Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-11-11 | CVE-2009-3135 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, Office Word Viewer 2003 SP3, and Office Word Viewer allow remote attackers to execute arbitrary code via a Word document with a malformed File Information Block (FIB) structure, aka "Microsoft Office Word File Information Memory Corruption Vulnerability." | 9.3 |
| 2009-11-11 | CVE-2009-3129 | Code Injection vulnerability in Microsoft products Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset, aka "Excel Featheader Record Memory Corruption Vulnerability." | 9.3 |
| 2009-11-11 | CVE-2009-3128 | Code Injection vulnerability in Microsoft products Microsoft Office Excel 2002 SP3 and 2003 SP3, and Office Excel Viewer 2003 SP3, does not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a spreadsheet with a malformed record object, aka "Excel SxView Memory Corruption Vulnerability." | 9.3 |
| 2009-11-11 | CVE-2009-3127 | Code Injection vulnerability in Microsoft products Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, and Office Excel Viewer 2003 SP3 do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Cache Memory Corruption Vulnerability." | 9.3 |
| 2009-11-10 | CVE-2009-3930 | Numeric Errors vulnerability in Christos Zoulas File Multiple integer overflows in Christos Zoulas file before 5.02 allow user-assisted remote attackers to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buffer overflow. | 9.3 |
| 2009-11-10 | CVE-2009-2819 | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server AFP Client in Apple Mac OS X 10.5.8 allows remote AFP servers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via unspecified vectors. | 9.3 |
| 2009-11-10 | CVE-2009-3924 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in pbsv.dll, as used in Soldier of Fortune II and possibly other applications when Even Balance PunkBuster 1.728 or earlier is enabled, allows remote attackers to cause a denial of service (application server crash) and possibly execute arbitrary code via a long restart packet. | 9.3 |
| 2009-11-06 | CVE-2009-3850 | Code Injection vulnerability in Blender Blender 2.34, 2.35a, 2.40, and 2.49b allows remote attackers to execute arbitrary code via a .blend file that contains Python statements in the onLoad action of a ScriptLink SDNA. | 9.3 |
| 2009-11-06 | CVE-2009-2685 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in HP Power Manager Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable. | 10.0 |
| 2009-11-05 | CVE-2009-3878 | Buffer Errors vulnerability in SUN Java System web Server 7.0 Buffer overflow in Sun Java System Web Server 7.0 Update 6 has unspecified impact and remote attack vectors, as demonstrated by the vd_sjws module in VulnDisco Pack Professional 8.12. | 9.3 |