Vulnerabilities > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-08-20 | CVE-2010-3096 | Path Traversal vulnerability in Softx FTP Client 3.3 Directory traversal vulnerability in SoftX FTP Client 3.3 and possibly earlier allows remote FTP servers to write arbitrary files via "..\" (dot dot backslash) sequences in a filename. | 9.3 |
2010-08-20 | CVE-2010-1795 | DLL Loading Arbitrary Code Execution vulnerability in Apple iTunes Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory. | 9.3 |
2010-08-19 | CVE-2010-1760 | Credentials Management vulnerability in Apple Webkit loader/DocumentThreadableLoader.cpp in the XMLHttpRequest implementation in WebCore in WebKit before r58409 does not properly handle credentials during a cross-origin synchronous request, which has unspecified impact and remote attack vectors, aka rdar problem 7905150. | 10.0 |
2010-08-19 | CVE-2010-1386 | Permissions, Privileges, and Access Controls vulnerability in Apple Webkit page/Geolocation.cpp in WebCore in WebKit before r56188 and before 1.2.5 does not properly restrict access to the lastPosition function, which has unspecified impact and remote attack vectors, aka rdar problem 7746357. | 10.0 |
2010-08-19 | CVE-2010-2076 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache CXF Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632. | 9.8 |
2010-08-17 | CVE-2010-1516 | Numeric Errors vulnerability in Swftools 0.9.1 Multiple integer overflows in SWFTools 0.9.1 allow remote attackers to execute arbitrary code via (1) a crafted PNG file, related to the getPNG function in lib/png.c; or (2) a crafted JPEG file, related to the jpeg_load function in lib/jpeg.c. | 9.3 |
2010-08-17 | CVE-2010-3032 | Numeric Errors vulnerability in SAP Crystal Reports 2008 Integer overflow in the OBGIOPServerWorker::extractHeader function in the ebus-3-3-2-6.dll module in SAP Crystal Reports 2008 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a GIOP packet with a crafted size, which triggers a heap-based buffer overflow. | 10.0 |
2010-08-17 | CVE-2010-3031 | Buffer Errors vulnerability in Wyse Thinos HF 4.4.079I Buffer overflow in Wyse ThinOS HF 4.4.079i, and possibly other versions before ThinOS 6.5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string to the LPD service. | 10.0 |
2010-08-17 | CVE-2010-1525 | Numeric Errors vulnerability in Autonomy products Integer underflow in the SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted size for an unspecified record type, which triggers a heap-based buffer overflow. | 9.3 |
2010-08-17 | CVE-2010-1524 | Buffer Errors vulnerability in Autonomy products The SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to execute arbitrary code via unspecified vectors related to allocation of an array of pointers and "string indexing," which triggers memory corruption. | 9.3 |