Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-36077

Summary
Assigner-adobe
Assigner Org ID-078d4453-3bcd-4900-85e6-15281da43538
Published At-01 Sep, 2021 | 14:35
Updated At-17 Sep, 2024 | 03:18
Rejected At-
Credits

Adobe Bridge SVG File Memory Corruption Could Lead To Application Denial Of Service

Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in local application denial of service in the context of the current user. User interaction is required to exploit this vulnerability.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:adobe
Assigner Org ID:078d4453-3bcd-4900-85e6-15281da43538
Published At:01 Sep, 2021 | 14:35
Updated At:17 Sep, 2024 | 03:18
Rejected At:
▼CVE Numbering Authority (CNA)
Adobe Bridge SVG File Memory Corruption Could Lead To Application Denial Of Service

Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in local application denial of service in the context of the current user. User interaction is required to exploit this vulnerability.

Affected Products
Vendor
Adobe Inc.Adobe
Product
Bridge
Versions
Affected
  • From unspecified through 11.1 (custom)
  • From unspecified through None (custom)
Problem Types
TypeCWE IDDescription
CWECWE-788Access of Memory Location After End of Buffer (CWE-788)
Type: CWE
CWE ID: CWE-788
Description: Access of Memory Location After End of Buffer (CWE-788)
Metrics
VersionBase scoreBase severityVector
3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://helpx.adobe.com/security/products/bridge/apsb21-69.html
x_refsource_MISC
Hyperlink: https://helpx.adobe.com/security/products/bridge/apsb21-69.html
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://helpx.adobe.com/security/products/bridge/apsb21-69.html
x_refsource_MISC
x_transferred
Hyperlink: https://helpx.adobe.com/security/products/bridge/apsb21-69.html
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@adobe.com
Published At:01 Sep, 2021 | 15:15
Updated At:09 Sep, 2021 | 14:01

Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in local application denial of service in the context of the current user. User interaction is required to exploit this vulnerability.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Secondary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CPE Matches
Adobe Inc.
adobe
>>bridge>>Versions up to 11.1(inclusive)
cpe:2.3:a:adobe:bridge:*:*:*:*:*:*:*:*
Microsoft Corporation
microsoft
>>windows>>-
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE-788Secondarypsirt@adobe.com
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-788
Type: Secondary
Source: psirt@adobe.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://helpx.adobe.com/security/products/bridge/apsb21-69.htmlpsirt@adobe.com
Patch
Vendor Advisory
Hyperlink: https://helpx.adobe.com/security/products/bridge/apsb21-69.html
Source: psirt@adobe.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

3539Records found
CVE-2011-0192
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-5.61% / 89.96%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7windows_xpwindows_vistaitunesn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0045
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-7.2||HIGH
EPSS-1.90% / 82.49%
||
7 Day CHG~0.00%
Published-09 Feb, 2011 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Trace Events functionality in the kernel in Microsoft Windows XP SP3 does not properly perform type conversion, which causes integer truncation and insufficient memory allocation and triggers a buffer overflow, which allows local users to gain privileges via a crafted application, related to WmiTraceMessageVa, aka "Windows Kernel Integer Truncation Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_xpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0115
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.6||HIGH
EPSS-1.54% / 80.61%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DOM level 2 implementation in WebKit, as used in Apple iTunes before 10.2 on Windows and Apple Safari, does not properly handle DOM manipulations associated with event listeners during processing of range objects, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7safariwebkitwindows_xpituneswindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0246
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-4.25% / 88.35%
||
7 Day CHG~0.00%
Published-04 Aug, 2011 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7windows_xpquicktimewindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0569
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-4.75% / 89.01%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PFR1 chunk containing an invalid size value that leads to an unexpected sign extension and a buffer overflow, a different vulnerability than CVE-2011-0556.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0574
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-2.57% / 84.97%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0607
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-2.57% / 84.97%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0608.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0317
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-1.53% / 80.59%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0129
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.6||HIGH
EPSS-0.94% / 75.26%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7webkitwindows_xpituneswindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0164
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.6||HIGH
EPSS-0.94% / 75.26%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7webkitwindows_xpituneswindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0259
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.6||HIGH
EPSS-1.39% / 79.61%
||
7 Day CHG~0.00%
Published-12 Oct, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CoreFoundation, as used in Apple iTunes before 10.5, does not properly perform string tokenization, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7windows_xpituneswindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0058
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.88% / 90.23%
||
7 Day CHG~0.00%
Published-02 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long string that triggers construction of a long text run.

