Vulnerabilities > Microsoft > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-11-12 | CVE-2013-3918 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products The InformationCardSigninHelper Class ActiveX control in icardie.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted web page that is accessed by Internet Explorer, as exploited in the wild in November 2013, aka "InformationCardSigninHelper Vulnerability." | 9.3 |
| 2013-10-09 | CVE-2013-5325 | Code Injection vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 11.x before 11.0.05 on Windows allow remote attackers to execute arbitrary JavaScript code in a javascript: URL via a crafted PDF document. | 9.3 |
| 2013-10-09 | CVE-2013-3892 | Buffer Errors vulnerability in Microsoft Word 2007 Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Memory Corruption Vulnerability." | 9.3 |
| 2013-10-09 | CVE-2013-3891 | Buffer Errors vulnerability in Microsoft Word 2003 Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Memory Corruption Vulnerability." | 9.3 |
| 2013-10-09 | CVE-2013-3890 | Buffer Errors vulnerability in Microsoft Excel, Excel Viewer and Office Compatibility Pack Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability." | 9.3 |
| 2013-10-09 | CVE-2013-3889 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; Office Compatibility Pack SP3; and Excel Services and Word Automation Services in SharePoint Server 2013 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability." | 9.3 |
| 2013-10-09 | CVE-2013-3886 | Buffer Errors vulnerability in Microsoft Internet Explorer 10/9 Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 9.3 |
| 2013-10-09 | CVE-2013-3885 | Buffer Errors vulnerability in Microsoft Internet Explorer 10 Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3872, CVE-2013-3873, and CVE-2013-3882. | 9.3 |
| 2013-10-09 | CVE-2013-3882 | Buffer Errors vulnerability in Microsoft Internet Explorer 10 Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3872, CVE-2013-3873, and CVE-2013-3885. | 9.3 |
| 2013-10-09 | CVE-2013-3875 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Explorer 8/9 Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." | 9.3 |