Vulnerabilities > Microsoft > Windows
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-03-20 | CVE-2008-1363 | Permissions, Privileges, and Access Controls vulnerability in VMWare products VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified manipulation of a config.ini file located in an Application Data folder, which can be used for "hijacking the VMX process." | 7.2 |
2008-03-12 | CVE-2008-1302 | Numeric Errors vulnerability in Perforce Server The Perforce service (p4s.exe) in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service (daemon crash) via a (1) server-DiffFile or (2) server-ReleaseFile command with a large integer value, which is used in an array initialization calculation, and leads to invalid memory access. | 5.0 |
2008-03-12 | CVE-2008-1299 | Cross-Site Scripting vulnerability in Manageengine Servicedesk Plus 7.0.0 Cross-site scripting (XSS) vulnerability in SolutionSearch.do in ManageEngine ServiceDesk Plus 7.0.0 Build 7011 for Windows allows remote attackers to inject arbitrary web script or HTML via the searchText parameter. | 4.3 |
2008-02-29 | CVE-2008-0304 | Buffer Errors vulnerability in Mozilla Seamonkey and Thunderbird Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation during message preview. | 7.5 |
2008-02-13 | CVE-2008-0768 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Informix Dynamic Server and Informix Storage Manager Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager (ISM), as used in Informix Dynamic Server (IDS) 10.00.xC8 and earlier and 11.10.xC2 and earlier, allow attackers to execute arbitrary code via crafted XDR requests. | 10.0 |
2008-02-13 | CVE-2008-0766 | Buffer Errors vulnerability in Brooks Internet Software products Stack-based buffer overflow in RpmSrvc.exe in Brooks Remote Print Manager (RPM) 4.5.1.11 and earlier (Elite and Select) for Windows allows remote attackers to execute arbitrary code via a long filename in a "Receive data file" LPD command. | 10.0 |
2008-02-13 | CVE-2008-0639 | Buffer Errors vulnerability in Novell Client 4.91 Stack-based buffer overflow in the EnumPrinters function in the Spooler service (nwspool.dll) in Novell Client 4.91 SP2, SP3, and SP4 for Windows allows remote attackers to execute arbitrary code via a crafted RPC request, aka Novell bug 353138, a different vulnerability than CVE-2006-5854. | 10.0 |
2008-02-13 | CVE-2007-6701 | Buffer Errors vulnerability in Novell Client 4.91 Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954. | 10.0 |
2008-02-06 | CVE-2008-0212 | Resource Management Errors vulnerability in HP Openview Network Node Manager 6.41/7.01/7.51 ovtopmd in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to cause a denial of service (crash) via a crafted TCP request that triggers an out-of-bounds memory access. | 7.8 |
2008-01-16 | CVE-2008-0296 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Videolan VLC Media Player Heap-based buffer overflow in the libaccess_realrtsp plugin in VideoLAN VLC Media Player 0.8.6d and earlier on Windows might allow remote RTSP servers to cause a denial of service (application crash) or execute arbitrary code via a long string. | 10.0 |