Msvr - Vulnerabilities List

msvr•added 2013/06/18 12:0 a.m.•568 views

Cisco Security Service File Verification Bypass Could Allow Elevation of Privilege

6.6CVSS1.4AI score0.00082EPSS

msvr•added 2013/05/21 12:0 a.m.•496 views

Heap Corruption in Nitro Reader Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Nitro Pro version 7.5.0.22 and earlier versions and Nitro Reader version 2.5.0.36 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated...

1.6AI score0.0056EPSS

msvr•added 2013/05/21 12:0 a.m.•513 views

Memory Corruption in Nitro Reader Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Nitro Pro version 7.5.0.29 and earlier versions and Nitro Reader version 2.5.0.45 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated...

1.8AI score0.0056EPSS

msvr•added 2013/04/16 12:0 a.m.•512 views

Vulnerability in SumatraPDF Reader Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting SumatraPDF Reader version 2.1.1 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor,...

1.1AI score0.01751EPSS

msvr•added 2013/03/19 12:0 a.m.•599 views

Vulnerability in DjVuLibre Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting DjVuLibre software version 3.5.25 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the DjVuLibre project...

9.3CVSS1.8AI score0.05355EPSS

msvr•added 2013/02/19 12:0 a.m.•591 views

Vulnerability in VMware OVF Tool Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting VMware OVF Tool software version 2.1 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor,...

9.3CVSS1.8AI score0.80635EPSS

Exploits12Affected Software1

msvr•added 2013/02/19 12:0 a.m.•635 views

Vulnerability in VMware VMCI.sys Could Allow Local Elevation of Privilege

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting VMware Workstation version 8.0.4 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, VMware...

7.2CVSS1.7AI score0.00743EPSS

Exploits3Affected Software1

msvr•added 2013/01/15 12:0 a.m.•583 views

Vulnerability in Lenovo ThinkPad Bluetooth with Enhanced Data Rate Software Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Lenovo ThinkPad Bluetooth with Enhanced Data Rate Software version 6.4.0.2900 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated...

9.3CVSS1.6AI score0.05385EPSS

msvr•added 2012/12/18 12:0 a.m.•556 views

Memory Corruption in QuickTime Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Apple QuickTime software version 7.7.2 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor,...

9.3CVSS2AI score0.07138EPSS

msvr•added 2012/11/20 12:0 a.m.•604 views

Oracle AutoVue DXF Parsing Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Oracle Autovue software versions 20.1.1 and 20.2. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Oracle...

4CVSS1.6AI score0.00931EPSS

msvr•added 2012/11/20 12:0 a.m.•602 views

Oracle AutoVue DGN Parsing Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Oracle AutoVue software versions 20.1.1 and 20.2. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Oracle...

4CVSS1.9AI score0.00931EPSS

msvr•added 2012/11/20 12:0 a.m.•564 views

Memory Corruption in Symantec Ghost Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Symantec Ghost Solutions Suite SGSS 2.5.1, build 11.5.1.2266 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to...

6.8CVSS1.6AI score0.02067EPSS

msvr•added 2012/10/16 12:0 a.m.•502 views

Vulnerabilities in FFmpeg Libavcodec Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of three vulnerabilities in the FFmpeg codec library software version 0.10 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected...

2.5AI score0.01861EPSS

msvr•added 2012/10/16 12:0 a.m.•570 views

Vulnerabilities in Ektron CMS Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of two vulnerabilities affecting Ektron Web Content Management System CMS. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Ektron. Ektron...

6.2CVSS3.4AI score0.82595EPSS

Exploits6Affected Software1

msvr•added 2012/09/18 12:0 a.m.•593 views

Memory Corruption in Google SketchUp Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Google SketchUp software version 8.0.11752.0 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor,...

9.3CVSS1.8AI score0.06825EPSS

msvr•added 2012/09/18 12:0 a.m.•583 views

Vulnerabilities in SumatraPDF Reader Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of multiple vulnerabilities affecting SumatraPDF Reader software version 2.0.1 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor...

9.3CVSS1.8AI score0.0845EPSS

msvr•added 2012/08/21 12:0 a.m.•801 views

Safari Content-Disposition Handling Could Allow Cross-site Scripting

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Apple Safari software version 5.1.5 7534.55.3 for Windows and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affecte...

