Vulnerabilities > Sony
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-10-01 | CVE-2013-3539 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Cross-site request forgery (CSRF) vulnerability in the command/user.cgi in Sony SNC CH140, SNC CH180, SNC CH240, SNC CH280, SNC DH140, SNC DH140T, SNC DH180, SNC DH240, SNC DH240T, SNC DH280, and possibly other camera models allows remote attackers to hijack the authentication of administrators for requests that add users. | 6.8 |
| 2012-09-07 | CVE-2012-4881 | Unspecified vulnerability in Sony Moviez HD 1.0 Untrusted search path vulnerability in moviEZ HD 1.0 Build 2554-29894-A allows local users to gain privileges via a Trojan horse avrt.dll file in the current working directory, as demonstrated by a directory that contains a .mvz file. local sony | 6.9 |
| 2012-09-07 | CVE-2012-4880 | Unspecified vulnerability in Sony DVD Architect PRO and DVD Architect Studio Multiple untrusted search path vulnerabilities in DVD Architect Pro 5.2 Build 133 and DVD Architect Studio 5.0 Build 156 allow local users to gain privileges via a Trojan horse (1) enc_mp2v.200 or (2) CFHDDecoder.dll file in the current working directory, as demonstrated by a directory that contains a .dar file. local sony | 6.9 |
| 2012-09-07 | CVE-2010-5242 | Unspecified vulnerability in Sony Sound Forge 10.0 Untrusted search path vulnerability in Sound Forge Pro 10.0b Build 474 allows local users to gain privileges via a Trojan horse MtxParhVegasPreview.dll file in the current working directory, as demonstrated by a directory that contains a .sfw file. local sony | 6.9 |
| 2012-06-07 | CVE-2012-0985 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Sony products Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAIO PC Wireless LAN Wizard 1.0; VAIO Wireless Wizard 1.00, 1.00_64, 1.0.1, 2.0, and 3.0; SmartWi Connection Utility 4.7, 4.7.4, 4.8, 4.9, 4.10, and 4.11; and VAIO Easy Connect software 1.0.0 and 1.1.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the second argument of the (1) SetTmpProfileOption or (2) ConnectToNetwork method. | 9.3 |
| 2012-04-11 | CVE-2012-2210 | Resource Management Errors vulnerability in Sony Bravia TV Kdl32Cx525 The Sony Bravia TV KDL-32CX525 allows remote attackers to cause a denial of service (configuration outage or device crash) via a flood of TCP SYN packets, as demonstrated by hping, a related issue to CVE-1999-0116. | 7.8 |
| 2009-07-20 | CVE-2009-2541 | Resource Management Errors vulnerability in Sony Playstation 3 The web browser on the Sony PLAYSTATION 3 (PS3) allows remote attackers to cause a denial of service (memory consumption and console hang) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. | 7.8 |
| 2008-04-25 | CVE-2008-1938 | Improper Authentication vulnerability in Sony Mylo COM 2 Sony Mylo COM-2 Japanese model firmware before 1.002 does not properly verify web server SSL certificates, which allows remote attackers to obtain sensitive information and conduct spoofing attacks. | 6.4 |
| 2008-02-13 | CVE-2008-0748 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Sony Axruploadserver Activex Control and Imagestation Buffer overflow in the Sony AxRUploadServer.AxRUploadControl.1 ActiveX control in AxRUploadServer.dll 1.0.0.38 in SonyISUpload.cab 1.0.0.38 for Sony ImageStation allows remote attackers to execute arbitrary code via a long argument to the SetLogging method. | 10.0 |
| 2007-10-30 | CVE-2007-5709 | Buffer Errors vulnerability in Sony Sonicstage Connect Player 4.3 Stack-based buffer overflow in Sony SonicStage CONNECT Player (CP) 4.3 allows remote attackers to execute arbitrary code via a long file name in an M3U file. | 9.3 |