CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (Memory Corruption)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
3951 CVE-2012-1140 119 DoS Exec Code Overflow Mem. Corr. 2012-04-25 2018-01-17
9.3
None Remote Medium Not required Complete Complete Complete
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted PostScript font object.
3952 CVE-2012-1139 119 DoS Exec Code Overflow Mem. Corr. 2012-04-25 2018-01-17
9.3
None Remote Medium Not required Complete Complete Complete
Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code via crafted glyph data in a BDF font.
3953 CVE-2012-1138 119 DoS Exec Code Overflow Mem. Corr. 2012-04-25 2018-01-17
9.3
None Remote Medium Not required Complete Complete Complete
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the MIRP instruction in a TrueType font.
3954 CVE-2012-1137 119 DoS Exec Code Overflow Mem. Corr. 2012-04-25 2018-01-17
9.3
None Remote Medium Not required Complete Complete Complete
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted header in a BDF font.
3955 CVE-2012-1136 119 DoS Exec Code Overflow Mem. Corr. 2012-04-25 2018-01-17
9.3
None Remote Medium Not required Complete Complete Complete
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font that lacks an ENCODING field.
3956 CVE-2012-1135 119 DoS Exec Code Overflow Mem. Corr. 2012-04-25 2018-01-17
9.3
None Remote Medium Not required Complete Complete Complete
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors involving the NPUSHB and NPUSHW instructions in a TrueType font.
3957 CVE-2012-1134 119 DoS Exec Code Overflow Mem. Corr. 2012-04-25 2018-01-17
9.3
None Remote Medium Not required Complete Complete Complete
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted private-dictionary data in a Type 1 font.
3958 CVE-2012-1133 119 DoS Exec Code Overflow Mem. Corr. 2012-04-25 2018-01-17
9.3
None Remote Medium Not required Complete Complete Complete
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.
3959 CVE-2012-1132 119 DoS Exec Code Overflow Mem. Corr. 2012-04-25 2018-01-17
9.3
None Remote Medium Not required Complete Complete Complete
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font.
3960 CVE-2012-1131 119 DoS Exec Code Overflow Mem. Corr. 2012-04-25 2018-01-17
9.3
None Remote Medium Not required Complete Complete Complete
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font.
3961 CVE-2012-1130 119 DoS Exec Code Overflow Mem. Corr. 2012-04-25 2018-01-17
9.3
None Remote Medium Not required Complete Complete Complete
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a PCF font.
3962 CVE-2012-1129 119 DoS Exec Code Overflow Mem. Corr. 2012-04-25 2018-01-17
9.3
None Remote Medium Not required Complete Complete Complete
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT string in a Type 42 font.
3963 CVE-2012-1128 119 DoS Exec Code Overflow Mem. Corr. 2012-04-25 2018-01-17
9.3
None Remote Medium Not required Complete Complete Complete
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font.
3964 CVE-2012-1127 119 DoS Exec Code Overflow Mem. Corr. 2012-04-25 2018-01-17
9.3
None Remote Medium Not required Complete Complete Complete
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bitmap data in a BDF font.
3965 CVE-2012-1126 119 DoS Exec Code Overflow Mem. Corr. 2012-04-25 2018-01-17
10.0
None Remote Low Not required Complete Complete Complete
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted property data in a BDF font.
3966 CVE-2012-1015 20 DoS Exec Code Mem. Corr. 2012-08-06 2013-04-04
9.3
None Remote Medium Not required Complete Complete Complete
The kdc_handle_protected_negotiation function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x, 1.9.x before 1.9.5, and 1.10.x before 1.10.3 attempts to calculate a checksum before verifying that the key type is appropriate for a checksum, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free, heap memory corruption, and daemon crash) via a crafted AS-REQ request.
3967 CVE-2012-0850 119 DoS Overflow Mem. Corr. 2012-08-20 2018-10-30
4.3
None Remote Medium Not required None None Partial
The sbr_qmf_synthesis function in libavcodec/aacsbr.c in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (application crash) via a crafted mpg file that triggers memory corruption involving the v_off variable, probably a buffer underflow.
3968 CVE-2012-0780 119 DoS Exec Code Overflow Mem. Corr. 2012-05-09 2017-12-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2023, CVE-2012-2024, CVE-2012-2025, and CVE-2012-2026.
3969 CVE-2012-0777 119 DoS Exec Code Overflow Mem. Corr. 2012-04-10 2018-01-09
7.5
None Remote Low Not required Partial Partial Partial
The JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 on Mac OS X and Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
3970 CVE-2012-0775 119 DoS Exec Code Overflow Mem. Corr. 2012-04-10 2018-01-09
10.0
None Remote Low Not required Complete Complete Complete
The JavaScript implementation in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
3971 CVE-2012-0773 119 DoS Exec Code Overflow Mem. Corr. 2012-03-28 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
The NetStream class in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228 on Windows, Mac OS X, and Linux; Flash Player before 10.3.183.18 and 11.x before 11.2.202.223 on Solaris; Flash Player before 11.1.111.8 on Android 2.x and 3.x; and AIR before 3.2.0.2070 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
3972 CVE-2012-0772 119 DoS Exec Code Overflow Mem. Corr. 2012-03-28 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
An unspecified ActiveX control in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228, and AIR before 3.2.0.2070, on Windows does not properly perform URL security domain checking, which allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors.
