Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-05-22 | CVE-2009-1783 | Improper Input Validation vulnerability in F-Prot Antivirus, F-Prot Aves and F-Prot Milter Multiple FRISK Software F-Prot anti-virus products, including Antivirus for Exchange, Linux on IBM zSeries, Linux x86 File Servers, Linux x86 Mail Servers, Linux x86 Workstations, Solaris Mail Servers, Antivirus for Windows, and others, allow remote attackers to bypass malware detection via a crafted CAB archive. | 10.0 |
| 2009-05-22 | CVE-2009-1774 | Path Traversal vulnerability in Strawberry 1.1.1 Directory traversal vulnerability in plugins/ddb/foot.php in Strawberry 1.1.1 allows remote attackers to include and execute arbitrary local files via a .. | 9.3 |
| 2009-05-22 | CVE-2009-1759 | Buffer Errors vulnerability in Rahul Ctorrent and Dtorrent Stack-based buffer overflow in the btFiles::BuildFromMI function (trunk/btfiles.cpp) in Enhanced CTorrent (aka dTorrent) 3.3.2 and probably earlier, and CTorrent 1.3.4, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Torrent file containing a long path. | 9.3 |
| 2009-05-21 | CVE-2009-1745 | Credentials Management vulnerability in Armorlogic Profense web Application Firewall 2.4 Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, has a default root password hash, and permits password-based root logins over SSH, which makes it easier for remote attackers to obtain access. | 10.0 |
| 2009-05-21 | CVE-2009-1161 | Path Traversal vulnerability in Cisco products Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors. | 10.0 |
| 2009-05-21 | CVE-2009-1743 | Path Traversal vulnerability in Pinnaclesys Pinnacle Studio 12 Directory traversal vulnerability in InstallHFZ.exe 6.5.201.0 in Pinnacle Hollywood Effects 6, a module in Pinnacle Systems Pinnacle Studio 12, allows remote attackers to create and overwrite arbitrary files via a filename containing a ..\ (dot dot backslash) sequence in a Hollywood FX Compressed Archive (.hfz) file. | 9.3 |
| 2009-05-20 | CVE-2009-1740 | Buffer Errors vulnerability in Dlink Mpeg4 Viewer Activex Control 2.11.918.2006 Multiple heap-based buffer overflows in the D-Link MPEG4 Viewer ActiveX Control (csviewer.ocx) 2.11.918.2006 allow remote attackers to execute arbitrary code via a long argument to the (1) SetFilePath and (2) SetClientCookie methods. | 9.3 |
| 2009-05-18 | CVE-2009-1675 | Buffer Errors vulnerability in Electrasoft 32Bit FTP 09.04.24 Stack-based buffer overflow in ElectraSoft 32bit FTP 09.04.24 allows remote FTP servers to execute arbitrary code via a long 227 reply to a PASV command. | 9.3 |
| 2009-05-18 | CVE-2009-1674 | Buffer Errors vulnerability in Microchip Mplab IDE 8.30 Stack-based buffer overflow in Microchip MPLAB IDE 8.30 allows user-assisted remote attackers to execute arbitrary code via a long .cof pathname in a [TOOL_SETTINGS] section in a .mcp file, possibly a related issue to CVE-2009-1608. | 9.3 |
| 2009-05-18 | CVE-2009-1669 | Improper Input Validation vulnerability in Smarty 2.6.22 The smarty_function_math function in libs/plugins/function.math.php in Smarty 2.6.22 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in the equation attribute of the math function. | 10.0 |