Vulnerabilities > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-11-05 | CVE-2009-3865 | Code Injection vulnerability in SUN JDK and JRE The launch method in the Deployment Toolkit plugin in Java Runtime Environment (JRE) in Sun Java SE in JDK and JRE 6 before Update 17 allows remote attackers to execute arbitrary commands via a crafted web page, aka Bug Id 6869752. | 9.3 |
2009-11-04 | CVE-2009-3859 | Buffer Errors vulnerability in Eeye products Buffer overflow in eEye Retina WiFi Scanner 1.0.8.68, as used in Retina Network Security Scanner 5.10.14, allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .rws file with a long RWS010 entry. | 9.3 |
2009-11-04 | CVE-2009-3855 | Remote Security vulnerability in Tivoli Storage Manager Express Multiple unspecified vulnerabilities in the (1) UNIX and (2) Linux backup-archive clients, and the (3) OS/400 API client, in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.6, 5.4 before 5.4.2, and 5.5 before 5.5.1, when the MAILPROG option is enabled, allow attackers to read, modify, or delete arbitrary files via unknown vectors. | 9.3 |
2009-11-04 | CVE-2009-3854 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Tivoli Storage Manager Buffer overflow in the traditional client scheduler in the client in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.7 and 5.4 before 5.4.2 allows remote attackers to execute arbitrary code via unspecified vectors. | 10.0 |
2009-11-04 | CVE-2009-3853 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Tivoli Storage Manager Stack-based buffer overflow in the client acceptor daemon (CAD) scheduler in the client in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.7, 5.4 before 5.4.3, 5.5 before 5.5.2.2, and 6.1 before 6.1.0.2, and TSM Express 5.3.3.0 through 5.3.6.6, allows remote attackers to execute arbitrary code via crafted data in a TCP packet. | 9.3 |
2009-11-04 | CVE-2009-3466 | Resource Management Errors vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via a crafted web page that triggers memory corruption, related to an "invalid string length vulnerability." NOTE: some of these details are obtained from third party information. | 9.3 |
2009-11-04 | CVE-2009-3465 | Code Injection vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site, related to an "invalid pointer vulnerability," a different issue than CVE-2009-3464. | 9.3 |
2009-11-04 | CVE-2009-3464 | Code Injection vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site, related to an "invalid pointer vulnerability," a different issue than CVE-2009-3465. | 9.3 |
2009-11-04 | CVE-2009-3463 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player Array index error in Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site. | 9.3 |
2009-11-04 | CVE-2009-0306 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in the IBM Lotus Notes Intellisync ActiveX control in lnresobject.dll in BlackBerry Desktop Manager in Research In Motion (RIM) BlackBerry Desktop Software before 5.0.1 allows remote attackers to execute arbitrary code via a crafted web page. | 9.3 |