CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In June 2011 (CVSS score >= 8)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2011-2530 119 DoS Exec Code Overflow 2011-06-22 2018-04-10
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in RSEds.dll in RSHWare.exe in the EDS Hardware Installation Tool 1.0.5.1 and earlier in Rockwell Automation RSLinx Classic before 2.58 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed .eds file.
2 CVE-2011-2475 134 Exec Code 2011-06-09 2011-06-14
10.0
None Remote Low Not required Complete Complete Complete
Format string vulnerability in ECTrace.dll in the iMailGateway service in the Internet Mail Gateway in OneBridge Server and DMZ Proxy in Sybase OneBridge Mobile Data Suite 5.5 and 5.6 allows remote attackers to execute arbitrary code via format string specifiers in unspecified string fields, related to authentication logging.
3 CVE-2011-2386 94 1 Exec Code 2011-06-08 2012-04-27
9.3
None Remote Medium Not required Complete Complete Complete
VisiWaveReport.exe in AZO Technologies, Inc. VisiWave Site Survey before 2.1.9 allows user-assisted remote attackers to execute arbitrary code via a (1) vws and (2) vwr file with an invalid Type property, which triggers an untrusted pointer dereference.
4 CVE-2011-2376 DoS Exec Code Mem. Corr. 2011-06-30 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and Thunderbird before 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
5 CVE-2011-2375 DoS Exec Code Mem. Corr. 2011-06-30 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 5.0 and Thunderbird through 3.1.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
6 CVE-2011-2374 DoS Exec Code Mem. Corr. 2011-06-30 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
7 CVE-2011-2371 189 Exec Code Overflow 2011-06-30 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object.
8 CVE-2011-2368 264 DoS Exec Code 2011-06-30 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict write operations, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
9 CVE-2011-2365 DoS Exec Code Mem. Corr. 2011-06-30 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2364.
10 CVE-2011-2364 DoS Exec Code Mem. Corr. 2011-06-30 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in the browser engine in Mozilla Firefox 3.6.x before 3.6.18 and Thunderbird before 3.1.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2365.
11 CVE-2011-2363 399 DoS Exec Code 2011-06-30 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a user-supplied callback.
12 CVE-2011-2331 189 Exec Code Overflow 2011-06-02 2017-08-28
10.0
None Remote Low Not required Complete Complete Complete
Integer overflow in img.exe in HP Intelligent Management Center (IMC) allows remote attackers to execute arbitrary code via a crafted length value in an a packet that triggers a heap-based buffer overflow, possibly related to an "recv" field.
13 CVE-2011-2330 264 2011-06-02 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 has an unspecified "built-in account" that is "trivially" accessed, which makes it easier for remote attackers to send requests to restricted pages via a session on TCP port 9495, a different vulnerability than CVE-2011-1220.
14 CVE-2011-2217 119 DoS Exec Code Overflow Mem. Corr. 2011-06-06 2017-08-28
9.3
None Remote Medium Not required Complete Complete Complete
Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (aka VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastructure 3, do not properly handle attempted initialization within Internet Explorer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document.
15 CVE-2011-2194 189 DoS Exec Code Overflow 2011-06-24 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow.
16 CVE-2011-2193 119 Overflow +Priv 2011-06-24 2018-10-09
8.5
None Remote Medium Single system Complete Complete Complete
Multiple buffer overflows in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 2.x before 2.4.14, 2.5.x before 2.5.6, and 3.x before 3.0.2 allow (1) remote authenticated users to gain privileges via a long Job_Name field in a qsub command to the server, and might allow (2) local users to gain privileges via vectors involving a long host variable in pbs_iff.
17 CVE-2011-2128 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2017-08-28
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2124, and CVE-2011-2127.
18 CVE-2011-2127 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2017-08-28
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2124, and CVE-2011-2128.
19 CVE-2011-2126 119 Exec Code Overflow 2011-06-16 2017-08-28
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.
20 CVE-2011-2125 119 Exec Code Overflow 2011-06-16 2017-08-28
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Dirapix.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.
21 CVE-2011-2124 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2017-08-28
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2127, and CVE-2011-2128.
22 CVE-2011-2123 189 Exec Code Overflow 2011-06-16 2011-10-11
9.3
None Remote Medium Not required Complete Complete Complete
Integer overflow in the Shockwave 3D Asset x32 component in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code via a crafted subrecord in a DEMX chunk, which triggers a heap-based buffer overflow.
