Msvr - Vulnerabilities List

msvr•added 2013/06/18 12:0 a.m.•570 views

Cisco Security Service File Verification Bypass Could Allow Elevation of Privilege

6.6CVSS1.4AI score0.00326EPSS

msvr•added 2013/05/21 12:0 a.m.•499 views

Heap Corruption in Nitro Reader Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Nitro Pro version 7.5.0.22 and earlier versions and Nitro Reader version 2.5.0.36 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated...

1.6AI score0.02437EPSS

msvr•added 2013/05/21 12:0 a.m.•517 views

Memory Corruption in Nitro Reader Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Nitro Pro version 7.5.0.29 and earlier versions and Nitro Reader version 2.5.0.45 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated...

1.8AI score0.02804EPSS

msvr•added 2013/04/16 12:0 a.m.•514 views

Vulnerability in SumatraPDF Reader Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting SumatraPDF Reader version 2.1.1 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor,...

1.1AI score0.03653EPSS

msvr•added 2013/03/19 12:0 a.m.•601 views

Vulnerability in DjVuLibre Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting DjVuLibre software version 3.5.25 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the DjVuLibre project...

9.3CVSS1.8AI score0.04642EPSS

msvr•added 2013/02/19 12:0 a.m.•638 views

Vulnerability in VMware VMCI.sys Could Allow Local Elevation of Privilege

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting VMware Workstation version 8.0.4 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, VMware...

7.2CVSS1.7AI score0.00968EPSS

Exploits3Affected Software1

msvr•added 2013/02/19 12:0 a.m.•595 views

Vulnerability in VMware OVF Tool Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting VMware OVF Tool software version 2.1 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor,...

9.3CVSS1.8AI score0.47719EPSS

Exploits12Affected Software1

msvr•added 2013/01/15 12:0 a.m.•585 views

Vulnerability in Lenovo ThinkPad Bluetooth with Enhanced Data Rate Software Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Lenovo ThinkPad Bluetooth with Enhanced Data Rate Software version 6.4.0.2900 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated...

9.3CVSS1.6AI score0.06367EPSS

msvr•added 2012/12/18 12:0 a.m.•559 views

Memory Corruption in QuickTime Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Apple QuickTime software version 7.7.2 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor,...

9.3CVSS2AI score0.04802EPSS

msvr•added 2012/11/20 12:0 a.m.•605 views

Oracle AutoVue DGN Parsing Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Oracle AutoVue software versions 20.1.1 and 20.2. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Oracle...

4CVSS1.9AI score0.01734EPSS

msvr•added 2012/11/20 12:0 a.m.•567 views

Memory Corruption in Symantec Ghost Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Symantec Ghost Solutions Suite SGSS 2.5.1, build 11.5.1.2266 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to...

6.8CVSS1.6AI score0.03264EPSS

msvr•added 2012/11/20 12:0 a.m.•607 views

Oracle AutoVue DXF Parsing Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Oracle Autovue software versions 20.1.1 and 20.2. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Oracle...

4CVSS1.6AI score0.01734EPSS

msvr•added 2012/10/16 12:0 a.m.•572 views

Vulnerabilities in Ektron CMS Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of two vulnerabilities affecting Ektron Web Content Management System CMS. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Ektron. Ektron...

6.2CVSS3.4AI score0.67776EPSS

Exploits7Affected Software1

msvr•added 2012/10/16 12:0 a.m.•505 views

Vulnerabilities in FFmpeg Libavcodec Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of three vulnerabilities in the FFmpeg codec library software version 0.10 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected...

2.5AI score0.03329EPSS

msvr•added 2012/09/18 12:0 a.m.•596 views

Memory Corruption in Google SketchUp Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Google SketchUp software version 8.0.11752.0 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor,...

9.3CVSS1.8AI score0.05298EPSS

msvr•added 2012/09/18 12:0 a.m.•593 views

Vulnerabilities in SumatraPDF Reader Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of multiple vulnerabilities affecting SumatraPDF Reader software version 2.0.1 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor...

