CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (Memory Corruption) (CVSS score >= 7)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
3451 CVE-2010-2571 20 Exec Code Mem. Corr. 2010-12-16 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Array index error in pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher 97 file, aka "Memory Corruption Due To Invalid Index Into Array in Pubconv.dll Vulnerability."
3452 CVE-2010-2569 94 DoS Exec Code Mem. Corr. 2010-12-16 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3, 2003 SP3, and 2007 SP2 does not properly handle an unspecified size field in certain older file formats, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted Publisher file, aka "Size Value Heap Corruption in pubconv.dll Vulnerability."
3453 CVE-2010-2567 94 Exec Code Mem. Corr. 2010-09-15 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
The RPC client implementation in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly allocate memory during the parsing of responses, which allows remote RPC servers and man-in-the-middle attackers to execute arbitrary code via a malformed response, aka "RPC Memory Corruption Vulnerability."
3454 CVE-2010-2564 94 DoS Exec Code Overflow Mem. Corr. 2010-08-11 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Buffer overflow in Microsoft Windows Movie Maker (WMM) 2.1, 2.6, and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted project file, aka "Movie Maker Memory Corruption Vulnerability."
3455 CVE-2010-2563 94 Exec Code Mem. Corr. 2010-09-15 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
The Word 97 text converter in the WordPad Text Converters in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly parse malformed structures in Word 97 documents, which allows remote attackers to execute arbitrary code via a crafted document containing an unspecified value that is used in a loop counter, aka "WordPad Word 97 Text Converter Memory Corruption Vulnerability."
3456 CVE-2010-2562 94 DoS Exec Code Mem. Corr. 2010-08-11 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Excel file, aka "Excel Memory Corruption Vulnerability."
3457 CVE-2010-2561 94 DoS Exec Code Mem. Corr. 2010-08-11 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft XML Core Services (aka MSXML) 3.0 does not properly handle HTTP responses, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted response, aka "Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption Vulnerability."
3458 CVE-2010-2560 94 Exec Code Mem. Corr. 2010-08-11 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Layout Memory Corruption Vulnerability."
3459 CVE-2010-2559 94 Exec Code Mem. Corr. 2010-08-11 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a different vulnerability than CVE-2009-3671, CVE-2009-3674, CVE-2010-0245, and CVE-2010-0246.
3460 CVE-2010-2558 362 DoS Exec Code Mem. Corr. 2010-08-11 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Race condition in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to an object in memory, aka "Race Condition Memory Corruption Vulnerability."
3461 CVE-2010-2557 94 Exec Code Mem. Corr. 2010-08-11 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
3462 CVE-2010-2556 94 Exec Code Mem. Corr. 2010-08-11 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
3463 CVE-2010-2304 119 DoS Exec Code Overflow Mem. Corr. 2010-06-15 2010-06-16
9.3
None Remote Medium Not required Complete Complete Complete
The toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors related to list markers, aka rdar problem 8009118.
3464 CVE-2010-2302 399 DoS Exec Code Mem. Corr. 2010-06-15 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow DOM trees, aka rdar problem 8007953. NOTE: this might overlap CVE-2010-1771.
3465 CVE-2010-2300 399 DoS Exec Code Mem. Corr. 2010-06-15 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to handlers for DOM mutation events, aka rdar problem 7948784. NOTE: this might overlap CVE-2010-1759.
3466 CVE-2010-2216 94 DoS Exec Code Mem. Corr. 2010-08-11 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2214.
3467 CVE-2010-2214 94 DoS Exec Code Mem. Corr. 2010-08-11 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2216.
3468 CVE-2010-2213 94 DoS Exec Code Mem. Corr. 2010-08-11 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2214, and CVE-2010-2216.
3469 CVE-2010-2212 119 DoS Exec Code Overflow Mem. Corr. 2010-06-30 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PDF file containing Flash content with a crafted #1023 (3FFh) tag, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, and CVE-2010-2211.
3470 CVE-2010-2211 119 DoS Exec Code Overflow Mem. Corr. 2010-06-30 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, and CVE-2010-2212.
3471 CVE-2010-2210 119 DoS Exec Code Overflow Mem. Corr. 2010-06-30 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2211, and CVE-2010-2212.
3472 CVE-2010-2209 119 DoS Exec Code Overflow Mem. Corr. 2010-06-30 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212.
3473 CVE-2010-2207 119 DoS Exec Code Overflow Mem. Corr. 2010-06-30 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212.
3474 CVE-2010-2202 119 DoS Exec Code Overflow Mem. Corr. 2010-06-30 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212.
3475 CVE-2010-2201 399 Exec Code Mem. Corr. 2010-06-30 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content involving the (1) pushstring (0x2C) operator, (2) debugfile (0xF1) operator, and an "invalid pointer vulnerability" that triggers memory corruption, a different vulnerability than CVE-2010-1285 and CVE-2010-2168.
3476 CVE-2010-2189 119 DoS Exec Code Overflow Mem. Corr. 2010-06-15 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when used in conjunction with VMWare Tools on a VMWare platform, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.
