Vulnerabilities > Microsoft > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-12-10 | CVE-2008-5412 | Multiple Unspecified vulnerability in IBM WebSphere Application Server Unspecified vulnerability in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on Windows has unknown impact and attack vectors related to JSPs. | 10.0 |
2008-11-26 | CVE-2008-5232 | Out-Of-Bounds Write vulnerability in Microsoft Windows 2000 and Windows NT Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media and Message Application servers, allows remote attackers to execute arbitrary code via a long argument. | 9.3 |
2008-11-20 | CVE-2008-5178 | Buffer Errors vulnerability in Opera 9.62 Heap-based buffer overflow in Opera 9.62 on Windows allows remote attackers to execute arbitrary code via a long file:// URI. | 9.3 |
2008-11-17 | CVE-2008-5100 | Cryptographic Issues vulnerability in Microsoft .Net Framework 2.0.50727 The strong name (SN) implementation in Microsoft .NET Framework 2.0.50727 relies on the digital signature Public Key Token embedded in the pathname of a DLL file instead of the digital signature of this file itself, which makes it easier for attackers to bypass Global Assembly Cache (GAC) and Code Access Security (CAS) protection mechanisms, aka MSRC ticket MSRC8566gs. | 10.0 |
2008-11-17 | CVE-2008-3623 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Safari Heap-based buffer overflow in CoreGraphics in Apple Safari before 3.2 on Windows, in iPhone OS 1.0 through 2.2.1, and in iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted image, related to improper handling of color spaces. | 9.3 |
2008-11-10 | CVE-2008-4387 | Code Injection vulnerability in multiple products Unspecified vulnerability in the Simba MDrmSap ActiveX control in mdrmsap.dll in SAP SAPgui allows remote attackers to execute arbitrary code via unknown vectors involving instantiation by Internet Explorer. | 9.3 |
2008-11-04 | CVE-2008-4922 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Djvu Activex Control FOR Microsoft Office 2000 Buffer overflow in the DjVu ActiveX Control 3.0 for Microsoft Office (DjVu_ActiveX_MSOffice.dll) allows remote attackers to execute arbitrary code via a long (1) ImageURL property, and possibly the (2) Mode, (3) Page, or (4) Zoom properties. | 9.3 |
2008-10-23 | CVE-2008-4250 | Code Injection vulnerability in Microsoft products The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by Gimmiv.A in October 2008, aka "Server Service Vulnerability." | 10.0 |
2008-10-22 | CVE-2008-4699 | Insecure Method vulnerability in Microsoft Peachtree Accounting 2004 Insecure method vulnerability in the ActiveX control (PAWWeb11.ocx) in Peachtree Accounting 2004 allows remote attackers to execute arbitrary programs via the ExecutePreferredApplication method. | 9.3 |
2008-10-17 | CVE-2008-4473 | Buffer Errors vulnerability in Adobe Flash Player Cs3/Mx2004 Multiple heap-based buffer overflows in Adobe Flash CS3 Professional on Windows and Flash MX 2004 allow remote attackers to execute arbitrary code via an SWF file containing long control parameters. | 9.3 |