Vulnerabilities > Microsoft > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-10-09 | CVE-2012-5249 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe products Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. | 10.0 |
| 2012-10-09 | CVE-2012-5248 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe products Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.2710; and Adobe AIR SDK before 3.4.0.2710 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than other Flash Player buffer overflow CVEs listed in APSB12-22. | 10.0 |
| 2012-09-28 | CVE-2012-0418 | Remote Code Execution vulnerability in Novell Groupwise Client Unspecified vulnerability in the client in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted file. | 9.3 |
| 2012-09-25 | CVE-2012-3324 | Path Traversal vulnerability in IBM DB2 and DB2 Connect Directory traversal vulnerability in the UTL_FILE module in IBM DB2 and DB2 Connect 10.1 before FP1 on Windows allows remote authenticated users to modify, delete, or read arbitrary files via a pathname in the file field. | 9.0 |
| 2012-09-21 | CVE-2012-2557 | Resource Management Errors vulnerability in Microsoft Internet Explorer Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "cloneNode Use After Free Vulnerability." | 9.3 |
| 2012-09-21 | CVE-2012-2548 | Resource Management Errors vulnerability in Microsoft Internet Explorer 9 Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Layout Use After Free Vulnerability." | 9.3 |
| 2012-09-21 | CVE-2012-2546 | Resource Management Errors vulnerability in Microsoft Internet Explorer 9 Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Event Listener Use After Free Vulnerability." | 9.3 |
| 2012-09-21 | CVE-2012-1529 | Resource Management Errors vulnerability in Microsoft Internet Explorer 8/9 Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "OnMove Use After Free Vulnerability." | 9.3 |
| 2012-09-18 | CVE-2012-4969 | Unspecified vulnerability in Microsoft Internet Explorer Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012. | 9.3 |
| 2012-08-26 | CVE-2011-5127 | Path Traversal vulnerability in Bluecoat Reporter Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary code, via an unspecified HTTP request. | 10.0 |