9.3CVSS1.8AI score0.05193EPSS

msvr•added 2012/08/21 12:0 a.m.•649 views

Vulnerability in Foxit Reader Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Foxit Reader software version 5.1.4.0104 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Foxit...

9.3CVSS1.6AI score0.05EPSS

msvr•added 2012/08/21 12:0 a.m.•804 views

Safari Content-Disposition Handling Could Allow Cross-site Scripting

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Apple Safari software version 5.1.5 7534.55.3 for Windows and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affecte...

4.3CVSS1AI score0.01821EPSS

msvr•added 2012/07/17 12:0 a.m.•582 views

Vulnerability in Cisco WebEx Player Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Cisco WebEx Player. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Cisco. Cisco has remediated the...

9.3CVSS1.1AI score0.03189EPSS

msvr•added 2012/07/17 12:0 a.m.•599 views

Vulnerabilities in Nullsoft Winamp Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of vulnerabilities affecting Nullsoft Winamp software version 5.623 and earlier. Microsoft discovered and disclosed the vulnerabilities under coordinated vulnerability disclosure to the affected vendor, Nullsof...

6.8CVSS1.6AI score0.02021EPSS

msvr•added 2012/06/19 12:0 a.m.•595 views

Vulnerability in Google Chrome Could Allow Local Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Google Chrome version 17.0.963.79 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Googl...

7.2CVSS2.7AI score0.00274EPSS

msvr•added 2012/06/19 12:0 a.m.•508 views

Vulnerability in LongTail Video JW Player Could Allow Cross-Site Scripting

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting LongTail Video JW Player software version 5.9.2145 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the...

1.6AI score0.02579EPSS

msvr•added 2012/05/17 12:0 a.m.•592 views

Apple QuickTime MPEG Parsing Memory Corruption

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Apple QuickTime Player software version 7.7.1 and earlier verisons. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected...

6.8CVSS0.9AI score0.03137EPSS

msvr•added 2012/04/17 12:0 a.m.•598 views

Vulnerability in RealNetworks Helix Universal Media Server Could Allow Denial of Service

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting RealNetworks Helix Universal Media Server software version 14.2.0.212 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to...

6.8CVSS1.9AI score0.0098EPSS

msvr•added 2012/04/17 12:0 a.m.•635 views

Vulnerabilities in RealNetworks Helix Server Could Allow Arbitrary Script Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of multiple vulnerabilities affecting RealNetworks Helix Server software version 14.2.0.212 and earlier. Microsoft discovered and disclosed these vulnerabilities under coordinated vulnerability disclosure to th...

4.3CVSS1.8AI score0.01808EPSS

msvr•added 2012/03/20 12:0 a.m.•576 views

JPEG 2000 Memory Overwrite Vulnerability in OpenJPEG Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting OpenJPEG software version 1.4 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, OpenJPEG...

9.3CVSS2.1AI score0.05139EPSS

msvr•added 2012/02/21 12:0 a.m.•582 views

Vulnerability in DotNetNuke Could Allow Arbitrary Script Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting DotNetNuke 6.0.0 through version 6.0.2. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, DotNetNuke. DotNetNuk...

4.3CVSS2.2AI score0.00939EPSS

msvr•added 2012/02/21 12:0 a.m.•589 views

Vulnerability in DotNetNuke Could Allow Arbitrary Script Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting DotNetNuke 6.0.2 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, DotNetNuke. DotNetNuke...

4.3CVSS2.5AI score0.00939EPSS

msvr•added 2012/01/17 12:0 a.m.•702 views

Vulnerabilities in XnViewer Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of two integer overflow vulnerabilities affecting XnViewer version 1.98.2 and earlier versions. Microsoft discovered and disclosed the vulnerabilities under coordinated vulnerability disclosure to the affected...

9.3CVSS2.9AI score0.03742EPSS

msvr•added 2011/12/20 12:0 a.m.•608 views

Vulnerability in Hex-Rays IDA Pro, IDAPython Plugin Could Allow Arbitrary Script Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting IDA Pro running the IDAPython plugin. By default, the IDAPython plugin is installed with all versions of IDA Pro. Microsoft discovered and disclosed the vulnerability under...

