Code injection

Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors...

CVE-2010-3624

Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allows attackers to execute arbitrary code via a crafted image...

CVE-2010-3627

Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via unknown vectors...

CVE-2010-3631

Array index error in Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allows attackers to execute arbitrary code via unspecified vectors...

Ubuntu Update for libhx vulnerability USN-994-1

Ubuntu Update for Linux kernel vulnerabilities USN-994-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9941.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for libhx vulnerability USN-994-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

CVE-2010-3434

Buffer overflow in the findstreambounds function in pdf.c in libclamav in ClamAV before 0.96.3 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PDF document. NOTE: some of these details are obtained from third party informatio...

CVE-2010-2600

Untrusted search path vulnerability in BlackBerry Desktop Software before 6.0.0.47 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folder as a file that is processed by Blackberry...

Group-Office 'modules/notes/json.php' SQL Injection Vulnerability

Group-Office is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to execute arbitrary code, compromise the application, access or modify data, or exploit latent...

Design/Logic Flaw

Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via run-in styling in an element, related to object pointers...

CVE-2010-1815

Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving scrollbars...

CVE-2010-2739

Buffer overflow in the CreateDIBPalette function in win32k.sys in Microsoft Windows XP SP3, Server 2003 R2 Enterprise SP2, Vista Business SP1, Windows 7, and Server 2008 SP2 allows local users to cause a denial of service crash and possibly execute arbitrary code by performing a clipboard operati...

CVE-2010-3257

Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving element focus...

CVE-2010-2739

The CVE-2010-2739 issue is a buffer overflow in the Windows win32k.sys CreateDIBPalette() function. A crafted bitmap with a very large color palette, used via GetClipboardData, can crash the system and may allow arbitrary code execution locally on affected Windows versions: XP SP3, Server 2003 R2...

Mandriva Update for libHX MDVSA-2010:165 (libHX)

Check for the Version of libHX OpenVAS Vulnerability Test Mandriva Update for libHX MDVSA-2010:165 libHX Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Pecio CMS 2.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the template parameter to 1 post.php, 2 article.php, 3 blog.php, or 4 home.php in pectemplates/nova-blue/...

CVE-2010-3139

Untrusted search path vulnerability in Microsoft Windows Progman Group Converter grpconv.exe allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse imm.dll that is located in the same folder as a .grp file...

CVE-2010-3141

Untrusted search path vulnerability in Microsoft PowerPoint 2010 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse pptimpconv.dll that is located in the same folder as a .odp, .pot, .potm, .potx, .ppa, .pps, .ppsm,...

CVE-2010-2876

Adobe Shockwave Player before 11.5.8.612 does not properly validate values associated with buffer-size calculation for a 0xFFFFFFF8 record in a 1 .dir or 2 .dcr Director movie, which allows remote attackers to cause a denial of service heap memory corruption or execute arbitrary code via a crafte...

CVE-2010-2879

Multiple integer overflows in the allocator in the TextXtra.x32 module in Adobe Shockwave Player before 11.5.8.612 allow remote attackers to cause a denial of service heap memory corruption or execute arbitrary code via a crafted 1 element count or 2 element size value in a file...

CVE-2010-2880

DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x47 of a...