Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2012-11-09 CVE-2012-3754 Resource Management Errors vulnerability in Apple Quicktime
Use-after-free vulnerability in the Clear method in the ActiveX control in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.
network
apple CWE-399
critical
 9.3
9.3
2012-11-09 CVE-2012-3753 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime
Buffer overflow in the plugin in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MIME type.
network
apple CWE-119
critical
 9.3
9.3
2012-11-09 CVE-2012-3752 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime
Multiple buffer overflows in Apple QuickTime before 7.7.3 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted style element in a QuickTime TeXML file.
network
apple CWE-119
critical
 9.3
9.3
2012-11-09 CVE-2012-3751 Resource Management Errors vulnerability in Apple Quicktime
Use-after-free vulnerability in the plugin in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an HTML document with a crafted _qtactivex_ parameter in an OBJECT element.
network
apple CWE-399
critical
 9.3
9.3
2012-11-09 CVE-2011-1374 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime
Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted REGION record in a PICT file.
network
apple CWE-119
critical
 9.3
9.3
2012-11-07 CVE-2012-3270 Security vulnerability in HP Performance Insight 5.31/5.40/5.41
Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and 5.41, when Sybase is used, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors, a different vulnerability than CVE-2012-3269.
network
low complexity
hp
critical
 10.0
10
2012-11-07 CVE-2012-5280 Buffer Errors vulnerability in Adobe Air, AIR SDK and Flash Player
Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, and CVE-2012-5277.
network
low complexity
adobe apple microsoft linux google CWE-119
critical
 10.0
10
2012-11-07 CVE-2012-5279 Buffer Errors vulnerability in Adobe Air, AIR SDK and Flash Player
Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
network
low complexity
adobe apple microsoft linux google CWE-119
critical
 10.0
10
2012-11-07 CVE-2012-5278 Permissions, Privileges, and Access Controls vulnerability in Adobe Air, AIR SDK and Flash Player
Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allow attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors.
network
low complexity
adobe apple microsoft linux google CWE-264
critical
 10.0
10
2012-11-07 CVE-2012-5277 Buffer Errors vulnerability in Adobe Air, AIR SDK and Flash Player
Buffer overflow in Adobe Flash Player before 10.3.183.43 and 11.x before 11.5.502.110 on Windows and Mac OS X, before 10.3.183.43 and 11.x before 11.2.202.251 on Linux, before 11.1.111.24 on Android 2.x and 3.x, and before 11.1.115.27 on Android 4.x; Adobe AIR before 3.5.0.600; and Adobe AIR SDK before 3.5.0.600 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, and CVE-2012-5280.
network
low complexity
adobe apple microsoft linux google CWE-119
critical
 10.0
10