Vulnerabilities > Microsoft > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-12-16 | CVE-2010-3952 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Office and Office Converter Pack The FlashPix image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted FlashPix image in an Office document, aka "FlashPix Image Converter Heap Corruption Vulnerability." | 9.3 |
| 2010-12-16 | CVE-2010-3951 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Office and Office Converter Pack Buffer overflow in the FlashPix image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted FlashPix image in an Office document, aka "FlashPix Image Converter Buffer Overflow Vulnerability." | 9.3 |
| 2010-12-16 | CVE-2010-3950 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Office, Office Converter Pack and Works The TIFF image converter in the graphics filters in Microsoft Office XP SP3, Office Converter Pack, and Works 9 does not properly convert data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF image in an Office document, aka "TIFF Image Converter Memory Corruption Vulnerability." | 9.3 |
| 2010-12-16 | CVE-2010-3949 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Office and Office Converter Pack Buffer overflow in the TIFF image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted TIFF image in an Office document, aka "TIFF Image Converter Buffer Overflow Vulnerability." | 9.3 |
| 2010-12-16 | CVE-2010-3947 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Office, Office Converter Pack and Works Heap-based buffer overflow in the TIFF image converter in the graphics filters in Microsoft Office XP SP3, Office Converter Pack, and Works 9 allows remote attackers to execute arbitrary code via a crafted TIFF image in an Office document, aka "TIFF Image Converter Heap Overflow Vulnerability." | 9.3 |
| 2010-12-16 | CVE-2010-3946 | Numeric Errors vulnerability in Microsoft Office and Office Converter Pack Integer overflow in the PICT image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted PICT image in an Office document, aka "PICT Image Converter Integer Overflow Vulnerability." | 9.3 |
| 2010-12-16 | CVE-2010-3945 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Office and Office Converter Pack Buffer overflow in the CGM image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted CGM image in an Office document, aka "CGM Image Converter Buffer Overrun Vulnerability." | 9.3 |
| 2010-12-16 | CVE-2010-3346 | Use of Uninitialized Resource vulnerability in Microsoft Internet Explorer 6/7/8 Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability." | 9.3 |
| 2010-12-16 | CVE-2010-3345 | Use of Uninitialized Resource vulnerability in Microsoft Internet Explorer 8 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability." | 9.3 |
| 2010-12-16 | CVE-2010-3343 | Use of Uninitialized Resource vulnerability in Microsoft Internet Explorer 6 Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability." | 9.3 |