CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,548 vulnerabilities with CWE-94
CVE-2010-0975
PHPCityPortal - Remote Code Execution via external.php URL Parameter
CVE-2010-0966
deV!L`z Clanportal 1.5.2 - Code Injection
CVE-2010-0046
Safari < 4.0.5 - Remote Code Execution via CSS Format Argument Handling
CVE-2010-0043
Apple Safari < 4.0.5 - Remote Code Execution via Crafted TIFF Image
CVE-2010-0264
Microsoft Excel - Remote Code Execution via Crafted Spreadsheet
CVE-2010-0263
Microsoft Office Excel - Remote Code Execution via Crafted XLSX File
CVE-2010-0262
Microsoft Excel 2007 SP1-SP2 and Office 2004 for Mac - Remote Code Execution via Crafted Spreadsheet
CVE-2010-0260
Microsoft Office Excel 2007 SP1-SP2 - Remote Code Execution via MDXTUPLE Record Heap Overflow
CVE-2010-0257
Microsoft Excel 2002 SP3 - Remote Code Execution via Crafted Spreadsheet
CVE-2010-0103
Energizer DUO USB - Remote Code Execution via TCP Port 7777
CVE-2010-0483
Microsoft Windows VBScript - Remote Code Execution via MsgBox Help File Argument
CVE-2010-0755
WikyBlog 1.7.3 rc2 - Remote Code Execution via LangFile Parameter
CVE-2010-0678
Katalog Stron Hurricane 1.3.5 - Remote Code Execution via includes_directory Parameter
CVE-2010-0647
WebKit < r53525 - Remote Code Execution via Malformed RUBY Element
CVE-2010-0187
Adobe AIR < 1.5.3.9130 and Flash Player < 10.0.45.2 - Denial of Service via Modified SWF File
CVE-2010-0252
Microsoft Data Analyzer ActiveX Control - Remote Code Execution via Crafted Web Page
CVE-2010-0241
Windows Vista and Server 2008 - Remote Code Execution via ICMPv6 Route Information Packet
CVE-2010-0240
Windows Vista and Server 2008 - Remote Code Execution via ESP over UDP Packet Handling
CVE-2010-0239
Windows Vista and Server 2008 - Remote Code Execution via ICMPv6 Router Advertisement
CVE-2010-0032
Microsoft PowerPoint 2002 SP3 and 2003 SP3 - Use-After-Free via Crafted PowerPoint Document
CVE-2010-0031
Microsoft Office PowerPoint - Remote Code Execution via Crafted PowerPoint Document
CVE-2010-0020
Microsoft Windows - Remote Code Execution via Malformed SMB Request
CVE-2010-0248
HIGH
Microsoft Internet Explorer 6, 6 SP1, 7, 8 - Remote Code Execution via Memory Corruption
CVSS 8.1
CVE-2010-0247
Internet Explorer 5.01 SP4, 6, 6 SP1 - Remote Code Execution via Uninitialized Memory Corruption
CVE-2010-0246
Microsoft Internet Explorer 8 - Remote Code Execution via Uninitialized Memory Corruption
Details
Vulnerabilities
6,548
Exploit Likelihood
Medium