CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,548 vulnerabilities with CWE-94
CVE-2010-1259
Microsoft Internet Explorer <8 - RCE
CVE-2010-1255
Windows Multiple Versions - Local Code Execution via TrueType Font Parsing
CVE-2010-0811
Microsoft Internet Explorer 8 - RCE
CVE-2010-1263
Microsoft Office - Remote Code Execution via Crafted File COM Object Validation
CVE-2010-1256
Microsoft IIS 6.0, 7.0, and 7.5 - Authenticated Remote Code Execution via Token Checking Memory Corruption
CVE-2010-1253
Microsoft Excel 2002 SP3, 2007 SP1-SP2, Office 2004-2008 for Mac - Remote Code Execution via Crafted DBQueryExt Records
CVE-2010-1252
Microsoft Excel 2002 SP3 and Office 2004 for Mac - Remote Code Execution via Crafted Excel File
CVE-2010-1251
Microsoft Excel 2002 SP3 and Office 2004 for Mac - Remote Code Execution via Crafted Excel File
CVE-2010-1250
Microsoft Office <2008 - Buffer Overflow
CVE-2010-1249
Microsoft Office <2008 - Buffer Overflow
CVE-2010-1248
Microsoft Office Excel <2004 - Buffer Overflow
CVE-2010-1247
Microsoft Office Excel 2002 SP3 - RCE
CVE-2010-1246
Microsoft Office Excel 2002 SP3 - Buffer Overflow
CVE-2010-1245
Microsoft Office <2008 for Mac - RCE
CVE-2010-0824
Microsoft Office Excel 2002 SP3 & Office 2004 for Mac - RCE
CVE-2010-0823
Microsoft Excel - Remote Code Execution via Crafted Excel File
CVE-2010-0822
MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow
CVE-2010-0821
Microsoft Office < - Code Injection
CVE-2010-2146
Visitor Logger - Remote Code Execution via VL_include_path Parameter
CVE-2010-2145
ClearSite Beta 4.50 - Remote Code Execution via cs_base_path Parameter
CVE-2010-2137
ProMan < 0.1.1 - Remote Code Execution via _center.php Page Parameter
CVE-2010-2132
Danny HO Oes - Code Injection
CVE-2010-2127
jv2_folder_gallery 3.1 - Remote Code Execution via lang_file Parameter
CVE-2010-2126
Snipe Gallery 3.1.5 - Remote Code Execution via cfg_admin_path Parameter
CVE-2010-1546
Chaos Tool Suite 6.x <6.x-1.4 - Command Injection
Details
Vulnerabilities
6,548
Exploit Likelihood
Medium