Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2010-3640

Summary
Assigner-adobe
Assigner Org ID-078d4453-3bcd-4900-85e6-15281da43538
Published At-07 Nov, 2010 | 21:00
Updated At-07 Aug, 2024 | 03:18
Rejected At-
Credits

Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:adobe
Assigner Org ID:078d4453-3bcd-4900-85e6-15281da43538
Published At:07 Nov, 2010 | 21:00
Updated At:07 Aug, 2024 | 03:18
Rejected At:
▼CVE Numbering Authority (CNA)

Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2011/0192
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/42183
third-party-advisory
x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12179
vdb-entry
signature
x_refsource_OVAL
http://support.apple.com/kb/HT4435
x_refsource_CONFIRM
http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1
x_refsource_CONFIRM
http://www.securityfocus.com/bid/44675
vdb-entry
x_refsource_BID
http://secunia.com/advisories/43026
third-party-advisory
x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-201101-09.xml
vendor-advisory
x_refsource_GENTOO
http://www.vupen.com/english/advisories/2010/2918
vdb-entry
x_refsource_VUPEN
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
vendor-advisory
x_refsource_APPLE
http://www.redhat.com/support/errata/RHSA-2010-0834.html
vendor-advisory
x_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html
vendor-advisory
x_refsource_SUSE
http://secunia.com/advisories/42926
third-party-advisory
x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=130331642631603&w=2
vendor-advisory
x_refsource_HP
http://www.vupen.com/english/advisories/2010/2903
vdb-entry
x_refsource_VUPEN
http://marc.info/?l=bugtraq&m=130331642631603&w=2
vendor-advisory
x_refsource_HP
http://www.vupen.com/english/advisories/2011/0173
vdb-entry
x_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16281
vdb-entry
signature
x_refsource_OVAL
http://www.adobe.com/support/security/bulletins/apsb10-26.html
x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2010/2906
vdb-entry
x_refsource_VUPEN
http://www.redhat.com/support/errata/RHSA-2010-0867.html
vendor-advisory
x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2010-0829.html
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.vupen.com/english/advisories/2011/0192
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/42183
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12179
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://support.apple.com/kb/HT4435
Resource:
x_refsource_CONFIRM
Hyperlink: http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/44675
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/43026
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://security.gentoo.org/glsa/glsa-201101-09.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://www.vupen.com/english/advisories/2010/2918
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0834.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://secunia.com/advisories/42926
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://marc.info/?l=bugtraq&m=130331642631603&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.vupen.com/english/advisories/2010/2903
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://marc.info/?l=bugtraq&m=130331642631603&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.vupen.com/english/advisories/2011/0173
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16281
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb10-26.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.vupen.com/english/advisories/2010/2906
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0867.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0829.html
Resource:
vendor-advisory
x_refsource_REDHAT
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2011/0192
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/42183
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12179
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://support.apple.com/kb/HT4435
x_refsource_CONFIRM
x_transferred
http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/44675
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/43026
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://security.gentoo.org/glsa/glsa-201101-09.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://www.vupen.com/english/advisories/2010/2918
vdb-entry
x_refsource_VUPEN
x_transferred
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0834.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://secunia.com/advisories/42926
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://marc.info/?l=bugtraq&m=130331642631603&w=2
vendor-advisory
x_refsource_HP
x_transferred
http://www.vupen.com/english/advisories/2010/2903
vdb-entry
x_refsource_VUPEN
x_transferred
http://marc.info/?l=bugtraq&m=130331642631603&w=2
vendor-advisory
x_refsource_HP
x_transferred
http://www.vupen.com/english/advisories/2011/0173
vdb-entry
x_refsource_VUPEN
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16281
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.adobe.com/support/security/bulletins/apsb10-26.html
x_refsource_CONFIRM
x_transferred
http://www.vupen.com/english/advisories/2010/2906
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0867.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.redhat.com/support/errata/RHSA-2010-0829.html
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0192
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/42183
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12179
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://support.apple.com/kb/HT4435
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/44675
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/43026
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-201101-09.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/2918
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0834.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://secunia.com/advisories/42926
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=130331642631603&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/2903
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=130331642631603&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0173
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16281
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb10-26.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/2906
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0867.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0829.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@adobe.com
Published At:07 Nov, 2010 | 22:00
Updated At:11 Apr, 2025 | 00:51

Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, a different vulnerability than CVE-2010-3641, CVE-2010-3642, CVE-2010-3643, CVE-2010-3644, CVE-2010-3645, CVE-2010-3646, CVE-2010-3647, CVE-2010-3648, CVE-2010-3649, CVE-2010-3650, and CVE-2010-3652.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.09.3HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 9.3
Base severity: HIGH
Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CPE Matches
Adobe Inc.
adobe
>>flash_player>>Versions from 9.0(inclusive) to 9.0.289.0(exclusive)
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>Versions from 10.0(inclusive) to 10.1.102.64(exclusive)
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
Apple Inc.
apple
>>mac_os_x>>-
cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:*
Linux Kernel Organization, Inc
linux
>>linux_kernel>>-
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows>>-
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>solaris>>-
cpe:2.3:o:sun:solaris:-:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>Versions up to 10.1.95.1(inclusive)
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
Google LLC
google
>>android>>-
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1psirt@adobe.com
Broken Link
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.htmlpsirt@adobe.com
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.htmlpsirt@adobe.com
Third Party Advisory
http://marc.info/?l=bugtraq&m=130331642631603&w=2psirt@adobe.com
Mailing List
Third Party Advisory
http://marc.info/?l=bugtraq&m=130331642631603&w=2psirt@adobe.com
Mailing List
Third Party Advisory
http://secunia.com/advisories/42183psirt@adobe.com
Third Party Advisory
http://secunia.com/advisories/42926psirt@adobe.com
Third Party Advisory
http://secunia.com/advisories/43026psirt@adobe.com
Third Party Advisory
http://security.gentoo.org/glsa/glsa-201101-09.xmlpsirt@adobe.com
Third Party Advisory
http://support.apple.com/kb/HT4435psirt@adobe.com
Third Party Advisory
http://www.adobe.com/support/security/bulletins/apsb10-26.htmlpsirt@adobe.com
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2010-0829.htmlpsirt@adobe.com
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0834.htmlpsirt@adobe.com
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0867.htmlpsirt@adobe.com
Third Party Advisory
http://www.securityfocus.com/bid/44675psirt@adobe.com
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2010/2903psirt@adobe.com
Third Party Advisory
http://www.vupen.com/english/advisories/2010/2906psirt@adobe.com
Third Party Advisory
http://www.vupen.com/english/advisories/2010/2918psirt@adobe.com
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0173psirt@adobe.com
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0192psirt@adobe.com
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12179psirt@adobe.com
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16281psirt@adobe.com
Third Party Advisory
http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://marc.info/?l=bugtraq&m=130331642631603&w=2af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://marc.info/?l=bugtraq&m=130331642631603&w=2af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://secunia.com/advisories/42183af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/42926af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/43026af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://security.gentoo.org/glsa/glsa-201101-09.xmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://support.apple.com/kb/HT4435af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.adobe.com/support/security/bulletins/apsb10-26.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2010-0829.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0834.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2010-0867.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.securityfocus.com/bid/44675af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.vupen.com/english/advisories/2010/2903af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2010/2906af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2010/2918af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0173af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2011/0192af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12179af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16281af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Hyperlink: http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1
Source: psirt@adobe.com
Resource:
Broken Link
Hyperlink: http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
Source: psirt@adobe.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html
Source: psirt@adobe.com
Resource:
Third Party Advisory
Hyperlink: http://marc.info/?l=bugtraq&m=130331642631603&w=2
Source: psirt@adobe.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://marc.info/?l=bugtraq&m=130331642631603&w=2
Source: psirt@adobe.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://secunia.com/advisories/42183
Source: psirt@adobe.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/42926
Source: psirt@adobe.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43026
Source: psirt@adobe.com
Resource:
Third Party Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-201101-09.xml
Source: psirt@adobe.com
Resource:
Third Party Advisory
Hyperlink: http://support.apple.com/kb/HT4435
Source: psirt@adobe.com
Resource:
Third Party Advisory
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb10-26.html
Source: psirt@adobe.com
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0829.html
Source: psirt@adobe.com
Resource:
Third Party Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0834.html
Source: psirt@adobe.com
Resource:
Third Party Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0867.html
Source: psirt@adobe.com
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/44675
Source: psirt@adobe.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.vupen.com/english/advisories/2010/2903
Source: psirt@adobe.com
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/2906
Source: psirt@adobe.com
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/2918
Source: psirt@adobe.com
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2011/0173
Source: psirt@adobe.com
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2011/0192
Source: psirt@adobe.com
Resource:
Third Party Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12179
Source: psirt@adobe.com
Resource:
Third Party Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16281
Source: psirt@adobe.com
Resource:
Third Party Advisory
Hyperlink: http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00002.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://marc.info/?l=bugtraq&m=130331642631603&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://marc.info/?l=bugtraq&m=130331642631603&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://secunia.com/advisories/42183
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/42926
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/43026
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-201101-09.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://support.apple.com/kb/HT4435
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb10-26.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0829.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0834.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2010-0867.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/44675
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.vupen.com/english/advisories/2010/2903
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/2906
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/2918
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2011/0173
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2011/0192
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12179
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16281
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

