Vulnerabilities > Microsoft > Windows
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-03-11 | CVE-2008-4563 | Buffer Errors vulnerability in IBM products Heap-based buffer overflow in adsmdll.dll 5.3.7.7296, as used by the daemon (dsmsvc.exe) in the backup server in IBM Tivoli Storage Manager (TSM) Express 5.3.7.3 and earlier and TSM 5.2, 5.3 before 5.3.6.0, and 5.4.0.0 through 5.4.4.0, allows remote attackers to execute arbitrary code via a crafted length value. | 10.0 |
| 2009-03-10 | CVE-2009-0869 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Tivoli Storage Manager HSM Buffer overflow in the client in IBM Tivoli Storage Manager (TSM) HSM 5.3.2.0 through 5.3.5.0, 5.4.0.0 through 5.4.2.5, and 5.5.0.0 through 5.5.1.4 on Windows allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors. | 10.0 |
| 2009-03-10 | CVE-2009-0868 | Improper Input Validation vulnerability in Fujitsu Jasmine2000 CRLF injection vulnerability in the WebLink template in Fujitsu Jasmine2000 Enterprise Edition allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors. | 6.8 |
| 2009-02-26 | CVE-2009-0522 | Remote Security vulnerability in Flash Player Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Windows allows remote attackers to trick a user into visiting an arbitrary URL via an unspecified manipulation of the "mouse pointer display," related to a "Clickjacking attack." Per: http://www.adobe.com/support/security/bulletins/apsb09-01.html "This update resolves a Windows-only issue with mouse pointer display that could potentially contribute to a Clickjacking attack. | 4.3 |
| 2009-02-26 | CVE-2009-0114 | Remote Security vulnerability in Flash Player Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87, and possibly other versions, allows remote attackers to trick a user into visiting an arbitrary URL via unknown vectors, related to "a potential Clickjacking issue variant." | 5.8 |
| 2009-02-19 | CVE-2008-6194 | Resource Management Errors vulnerability in Microsoft Windows Memory leak in the DNS server in Microsoft Windows allows remote attackers to cause a denial of service (memory consumption) via DNS packets. | 7.8 |
| 2009-02-10 | CVE-2009-0438 | Permissions, Privileges, and Access Controls vulnerability in IBM Websphere Application Server 7.0 IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 on Windows allows remote attackers to bypass "Authorization checking" and obtain sensitive information from JSP pages via a crafted request. | 5.0 |
| 2009-02-10 | CVE-2009-0437 | Information Exposure vulnerability in IBM Websphere Application Server 6.0.2 The Installation Factory installation process for IBM WebSphere Application Server (WAS) 6.0.2 on Windows, when WAS is registered as a Windows service, allows local users to obtain sensitive information by reading the logs/instconfigifwas6.log log file. | 1.9 |
| 2009-01-28 | CVE-2009-0321 | Link Following vulnerability in Apple Safari 3.2.1 Apple Safari 3.2.1 (aka AppVer 3.525.27.1) on Windows allows remote attackers to cause a denial of service (infinite loop or access violation) via a link to an http URI in which the authority (aka hostname) portion is either a (1) . | 4.3 |
| 2009-01-15 | CVE-2009-0123 | Information Exposure vulnerability in Apple Safari Unspecified vulnerability in Apple Safari on Mac OS X 10.5 and Windows allows remote attackers to read arbitrary files on a client machine via vectors related to the association of Safari with the (1) feed, (2) feeds, and (3) feedsearch URL types for RSS feeds. | 7.1 |