CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,548 vulnerabilities with CWE-94
CVE-2010-2748
Microsoft Word <2004 - Code Injection
CVE-2010-2747
Microsoft Word <2002 SP3-Office 2004 - RCE
CVE-2010-2745
Microsoft Windows Media Player <12 - Code Injection
CVE-2010-3085
Mednafen < 0.8.D - Remote Code Execution via Network Play
CVE-2010-3088
pidgin-knotify < 0.2.1 - Remote Code Execution via Shell Metacharacters in Message
CVE-2010-3625
Adobe Acrobat and Reader 9.x < 9.4 and 8.x < 8.2.5 - Remote Code Execution via Prefix Protocol Handler
CVE-2010-3761
IBM Tivoli Storage Manager FastBack 5.5.0.0-5.5.6.0 and 6.1.0.0-6.1.0.1 - Remote Code Execution
CVE-2010-3759
IBM Tivoli Storage Manager FastBack 5.5.0.0-5.5.6.0 & 6.1.0.0-6.1.0.1 - Remote Code Execution
CVE-2010-3758
IBM Tivoli Storage Manager FastBack 5.5.0.0-5.5.6.0 & 6.1.0.0-6.1.0.1 - Remote Code Execution
CVE-2010-3308
Openswan 2.6.26-2.6.28 - Authenticated Remote Code Execution via Long cisco_banner Field
CVE-2010-3742
Free Simple CMS 1.0 - Remote Code Execution via Meta or PHPINCDIR Parameter
CVE-2010-3307
Free Simple CMS <= 1.0 - Remote Code Execution via Theme Parameter Injection
CVE-2010-3429
FFmpeg <0.6 - Remote Code Execution
CVE-2010-3313
EGroupware <1.6.003-9.2.20100309 - Command Injection
CVE-2010-3419
Haudenschilt Family Connections CMS 2.2.3 - Remote Code Execution via current_user_id Parameter
CVE-2010-2567
Windows XP SP2/SP3 and Server 2003 SP2 - Remote Code Execution via Malformed RPC Response
CVE-2010-2563
Windows XP SP2/SP3 and Server 2003 SP2 - Remote Code Execution via Malformed Word 97 Document
CVE-2010-0818
Windows MPEG-4 Codec - Remote Code Execution via Crafted Media Content
CVE-2010-0155
IBM Proventia Network Mail Security System Authenticated HTTP Response Splitting via javaVersion Parameter
CVE-2010-2766
Mozilla Firefox <3.5.12 & <3.6.9 - RCE
CVE-2010-2240
Linux Kernel < 2.6.27.52, 2.6.32.x < 2.6.32.19, 2.6.34.x < 2.6.34.4, 2.6.35.x < 2.6.35.2 - RCE via Shared Memory
CVE-2010-3210
Multi-lingual E-Commerce System 0.2 - RCE
CVE-2010-3209
Seagull 0.6.7 - Remote File Inclusion via Multiple Parameters
CVE-2010-3206
diy-cms 1.0 - Remote Code Execution via PHP File Inclusion
CVE-2010-3205
Textpattern CMS 4.2.0 - Remote Code Execution via index.php inc Parameter
Details
Vulnerabilities
6,548
Exploit Likelihood
Medium