5520Records found
CVE-2013-3891
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-52.42% / 97.84%
||
7 Day CHG~0.00%
Published-09 Oct, 2013 | 14:44
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-wordn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-3890
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-52.42% / 97.84%
||
7 Day CHG~0.00%
Published-09 Oct, 2013 | 14:44
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-excelexcel_vieweroffice_compatibility_packn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-1644
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-3.86% / 87.75%
||
7 Day CHG~0.00%
Published-12 Jan, 2021 | 19:41
Updated-08 Oct, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HEVC Video Extensions Remote Code Execution Vulnerability

HEVC Video Extensions Remote Code Execution Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-hevc_video_extensionsHEVC Video Extensions
CVE-2007-2399
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-15.25% / 94.34%
||
7 Day CHG~0.00%
Published-25 Jun, 2007 | 19:00
Updated-07 Aug, 2024 | 13:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit in Apple Mac OS X 10.3.9, 10.4.9 and later, and iPhone before 1.0.1 performs an "invalid type conversion", which allows remote attackers to execute arbitrary code via unspecified frame sets that trigger memory corruption.

Action-Not Available
Vendor-n/aApple Inc.
Product-iphone_osmac_os_x_servermac_os_xn/a
CVE-2021-1874
Matching Score-8
Assigner-Apple Inc.
ShareView Details
Matching Score-8
Assigner-Apple Inc.
CVSS Score-8.8||HIGH
EPSS-0.51% / 65.36%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 14:46
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A logic issue was addressed with improved state management. This issue is fixed in iOS 14.5 and iPadOS 14.5. An application may be able to execute arbitrary code with kernel privileges.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_osipadosiOS and iPadOS
CVE-2018-12833
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-3.33% / 86.77%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-12796
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-4.20% / 88.28%
||
7 Day CHG~0.00%
Published-20 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions
CWE ID-CWE-416
Use After Free
CVE-2018-12797
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-4.20% / 88.28%
||
7 Day CHG~0.00%
Published-20 Jul, 2018 | 19:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions
CWE ID-CWE-416
Use After Free
CVE-2006-5579
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-58.88% / 98.14%
||
7 Day CHG~0.00%
Published-12 Dec, 2006 | 20:00
Updated-07 Aug, 2024 | 19:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using JavaScript to cause certain errors simultaneously, which results in the access of previously freed memory, aka "Script Error Handling Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorerwindows_server_2003n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-12861
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-25.13% / 95.97%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-12837
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-3.49% / 87.11%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-12858
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-4.10% / 88.13%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2018-12863
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-22.49% / 95.62%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2018-12851
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-3.49% / 87.11%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2006-5559
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-72.34% / 98.70%
||
7 Day CHG~0.00%
Published-27 Oct, 2006 | 16:00
Updated-07 Aug, 2024 | 19:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control objects (ADODB.Connection.2.7 and ADODB.Connection.2.8) in the Microsoft Data Access Components (MDAC) 2.5 SP3, 2.7 SP1, 2.8, and 2.8 SP1 does not properly track freed memory when the second argument is a BSTR, which allows remote attackers to cause a denial of service (Internet Explorer crash) and possibly execute arbitrary code via certain strings in the second and third arguments.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_2003_serverwindows_xpwindows_2000data_access_componentsn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-12841
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-2.84% / 85.68%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a double free vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-415
Double Free
CVE-2013-3856
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-52.85% / 97.86%
||
7 Day CHG~0.00%
Published-11 Sep, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-wordword_viewern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-3852
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-52.85% / 97.86%
||
7 Day CHG~0.00%
Published-11 Sep, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Word 2003 SP3, 2007 SP3, and 2010 SP1; Office Compatibility Pack SP3; and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-wordword_vieweroffice_compatibility_packn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2006-6745
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-19.82% / 95.23%
||
7 Day CHG~0.00%
Published-26 Dec, 2006 | 23:00
Updated-07 Aug, 2024 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, and Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges, related to serialization in JRE.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-j2sejren/a
CVE-2013-3882
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-24.55% / 95.91%
||
7 Day CHG~0.00%
Published-09 Oct, 2013 | 14:44
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3872, CVE-2013-3873, and CVE-2013-3885.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-0592
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.8||HIGH
EPSS-1.24% / 78.45%
||
7 Day CHG~0.00%
Published-14 Jul, 2021 | 13:50
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In various functions in WideVine, there are possible out of bounds writes due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-188061006

