Vulnerabilities > Linux > Critical

DATE CVE VULNERABILITY TITLE RISK
2010-12-14 CVE-2010-4377 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Realnetworks Realplayer and Realplayer SP
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code by specifying many subbands in cook audio codec information in a Real Audio file.
network
realnetworks apple linux CWE-119
critical
9.3
2010-12-14 CVE-2010-4376 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Realnetworks Realplayer and Realplayer SP
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a large Screen Width value in the Screen Descriptor header of a GIF87a file in an RTSP stream.
network
realnetworks apple linux CWE-119
critical
9.3
2010-12-14 CVE-2010-4375 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Realnetworks Realplayer
Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code via malformed multi-rate data in an audio stream.
network
realnetworks apple linux CWE-119
critical
9.3
2010-12-14 CVE-2010-2999 Numeric Errors vulnerability in Realnetworks Realplayer and Realplayer SP
Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed MLLT atom in an AAC file.
network
realnetworks apple linux CWE-189
critical
9.3
2010-12-14 CVE-2010-2997 Resource Management Errors vulnerability in Realnetworks Realplayer and Realplayer SP
Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted StreamTitle tag in an ICY SHOUTcast stream, related to the SMIL file format.
network
realnetworks apple linux CWE-399
critical
9.3
2010-12-14 CVE-2010-0121 Unspecified vulnerability in Realnetworks Realplayer and Realplayer SP
The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 does not properly perform initialization, which has unspecified impact and attack vectors.
network
low complexity
realnetworks apple linux
critical
10.0
2010-11-22 CVE-2010-3038 Credentials Management vulnerability in Cisco products
Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, has a default password for the (1) root, (2) cs, and (3) develop accounts, which makes it easier for remote attackers to obtain access via the (a) FTP or (b) SSH daemon, aka Bug ID CSCti54008.
network
low complexity
cisco linux CWE-255
critical
10.0
2010-10-29 CVE-2010-3654 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris and 10.1.95.1 on Android, and authplay.dll (aka AuthPlayLib.bundle or libauthplay.so.0.0.0) in Adobe Reader and Acrobat 9.x through 9.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted SWF content, as exploited in the wild in October 2010.
9.3
2010-09-15 CVE-2010-3009 Information Disclosure Vulnerability in HP System Management Homepage 6.0/6.1
Unspecified vulnerability in HP System Management Homepage (SMH) for Linux 6.0 and 6.1 allows remote authenticated users to obtain sensitive information and gain root privileges via unknown vectors.
network
low complexity
hp linux
critical
9.0
2010-08-11 CVE-2010-2217 Code Injection vulnerability in Adobe Flash Media Server and Flash Media Server 2
Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to execute arbitrary code via unspecified vectors, related to a "JS method vulnerability."
network
low complexity
adobe linux microsoft CWE-94
critical
10.0