Microsoft : Security Vulnerabilities Published In 2014

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8454 and CVE-2014-8455.
Max Base Score
10.0
Published 2014-12-10
Updated 2014-12-12
EPSS 88.29%
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8457 and CVE-2014-8460.
Max Base Score
10.0
Published 2014-12-10
Updated 2014-12-12
EPSS 17.76%
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, and CVE-2014-8461.
Max Base Score
10.0
Published 2014-12-10
Updated 2014-12-12
EPSS 78.23%
Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted HTML document in conjunction with a Cascading Style Sheets (CSS) token sequence specifying the run-in value for the display property, leading to improper CElement reference counting.
Max Base Score
6.8
Published 2014-12-15
Updated 2015-10-30
EPSS 5.01%
Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Max Base Score
9.3
Published 2014-12-11
Updated 2018-10-12
EPSS 54.78%
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, and CVE-2014-9158.
Max Base Score
10.0
Published 2014-12-10
Updated 2014-12-12
EPSS 78.23%
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8457 and CVE-2014-9159.
Max Base Score
10.0
Published 2014-12-10
Updated 2014-12-12
EPSS 69.84%
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8461, and CVE-2014-9158.
Max Base Score
10.0
Published 2014-12-10
Updated 2014-12-12
EPSS 78.23%
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158.
Max Base Score
10.0
Published 2014-12-10
Updated 2014-12-12
EPSS 78.23%
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8460 and CVE-2014-9159.
Max Base Score
10.0
Published 2014-12-10
Updated 2014-12-12
EPSS 69.84%
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158.
Max Base Score
10.0
Published 2014-12-10
Updated 2014-12-12
EPSS 78.23%
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8454 and CVE-2014-9165.
Max Base Score
10.0
Published 2014-12-10
Updated 2014-12-12
EPSS 88.29%
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8455 and CVE-2014-9165.
Max Base Score
10.0
Published 2014-12-10
Updated 2014-12-12
EPSS 88.29%
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors.
Max Base Score
5.0
Published 2014-12-10
Updated 2014-12-12
EPSS 0.19%
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Max Base Score
5.0
Published 2014-12-10
Updated 2014-12-12
EPSS 1.18%
An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2014-8448.
Max Base Score
5.0
Published 2014-12-10
Updated 2014-12-12
EPSS 4.62%
Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.
Max Base Score
10.0
Published 2014-12-10
Updated 2014-12-12
EPSS 33.77%
An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2014-8451.
Max Base Score
5.0
Published 2014-12-10
Updated 2014-12-12
EPSS 4.62%
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158.
Max Base Score
10.0
Published 2014-12-10
Updated 2014-12-12
EPSS 78.23%
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158.
Max Base Score
10.0
Published 2014-12-10
Updated 2014-12-12
EPSS 9.40%
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158.
Max Base Score
10.0
Published 2014-12-10
Updated 2014-12-12
EPSS 78.23%
lib/TWiki/Sandbox.pm in TWiki 6.0.0 and earlier, when running on Windows, allows remote attackers to bypass intended access restrictions and upload files with restricted names via a null byte (%00) in a filename to bin/upload.cgi, as demonstrated using .htaccess to execute arbitrary code.
Max Base Score
6.8
Published 2014-10-16
Updated 2017-09-08
EPSS 11.08%
Microsoft Asha OS on the Microsoft Mobile Nokia Asha 501 phone 14.0.4 allows physically proximate attackers to bypass the lock-screen protection mechanism, and read or modify contact information or dial arbitrary telephone numbers, by tapping the SOS Option and then tapping the Green Call Option.
Max Base Score
6.6
Published 2014-09-22
Updated 2017-09-08
EPSS 0.04%
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6327 and CVE-2014-6329.
Max Base Score
9.3
Published 2014-12-11
Updated 2018-10-12
EPSS 54.78%
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
Max Base Score
9.3
Published 2014-12-11
Updated 2018-10-12
EPSS 54.78%
373 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
This web site uses cookies for managing your session and website analytics (Google analytics) purposes as described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!