Vulnerabilities > Sony
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-09-07 | CVE-2012-4880 | Unspecified vulnerability in Sony DVD Architect PRO and DVD Architect Studio Multiple untrusted search path vulnerabilities in DVD Architect Pro 5.2 Build 133 and DVD Architect Studio 5.0 Build 156 allow local users to gain privileges via a Trojan horse (1) enc_mp2v.200 or (2) CFHDDecoder.dll file in the current working directory, as demonstrated by a directory that contains a .dar file. local sony | 6.9 |
| 2012-09-07 | CVE-2010-5242 | Unspecified vulnerability in Sony Sound Forge 10.0 Untrusted search path vulnerability in Sound Forge Pro 10.0b Build 474 allows local users to gain privileges via a Trojan horse MtxParhVegasPreview.dll file in the current working directory, as demonstrated by a directory that contains a .sfw file. local sony | 6.9 |
| 2012-06-07 | CVE-2012-0985 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Sony products Multiple buffer overflows in the Wireless Manager ActiveX control 4.0.0.0 in WifiMan.dll in Sony VAIO PC Wireless LAN Wizard 1.0; VAIO Wireless Wizard 1.00, 1.00_64, 1.0.1, 2.0, and 3.0; SmartWi Connection Utility 4.7, 4.7.4, 4.8, 4.9, 4.10, and 4.11; and VAIO Easy Connect software 1.0.0 and 1.1.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the second argument of the (1) SetTmpProfileOption or (2) ConnectToNetwork method. | 9.3 |
| 2012-04-11 | CVE-2012-2210 | Resource Management Errors vulnerability in Sony Bravia TV Kdl32Cx525 The Sony Bravia TV KDL-32CX525 allows remote attackers to cause a denial of service (configuration outage or device crash) via a flood of TCP SYN packets, as demonstrated by hping, a related issue to CVE-1999-0116. | 7.8 |
| 2009-07-20 | CVE-2009-2541 | Resource Management Errors vulnerability in Sony Playstation 3 The web browser on the Sony PLAYSTATION 3 (PS3) allows remote attackers to cause a denial of service (memory consumption and console hang) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. | 7.8 |
| 2008-04-25 | CVE-2008-1938 | Improper Authentication vulnerability in Sony Mylo COM 2 Sony Mylo COM-2 Japanese model firmware before 1.002 does not properly verify web server SSL certificates, which allows remote attackers to obtain sensitive information and conduct spoofing attacks. | 6.4 |
| 2008-02-13 | CVE-2008-0748 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Sony Axruploadserver Activex Control and Imagestation Buffer overflow in the Sony AxRUploadServer.AxRUploadControl.1 ActiveX control in AxRUploadServer.dll 1.0.0.38 in SonyISUpload.cab 1.0.0.38 for Sony ImageStation allows remote attackers to execute arbitrary code via a long argument to the SetLogging method. | 10.0 |
| 2007-10-30 | CVE-2007-5709 | Buffer Errors vulnerability in Sony Sonicstage Connect Player 4.3 Stack-based buffer overflow in Sony SonicStage CONNECT Player (CP) 4.3 allows remote attackers to execute arbitrary code via a long file name in an M3U file. | 9.3 |
| 2007-09-10 | CVE-2007-4785 | Security Bypass vulnerability in Micro Vault Fingerprint Access Software Sony Micro Vault Fingerprint Access Software, as distributed with Sony Micro Vault USM-F USB flash drives, installs a driver that hides a directory under %WINDIR%, which might allow remote attackers to bypass malware detection by placing files in this directory. network sony | 6.8 |
| 2007-06-29 | CVE-2007-3488 | Buffer Overflow vulnerability in Sony Network Camera Snc-P5 1.0 Heap-based buffer overflow in the viewer ActiveX control in Sony Network Camera SNC-RZ25N before 1.30; SNC-P1 and SNC-P5 before 1.29; SNC-CS10 and SNC-CS11 before 1.06; SNC-DF40N and SNC-DF70N before 1.18; SNC-RZ50N and SNC-CS50N before 2.22; SNC-DF85N, SNC-DF80N, and SNC-DF50N before 1.12; and SNC-RX570N/W, SNC-RX570N/B, SNC-RX550N/W, SNC-RX550N/B, SNC-RX530N/W, and SNC-RX530N/B 3.00 and 2.x before 2.31; allows remote attackers to execute arbitrary code via a long first argument to the PrmSetNetworkParam method. | 10.0 |