Vulnerabilities > Microsoft > Critical

DATE CVE VULNERABILITY TITLE RISK
2013-03-13 CVE-2013-1375 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe products
Heap-based buffer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors.
network
low complexity
adobe apple microsoft linux google CWE-119
critical
 10.0
10
2013-03-13 CVE-2013-1371 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe products
Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
network
low complexity
adobe apple microsoft linux google CWE-119
critical
 10.0
10
2013-03-13 CVE-2013-0650 Resource Management Errors vulnerability in Adobe products
Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors.
network
low complexity
adobe apple microsoft linux google CWE-399
critical
 10.0
10
2013-03-13 CVE-2013-0646 Numeric Errors vulnerability in Adobe products
Integer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and before 11.1.115.48 on Android 4.x; Adobe AIR before 3.6.0.6090; Adobe AIR SDK before 3.6.0.6090; and Adobe AIR SDK & Compiler before 3.6.0.6090 allows attackers to execute arbitrary code via unspecified vectors.
network
low complexity
adobe apple microsoft linux google CWE-189
critical
 10.0
10
2013-03-13 CVE-2013-2558 Denial of Service vulnerability in Microsoft Windows 8
Unspecified vulnerability in Microsoft Windows 8 allows remote attackers to cause a denial of service (reboot) or possibly have unknown other impact via a crafted TrueType Font (TTF) file, as demonstrated by the 120612-69701-01.dmp error report.
network
low complexity
microsoft
critical
 10.0
10
2013-03-13 CVE-2013-0079 Remote Code Execution vulnerability in Microsoft Office Filter Pack, Visio and Visio Viewer
Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion Vulnerability."
network
microsoft
critical
 9.3
9.3
2013-02-27 CVE-2013-0504 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Flash Player
Buffer overflow in the broker service in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows attackers to execute arbitrary code via unspecified vectors.
network
low complexity
adobe apple microsoft linux CWE-119
critical
 10.0
10
2013-02-13 CVE-2013-1313 Resource Management Errors vulnerability in Microsoft Windows XP
Object Linking and Embedding (OLE) Automation in Microsoft Windows XP SP3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted RTF document, aka "OLE Automation Remote Code Execution Vulnerability."
network
microsoft CWE-399
critical
 9.3
9.3
2013-02-13 CVE-2013-0028 Resource Management Errors vulnerability in Microsoft Internet Explorer
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CObjectElement Use After Free Vulnerability."
network
microsoft CWE-399
critical
 9.3
9.3
2013-02-13 CVE-2013-0027 Resource Management Errors vulnerability in Microsoft Internet Explorer
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CPasteCommand Use After Free Vulnerability."
network
microsoft CWE-399
critical
 9.3
9.3