4.3CVSS1AI score0.0084EPSS

msvr•added 2012/08/21 12:0 a.m.•645 views

Vulnerability in Foxit Reader Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Foxit Reader software version 5.1.4.0104 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Foxit...

9.3CVSS1.6AI score0.00531EPSS

msvr•added 2012/07/17 12:0 a.m.•579 views

Vulnerability in Cisco WebEx Player Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Cisco WebEx Player. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Cisco. Cisco has remediated the...

9.3CVSS1.1AI score0.03573EPSS

msvr•added 2012/07/17 12:0 a.m.•596 views

Vulnerabilities in Nullsoft Winamp Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of vulnerabilities affecting Nullsoft Winamp software version 5.623 and earlier. Microsoft discovered and disclosed the vulnerabilities under coordinated vulnerability disclosure to the affected vendor, Nullsof...

6.8CVSS1.6AI score0.00666EPSS

msvr•added 2012/06/19 12:0 a.m.•592 views

Vulnerability in Google Chrome Could Allow Local Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Google Chrome version 17.0.963.79 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Googl...

7.2CVSS2.7AI score0.00029EPSS

msvr•added 2012/06/19 12:0 a.m.•504 views

Vulnerability in LongTail Video JW Player Could Allow Cross-Site Scripting

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting LongTail Video JW Player software version 5.9.2145 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the...

1.6AI score0.10138EPSS

msvr•added 2012/05/17 12:0 a.m.•589 views

Apple QuickTime MPEG Parsing Memory Corruption

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Apple QuickTime Player software version 7.7.1 and earlier verisons. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected...

6.8CVSS0.9AI score0.01774EPSS

msvr•added 2012/04/17 12:0 a.m.•633 views

Vulnerabilities in RealNetworks Helix Server Could Allow Arbitrary Script Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of multiple vulnerabilities affecting RealNetworks Helix Server software version 14.2.0.212 and earlier. Microsoft discovered and disclosed these vulnerabilities under coordinated vulnerability disclosure to th...

4.3CVSS1.8AI score0.00256EPSS

msvr•added 2012/04/17 12:0 a.m.•595 views

Vulnerability in RealNetworks Helix Universal Media Server Could Allow Denial of Service

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting RealNetworks Helix Universal Media Server software version 14.2.0.212 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to...

6.8CVSS1.9AI score0.0022EPSS

msvr•added 2012/03/20 12:0 a.m.•573 views

JPEG 2000 Memory Overwrite Vulnerability in OpenJPEG Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting OpenJPEG software version 1.4 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, OpenJPEG...

9.3CVSS2.1AI score0.03847EPSS

msvr•added 2012/02/21 12:0 a.m.•578 views

Vulnerability in DotNetNuke Could Allow Arbitrary Script Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting DotNetNuke 6.0.0 through version 6.0.2. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, DotNetNuke. DotNetNuk...

4.3CVSS2.2AI score0.00263EPSS

msvr•added 2012/02/21 12:0 a.m.•585 views

Vulnerability in DotNetNuke Could Allow Arbitrary Script Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting DotNetNuke 6.0.2 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, DotNetNuke. DotNetNuke...

4.3CVSS2.5AI score0.00263EPSS

msvr•added 2012/01/17 12:0 a.m.•699 views

Vulnerabilities in XnViewer Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of two integer overflow vulnerabilities affecting XnViewer version 1.98.2 and earlier versions. Microsoft discovered and disclosed the vulnerabilities under coordinated vulnerability disclosure to the affected...

9.3CVSS2.9AI score0.02392EPSS

msvr•added 2011/12/20 12:0 a.m.•605 views

Vulnerability in Hex-Rays IDA Pro, IDAPython Plugin Could Allow Arbitrary Script Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting IDA Pro running the IDAPython plugin. By default, the IDAPython plugin is installed with all versions of IDA Pro. Microsoft discovered and disclosed the vulnerability under...

9.3CVSS2AI score0.0167EPSS

msvr•added 2011/12/20 12:0 a.m.•555 views

Vulnerability in NVIDIA Stereoscopic 3D Driver Could Allow Elevation of Privilege

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting the NVIDIA Stereoscopic 3D driver. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, NVIDIA. NVIDIA has...

