Vulnerabilities > Microsoft > Windows 7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-03-31 | CVE-2010-0536 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted BMP image. | 9.3 |
2010-03-31 | CVE-2010-0532 | Race Condition vulnerability in Apple Itunes Race condition in the installation package in Apple iTunes before 9.1 on Windows allows local users to gain privileges by replacing an unspecified file with a Trojan horse. | 6.9 |
2010-03-31 | CVE-2010-0531 | Resource Management Errors vulnerability in Apple Itunes Apple iTunes before 9.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 podcast file. | 4.3 |
2010-03-31 | CVE-2010-0529 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a BkPixPat opcode (0x12) containing crafted values that are used in a calculation for memory allocation. | 9.3 |
2010-03-31 | CVE-2010-0528 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted color tables in a movie file, related to malformed MediaVideo data, a sample description atom (STSD), and a crafted length value. | 9.3 |
2010-03-31 | CVE-2010-0527 | Numeric Errors vulnerability in Apple Quicktime Integer overflow in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image. | 9.3 |
2010-03-23 | CVE-2010-0161 | Resource Management Errors vulnerability in Mozilla Seamonkey and Thunderbird The nsAuthSSPI::Unwrap function in extensions/auth/nsAuthSSPI.cpp in Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 on Windows Vista, Windows Server 2008 R2, and Windows 7 allows remote SMTP, IMAP, and POP servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via crafted data in a session that uses SSPI. | 4.3 |
2010-02-26 | CVE-2010-0719 | Improper Input Validation vulnerability in Microsoft products An unspecified API in Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 does not validate arguments, which allows local users to cause a denial of service (system crash) via a crafted application. | 4.7 |
2010-01-12 | CVE-2010-0278 | Buffer Overflow vulnerability in Microsoft Windows Live Messenger 2009 A certain ActiveX control in msgsc.14.0.8089.726.dll in Microsoft Windows Live Messenger 2009 build 14.0.8089.726 on Windows Vista and Windows 7 allows remote attackers to cause a denial of service (msnmsgr.exe crash) by calling the ViewProfile method with a crafted argument during an MSN Messenger session. network microsoft | 4.3 |
2009-12-07 | CVE-2009-4215 | Permissions, Privileges, and Access Controls vulnerability in Pandasecurity products Panda Global Protection 2010, Internet Security 2010, and Antivirus Pro 2010 use weak permissions (Everyone: Full Control) for the product files, which allows local users to gain privileges by replacing executables with Trojan horse programs. | 7.2 |