CWE-94
Medium likelihoodImproper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
6,548 vulnerabilities with CWE-94
CVE-2009-1571
Firefox 3.0.x-3.0.17 and 3.5.x-3.5.7 - Remote Code Execution via HTML Parser Use-After-Free
CVE-2009-4646
Accellion Secure File Transfer Appliance - Code Injection
CVE-2009-3302
Apache OpenOffice < 3.2.0 - Remote Code Execution via Crafted Word Document
CVE-2009-3735
Panda ActiveScan Installer 2.0 - Remote Code Execution via Unverified ActiveX Control Download
CVE-2009-4636
FFmpeg 0.5 - Denial of Service via Crafted File
CVE-2009-4635
FFmpeg 0.5 - Stack-Based Buffer Overflow via Crafted MOV Container
CVE-2009-4273
stap-server <1.1 - Command Injection
CVE-2009-4623
Advanced Comment System 1.0 - Remote Code Execution via ACS_path Parameter
CVE-2009-4622
Drunken:Golem Gaming Portal 0.5.1 - RCE
CVE-2009-4614
Moa Gallery < 1.2.0 - Remote Code Execution via MOA_PATH Parameter
CVE-2009-4491
CRITICAL
thttpd 2.25b0 - Remote Code Execution via Terminal Emulator Escape Sequence
CVSS 9.8
CVE-2009-3954
Adobe Reader/Acrobat <9.3-8.2 - RCE
CVE-2009-4604
Fernando Soares Mamboleto <2.0 RC3 - RCE
CVE-2009-4543
Cromosoft Technologies Facil Helpdesk 2.3 Lite - RCE
CVE-2009-4541
IsolSoft Support Center 2.5 - Remote Code Execution via Lang Parameter File Inclusion
CVE-2009-4472
PHPope < 1.0.0 - Remote Code Execution via GLOBALS Parameter Manipulation
CVE-2009-4471
FreeSchool < 1.1.0 - Remote Code Execution via CLASSPATH Parameter
CVE-2009-4431
com_jcalpro 1.5.3.6 - Remote Code Execution via mosConfig_absolute_path Parameter
CVE-2009-4035
gpdf 2.8.2 - Remote Code Execution via Crafted Type 1 Font
CVE-2009-3986
Mozilla Firefox <3.0.16 & 3.5.x <3.5.6 - XSS
CVE-2009-4319
eocms < 0.9.03 - Remote Code Execution via BBCODE_path Parameter
CVE-2009-4312
Microsoft Windows Indeo Codec - Remote Code Execution via Crafted Media Content
CVE-2009-4311
Microsoft Windows Indeo Codec - Remote Code Execution via Crafted Media Content
CVE-2009-4210
Microsoft Windows - Memory Corruption
CVE-2009-3796
Adobe AIR < 1.5.3 and Flash Player < 10.0.42.34 - Remote Code Execution
Details
Vulnerabilities
6,548
Exploit Likelihood
Medium