23 CVE-2011-2122 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2018-10-09
9.3
None Remote Medium Not required Complete Complete Complete
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to rcsL substructures, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, and CVE-2011-2119.
24 CVE-2011-2121 189 Exec Code Overflow 2011-06-16 2011-10-04
9.3
None Remote Medium Not required Complete Complete Complete
Integer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.
25 CVE-2011-2120 189 Exec Code Overflow 2011-06-16 2011-10-04
9.3
None Remote Medium Not required Complete Complete Complete
Integer overflow in the CursorAsset x32 component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.
26 CVE-2011-2119 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-04
9.3
None Remote Medium Not required Complete Complete Complete
Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, and CVE-2011-2122.
27 CVE-2011-2118 20 Exec Code 2011-06-16 2011-10-04
9.3
None Remote Medium Not required Complete Complete Complete
The FLV ASSET Xtra component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors, related to an "input validation vulnerability."
28 CVE-2011-2117 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-04
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2124, CVE-2011-2127, and CVE-2011-2128.
29 CVE-2011-2116 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-04
9.3
None Remote Medium Not required Complete Complete Complete
IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2111 and CVE-2011-2115.
30 CVE-2011-2115 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-12
9.3
None Remote Medium Not required Complete Complete Complete
IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116.
31 CVE-2011-2114 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-04
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2117, CVE-2011-2124, CVE-2011-2127, and CVE-2011-2128.
32 CVE-2011-2113 119 Exec Code Overflow 2011-06-16 2011-10-04
9.3
None Remote Medium Not required Complete Complete Complete
Multiple buffer overflows in the Shockwave3DAsset component in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.
33 CVE-2011-2112 119 Exec Code Overflow 2011-06-16 2011-10-04
9.3
None Remote Medium Not required Complete Complete Complete
Multiple buffer overflows in IML32.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.
34 CVE-2011-2111 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2011-10-04
9.3
None Remote Medium Not required Complete Complete Complete
IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2115 and CVE-2011-2116.
35 CVE-2011-2110 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player before 10.3.181.26 on Windows, Mac OS X, Linux, and Solaris, and 10.3.185.23 and earlier on Android, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in June 2011.
36 CVE-2011-2109 189 Exec Code Overflow 2011-06-16 2011-10-04
9.3
None Remote Medium Not required Complete Complete Complete
Multiple integer overflows in Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.
37 CVE-2011-2108 Exec Code 2011-06-16 2017-08-28
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors, related to a "design flaw."
38 CVE-2011-2106 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
39 CVE-2011-2105 119 DoS Overflow Mem. Corr. 2011-06-16 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted font data.
40 CVE-2011-2103 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Reader and Acrobat 8.x before 8.3 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
41 CVE-2011-2102 Bypass 2011-06-16 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in Adobe Reader and Acrobat before 10.1 on Windows and Mac OS X allows attackers to bypass intended access restrictions via unknown vectors.
42 CVE-2011-2101 94 Exec Code 2011-06-16 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X do not properly restrict script, which allows attackers to execute arbitrary code via a crafted document, related to a "cross document script execution vulnerability."
43 CVE-2011-2099 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2098.
44 CVE-2011-2098 119 DoS Exec Code Overflow Mem. Corr. 2011-06-16 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2099.
45 CVE-2011-2097 119 Exec Code Overflow 2011-06-16 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2094 and CVE-2011-2095.
46 CVE-2011-2096 119 Exec Code Overflow 2011-06-16 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.
47 CVE-2011-2095 119 Exec Code Overflow 2011-06-16 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2094 and CVE-2011-2097.
48 CVE-2011-2094 119 Exec Code Overflow 2011-06-16 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2095 and CVE-2011-2097.
49 CVE-2011-2092 20 2011-06-16 2011-09-06
10.0
None Remote Low Not required Complete Complete Complete
Adobe LiveCycle Data Services 3.1 and earlier, LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier do not properly restrict creation of classes during deserialization of (1) AMF and (2) AMFX data, which allows attackers to have an unspecified impact via unknown vectors, related to a "deserialization vulnerability."
50 CVE-2011-2040 20 Exec Code 2011-06-02 2017-08-28
9.3
None Remote Medium Not required Complete Complete Complete
The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.5.3041, and 3.0.x before 3.0.629, on Linux and Mac OS X downloads a client executable file (vpndownloader.exe) without verifying its authenticity, which allows remote attackers to execute arbitrary code via the url property to a Java applet, aka Bug ID CSCsy05934.
Total number of vulnerabilities : 108   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.