Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): zoom
- Search Type: Search All
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2009-3918 |
Cross-site scripting (XSS) vulnerability in the Zoomify module 5.x before 5.x-2.2 and 6.x before 6.x-1.4, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via the node title. Published: November 09, 2009; 12:30:00 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-0076 |
Microsoft Internet Explorer 7, when XHTML strict mode is used, allows remote attackers to execute arbitrary code via the zoom style directive in conjunction with unspecified other directives in a malformed Cascading Style Sheets (CSS) stylesheet in a crafted HTML document, aka "CSS Memory Corruption Vulnerability." Published: February 10, 2009; 5:30:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2008-4922 |
Buffer overflow in the DjVu ActiveX Control 3.0 for Microsoft Office (DjVu_ActiveX_MSOffice.dll) allows remote attackers to execute arbitrary code via a long (1) ImageURL property, and possibly the (2) Mode, (3) Page, or (4) Zoom properties. Published: November 04, 2008; 4:00:05 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-6533 |
Buffer overflow in Zoom Player 6.00 beta 2 and earlier allows user-assisted remote attackers to execute arbitrary code via an HTTP link to a PLS file in a crafted ZPL file, which causes an overflow in Unicode handling when generating an error message. Published: December 27, 2007; 6:46:00 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2007-2920 |
Multiple stack-based buffer overflows in the Zoomify Viewer ActiveX control in ZActiveX.dll might allow remote attackers to execute arbitrary code via unspecified vectors. Published: June 11, 2007; 6:30:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-1920 |
SQL injection vulnerability in index.php in the aktualnosci module in SmodBIP 1.06 and earlier allows remote attackers to execute arbitrary SQL commands via the zoom parameter, possibly related to home.php. Published: April 10, 2007; 7:19:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2006-5065 |
PHP remote file inclusion vulnerability in libs/dbmax/mysql.php in ZoomStats 1.0.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[lib][db][path] parameter. Published: September 27, 2006; 8:07:00 PM -0400 |
V3.x:(not available) V2.0: 5.1 MEDIUM |
CVE-2006-3022 |
Cross-site scripting (XSS) vulnerability in zoom.php in fipsGallery 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the path parameter. Published: June 15, 2006; 6:02:00 AM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2005-3178 |
Buffer overflow in xloadimage 4.1 and earlier, and xli, might allow user-assisted attackers to execute arbitrary code via a long title name in a NIFF file, which triggers the overflow during (1) zoom, (2) reduce, or (3) rotate operations. Published: October 07, 2005; 2:02:00 PM -0400 |
V3.x:(not available) V2.0: 5.1 MEDIUM |
CVE-2005-1079 |
SQL injection vulnerability in index.php for zOOm Media Gallery 2.1.2 allows remote attackers to execute arbitrary SQL commands via the catid parameter. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2004-0680 |
Zoom X3 ADSL modem has a terminal running on port 254 that can be accessed using the default HTML management password, even if the password has been changed for the HTTP interface, which could allow remote attackers to gain unauthorized access. Published: August 06, 2004; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2003-1498 |
Cross-site scripting (XSS) vulnerability in search.php for WRENSOFT Zoom Search Engine 2.0 Build 1018 and earlier allows remote attackers to inject arbitrary web script or HTML via the zoom_query parameter. Published: December 31, 2003; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |