Vulnerabilities > Microsoft > Windows > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-08-30 | CVE-2010-3002 | Unspecified vulnerability in Realnetworks Realplayer 11.0/11.1 Unspecified vulnerability in RealNetworks RealPlayer 11.0 through 11.1 allows attackers to bypass intended access restrictions on files via unknown vectors. | 9.3 |
2010-08-30 | CVE-2010-3001 | Unspecified vulnerability in Realnetworks Realplayer and Realplayer SP Unspecified vulnerability in an ActiveX control in the Internet Explorer (IE) plugin in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows has unknown impact and attack vectors related to "multiple browser windows." | 9.3 |
2010-08-30 | CVE-2010-3000 | Numeric Errors vulnerability in Realnetworks Realplayer and Realplayer SP Multiple integer overflows in the ParseKnownType function in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allow remote attackers to execute arbitrary code via crafted (1) HX_FLV_META_AMF_TYPE_MIXEDARRAY or (2) HX_FLV_META_AMF_TYPE_ARRAY data in an FLV file. | 9.3 |
2010-08-30 | CVE-2010-2996 | Code Injection vulnerability in Realnetworks Realplayer 11.0/11.1 Array index error in RealNetworks RealPlayer 11.0 through 11.1 on Windows allows remote attackers to execute arbitrary code via a malformed header in a RealMedia .IVR file. | 9.3 |
2010-08-30 | CVE-2010-0120 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Realnetworks Realplayer and Realplayer SP Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allows remote attackers to execute arbitrary code via large size values in QCP audio content. | 9.3 |
2010-08-30 | CVE-2010-0117 | Unspecified vulnerability in Realnetworks Realplayer and Realplayer SP RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows do not properly handle dimensions during YUV420 transformations, which might allow remote attackers to execute arbitrary code via crafted MP4 content. | 9.3 |
2010-08-30 | CVE-2010-0116 | Numeric Errors vulnerability in Realnetworks Realplayer and Realplayer SP Integer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows might allow remote attackers to execute arbitrary code via a crafted QCP file that triggers a heap-based buffer overflow. | 9.3 |
2010-08-27 | CVE-2010-3143 | Unspecified vulnerability in Microsoft Windows Untrusted search path vulnerability in Microsoft Windows Contacts allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32res.dll that is located in the same folder as a .contact, .group, .p7c, .vcf, or .wab file. | 9.3 |
2010-08-27 | CVE-2010-3139 | Unspecified vulnerability in Microsoft Windows Untrusted search path vulnerability in Microsoft Windows Progman Group Converter (grpconv.exe) allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse imm.dll that is located in the same folder as a .grp file. | 9.3 |
2010-08-25 | CVE-2010-2935 | Numeric Errors vulnerability in Openoffice Openoffice.Org 3.2.1 simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an "integer truncation error." | 9.3 |