| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. |
| WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2. |
| WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. |
| WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. |
| WebKit, as used in Apple iTunes before 10.6, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2012-03-07-1. |
| Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character. |
| Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2012-0724. |
| ISC DHCP 4.1.2 through 4.2.4 and 4.1-ESV before 4.1-ESV-R6 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a malformed client identifier. |
| Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling. |
| Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via vectors related to improper memory allocation for copies from user mode, aka "Win32k Buffer Overflow Vulnerability." |
| Buffer overflow in the PPP Access Concentrator (PPPAC) on the SEIL/x86 with firmware 1.00 through 1.61, SEIL/B1 with firmware 1.00 through 3.11, SEIL/X1 with firmware 1.00 through 3.11, SEIL/X2 with firmware 1.00 through 3.11, SEIL/Turbo with firmware 1.80 through 2.10, and SEIL/neu 2FE Plus with firmware 1.80 through 2.10 might allow remote attackers to execute arbitrary code via a PPPoE packet. |
| The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via vectors involving a "dangling pointer" and the JS_ValueToId function. |
| Heap-based buffer overflow in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code via unspecified vectors. |
| Heap-based buffer overflow in jpeg_ls.dll in the Jpeg_LS (aka JLS) plugin in the formats plugins in IrfanView PlugIns before 4.34 allows remote attackers to execute arbitrary code via a crafted JLS file. |
| The nsCodingStateMachine::NextState function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. |
| Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document. |
| The JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 on Mac OS X and Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
| Buffer overflow in Adobe Flash Professional before CS6 allows attackers to execute arbitrary code via unspecified vectors. |
| Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2023, CVE-2012-2024, CVE-2012-2025, and CVE-2012-2026. |
| The ClusterIterator::NextCluster function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. |