Vulnerabilities > Microsoft > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-11-20 | CVE-2007-6051 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the (1) DB2ADMNS and (2) DB2USERS alternative groups, which has unknown impact. | 10.0 |
2007-11-20 | CVE-2007-6048 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect permissions on ACLs for DB2NODES.CFG, which has unknown impact and attack vectors. | 10.0 |
2007-11-20 | CVE-2007-6047 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database Unspecified vulnerability in the DB2DART tool in IBM DB2 UDB 9.1 before Fixpak 4 allows attackers to execute arbitrary commands as the DB2 instance owner, related to invocation of TPUT by DB2DART. | 10.0 |
2007-11-20 | CVE-2007-6045 | Privilege Escalation vulnerability in IBM DB2 Unspecified vulnerability in (1) DB2WATCH and (2) DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors. | 10.0 |
2007-11-20 | CVE-2007-6026 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. | 9.3 |
2007-11-08 | CVE-2007-4223 | Local Privilege Escalation vulnerability in Microsoft Sysinternals Debugview 4.71 Dbgv.sys in Microsoft Sysinternals DebugView before 4.72 provides an unspecified mechanism for copying data into kernel memory, which allows local users to gain privileges via unspecified vectors. | 10.0 |
2007-11-07 | CVE-2007-4677 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid color table size when parsing the color table atom (CTAB) in a movie file, related to the CTAB RGB values. | 9.3 |
2007-11-07 | CVE-2007-4676 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via malformed elements when parsing (1) Poly type (0x0070 through 0x0074) and (2) PackBitsRgn field (0x0099) opcodes in a PICT image. | 9.3 |
2007-11-07 | CVE-2007-4675 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the QuickTime VR extension 7.2.0.240 in QuickTime.qts in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via a QTVR (QuickTime Virtual Reality) movie file containing a large size field in the atom header of a panorama sample atom. | 9.3 |
2007-11-07 | CVE-2007-3751 | Remote Privilege Escalation vulnerability in Apple QuickTime for Java Unspecified vulnerability in QuickTime for Java in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via untrusted Java applets that gain privileges via unspecified vectors. | 9.3 |