7.2CVSS2.1AI score0.0006EPSS

msvr•added 2011/11/15 12:0 a.m.•576 views

Vulnerability in Wireshark Allows For Arbitrary Script Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Wireshark version 1.6.1 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Wireshark. Wireshark has...

9.3CVSS1.2AI score0.65037EPSS

Exploits9Affected Software1

msvr•added 2011/10/18 12:0 a.m.•625 views

Vulnerability in FFmpeg Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting FFmpeg version 0.8.0 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, FFmpeg. FFmpeg has remediat...

9.3CVSS2.1AI score0.02791EPSS

msvr•added 2011/10/18 12:0 a.m.•574 views

Vulnerability in Wireshark Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Wireshark version 1.6.0 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Wireshark. Wireshark has...

4.3CVSS1.3AI score0.06342EPSS

msvr•added 2011/09/20 12:0 a.m.•580 views

Vulnerability in FFmpeg Matroska Format Decoder Could Allow Remote Code Execution

9.3CVSS1.9AI score0.04725EPSS

msvr•added 2011/08/16 12:0 a.m.•589 views

Vulnerability in Apple Safari Could Allow Information Disclosure

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Apple Safari version 5.05 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Apple Inc. Apple Inc...

4.3CVSS1.5AI score0.00183EPSS

msvr•added 2011/08/16 12:0 a.m.•592 views

Vulnerability in WordPress Could Allow Cross-Domain Script Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting WordPress version 3.1.2 and earlier, both as the cloud service from WordPress.com as well as the installable software available from WordPress.org. Microsoft discovered and disclose...

10CVSS2.1AI score0.01235EPSS

msvr•added 2011/07/19 12:0 a.m.•506 views

Clickjacking Vulnerability in Facebook.com Could Allow Account Compromise

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting the popular social networking site, Facebook.com. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Facebook In...

2.1AI score

Exploits0

msvr•added 2011/07/19 12:0 a.m.•598 views

Vulnerability in Google Picasa Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Google Picasa for Windows version 3.6 build 105.61 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendo...

9.3CVSS1.4AI score0.03276EPSS

msvr•added 2011/06/21 12:0 a.m.•577 views

Vulnerability in Google SketchUp Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Google SketchUp version 7.1 Maintenance Release 2 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor...

9.3CVSS0.8AI score0.01378EPSS

msvr•added 2011/06/21 12:0 a.m.•1668 views

Vulnerability in Foxit Reader Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Foxit Reader version 4.0 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor, Foxit Software. Foxit...

9.3CVSS1.1AI score0.00734EPSS

msvr•added 2011/05/17 12:0 a.m.•573 views

Vulnerability in RealNetworks RealPlayer RichFX Component Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting RealNetworks RealPlayer SP version 1.1.4 and earlier, RealPlayer 11.1 and earlier, and RealPlayer Enterprise 2.1.2 and earlier. Microsoft discovered and disclosed the vulnerability...

10CVSS1.3AI score0.00851EPSS

Exploits0Affected Software3

msvr•added 2011/05/17 12:0 a.m.•600 views

Vulnerability in RealNetworks RealPlayer Could Allow Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting RealNetworks RealPlayer SP version 1.1.4 and earlier and RealPlayer 11.1 and earlier. Microsoft discovered and disclosed the vulnerability under coordinated vulnerability disclosure...

9.3CVSS1.2AI score0.00842EPSS

msvr•added 2011/04/19 12:0 a.m.•645 views

HTML5 Implementation in Chrome, Opera, and Safari Could Allow Information Disclosure

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Google Chrome browser versions 8.0.552.210 and earlier; Opera browser versions 10.62 and earlier; and Safari browser versions 4.1.2 and earlier, Safari browser versions 5.0.2 and...

4.3CVSS1.2AI score0.00823EPSS

Exploits0Affected Software4

msvr•added 2011/04/19 12:0 a.m.•595 views

Use-After-Free Object Lifetime Vulnerability in Chrome Could Allow Sandboxed Remote Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Google Chrome browser versions prior to 6.0.472.59. Microsoft engineers discovered and disclosed the vulnerability under coordinated vulnerability disclosure to the affected vendor,...

9.3CVSS2.9AI score0.01898EPSS