Vulnerabilities > Microsoft > Windows 98Se
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-05-17 | CVE-2007-2736 | Remote File Include vulnerability in Achievo 1.1.0 PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the config_atkroot parameter. | 10.0 |
2007-05-16 | CVE-2007-1898 | Unspecified vulnerability in Jetbox CMS 2.1 formmail.php in Jetbox CMS 2.1 allows remote attackers to send arbitrary e-mails (spam) via modified recipient, _SETTINGS[allowed_email_hosts][], and subject parameters. | 5.8 |
2007-04-24 | CVE-2007-2186 | Denial of Service vulnerability in Foxit PDF Reader 2.0 Foxit Reader 2.0 allows remote attackers to cause a denial of service (application crash) via a crafted PDF document. | 5.0 |
2007-02-23 | CVE-2006-7039 | Remote Denial Of Service vulnerability in Atrium Software Mercur Messaging 2005 5.0Sp3 The IMAP4 service in MERCUR Messaging 2005 before Service Pack 4 allows remote attackers to cause a denial of service (crash) via a message with a long subject field. | 5.0 |
2007-02-23 | CVE-2006-7037 | Local Security vulnerability in Mathsoft Mathcad 12/13/13.1 Mathcad 12 through 13.1 allows local users to bypass the security features by directly accessing or editing the XML representation of the worksheet with a text editor or other program, which allows attackers to (1) bypass password protection by replacing the password field with a hash of a known password, (2) modify timestamps to avoid detection of modifications, (3) remove locks by removing the "is-locked" attribute, and (4) view locked data, which is stored in plaintext. | 4.4 |
2007-02-23 | CVE-2006-7034 | SQL-Injection vulnerability in Super Link Exchange Script Super Link Exchange Script 1.0 SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter. network low complexity apple hp ibm linux microsoft santa-cruz-operation sun windriver super-link-exchange-script | 7.5 |
2007-02-21 | CVE-2007-1043 | Authentication Bypass vulnerability in Ezboo Webstats 3.0.3 Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to (1) update.php and (2) config.php. | 7.5 |
2006-06-13 | CVE-2006-1313 | Unspecified vulnerability in Microsoft products Microsoft JScript 5.1, 5.5, and 5.6 on Windows 2000 SP4, and 5.6 on Windows XP, Server 2003, Windows 98 and Windows Me, will "release objects early" in certain cases, which results in memory corruption and allows remote attackers to execute arbitrary code. network microsoft | 6.8 |
2006-06-13 | CVE-2006-2376 | Numeric Errors vulnerability in Microsoft Windows 98, Windows 98Se and Windows ME Integer overflow in the PolyPolygon function in Graphics Rendering Engine on Microsoft Windows 98 and Me allows remote attackers to execute arbitrary code via a Windows Metafile (WMF) or EMF image with a sum of entries in the vertext counts array and number of polygons that triggers a heap-based buffer overflow. | 7.5 |
2006-04-12 | CVE-2006-0012 | Remote Code Execution vulnerability in Microsoft Windows Shell COM Object Unspecified vulnerability in Windows Explorer in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers to execute arbitrary code via attack vectors involving COM objects and "crafted files and directories," aka the "Windows Shell Vulnerability." | 5.1 |