Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2014-6374

Summary
Assigner-microsoft
Assigner Org ID-f38d906d-7342-40ea-92c1-6c4a2c6478c8
Published At-11 Dec, 2014 | 00:00
Updated At-06 Aug, 2024 | 12:10
Rejected At-
Credits

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:microsoft
Assigner Org ID:f38d906d-7342-40ea-92c1-6c4a2c6478c8
Published At:11 Dec, 2014 | 00:00
Updated At:06 Aug, 2024 | 12:10
Rejected At:
▼CVE Numbering Authority (CNA)

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-080
vendor-advisory
x_refsource_MS
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-080
Resource:
vendor-advisory
x_refsource_MS
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-080
vendor-advisory
x_refsource_MS
x_transferred
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-080
Resource:
vendor-advisory
x_refsource_MS
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@microsoft.com
Published At:11 Dec, 2014 | 00:59
Updated At:12 Apr, 2025 | 10:46

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.09.3HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 9.3
Base severity: HIGH
Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CPE Matches
Microsoft Corporation
microsoft
>>internet_explorer>>6
cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>internet_explorer>>7
cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>internet_explorer>>8
cpe:2.3:a:microsoft:internet_explorer:8:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>internet_explorer>>9
cpe:2.3:a:microsoft:internet_explorer:9:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>internet_explorer>>10
cpe:2.3:a:microsoft:internet_explorer:10:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>internet_explorer>>11
cpe:2.3:a:microsoft:internet_explorer:11:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-080secure@microsoft.com
N/A
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-080af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-080
Source: secure@microsoft.com
Resource: N/A
Hyperlink: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-080
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

6375Records found
CVE-2011-1274
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-50.12% / 97.74%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 20:21
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Out of Bounds Array Access Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-officeexcel_viewerexcelopen_xml_file_format_converteroffice_compatibility_packn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1279
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-43.53% / 97.42%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 20:21
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Out of Bounds WriteAV Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-open_xml_file_format_converterofficeexceln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1276
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-56.69% / 98.04%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 20:21
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Excel spreadsheet, related to improper validation of record information, aka "Excel Buffer Overrun Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-officeexcel_viewerexcelopen_xml_file_format_converteroffice_compatibility_packn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-4243
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-0.85% / 73.98%
||
7 Day CHG~0.00%
Published-25 Jan, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an "overflow."

Action-Not Available
Vendor-n/aRealNetworks LLCMicrosoft CorporationApple Inc.
Product-realplayer_sprealplayer_enterprisewindowsrealplayerhelix_playermac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0978
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-81.36% / 99.13%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via vectors related to an axis properties record, and improper incrementing of an array index, aka "Excel Array Indexing Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-office_compatibility_packofficeexcelexcel_viewern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-1403
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-12.27% / 93.60%
||
7 Day CHG~0.00%
Published-11 Jun, 2010 | 17:28
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses uninitialized memory during the handling of a use element in an SVG document, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document containing XML that triggers a parsing error, related to ProcessInstruction.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1270
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-35.49% / 96.93%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Presentation Buffer Overrun RCE Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-powerpointn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1273
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-50.08% / 97.74%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 20:21
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Improper Record Parsing Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-officeexcel_viewerexcelopen_xml_file_format_converteroffice_compatibility_packn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1277
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-50.20% / 97.75%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 20:21
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Excel 2002 SP3, Office 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-open_xml_file_format_converterofficeexceln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1243
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-43.84% / 97.44%
||
7 Day CHG~0.00%
Published-13 Apr, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Windows Messenger ActiveX control in msgsc.dll in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via unspecified vectors that "corrupt the system state," aka "Microsoft Windows Messenger ActiveX Control Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_xpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1288
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-3.31% / 86.73%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1275
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-50.12% / 97.74%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 20:21
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Excel 2002 SP3; Office 2004, 2008, and 2011 for Mac; and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Memory Heap Overwrite Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-open_xml_file_format_converterofficeexceln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1797
Matching Score-10
Assigner-Chrome
ShareView Details
Matching Score-10
Assigner-Chrome
CVSS Score-9.3||HIGH
EPSS-1.41% / 79.76%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-chromium_projectn/aMicrosoft CorporationApple Inc.
Product-windows_7chromiumwebkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1453
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-3.31% / 86.73%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0566
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-7.75% / 91.59%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0567 and CVE-2011-0603.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0241
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-7.72% / 91.57%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageIO in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with CCITT Group 4 encoding.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7imageiowindows_xpwindows_vistasafarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0225
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-3.31% / 86.73%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0563
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-5.80% / 90.16%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0589 and CVE-2011-0606.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0222
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-48.52% / 97.67%
||
7 Day CHG-10.38%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0232
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-3.31% / 86.73%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0250
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-5.70% / 90.06%
||
7 Day CHG~0.00%
Published-04 Aug, 2011 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSS atoms in a QuickTime movie file.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7quicktimewindows_xpwindows_vistamac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0620
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-5.85% / 90.20%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0619, CVE-2011-0621, and CVE-2011-0622.

