Microsoft: >> Windows >> server_2008 Security Vulnerabilities
Stack-based buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted pathname for a file.
CVSS Score
9.3
EPSS Score
0.057
Published
2012-05-16
Multiple stack-based buffer overflows in Apple QuickTime before 7.7.2 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TeXML file.
CVSS Score
9.3
EPSS Score
0.682
Published
2012-05-16
Google Chrome before 19.0.1084.46 on Windows uses an incorrect search path for the Windows Media Player plug-in, which might allow local users to gain privileges via a Trojan horse plug-in in an unspecified directory.
CVSS Score
7.2
EPSS Score
0.0
Published
2012-05-16
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.2, when running on Windows, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
CVSS Score
7.1
EPSS Score
0.007
Published
2012-05-03
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 9.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.007
Published
2012-04-05
An unspecified ActiveX control in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228, and AIR before 3.2.0.2070, on Windows does not properly perform URL security domain checking, which allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors.
CVSS Score
10.0
EPSS Score
0.244
Published
2012-03-28
CA ARCserve Backup r12.0 through SP2, r12.5 before SP2, r15 through SP1, and r16 before SP1 on Windows allows remote attackers to cause a denial of service (service shutdown) via a crafted network request.
CVSS Score
5.0
EPSS Score
0.018
Published
2012-03-22
The Internationalized Domain Name (IDN) feature in Apple Safari before 5.1.4 on Windows does not properly restrict the characters in URLs, which allows remote attackers to spoof a domain name via unspecified homoglyphs.
CVSS Score
6.4
EPSS Score
0.006
Published
2012-03-12
The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CVSS Score
10.0
EPSS Score
0.105
Published
2012-03-05
Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x does not properly handle integers, which allows attackers to obtain sensitive information via unspecified vectors.
CVSS Score
5.0
EPSS Score
0.019
Published
2012-03-05