Vulnerabilities > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-08-05 | CVE-2010-2974 | Buffer Errors vulnerability in Invensys products Stack-based buffer overflow in the IConfigurationAccess interface in the Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control in Wonderware Application Server (WAS) before 3.1 SP2 P01, as used in the Wonderware Archestra Integrated Development Environment (IDE) and the InFusion Integrated Engineering Environment (IEE), allows remote attackers to execute arbitrary code via the first argument to the UnsubscribeData method. | 9.3 |
2010-08-05 | CVE-2010-2862 | Numeric Errors vulnerability in Adobe Acrobat and Acrobat Reader Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote attackers to execute arbitrary code via a TrueType font with a large maxCompositePoints value in a Maximum Profile (maxp) table. | 9.3 |
2010-08-05 | CVE-2010-2709 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in HP Openview Network Node Manager 7.51/7.53 Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long OvJavaLocale value in a cookie. | 9.3 |
2010-08-05 | CVE-2010-2932 | Buffer Errors vulnerability in Barcodewiz Barcode Activex Control 3.29 Buffer overflow in BarCodeWiz BarCode 3.29 ActiveX control (BarcodeWiz.dll) allows remote attackers to execute arbitrary code via a long argument to the LoadProperties method. | 9.3 |
2010-08-05 | CVE-2010-2931 | Buffer Errors vulnerability in Topazsystems Sigplus PRO Activex Control 3.74 Stack-based buffer overflow in SigPlus Pro 3.74 ActiveX control allows remote attackers to execute arbitrary code via a long eighth argument (HexString) to the LCDWriteString method. | 9.3 |
2010-08-05 | CVE-2010-2971 | Buffer Errors vulnerability in Raphael Assenat Libmikmod 3.1.12 loaders/load_it.c in libmikmod, possibly 3.1.12, does not properly account for the larger size of name##env relative to name##tick and name##node, which allows remote attackers to trigger a buffer over-read and possibly have unspecified other impact via a crafted Impulse Tracker file, a related issue to CVE-2010-2546. | 9.3 |
2010-08-05 | CVE-2010-2965 | Incorrect Authorization vulnerability in multiple products The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 17185, a related issue to CVE-2005-3804. | 10.0 |
2010-08-05 | CVE-2010-2860 | Permissions, Privileges, and Access Controls vulnerability in EMC Celerra Network Attached Storage The EMC Celerra Network Attached Storage (NAS) appliance accepts external network traffic to IP addresses intended for an intranet network within the appliance, which allows remote attackers to read, create, or modify arbitrary files in the user data directory via NFS requests. | 9.3 |
2010-08-02 | CVE-2010-2540 | Permissions, Privileges, and Access Controls vulnerability in multiple products mapserv.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 does not properly restrict the use of CGI command-line arguments that were intended for debugging, which allows remote attackers to have an unspecified impact via crafted arguments. | 10.0 |
2010-08-02 | CVE-2010-1518 | Improper Input Validation vulnerability in Gigabyte Dldrv2 Activex Control 1.4.206.11 Array index error in the SetDLInfo method in the GIGABYTE Dldrv2 ActiveX control 1.4.206.11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via the item argument. | 10.0 |