Action-Not Available
Vendor-n/aMicrosoft CorporationLinux Kernel Organization, IncGoogle LLCOracle CorporationApple Inc.Adobe Inc.
Product-linux_kernelwindowssolarisandroidflash_playermac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0246
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-4.25% / 88.36%
||
7 Day CHG~0.00%
Published-04 Aug, 2011 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7windows_xpquicktimewindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0105
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-89.42% / 99.53%
||
7 Day CHG~0.00%
Published-13 Apr, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac obtain a certain length value from an uninitialized memory location, which allows remote attackers to trigger a buffer overflow and execute arbitrary code via a crafted Excel file, aka "Excel Data Initialization Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-open_xml_file_format_converterofficeexceln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0223
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-2.02% / 83.04%
||
7 Day CHG-0.60%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0170
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-8.70% / 92.13%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageIO in CoreGraphics in Apple iTunes before 10.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted International Color Consortium (ICC) profile in a JPEG image.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7windows_xpwindows_vistaitunesn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-0960
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-8.78% / 92.17%
||
7 Day CHG~0.00%
Published-12 Mar, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0961, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.

Action-Not Available
Vendor-n/aSamsungAdobe Inc.Linux Kernel Organization, IncGoogle LLCApple Inc.Microsoft Corporation
Product-airflash_playerchrome_oslinux_kernelflash_player_desktop_runtimeair_desktop_runtimeair_sdkx14j_firmwareair_sdk_\&_compilerwindows_8.1windowsiphone_osmac_os_xandroidwindows_10n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-4091
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-28.24% / 96.33%
||
7 Day CHG~0.00%
Published-07 Nov, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document that triggers memory corruption, involving the printSeps function. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3822
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-2.20% / 83.76%
||
7 Day CHG~0.00%
Published-20 Nov, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, accesses an uninitialized pointer during processing of Cascading Style Sheets (CSS) counter styles, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted web site.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-0986
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-7.38% / 91.34%
||
7 Day CHG~0.00%
Published-12 Mar, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0961, CVE-2016-0962, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005.

Action-Not Available
Vendor-n/aSamsungAdobe Inc.Linux Kernel Organization, IncGoogle LLCApple Inc.Microsoft Corporation
Product-airflash_playerchrome_oslinux_kernelflash_player_desktop_runtimeair_desktop_runtimeair_sdkx14j_firmwareair_sdk_\&_compilerwindows_8.1windowsiphone_osmac_os_xandroidwindows_10n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3970
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-83.59% / 99.24%
||
7 Day CHG~0.00%
Published-22 Dec, 2010 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the CreateSizedDIBSECTION function in shimgvw.dll in the Windows Shell graphics processor (aka graphics rendering engine) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted .MIC or unspecified Office document containing a thumbnail bitmap with a negative biClrUsed value, as reported by Moti and Xu Hao, aka "Windows Shell Graphics Processing Overrun Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_server_2003windows_xpwindows_server_2008windows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3950
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-61.04% / 98.25%
||
7 Day CHG~0.00%
Published-16 Dec, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TIFF image converter in the graphics filters in Microsoft Office XP SP3, Office Converter Pack, and Works 9 does not properly convert data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TIFF image in an Office document, aka "TIFF Image Converter Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-office_converter_packworksofficen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3947
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-62.13% / 98.29%
||
7 Day CHG~0.00%
Published-16 Dec, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the TIFF image converter in the graphics filters in Microsoft Office XP SP3, Office Converter Pack, and Works 9 allows remote attackers to execute arbitrary code via a crafted TIFF image in an Office document, aka "TIFF Image Converter Heap Overflow Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-office_converter_packworksofficen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3954
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-61.04% / 98.25%
||
7 Day CHG~0.00%
Published-16 Dec, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Publisher 2002 SP3, 2003 SP3, and 2010 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Publisher file, aka "Microsoft Publisher Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-publishern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3945
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-62.13% / 98.29%
||
7 Day CHG~0.00%
Published-16 Dec, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the CGM image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted CGM image in an Office document, aka "CGM Image Converter Buffer Overrun Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-office_converter_packofficen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3769
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-6.36% / 90.61%
||
7 Day CHG~0.00%
Published-10 Dec, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly handle long strings, which allows remote attackers to execute arbitrary code via a crafted document.write call that triggers a buffer over-read.

