Vulnerabilities > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-11-18 | CVE-2012-4956 | Buffer Errors vulnerability in Novell File Reporter 1.0.2 Heap-based buffer overflow in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to execute arbitrary code via a large number of VOL elements in an SRS record. | 10.0 |
2012-11-17 | CVE-2012-5897 | Permissions, Privileges, and Access Controls vulnerability in Quest Intrust The (1) SimpleTree and (2) ReportTree classes in the ARDoc ActiveX control (ARDoc.dll) in Quest InTrust 10.4.0.853 and earlier do not properly implement the SaveToFile method, which allows remote attackers to write or overwrite arbitrary files via the bstrFileName argument. | 9.3 |
2012-11-17 | CVE-2012-5896 | Unspecified vulnerability in Quest Intrust The Annotation Objects Extension ActiveX control in AnnotateX.dll in Quest InTrust 10.4.0.853 and earlier does not properly implement the Add method, which allows remote attackers to execute arbitrary code via a memory address in the first argument, related to an "uninitialized pointer." | 10.0 |
2012-11-17 | CVE-2012-5895 | Security vulnerability in Irods 2.5 Multiple unspecified vulnerabilities in iRODS before 3.1 have unknown impact and attack vectors. | 10.0 |
2012-11-14 | CVE-2012-4953 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Symantec Antivirus, Endpoint Protection and Scan Engine The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file. | 9.3 |
2012-11-14 | CVE-2012-3569 | USE of Externally-Controlled Format String vulnerability in VMWare OVF Tool, Player and Workstation Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Player 4.x before 4.0.5, and other products, allows user-assisted remote attackers to execute arbitrary code via a crafted OVF file. | 9.3 |
2012-11-14 | CVE-2012-2543 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Stack-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 SP1; Office 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Stack Overflow Vulnerability." | 9.3 |
2012-11-14 | CVE-2012-1887 | Resource Management Errors vulnerability in Microsoft Excel and Office Use-after-free vulnerability in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1, and Office 2008 and 2011 for Mac, allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SST Invalid Length Use After Free Vulnerability." | 9.3 |
2012-11-14 | CVE-2012-1886 | Buffer Errors vulnerability in Microsoft Excel, Excel Viewer and Office Compatibility Pack Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Memory Corruption Vulnerability." | 9.3 |
2012-11-14 | CVE-2012-1885 | Buffer Errors vulnerability in Microsoft Excel, Office and Office Compatibility Pack Heap-based buffer overflow in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Office 2008 and 2011 for Mac; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SerAuxErrBar Heap Overflow Vulnerability." | 9.3 |