Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-09-21 | CVE-2009-2140 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Go-Oo Multiple heap-based buffer overflows in cppcanvas/source/mtfrenderer/emfplus.cxx in Go-oo 2.x and 3.x before 3.0.1, previously named ooo-build and related to OpenOffice.org (OOo), allow remote attackers to execute arbitrary code via a crafted EMF+ file, a similar issue to CVE-2008-2238. | 9.3 |
| 2009-09-18 | CVE-2009-2741 | Remote Security vulnerability in WebSphere Business Events 6.1/6.2 Unspecified vulnerability in the wberuntimeear application in the test servlet in IBM WebSphere Business Events 6.1 and 6.2 allows remote attackers to execute arbitrary code via unknown vectors. | 10.0 |
| 2009-09-18 | CVE-2009-3258 | Permissions, Privileges, and Access Controls vulnerability in Vtiger CRM vtiger CRM before 5.1.0 allows remote authenticated users, with certain View privileges, to delete (1) attachments, (2) reports, (3) filters, (4) views, and (5) tickets; insert (6) attachments, (7) reports, (8) filters, (9) views, and (10) tickets; and edit (11) reports, (12) filters, (13) views, and (14) tickets via unspecified vectors. | 9.0 |
| 2009-09-18 | CVE-2009-3254 | Buffer Errors vulnerability in Ultimatevideosite Ultimate Player 1.56 Multiple stack-based buffer overflows in Ultimate Player 1.56 beta allow remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .upl playlist file. | 9.3 |
| 2009-09-18 | CVE-2009-3253 | Buffer Errors vulnerability in Tricerasoft Swift Ultralite 1.032 Stack-based buffer overflow in TriceraSoft Swift Ultralite 1.032 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in a .M3U playlist file. | 9.3 |
| 2009-09-18 | CVE-2009-3250 | Improper Input Validation vulnerability in Vtiger CRM 5.0.4 The saveForwardAttachments procedure in the Compose Mail functionality in vtiger CRM 5.0.4 allows remote authenticated users to execute arbitrary code by composing an e-mail message with an attachment filename ending in (1) .php in installations based on certain Apache HTTP Server configurations, (2) .php. | 9.0 |
| 2009-09-18 | CVE-2009-3244 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player Heap-based buffer overflow in the SwDir.dll ActiveX control in Adobe Shockwave Player 11.5.1.601 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PlayerVersion property value. | 9.3 |
| 2009-09-16 | CVE-2009-3221 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Basicunivers.Free.Fr Audio LIB Player Stack-based buffer overflow in Audio Lib Player (ALP) allows remote attackers to execute arbitrary code via a long URL in a .m3u playlist file. | 9.3 |
| 2009-09-16 | CVE-2009-3214 | Buffer Errors vulnerability in Photodex Proshow Gold 4.0.2549 Multiple stack-based buffer overflows in Photodex ProShow Gold 4.0.2549 allow remote attackers to execute arbitrary code via a crafted Slideshow project (.psh) file, related to the (1) cell[n].images[m].image and (2) cell[n].sound.file fields. | 9.3 |
| 2009-09-16 | CVE-2009-3213 | Buffer Errors vulnerability in Broid 1.0 Stack-based buffer overflow in broid 1.0 Beta 3a allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .mp3 file. | 9.3 |