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-12832
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-3.49% / 87.11%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2013-3897
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-90.89% / 99.61%
||
7 Day CHG~0.00%
Published-09 Oct, 2013 | 14:44
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript code that uses the onpropertychange event handler, as exploited in the wild in September and October 2013, aka "Internet Explorer Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_7windows_8windows_server_2008internet_explorerwindows_rt_8.1windows_vistawindows_server_2003windows_server_2012windows_xpwindows_8.1n/aInternet Explorer
CWE ID-CWE-416
Use After Free
CVE-2021-0481
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.76%
||
7 Day CHG~0.00%
Published-11 Jun, 2021 | 16:42
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In onActivityResult of EditUserPhotoController.java, there is a possible access of unauthorized files due to an unexpected URI handler. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-172939189

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2013-3853
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-52.85% / 97.86%
||
7 Day CHG~0.00%
Published-11 Sep, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Office 2007 SP3 and Word 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3854.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-wordofficen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-3894
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-8.1||HIGH
EPSS-26.42% / 96.12%
||
7 Day CHG~0.00%
Published-09 Oct, 2013 | 14:44
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted CMAP table in a TrueType font (TTF) file, aka "TrueType Font CMAP Table Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_rtwindows_7windows_8windows_server_2008windows_vistawindows_server_2003windows_server_2012windows_xpn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-3916
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-23.86% / 95.79%
||
7 Day CHG~0.00%
Published-13 Nov, 2013 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3912.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2006-5051
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.1||HIGH
EPSS-2.47% / 84.63%
||
7 Day CHG~0.00%
Published-27 Sep, 2006 | 23:00
Updated-07 Aug, 2024 | 19:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.

Action-Not Available
Vendor-n/aDebian GNU/LinuxApple Inc.OpenBSD
Product-opensshdebian_linuxmac_os_x_servermac_os_xn/a
CWE ID-CWE-415
Double Free
CVE-2006-5270
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-50.59% / 97.76%
||
7 Day CHG~0.00%
Published-13 Feb, 2007 | 20:00
Updated-07 Aug, 2024 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the Microsoft Malware Protection Engine (mpengine.dll), as used by Windows Live OneCare, Antigen, Defender, and Forefront Security, allows user-assisted remote attackers to execute arbitrary code via a crafted PDF file.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_live_onecaremalware_protection_engineantigenforefront_securitywindows_defendern/a
CVE-2018-12876
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-4.10% / 88.13%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2018-12868
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-1.53% / 80.56%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-0514
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.1||HIGH
EPSS-2.01% / 82.95%
||
7 Day CHG~0.00%
Published-14 Jul, 2021 | 13:43
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In several functions of the V8 library, there is a possible use after free due to a race condition. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-9 Android-11 Android-8.1Android ID: A-162604069

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2013-3875
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-24.55% / 95.91%
||
7 Day CHG~0.00%
Published-09 Oct, 2013 | 14:44
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-12835
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-3.93% / 87.85%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2018-12846
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-3.64% / 87.37%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-mac_os_xacrobat_dcwindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2013-3906
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-92.89% / 99.76%
||
7 Day CHG+0.03%
Published-06 Nov, 2013 | 11:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-08-15||Apply updates per vendor instructions.

GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Word document, and exploited in the wild in October and November 2013.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_server_2008powerpoint_viewerword_viewerlyncoffice_compatibility_packwindows_vistaofficeexcel_viewern/aGraphics Component
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2013-3917
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-23.86% / 95.79%
||
7 Day CHG~0.00%
Published-13 Nov, 2013 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3915.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-3885
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-24.55% / 95.91%
||
7 Day CHG~0.00%
Published-09 Oct, 2013 | 14:44
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3872, CVE-2013-3873, and CVE-2013-3882.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-3870
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-36.72% / 97.01%
||
7 Day CHG~0.00%
Published-11 Sep, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka "Message Certificate Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-outlookn/a
CVE-2013-3858
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-57.96% / 98.09%
||
7 Day CHG~0.00%
Published-11 Sep, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3847, CVE-2013-3848, and CVE-2013-3849.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-office_web_appsword_vieweroffice_compatibility_packsharepoint_serverwordn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-3871
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-27.45% / 96.23%
||
7 Day CHG~0.00%
Published-09 Oct, 2013 | 14:44
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-3873
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-27.05% / 96.19%
||
7 Day CHG~0.00%
Published-09 Oct, 2013 | 14:44
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3872, CVE-2013-3882, and CVE-2013-3885.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2006-5574
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-39.16% / 97.18%
||
7 Day CHG~0.00%
Published-09 Jan, 2007 | 22:00
Updated-07 Aug, 2024 | 19:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Brazilian Portuguese Grammar Checker in Microsoft Office 2003 and the Multilingual Interface for Office 2003, Project 2003, and Visio 2003 allows user-assisted remote attackers to execute arbitrary code via crafted text that is not properly parsed.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-visioproject_multilingual_user_interface_packofficeoffice_multilingual_user_interface_packoffice_proofing_toolsn/a
CVE-2006-5581
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-66.19% / 98.46%
||
7 Day CHG~0.00%
Published-12 Dec, 2006 | 20:00
Updated-07 Aug, 2024 | 19:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via certain DHTML script functions, such as normalize, and "incorrectly created elements" that trigger memory corruption, aka "DHTML Script Function Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorern/a
CVE-2013-3872
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-21.15% / 95.45%
||
7 Day CHG~0.00%
Published-09 Oct, 2013 | 14:44
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3873, CVE-2013-3882, and CVE-2013-3885.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-0606
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-16.82% / 94.68%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a crafted length value, a different vulnerability than CVE-2011-0563 and CVE-2011-0589.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-4710
Matching Score-8
Assigner-JPCERT/CC
ShareView Details
Matching Score-8
Assigner-JPCERT/CC
CVSS Score-9.3||HIGH
EPSS-78.99% / 99.02%
||
7 Day CHG~0.00%
Published-03 Mar, 2014 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Android 3.0 through 4.1.x on Disney Mobile, eAccess, KDDI, NTT DOCOMO, SoftBank, and other devices does not properly implement the WebView class, which allows remote attackers to execute arbitrary methods of Java objects or cause a denial of service (reboot) via a crafted web page, as demonstrated by use of the WebView.addJavascriptInterface method, a related issue to CVE-2012-6636.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-3855
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-52.85% / 97.86%
||
7 Day CHG~0.00%
Published-11 Sep, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-wordword_vieweroffice_compatibility_packn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-3893
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-87.06% / 99.41%
||
7 Day CHG~0.00%
Published-18 Sep, 2013 | 10:00
Updated-13 Aug, 2025 | 01:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-09-02||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Use-after-free vulnerability in the SetMouseCapture implementation in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code via crafted JavaScript strings, as demonstrated by use of an ms-help: URL that triggers loading of hxds.dll.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorern/aInternet Explorer
CWE ID-CWE-416
Use After Free
CVE-2013-3912
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-17.84% / 94.87%
||
7 Day CHG~0.00%
Published-13 Nov, 2013 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3916.

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-internet_explorern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 110
  • 111
  • Next
Details not found