CVE-2006-0008

HIGH Year: 2006
CVSS v2 Score
7.2
High
Weakness Type
CWE-264
View all →

Vulnerability Description

The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, which executes Notepad with the privileges of the program that displays the about box.

Related Vulnerabilities

CVE-2015-7425

CRITICAL
CVSS:10.0(Critical)

The Data Protection component in the VMware vSphere GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.3 before 6....

CWE-2642015

CVE-2015-7919

CRITICAL
CVSS:10.0(Critical)

SearchBlox 8.3 before 8.3.1 allows remote attackers to write to the config file, and consequently cause a denial of service (application crash), via unspecified vectors.

CWE-2642015

CVE-2015-8267

CRITICAL
CVSS:10.0(Critical)

The PasswordReset.Controllers.ResetController.ChangePasswordIndex method in PasswordReset.dll in Dovestones AD Self Password Reset before 3.0.4.0 allows remote attackers to reset arbitrary passwords v...

CWE-2642015

CVE-2016-7457

CRITICAL
CVSS:10.0(Critical)

VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to gain privileges, or halt and remove virtual machines, via unspecified vectors.

CWE-2642016

CVE-2016-8363

CRITICAL
CVSS:10.0(Critical)

An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RT...

CWE-2642016

CVE-2015-7411

CRITICAL
CVSS:9.9(Critical)

The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 allows remote authenticated users to gain privileges via unspecified vectors.

CWE-2642015