Vulnerabilities > Microsoft > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-05-16 | CVE-2013-2728 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, and CVE-2013-3335. | 10.0 |
| 2013-05-15 | CVE-2013-1346 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Malware Protection Engine mpengine.dll in Microsoft Malware Protection Engine before 1.1.9506.0 on x64 platforms allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file. | 9.3 |
| 2013-05-15 | CVE-2013-1335 | Code Injection vulnerability in Microsoft Word and Word Viewer Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to execute arbitrary code via crafted shape data in a Word document, aka "Word Shape Corruption Vulnerability." | 9.3 |
| 2013-05-15 | CVE-2013-1329 | Numeric Errors vulnerability in Microsoft Publisher 2003 Integer signedness error in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers a buffer underflow, aka "Publisher Buffer Underflow Vulnerability." | 9.3 |
| 2013-05-15 | CVE-2013-1328 | Remote Code Execution vulnerability in Microsoft Publisher 2003/2007/2010 Microsoft Publisher 2003 SP3, 2007 SP3, and 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers incorrect pointer handling, aka "Publisher Pointer Handling Vulnerability." | 9.3 |
| 2013-05-15 | CVE-2013-1327 | Numeric Errors vulnerability in Microsoft Publisher 2003 Integer signedness error in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers an improper memory allocation, aka "Publisher Signed Integer Vulnerability." | 9.3 |
| 2013-05-15 | CVE-2013-1323 | Code Injection vulnerability in Microsoft Publisher 2003 Microsoft Publisher 2003 SP3 does not properly handle NULL values for unspecified data items, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Incorrect NULL Value Handling Vulnerability." | 9.3 |
| 2013-05-15 | CVE-2013-1322 | Remote Code Execution vulnerability in Microsoft Publisher 2003 Microsoft Publisher 2003 SP3 does not properly check table range data, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Invalid Range Check Vulnerability." | 10.0 |
| 2013-05-15 | CVE-2013-1321 | Improper Input Validation vulnerability in Microsoft Publisher 2003 Microsoft Publisher 2003 SP3 does not properly check the data type of an unspecified return value, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Return Value Validation Vulnerability." | 9.3 |
| 2013-05-15 | CVE-2013-1320 | Buffer Errors vulnerability in Microsoft Publisher 2003 Buffer overflow in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Buffer Overflow Vulnerability." | 10.0 |