Vulnerabilities > Microsoft > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-02-10 | CVE-2011-0092 | Code Injection vulnerability in Microsoft Visio 2002/2003/2007 The LZW stream decompression functionality in ORMELEMS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 allows remote attackers to execute arbitrary code via a Visio file with a malformed VisioDocument stream that triggers an exception handler that accesses an object that has not been fully initialized, which triggers memory corruption, aka "Visio Object Memory Corruption Vulnerability." | 9.3 |
| 2011-01-07 | CVE-2011-0347 | Unspecified vulnerability in Microsoft Internet Explorer Microsoft Internet Explorer on Windows XP allows remote attackers to trigger an incorrect GUI display and have unspecified other impact via vectors related to the DOM implementation, as demonstrated by cross_fuzz. | 9.3 |
| 2010-12-23 | CVE-2010-4588 | Code Injection vulnerability in Microsoft WMI Administrative Tools The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier allows remote attackers to execute arbitrary code via a crafted argument to the ReleaseContext method, a different vector than CVE-2010-3973, possibly an untrusted pointer dereference. | 9.3 |
| 2010-12-23 | CVE-2010-3973 | Code Injection vulnerability in Microsoft WMI Administrative Tools The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted argument to the AddContextRef method, possibly an untrusted pointer dereference, aka "Microsoft WMITools ActiveX Control Vulnerability." | 9.3 |
| 2010-12-23 | CVE-2010-3972 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Internet Information Services 7.5 Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka "IIS FTP Service Heap Buffer Overrun Vulnerability." NOTE: some of these details are obtained from third party information. | 10.0 |
| 2010-12-22 | CVE-2010-3971 | Resource Management Errors vulnerability in Microsoft Internet Explorer 7/8 Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets (CSS) parser in mshtml.dll, as used in Microsoft Internet Explorer 6 through 8 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a self-referential @import rule in a stylesheet, aka "CSS Memory Corruption Vulnerability." | 9.3 |
| 2010-12-22 | CVE-2010-4587 | Unspecified vulnerability in Opera Browser Opera before 11.00 on Windows does not properly implement the Insecure Third Party Module warning message, which might make it easier for user-assisted remote attackers to have an unspecified impact via a crafted module. | 9.3 |
| 2010-12-16 | CVE-2010-3966 | DLL Loading Arbitrary Code Execution vulnerability in Microsoft Windows BranchCache Untrusted search path vulnerability in Microsoft Windows Server 2008 R2 and Windows 7, when BranchCache is supported, allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an EML file, an RSS file, or a WPOST file, aka "BranchCache Insecure Library Loading Vulnerability." Per: http://www.microsoft.com/technet/security/Bulletin/MS10-095.mspx 'This is a remote code execution vulnerability.' Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path' | 9.3 |
| 2010-12-16 | CVE-2010-3955 | Code Injection vulnerability in Microsoft Publisher 2002 pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3 does not properly perform array indexing, which allows remote attackers to execute arbitrary code via a crafted Publisher file that uses an old file format, aka "Array Indexing Memory Corruption Vulnerability." | 9.3 |
| 2010-12-16 | CVE-2010-3954 | Buffer Errors vulnerability in Microsoft Publisher 2002/2003/2010 Microsoft Publisher 2002 SP3, 2003 SP3, and 2010 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Publisher file, aka "Microsoft Publisher Memory Corruption Vulnerability." | 9.3 |