Vulnerabilities > Intuit
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-04-25 | CVE-2012-2419 | Resource Management Errors vulnerability in Intuit Quickbooks Memory leak in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allows remote attackers to cause a denial of service (memory consumption) via a URI with multiple references to the same name-value pair. | 1.8 |
2012-04-25 | CVE-2012-2418 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Intuit Quickbooks Heap-based buffer overflow in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a URI with a % (percent) character as its (1) last or (2) second-to-last character. | 6.8 |
2007-12-15 | CVE-2007-6387 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Multiple stack-based buffer overflows in the awApi4.AnswerWorks.1 ActiveX control in awApi4.dll 4.0.0.42, as used by Vantage Linguistics AnswerWorks, and Intuit Clearly Bookkeeping, ProSeries, QuickBooks, Quicken, QuickTax, and TurboTax, allow remote attackers to execute arbitrary code via long arguments to the (1) GetHistory, (2) GetSeedQuery, (3) SetSeedQuery, and possibly other methods. | 9.3 |
2007-09-05 | CVE-2007-4471 | Path Traversal vulnerability in Intuit Quickbooks Multiple unspecified vulnerabilities in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to create or overwrite arbitrary files via unspecified arguments to the (1) httpGETToFile, (2) httpPOSTFromFile, and possibly other methods, probably involving path traversal vulnerabilities in exposed dangerous methods. | 9.3 |
2007-09-05 | CVE-2007-0322 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Intuit Quickbooks Multiple stack-based buffer overflows in the Intuit QuickBooks Online Edition ActiveX control before 10 allow remote attackers to execute arbitrary code via unspecified vectors. | 9.3 |
2001-06-18 | CVE-2001-0465 | Information Disclosure vulnerability in Turbo Tax TurboTax saves passwords in a temporary file when a user imports investment tax information from a financial institution, which could allow local users to obtain sensitive information. | 4.6 |