3477 CVE-2010-2188 119 DoS Exec Code Overflow Mem. Corr. 2010-06-15 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by calling the ActionScript native object 2200 connect method multiple times with different arguments, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2187.
3478 CVE-2010-2187 119 DoS Exec Code Overflow Mem. Corr. 2010-06-15 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, and CVE-2010-2188.
3479 CVE-2010-2184 119 DoS Exec Code Overflow Mem. Corr. 2010-06-15 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2187, and CVE-2010-2188.
3480 CVE-2010-2182 119 DoS Exec Code Overflow Mem. Corr. 2010-06-15 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
3481 CVE-2010-2180 119 DoS Exec Code Overflow Mem. Corr. 2010-06-15 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
3482 CVE-2010-2178 119 DoS Exec Code Overflow Mem. Corr. 2010-06-15 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
3483 CVE-2010-2177 119 DoS Exec Code Overflow Mem. Corr. 2010-06-15 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
3484 CVE-2010-2176 119 DoS Exec Code Overflow Mem. Corr. 2010-06-15 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
3485 CVE-2010-2175 119 DoS Exec Code Overflow Mem. Corr. 2010-06-15 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
3486 CVE-2010-2171 119 DoS Exec Code Overflow Mem. Corr. 2010-06-15 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors related to SWF files, decompression of embedded JPEG image data, and the DefineBits and other unspecified tags, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
3487 CVE-2010-2169 119 DoS Exec Code Overflow Mem. Corr. 2010-06-15 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allow attackers to cause a denial of service (pointer memory corruption) or possibly execute arbitrary code via unspecified vectors.
3488 CVE-2010-2168 399 Exec Code Mem. Corr. 2010-06-30 2018-10-30
9.3
Admin Remote Medium Not required Complete Complete Complete
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code via a PDF file with crafted Flash content, involving the newfunction (0x44) operator and an "invalid pointer vulnerability" that triggers memory corruption, a different vulnerability than CVE-2010-1285 and CVE-2010-2201.
3489 CVE-2010-2166 119 DoS Exec Code Overflow Mem. Corr. 2010-06-15 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
3490 CVE-2010-2165 119 DoS Exec Code Overflow Mem. Corr. 2010-06-15 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
3491 CVE-2010-2162 119 DoS Exec Code Overflow Mem. Corr. 2010-06-15 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via vectors related to improper length calculation and the (1) STSC, (2) STSZ, and (3) STCO atoms.
3492 CVE-2010-2160 119 DoS Exec Code Overflow Mem. Corr. 2010-06-15 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an invalid offset in an unspecified undocumented opcode in ActionScript Virtual Machine 2, related to getouterscope, a different vulnerability than CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.
3493 CVE-2010-2063 119 DoS Exec Code Overflow Mem. Corr. 2010-06-17 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a crafted field in a packet.
3494 CVE-2010-2054 189 DoS Exec Code Overflow Mem. Corr. 2010-06-15 2010-06-15
10.0
None Remote Low Not required Complete Complete Complete
Integer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB 1.3.4 through 1.3.7, when the configuration sets httpMaxContentLength to a zero value, allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via a large integer in the Content-Length HTTP header, aka bug #3001915. NOTE: some of these details are obtained from third party information.
3495 CVE-2010-1903 94 DoS Exec Code Mem. Corr. 2010-08-11 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Office Word 2002 SP3 and 2003 SP3, and Office Word Viewer, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed record in a Word file, aka "Word HTML Linked Objects Memory Corruption Vulnerability."
3496 CVE-2010-1901 94 DoS Exec Code Mem. Corr. 2010-08-11 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly handle unspecified properties in rich text data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RTF document, aka "Word RTF Parsing Engine Memory Corruption Vulnerability."
3497 CVE-2010-1900 94 DoS Exec Code Mem. Corr. 2010-08-11 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Works 9 do not properly handle malformed records in a Word file, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, aka "Word Record Parsing Vulnerability."
3498 CVE-2010-1892 119 DoS Overflow Mem. Corr. 2010-08-11 2018-10-30
7.8
None Remote Low Not required None None Complete
The TCP/IP stack in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly handle malformed IPv6 packets, which allows remote attackers to cause a denial of service (system hang) via multiple crafted packets, aka "IPv6 Memory Corruption Vulnerability."
3499 CVE-2010-1881 94 DoS Exec Code Mem. Corr. 2010-07-15 2018-10-12
9.3
Admin Remote Medium Not required Complete Complete Complete
The FieldList ActiveX control in the Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 does not properly interact with the memory-access approach used by Internet Explorer and Office during instantiation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an HTML document that references this control along with crafted persistent storage data, aka "ACCWIZ.dll Uninitialized Variable Vulnerability."
3500 CVE-2010-1866 189 DoS Overflow Mem. Corr. Bypass 2010-05-07 2010-09-30
7.5
None Remote Low Not required Partial Partial Partial
The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a signed comparison, related to an integer overflow in the chunk size decoder.
Total number of vulnerabilities : 4012   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 (This Page)71 72 73 74 75 76 77 78 79 80 81
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.