Vulnerabilities > Out-of-bounds Write
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-10-30 | CVE-2009-3831 | Out-of-bounds Write vulnerability in Opera Browser Opera before 10.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted domain name. | 9.3 |
| 2009-09-15 | CVE-2009-2629 | Out-of-bounds Write vulnerability in multiple products Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests. | 7.5 |
| 2009-07-23 | CVE-2009-1862 | Out-of-bounds Write vulnerability in Adobe Acrobat, Acrobat Reader and Flash Player Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009. | 7.8 |
| 2009-06-10 | CVE-2009-0563 | Out-of-bounds Write vulnerability in Microsoft products Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a crafted tag containing an invalid length field, aka "Word Buffer Overflow Vulnerability." | 7.8 |
| 2009-03-23 | CVE-2009-0733 | Out-of-bounds Write vulnerability in multiple products Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions. | 9.3 |
| 2008-11-26 | CVE-2008-5232 | Out-Of-Bounds Write vulnerability in Microsoft Windows 2000 and Windows NT Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary code via a long argument. | 9.3 |
| 2008-11-04 | CVE-2008-2992 | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104. | 7.8 |
| 2008-10-15 | CVE-2008-3471 | Out-of-bounds Write vulnerability in Microsoft products Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via a BIFF file with a malformed record that triggers a user-influenced size calculation, aka "File Format Parsing Vulnerability." | 9.3 |
| 2008-07-07 | CVE-2008-2371 | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in pcre_compile.c in the Perl-Compatible Regular Expression (PCRE) library 7.7 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches. | 7.5 |
| 2008-07-07 | CVE-2008-3024 | Out-Of-Bounds Write vulnerability in Blackberry QNX Momentics 6.2.0/6.3.0/6.3.2 Stack-based buffer overflow in phgrafx in QNX Momentics (aka RTOS) 6.3.2 and earlier allows local users to gain privileges via a long .pal filename in palette/. | 9.3 |