3973 CVE-2012-0771 119 DoS Exec Code Overflow Mem. Corr. 2018-02-19 2018-03-18
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0759.
3974 CVE-2012-0768 399 DoS Exec Code Mem. Corr. 2012-03-05 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
3975 CVE-2012-0766 119 DoS Exec Code Overflow Mem. Corr. 2012-02-14 2012-02-24
10.0
None Remote Low Not required Complete Complete Complete
The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, CVE-2012-0761, CVE-2012-0762, CVE-2012-0763, and CVE-2012-0764.
3976 CVE-2012-0764 119 DoS Exec Code Overflow Mem. Corr. 2012-02-14 2012-03-20
10.0
None Remote Low Not required Complete Complete Complete
The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, CVE-2012-0761, CVE-2012-0762, CVE-2012-0763, and CVE-2012-0766.
3977 CVE-2012-0763 119 DoS Exec Code Overflow Mem. Corr. 2012-02-14 2012-02-16
10.0
None Remote Low Not required Complete Complete Complete
The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, CVE-2012-0761, CVE-2012-0762, CVE-2012-0764, and CVE-2012-0766.
3978 CVE-2012-0762 119 DoS Exec Code Overflow Mem. Corr. 2012-02-14 2017-08-28
10.0
None Remote Low Not required Complete Complete Complete
The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, CVE-2012-0761, CVE-2012-0763, CVE-2012-0764, and CVE-2012-0766.
3979 CVE-2012-0761 119 DoS Exec Code Overflow Mem. Corr. 2012-02-14 2017-08-28
10.0
None Remote Low Not required Complete Complete Complete
The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0760, CVE-2012-0762, CVE-2012-0763, CVE-2012-0764, and CVE-2012-0766.
3980 CVE-2012-0760 119 DoS Exec Code Overflow Mem. Corr. 2012-02-14 2012-02-16
10.0
None Remote Low Not required Complete Complete Complete
The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0757, CVE-2012-0761, CVE-2012-0762, CVE-2012-0763, CVE-2012-0764, and CVE-2012-0766.
3981 CVE-2012-0759 119 DoS Exec Code Overflow Mem. Corr. 2012-02-14 2018-02-19
10.0
None Remote Low Not required Complete Complete Complete
Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0771.
3982 CVE-2012-0757 119 DoS Exec Code Overflow Mem. Corr. 2012-02-14 2012-02-16
10.0
None Remote Low Not required Complete Complete Complete
The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0760, CVE-2012-0761, CVE-2012-0762, CVE-2012-0763, CVE-2012-0764, and CVE-2012-0766.
3983 CVE-2012-0754 119 DoS Exec Code Overflow Mem. Corr. 2012-02-16 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
3984 CVE-2012-0753 119 DoS Exec Code Overflow Mem. Corr. 2012-02-16 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted MP4 data.
3985 CVE-2012-0752 119 DoS Exec Code Overflow Mem. Corr. 2012-02-16 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) by leveraging an unspecified "type confusion."
3986 CVE-2012-0751 DoS Exec Code Mem. Corr. 2012-02-16 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
The ActiveX control in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
3987 CVE-2012-0725 119 DoS Overflow Mem. Corr. 2012-04-06 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0724.
3988 CVE-2012-0724 119 DoS Overflow Mem. Corr. 2012-04-06 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0725.
3989 CVE-2012-0683 119 DoS Exec Code Overflow Mem. Corr. 2012-07-25 2012-09-21
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
3990 CVE-2012-0682 119 DoS Exec Code Overflow Mem. Corr. 2012-07-25 2012-09-21
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1.
3991 CVE-2012-0672 119 DoS Exec Code Overflow Mem. Corr. 2012-05-08 2017-12-06
6.8
None Remote Medium Not required Partial Partial Partial
WebKit in Apple iOS before 5.1.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
3992 CVE-2012-0671 94 DoS Exec Code Mem. Corr. 2012-05-16 2017-09-18
9.3
None Remote Medium Not required Complete Complete Complete
Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .pict file.
3993 CVE-2012-0662 189 DoS Exec Code Overflow Mem. Corr. 2012-05-10 2012-05-29
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input.
3994 CVE-2012-0648 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2018-01-05
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.
3995 CVE-2012-0639 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2018-01-05
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.
3996 CVE-2012-0638 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2018-01-05
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.
3997 CVE-2012-0637 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2018-01-05
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.
3998 CVE-2012-0636 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2018-01-05
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.
3999 CVE-2012-0635 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2018-11-29
9.3
None Remote Medium Not required Complete Complete Complete
WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.
4000 CVE-2012-0634 119 DoS Exec Code Overflow Mem. Corr. 2012-03-08 2018-01-04
7.6
None Remote High Not required Complete Complete Complete
WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1.
Total number of vulnerabilities : 5339   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 (This Page)81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.