NVD List
Id | Name | Description | Reject | CVSS Version | CVSS Score | Severity | Pub Date | Modified Date | Actions |
---|---|---|---|---|---|---|---|---|---|
47886 | CVE-2009-0555 | Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses the Windows Media Speech codec, aka "Windows Media Runtime Voice Sample Rate Vulnerability." | 2 | 9.3 | High | 2017-01-07 | 2010-08-21 | View | |
48142 | CVE-2009-0827 | PollHelper stores poll.inc under the web root with insufficient access control, which allows remote attackers to download the database file containing user credentials via a direct request. | 2 | 5 | Medium | 2017-01-07 | 2009-03-06 | View | |
48398 | CVE-2009-1088 | Hannon Hill Cascade Server 5.7 and other versions allows remote authenticated users to execute arbitrary programs or Java code via a crafted XSLT stylesheet with "extension elements and extension functions" that trigger code execution by Xalan-Java, as demonstrated using xalan://java.lang.Runtime. | 2 | 9 | High | 2017-01-07 | 2009-10-05 | View | |
48654 | CVE-2009-1369 | moziloCMS 1.11 allows remote attackers to obtain sensitive information via the (1) gal[] parameter to gallery.php, (2) page[] and (3) cat[] parameter to index.php, or (4) file[] parameter to download.php, which reveals the installation path in an error message. | 2 | 5 | Medium | 2017-01-07 | 2009-04-23 | View | |
48910 | CVE-2009-1641 | Multiple stack-based buffer overflows in Mini-stream Ripper 3.0.1.1 allow remote attackers to execute arbitrary code via (1) a long rtsp URL in a .ram file and (2) a long string in the HREF attribute of a REF element in a .asx file. | 2 | 9.3 | High | 2017-01-07 | 2009-05-15 | View |
Page 1006 of 17672, showing 5 records out of 88360 total, starting on record 5026, ending on 5030