Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-03-23 | CVE-2009-1043 | Unspecified vulnerability in Microsoft Internet Explorer 8 Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009. | 10.0 |
| 2009-03-23 | CVE-2009-1042 | Remote Code Execution vulnerability in Apple Safari Unspecified vulnerability in Apple Safari on Mac OS X 10.5.6 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009. | 9.3 |
| 2009-03-23 | CVE-2009-0733 | Out-of-bounds Write vulnerability in multiple products Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel, related to the ReadLUT_A2B and ReadLUT_B2A functions. | 9.3 |
| 2009-03-23 | CVE-2009-0723 | Integer Overflow or Wraparound vulnerability in multiple products Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. | 9.3 |
| 2009-03-20 | CVE-2009-1040 | Buffer Errors vulnerability in Winasm Studio 5.1.5.0 Buffer overflow in WinAsm Studio 5.1.5.0 allows user-assisted remote attackers to execute arbitrary code via a crafted project (.wap) file. | 9.3 |
| 2009-03-20 | CVE-2009-1034 | SQL Injection vulnerability in Drupal Tasklist SQL injection vulnerability in the Tasklist module 5.x-1.x before 5.x-1.3 and 5.x-2.x before 5.x-2.0-alpha1, a module for Drupal, allows remote attackers to execute arbitrary SQL commands via values in the URI. | 10.0 |
| 2009-03-20 | CVE-2009-1029 | Buffer Errors vulnerability in Poppeeper POP Peeper 2.4.3/3.0/3.0.1 Stack-based buffer overflow in POP Peeper 3.4.0.0 and earlier allows remote POP3 servers to execute arbitrary code via a long Date header, related to Imap.dll. | 9.3 |
| 2009-03-20 | CVE-2009-1028 | Buffer Errors vulnerability in Edisys Ezip Wizard 3.0 Stack-based buffer overflow in ediSys eZip Wizard 3.0 allows remote attackers to execute arbitrary code via a crafted .zip file. | 9.3 |
| 2009-03-20 | CVE-2009-1022 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Gomlab GOM Encoder Heap-based buffer overflow in the Preview/ Set Segment function in Gretech GOMlab GOM Encoder 1.0.0.11 and earlier allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a long text field in a subtitle (.srt) file. | 9.3 |
| 2009-03-19 | CVE-2009-0927 | Improper Input Validation vulnerability in Adobe Acrobat Reader Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658. | 9.3 |