Vulnerabilities (CVE)

Vendor filter

Microsoft Subscribe

Filter

6665 total CVE
CVE Vendors Products Updated CVSS
CVE-2013-1451 1 Microsoft 1 Internet Explorer 2013-01-30 4.0
Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not ensure that the SSL lock icon is consistent with the Address bar, which makes it easier...
CVE-2013-1450 1 Microsoft 1 Internet Explorer 2013-01-30 4.0
Microsoft Internet Explorer 8 and 9, when the Proxy Settings configuration has the same Proxy address and Port values in the HTTP and Secure rows, does not properly reuse TCP sessions to the proxy server, which allows remote attackers to obtain...
CVE-2012-5672 1 Microsoft 3 Excel, Excel Viewer, Office 2012-11-08 4.3
Microsoft Excel Viewer (aka Xlview.exe) and Excel in Microsoft Office 2007 (aka Office 12) allow remote attackers to cause a denial of service (read access violation and application crash) via a crafted spreadsheet file, as demonstrated by a .xls...
CVE-2012-1453 13 Kaspersky, Rising-global, Antiy and 10 more 14 Etrust Vet Antivirus, Avl Sdk, Rising Antivirus and 11 more 2012-11-06 4.3
The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly Webwasher) 2010.1C, Emsisoft Anti-Malware...
CVE-2012-1443 33 Eset, Rising-global, Antiy and 30 more 35 Bitdefender, Avl Sdk, Avast Antivirus and 32 more 2012-11-06 4.3
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3...
CVE-2007-2999 1 Microsoft 1 Windows 2003 Server 2012-11-06 1.8
Microsoft Windows Server 2003, when time restrictions are in effect for user accounts, generates different error messages for failed login attempts with a valid user name than for those with an invalid user name, which allows context-dependent...
CVE-2012-1420 11 Eset, Norman, Rising-global and 8 more 11 Fortinet Antivirus, Antivirus, Nod32 Antivirus and 8 more 2012-08-14 4.3
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, Antimalware Engine 1.1.6402.0 in Microsoft...
CVE-2008-7295 1 Microsoft 1 Ie 2012-08-02 5.8
Microsoft Internet Explorer cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to...
CVE-2012-1545 1 Microsoft 1 Ie 2012-03-12 5.8
Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, allows remote attackers to bypass Protected Mode or cause a denial of service (memory corruption) by leveraging access to a Low integrity process, as demonstrated by VUPEN during a...
CVE-2010-5071 1 Microsoft 1 Ie 2012-03-07 5.0
The JavaScript implementation in Microsoft Internet Explorer 8.0 and earlier does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive...
CVE-2011-4689 1 Microsoft 1 Ie 2012-03-06 5.0
Microsoft Internet Explorer 6 through 9 does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the...
CVE-2012-1194 1 Microsoft 1 Windows Server 2008 2012-02-20 6.4
The resolver in the DNS Server service in Microsoft Windows Server 2008 before R2 overwrites cached server names and TTL values in NS records during the processing of a response to an A record query, which allows remote attackers to trigger...
CVE-2010-4562 1 Microsoft 6 Windows 2003 Server, Windows Server 2008, Windows 7 and 3 more 2012-02-03 4.3
Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using IPv6, allows remote attackers to determine whether a host is sniffing the network by sending an ICMPv6 Echo Request to a multicast address and determining whether an Echo Reply is...
CVE-2006-2900 2 Microsoft, Canon 2 Network Camera Server Vb101, Ie 2011-10-11 4.0
Internet Explorer 6 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename in a text box and using the OnKeyDown, OnKeyPress, and OnKeyUp Javascript keystroke events to...
CVE-2011-1844 1 Microsoft 1 Silverlight 2011-07-14 7.8
Memory leak in Microsoft Silverlight 4 before 4.0.60310.0 allows remote attackers to cause a denial of service (memory consumption) via an application involving a popup control and a custom DependencyProperty property, related to lack of garbage...
CVE-2011-1845 1 Microsoft 1 Silverlight 2011-07-14 7.8
Multiple memory leaks in the DataGrid control implementation in Microsoft Silverlight 4 before 4.0.60310.0 allow remote attackers to cause a denial of service (memory consumption) via an application involving (1) subscriptions to an...
CVE-2011-2600 1 Microsoft 1 Windows Xp 2011-07-12 7.1
The GPU support functionality in Windows XP does not properly restrict rendering time, which allows remote attackers to cause a denial of service (system crash) via vectors involving WebGL and (1) shader programs or (2) complex 3D geometry, as...
CVE-2011-2382 1 Microsoft 1 Ie 2011-06-14 4.3
Microsoft Internet Explorer 8 and earlier, and Internet Explorer 9 beta, does not properly restrict cross-zone drag-and-drop actions, which allows user-assisted remote attackers to read cookie files via vectors involving an IFRAME element with a...
CVE-2011-1068 1 Microsoft 1 Windows Azure Sdk 2011-04-21 2.6
Microsoft Windows Azure Software Development Kit (SDK) 1.3.x before 1.3.20121.1237, when Full IIS and a Web Role are used with an ASP.NET application, does not properly support the use of cookies for maintaining state, which allows remote...
CVE-2011-1652 1 Microsoft 1 Windows 7 2011-04-06 5.0
** DISPUTED ** The default configuration of Microsoft Windows 7 immediately prefers a new IPv6 and DHCPv6 service over a currently used IPv4 and DHCPv4 service upon receipt of an IPv6 Router Advertisement (RA), and does not provide an option to...