Action-Not Available
Vendor-n/aMozilla CorporationMicrosoft Corporation
Product-windowsthunderbirdfirefoxseamonkeyn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3821
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-2.39% / 84.41%
||
7 Day CHG~0.00%
Published-20 Nov, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly handle the :first-letter pseudo-element in a Cascading Style Sheets (CSS) token sequence, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3951
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-62.13% / 98.29%
||
7 Day CHG~0.00%
Published-16 Dec, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the FlashPix image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted FlashPix image in an Office document, aka "FlashPix Image Converter Buffer Overflow Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-office_converter_packofficen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3949
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-62.13% / 98.29%
||
7 Day CHG~0.00%
Published-16 Dec, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the TIFF image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted TIFF image in an Office document, aka "TIFF Image Converter Buffer Overflow Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-office_converter_packofficen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-8438
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-7.53% / 91.43%
||
7 Day CHG~0.00%
Published-10 Dec, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via a crafted XML object that is mishandled during a toString call, a different vulnerability than CVE-2015-8446.

Action-Not Available
Vendor-n/aAdobe Inc.Linux Kernel Organization, IncGoogle LLCApple Inc.Microsoft Corporation
Product-airflash_playerlinux_kernelair_sdkair_sdk_\&_compilerwindowsiphone_osmac_os_xandroidn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-3334
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-65.80% / 98.44%
||
7 Day CHG~0.00%
Published-10 Nov, 2010 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Office document containing an Office Art Drawing record with crafted msofbtSp records and unspecified flags, which triggers memory corruption, aka "Office Art Drawing Records Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-open_xml_file_format_converterofficen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-3361
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-19.79% / 95.22%
||
7 Day CHG~0.00%
Published-14 Sep, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Excel 2010 SP2 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-exceln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-2210
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-3.52% / 87.17%
||
7 Day CHG~0.00%
Published-30 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2211, and CVE-2010-2212.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-2212
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-10.47% / 92.95%
||
7 Day CHG~0.00%
Published-30 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PDF file containing Flash content with a crafted #1023 (3FFh) tag, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, and CVE-2010-2211.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-2211
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-12.52% / 93.68%
||
7 Day CHG~0.00%
Published-30 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, and CVE-2010-2212.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-2202
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-12.52% / 93.68%
||
7 Day CHG~0.00%
Published-30 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-2570
Matching Score-10
Assigner-Microsoft Corporation
ShareView Details
Matching Score-10
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-62.13% / 98.29%
||
7 Day CHG~0.00%
Published-16 Dec, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3, 2003 SP3, 2007 SP2, and 2010 allows remote attackers to execute arbitrary code via a crafted Publisher file that uses an old file format, aka "Heap Overrun in pubconv.dll Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-publishern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-1289
Matching Score-10
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-10
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-2.55% / 84.91%
||
7 Day CHG~0.00%
Published-13 May, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowswindows_7shockwave_playerwindows_server_2008windows_server_2003windows_vistamacosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-1398
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-5.87% / 90.22%
||
7 Day CHG~0.00%
Published-11 Jun, 2010 | 17:28
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly perform ordered list insertions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document, related to the insertion of an unspecified element into an editable container and the access of an uninitialized element.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-1785
Matching Score-10
Assigner-Apple Inc.
ShareView Details
Matching Score-10
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-7.56% / 91.45%
||
7 Day CHG~0.00%
Published-30 Jul, 2010 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; accesses uninitialized memory during processing of the (1) :first-letter and (2) :first-line pseudo-elements in an SVG text element, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 127
  • 128
  • Next
Details not found