9.3CVSS2AI score0.04791EPSS

msvr•added 2011/12/20 12:0 a.m.•557 views

Vulnerability in NVIDIA Stereoscopic 3D Driver Could Allow Elevation of Privilege

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting the NVIDIA Stereoscopic 3D driver. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, NVIDIA. NVIDIA has...

7.2CVSS2.1AI score0.00351EPSS

msvr•added 2011/11/15 12:0 a.m.•579 views

Vulnerability in Wireshark Allows For Arbitrary Script Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Wireshark version 1.6.1 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Wireshark. Wireshark has...

9.3CVSS1.2AI score0.35528EPSS

Exploits9Affected Software1

msvr•added 2011/10/18 12:0 a.m.•577 views

Vulnerability in Wireshark Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Wireshark version 1.6.0 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Wireshark. Wireshark has...

4.3CVSS1.3AI score0.05568EPSS

msvr•added 2011/10/18 12:0 a.m.•654 views

Vulnerability in FFmpeg Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting FFmpeg version 0.8.0 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, FFmpeg. FFmpeg has remediat...

9.3CVSS2.1AI score0.0232EPSS

msvr•added 2011/09/20 12:0 a.m.•583 views

Vulnerability in FFmpeg Matroska Format Decoder Could Allow Remote Code Execution

9.3CVSS1.9AI score0.05846EPSS

msvr•added 2011/08/16 12:0 a.m.•593 views

Vulnerability in WordPress Could Allow Cross-Domain Script Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting WordPress version 3.1.2 and earlier, both as the cloud service from WordPress.com as well as the installable software available from WordPress.org. Microsoft discovered and disclose...

10CVSS2.1AI score0.02573EPSS

msvr•added 2011/08/16 12:0 a.m.•595 views

Vulnerability in Apple Safari Could Allow Information Disclosure

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Apple Safari version 5.05 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Apple Inc. Apple Inc...

4.3CVSS1.5AI score0.01638EPSS

msvr•added 2011/07/19 12:0 a.m.•601 views

Vulnerability in Google Picasa Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Google Picasa for Windows version 3.6 build 105.61 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendo...

9.3CVSS1.4AI score0.04295EPSS

msvr•added 2011/07/19 12:0 a.m.•509 views

Clickjacking Vulnerability in Facebook.com Could Allow Account Compromise

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting the popular social networking site, Facebook.com. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Facebook In...

2.1AI score

Exploits0

msvr•added 2011/06/21 12:0 a.m.•580 views

Vulnerability in Google SketchUp Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Google SketchUp version 7.1 Maintenance Release 2 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor...

9.3CVSS0.8AI score0.02154EPSS

msvr•added 2011/06/21 12:0 a.m.•1671 views

Vulnerability in Foxit Reader Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Foxit Reader version 4.0 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Foxit Software. Foxit...

9.3CVSS1.1AI score0.0498EPSS

msvr•added 2011/05/17 12:0 a.m.•603 views

Vulnerability in RealNetworks RealPlayer Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting RealNetworks RealPlayer SP version 1.1.4 and earlier and RealPlayer 11.1 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure...

9.3CVSS1.2AI score0.01554EPSS

msvr•added 2011/05/17 12:0 a.m.•576 views

Vulnerability in RealNetworks RealPlayer RichFX Component Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting RealNetworks RealPlayer SP version 1.1.4 and earlier, RealPlayer 11.1 and earlier, and RealPlayer Enterprise 2.1.2 and earlier. Microsoft discovered and disclosed the vulnerability...

10CVSS1.3AI score0.02843EPSS

Exploits0Affected Software3

msvr•added 2011/04/19 12:0 a.m.•597 views

Use-After-Free Object Lifetime Vulnerability in Chrome Could Allow Sandboxed Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Google Chrome browser versions prior to 6.0.472.59. Microsoft engineers discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor,...

9.3CVSS2.9AI score0.03284EPSS