Vulnerabilities > Microsoft > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-12-12 | CVE-2007-0064 | Buffer Errors vulnerability in Microsoft products Heap-based buffer overflow in Windows Media Format Runtime 7.1, 9, 9.5, 9.5 x64 Edition, 11, and Windows Media Services 9.1 for Microsoft Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file. | 9.3 |
| 2007-11-29 | CVE-2007-6166 | Buffer Errors vulnerability in Apple Quicktime and Safari Stack-based buffer overflow in Apple QuickTime before 7.3.1, as used in QuickTime Player on Windows XP and Safari on Mac OS X, allows remote Real Time Streaming Protocol (RTSP) servers to execute arbitrary code via an RTSP response with a long Content-Type header. | 9.3 |
| 2007-11-20 | CVE-2007-6053 | Resource Management Errors vulnerability in IBM DB2 Universal Database IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large numbers of file descriptors, which might allow attackers to have an unknown impact involving "memory corruption." NOTE: the vendor description of this issue is too vague to be certain that it is security-related. | 9.3 |
| 2007-11-20 | CVE-2007-6051 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the (1) DB2ADMNS and (2) DB2USERS alternative groups, which has unknown impact. | 10.0 |
| 2007-11-20 | CVE-2007-6048 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect permissions on ACLs for DB2NODES.CFG, which has unknown impact and attack vectors. | 10.0 |
| 2007-11-20 | CVE-2007-6047 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database Unspecified vulnerability in the DB2DART tool in IBM DB2 UDB 9.1 before Fixpak 4 allows attackers to execute arbitrary commands as the DB2 instance owner, related to invocation of TPUT by DB2DART. | 10.0 |
| 2007-11-20 | CVE-2007-6045 | Privilege Escalation vulnerability in IBM DB2 Unspecified vulnerability in (1) DB2WATCH and (2) DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors. | 10.0 |
| 2007-11-20 | CVE-2007-6026 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. | 9.3 |
| 2007-11-08 | CVE-2007-4223 | Local Privilege Escalation vulnerability in Microsoft Sysinternals Debugview 4.71 Dbgv.sys in Microsoft Sysinternals DebugView before 4.72 provides an unspecified mechanism for copying data into kernel memory, which allows local users to gain privileges via unspecified vectors. | 10.0 |
| 2007-11-07 | CVE-2007-4677 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid color table size when parsing the color table atom (CTAB) in a movie file, related to the CTAB RGB values. | 9.3 |