Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-03-19 | CVE-2009-0927 | Improper Input Validation vulnerability in Adobe Acrobat Reader Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658. | 9.3 |
| 2009-03-18 | CVE-2008-4564 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file. | 9.3 |
| 2009-03-18 | CVE-2007-5543 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Miranda-Im Miranda IM 0.6.8/0.7.0 Stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. | 9.3 |
| 2009-03-18 | CVE-2007-5542 | Buffer Errors vulnerability in Miranda-Im Miranda IM 0.6.8 Stack-based buffer overflow in Miranda IM 0.6.8 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. | 9.3 |
| 2009-03-18 | CVE-2009-0939 | Denial of Service vulnerability in Tor Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which has unknown impact and attack vectors related to "Spec conformance," as demonstrated using 192.168.0. | 10.0 |
| 2009-03-16 | CVE-2009-0916 | Multiple Security vulnerability in Opera Web Browser prior to 9.64 Unspecified vulnerability in Opera before 9.64 has unknown impact and attack vectors, related to a "moderately severe issue." | 10.0 |
| 2009-03-16 | CVE-2009-0914 | Resource Management Errors vulnerability in Opera Browser Opera before 9.64 allows remote attackers to execute arbitrary code via a crafted JPEG image that triggers memory corruption. | 9.3 |
| 2009-03-16 | CVE-2008-6474 | Code Injection vulnerability in F5 Tmos 9.4.3 The management interface in F5 BIG-IP 9.4.3 allows remote authenticated users with Resource Manager privileges to inject arbitrary Perl code via unspecified configuration settings related to Perl EP3 with templates, probably triggering static code injection. | 9.0 |
| 2009-03-12 | CVE-2009-0885 | Buffer Errors vulnerability in Mediacommands Media Commands 1.0 Multiple heap-based buffer overflows in Media Commands 1.0 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long string in a (1) M3U, (2) M3l, (3) TXT, and (4) LRC playlist file. | 9.3 |
| 2009-03-12 | CVE-2009-0632 | Credentials Management vulnerability in Cisco Unified Communications Manager The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.1, 4.2 before 4.2(3)SR4b, 4.3 before 4.3(2)SR1b, 5.x before 5.1(3e), 6.x before 6.1(3), and 7.0 before 7.0(2) sends privileged directory-service account credentials to the client in cleartext, which allows remote attackers to modify the CUCM configuration and perform other privileged actions by intercepting these credentials, and then using them in requests unrelated to the intended synchronization task, as demonstrated by (1) DC Directory account credentials in CUCM 4.x and (2) TabSyncSysUser account credentials in CUCM 5.x through 7.x. | 9.0 |