 years ago

CVE-2000-0223 - Buffer overflow in the wmcdplay CD player program for the WindowMaker desktop allows local users to gain root privileges via a long parameter. ...
15 years ago

CVE-2002-0223 - Infopop UBB.Threads 5.4 and Wired Community Software WWWThreads 5.0 through 5.0.9 allows remote attackers to upload arbitrary files by using a filename that contains an accepted extension, but ends in a different extension. ...
15 years ago

CVE-2011-0223 - WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in ...
12 years ago

CVE-2013-4669 - FortiClient before 4.3.5.472 on Windows, before 4.0.3.134 on Mac OS X, and before 4.0 on Android; FortiClient Lite before 4.3.4.461 on Windows; FortiClient Lite 2.0 through 2.0.0223 on Android; and FortiClient SSL VPN before 4.0.2258 on Linux proceed ...
8 years ago

CVE-2005-0223 - The Software Development Kit (SDK) and Run Time Environment (RTE) 1.4.1 and 1.4.2 for Tru64 UNIX allows remote attackers to cause a denial of service (Java Virtual Machine hang) via object deserialization. ...
7 years ago

CVE-2007-0223 - SQL injection vulnerability in shared/code/cp_functions_downloads.php in Nicola Asuni All In One Control Panel (AIOCP) before 1.3.009 allows remote attackers to execute arbitrary SQL commands via the download_category parameter. ...
6 years ago

CVE-2008-0223 - Buffer overflow in JustSystems JSFC.DLL, as used in multiple JustSystems products such as Ichitaro, allows remote attackers to execute arbitrary code via a crafted .JTD file. ...
6 years ago

CVE-2001-0223 - Buffer overflow in wwwwais allows remote attackers to execute arbitrary commands via a long QUERY_STRING (HTTP GET request). ...
6 years ago

CVE-2015-0223 - Unspecified vulnerability in Apache Qpid 0.30 and earlier allows remote attackers to bypass access restrictions on qpidd via unknown vectors, related to 0-10 connection handling. ...
6 years ago

CVE-2016-0223 - Cross-site scripting (XSS) vulnerability in the Webform Framework API in IBM Forms Server 4.0.x, 8.0.x, 8.1, and 8.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 110006. ...
6 years ago

CVE-2010-0223 - Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler Elite Privacy Edition (DTEP) USB flash drives do not prevent password replay attacks, which allows physically proximate attackers to access the ...
5 years ago

CVE-1999-0223 - Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry. ...
5 years ago

CVE-2018-0223 - A vulnerability in DesktopServlet in the web-based management interface of Cisco Security Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based interface. The ...
4 years ago