Vulnerabilities > Microsoft > Windows > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-04-20 | CVE-2011-0806 | Remote Denial of Service vulnerability in Oracle Database Network Foundation Unspecified vulnerability in the Network Foundation component in Oracle Database Server 10.1.0.5, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2, when running on Windows, allows remote attackers to affect availability via unknown vectors. | 5.0 |
| 2011-03-25 | CVE-2011-0890 | Information Exposure vulnerability in HP Discovery&Dependency Mapping Inventory HP Discovery & Dependency Mapping Inventory (DDMI) 7.50, 7.51, 7.60, 7.61, 7.70, and 9.30 launches the Windows SNMP service with its default configuration, which allows remote attackers to obtain potentially sensitive information or have unspecified other impact by leveraging the public read community. | 5.0 |
| 2011-02-21 | CVE-2011-1056 | Permissions, Privileges, and Access Controls vulnerability in Metasploit Framework 3.5.1 The installer for Metasploit Framework 3.5.1, when running on Windows, uses weak inherited permissions for the Metasploit installation directory, which allows local users to gain privileges by replacing critical files with a Trojan horse. | 6.2 |
| 2011-02-10 | CVE-2011-0604 | Cross-Site Scripting vulnerability in Adobe Acrobat and Acrobat Reader Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-0587. | 4.3 |
| 2011-02-10 | CVE-2011-0588 | DLL Loading Arbitrary Code Execution vulnerability in Adobe Acrobat and Reader Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0562 and CVE-2011-0570. | 6.9 |
| 2011-02-10 | CVE-2011-0587 | Cross-Site Scripting vulnerability in Adobe Acrobat and Acrobat Reader Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-0604. | 4.3 |
| 2011-02-10 | CVE-2011-0570 | DLL Loading Arbitrary Code Execution vulnerability in Adobe Acrobat and Reader Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0562 and CVE-2011-0588. | 6.9 |
| 2011-02-10 | CVE-2011-0562 | DLL Loading Arbitrary Code Execution vulnerability in Adobe Acrobat and Reader Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2011-0570 and CVE-2011-0588. | 6.9 |
| 2011-02-02 | CVE-2011-0754 | Link Following vulnerability in PHP The SplFileInfo::getType function in the Standard PHP Library (SPL) extension in PHP before 5.3.4 on Windows does not properly detect symbolic links, which might make it easier for local users to conduct symlink attacks by leveraging cross-platform differences in the stat structure, related to lack of a FILE_ATTRIBUTE_REPARSE_POINT check. | 4.4 |
| 2011-01-25 | CVE-2011-0638 | Configuration vulnerability in Microsoft Windows Microsoft Windows does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that the user connected to the computer. | 6.9 |