Vulnerabilities > Microsoft > Windows 95
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-02-06 | CVE-2003-1569 | Improper Input Validation vulnerability in Goahead Webserver GoAhead WebServer before 2.1.5 on Windows 95, 98, and ME allows remote attackers to cause a denial of service (daemon crash) via an HTTP request with a (1) con, (2) nul, (3) clock$, or (4) config$ device name in a path component, different vectors than CVE-2001-0385. | 5.0 |
2009-01-15 | CVE-1999-1593 | Link Following vulnerability in Microsoft Windows 2000, Windows 95 and Windows 98 Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain controller to point to a malicious server. | 7.6 |
2007-05-17 | CVE-2007-2736 | Remote File Include vulnerability in Achievo 1.1.0 PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter. | 10.0 |
2007-05-16 | CVE-2007-1898 | Unspecified vulnerability in Jetbox CMS 2.1 formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters. | 5.8 |
2007-04-24 | CVE-2007-2186 | Denial of Service vulnerability in Foxit PDF Reader 2.0 Foxit Reader 2.0 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document. | 5.0 |
2007-02-23 | CVE-2006-7039 | Remote Denial Of Service vulnerability in Atrium Software Mercur Messaging 2005 5.0Sp3 The IMAP4 service in MERCUR Messaging 2005 before Service Pack 4 allows remote attackers to cause a denial of service (crash) via a message with a long subject field. | 5.0 |
2007-02-23 | CVE-2006-7037 | Local Security vulnerability in Mathsoft Mathcad 12/13/13.1 Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows attackers to (1) bypass password protection by replacing the password field with a hash of a known password, (2) modify timestamps to avoid detection of modifications, (3) remove locks by removing the "is-locked" attribute, and (4) view locked data, which is stored in plaintext. | 4.4 |
2007-02-23 | CVE-2006-7034 | SQL-Injection vulnerability in Super Link Exchange Script Super Link Exchange Script 1.0 SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter. network low complexity apple hp ibm linux microsoft santa-cruz-operation sun windriver super-link-exchange-script | 7.5 |
2007-02-21 | CVE-2007-1043 | Authentication Bypass vulnerability in Ezboo Webstats 3.0.3 Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php. | 7.5 |
2006-12-04 | CVE-2006-6261 | Remote Memory Corruption vulnerability in Quinnware Quintessential Player Playlist Files Buffer overflow in Quintessential Player 4.50.1.82 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) M3u or (2) M3u-8 file; or a (3) crafted PLS file with a long value in the (a) NumberofEntries, (b) Length (aka Length1), (c) Filename (aka File1), (d) Title (aka Title1) field, or other unspecified fields. | 9.3 |