Action-Not Available
Vendor-n/aMozilla CorporationMicrosoft Corporation
Product-windowsfirefoxseamonkeyn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0235
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-3.31% / 86.72%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0237
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-2.02% / 83.04%
||
7 Day CHG-0.60%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0258
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-7.62% / 91.48%
||
7 Day CHG~0.00%
Published-06 Sep, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted image description associated with an mp4v tag in a movie file.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7windows_xpquicktimewindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0118
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.6||HIGH
EPSS-0.94% / 75.26%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7webkitwindows_xpituneswindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0571
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-2.57% / 84.97%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0578
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-3.13% / 86.33%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a constructor for an unspecified ActionScript3 object and improper type checking, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0607, and CVE-2011-0608.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0573
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-2.57% / 84.97%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0603
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-9.98% / 92.74%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0566 and CVE-2011-0567.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0560
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-12.48% / 93.66%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0559
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-5.26% / 89.61%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted parameters to an unspecified ActionScript method that cause a parameter to be used as an object pointer, a different vulnerability than CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0608
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-2.57% / 84.97%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0607.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0117
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.6||HIGH
EPSS-0.94% / 75.26%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7webkitwindows_xpituneswindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0136
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.6||HIGH
EPSS-0.94% / 75.26%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7webkitwindows_xpituneswindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0144
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.6||HIGH
EPSS-0.94% / 75.26%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7webkitwindows_xpituneswindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0139
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.6||HIGH
EPSS-0.86% / 74.14%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7webkitwindows_xpituneswindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0155
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.6||HIGH
EPSS-0.94% / 75.26%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7webkitwindows_xpituneswindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-24414
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-5.26% / 89.60%
||
7 Day CHG~0.00%
Published-20 Oct, 2020 | 21:56
Updated-17 Sep, 2024 | 04:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Illustrator Memory Corruption Vulnerability

Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit.

Action-Not Available
Vendor-Microsoft CorporationAdobe Inc.
Product-windowsillustratorIllustrator
CWE ID-CWE-788
Access of Memory Location After End of Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-0101
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-70.22% / 98.62%
||
7 Day CHG~0.00%
Published-13 Apr, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RealTimeData record, related to a stTopic field, double-byte characters, and an incorrect pointer calculation, aka "Excel Record Parsing WriteAV Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-exceln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0126
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.6||HIGH
EPSS-0.94% / 75.26%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7webkitwindows_xpituneswindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0111
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.6||HIGH
EPSS-0.88% / 74.37%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7webkitwindows_xpituneswindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0125
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.6||HIGH
EPSS-0.94% / 75.26%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7webkitwindows_xpituneswindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0221
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-3.31% / 86.72%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0241
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-7.72% / 91.55%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageIO in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with CCITT Group 4 encoding.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7imageiowindows_xpwindows_vistasafarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0148
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.6||HIGH
EPSS-0.94% / 75.26%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7webkitwindows_xpituneswindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0250
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-5.70% / 90.05%
||
7 Day CHG~0.00%
Published-04 Aug, 2011 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSS atoms in a QuickTime movie file.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7quicktimewindows_xpwindows_vistamac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0233
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-3.31% / 86.72%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0124
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.6||HIGH
EPSS-0.94% / 75.26%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7webkitwindows_xpituneswindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0145
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.6||HIGH
EPSS-0.94% / 75.26%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7webkitwindows_xpituneswindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0191
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-9.07% / 92.31%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7windows_xpwindows_vistaitunesn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0128
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.6||HIGH
EPSS-0.94% / 75.26%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7webkitwindows_xpituneswindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0238
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-3.31% / 86.72%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0225
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-3.31% / 86.72%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0141
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-7.6||HIGH
EPSS-0.94% / 75.26%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windowswindows_7webkitwindows_xpituneswindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0606
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-16.82% / 94.69%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a crafted length value, a different vulnerability than CVE-2011-0563 and CVE-2011-0589.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0154
Matching Score-6
Assigner-Apple Inc.
ShareView Details
Matching Score-6
Assigner-Apple Inc.
CVSS Score-5.1||MEDIUM
EPSS-0.75% / 72.22%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple iTunes before 10.2 on Windows and Apple iOS, does not properly implement the .sort function for JavaScript arrays, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-iphone_oswindowsitunesn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0103
Matching Score-6
Assigner-Microsoft Corporation
ShareView Details
Matching Score-6
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-68.01% / 98.53%
||
7 Day CHG~0.00%
Published-13 Apr, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted record information in an Excel file, aka "Excel Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-open_xml_file_format_converterofficeexceln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0589
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-2.66% / 85.19%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0563 and CVE-2011-0606.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0610
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-5.78% / 90.14%
||
7 Day CHG~0.00%
Published-03 May, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The CoolType library in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • ...
  • 6
  • 7
  • 8
  • ...
  • 70
  • 71
  • Next
Details not found