Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2010-3243 | 4.3 |
Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2 and Office SharePoint Server 2007 SP2, allows remote attackers to injec
|
17-10-2024 - 21:35 | 13-10-2010 - 19:00 | |
CVE-2010-3328 | 9.3 |
Use-after-free vulnerability in the CAttrArray::PrivateFind function in mshtml.dll in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code by setting an unspecified property of a stylesheet object, aka "Uninitiali
|
02-02-2024 - 16:00 | 13-10-2010 - 19:00 | |
CVE-2010-3330 | 4.3 |
Microsoft Internet Explorer 6 through 8 does not properly restrict script access to content from a different (1) domain or (2) zone, which allows remote attackers to obtain sensitive information via a crafted web site, aka "Cross-Domain Information D
|
23-07-2021 - 15:12 | 13-10-2010 - 19:00 | |
CVE-2010-3325 | 4.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters in Cascading Style Sheets (CSS) documents, which allows remote attackers to obtain sensitive information from a different (1) domain or (2) zone via a cra
|
23-07-2021 - 15:12 | 13-10-2010 - 19:00 | |
CVE-2010-3329 | 9.3 |
mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code via a crafted Microsoft Office document that causes the HtmlDlgHelper class destructor to access uninitialized memory, aka "Uninitialized Memory Cor
|
23-07-2021 - 15:12 | 13-10-2010 - 19:00 | |
CVE-2010-3324 | 4.3 |
The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, Office SharePoint Server 2007 SP2, Groove Server 2010, and Office Web Apps, allows rem
|
23-07-2021 - 15:12 | 17-09-2010 - 18:00 | |
CVE-2010-3331 | 9.3 |
Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory in certain circumstances involving use of Microsoft Word to read Word documents, which allows remote attackers to execute arbitrary code by accessing an object that (1
|
23-07-2021 - 15:12 | 13-10-2010 - 19:00 | |
CVE-2010-3326 | 9.3 |
Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Unini
|
23-07-2021 - 12:16 | 13-10-2010 - 19:00 | |
CVE-2010-3222 | 7.2 |
Stack-based buffer overflow in the Remote Procedure Call Subsystem (RPCSS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted LPC message that requests an LRPC connection from an LPC server to
|
26-02-2019 - 14:04 | 13-10-2010 - 19:00 | |
CVE-2010-3228 | 9.3 |
The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms does not properly perform optimizations, which allows remote attackers to execute arbitrary code via a crafted .NET application that triggers memory corruption, aka ".NET Framework
|
26-02-2019 - 14:04 | 13-10-2010 - 19:00 | |
CVE-2010-2741 | 7.2 |
The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 performs an incorrect integer calculation during font processing, which allows local users to gain privileges via a crafted application, aka "OpenType Font
|
26-02-2019 - 14:04 | 13-10-2010 - 19:00 | |
CVE-2010-2745 | 9.3 |
Microsoft Windows Media Player (WMP) 9 through 12 does not properly deallocate objects during a browser reload action, which allows user-assisted remote attackers to execute arbitrary code via crafted media content referenced in an HTML document, aka
|
26-02-2019 - 14:04 | 13-10-2010 - 19:00 | |
CVE-2010-1883 | 9.3 |
Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to execute arbitrary cod
|
26-02-2019 - 14:04 | 13-10-2010 - 19:00 | |
CVE-2010-2740 | 7.2 |
The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly perform memory allocation during font parsing, which allows local users to gain privileges via a crafted application, aka "OpenType Font P
|
26-02-2019 - 14:04 | 13-10-2010 - 19:00 | |
CVE-2010-2746 | 7.6 |
Heap-based buffer overflow in Comctl32.dll (aka the common control library) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when a third-party SVG viewer i
|
26-02-2019 - 14:04 | 13-10-2010 - 19:00 | |
CVE-2010-2744 | 7.2 |
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly manage a window class, which allows local users to gain privileges b
|
26-02-2019 - 14:04 | 13-10-2010 - 19:00 | |
CVE-2010-2743 | 7.2 |
The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layouts from disk, which allows local users to gain privileges via a crafted application, as demonstrated
|
26-02-2019 - 14:04 | 20-01-2011 - 21:00 | |
CVE-2010-3225 | 7.6 |
Use-after-free vulnerability in the Media Player Network Sharing Service in Microsoft Windows Vista SP1 and SP2 and Windows 7 allows remote attackers to execute arbitrary code via a crafted Real Time Streaming Protocol (RTSP) packet, aka "RTSP Use Af
|
30-10-2018 - 16:27 | 13-10-2010 - 19:00 | |
CVE-2010-3229 | 7.1 |
The Secure Channel (aka SChannel) security package in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, when IIS 7.x is used, does not properly process client certificates during SSL and TLS handshakes, which
|
30-10-2018 - 16:27 | 13-10-2010 - 19:00 | |
CVE-2010-3240 | 9.3 |
Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a cr
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3237 | 9.3 |
Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Merge Cell Record Pointer Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3218 | 9.3 |
Heap-based buffer overflow in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via malformed records in a Word document, aka "Word Heap Overflow Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3215 | 9.3 |
Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle unspecified return values during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "W
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3233 | 9.3 |
Microsoft Excel 2002 SP3 and 2003 SP3 does not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted .wk3 (aka Lotus 1-2-3 workbook) file, aka "Lotus 1-2-3 Workbook Parsing Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3241 | 9.3 |
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Out
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3238 | 9.3 |
Microsoft Excel 2002 SP3 and 2003 SP3, and Office 2004 for Mac, does not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Negative Future Function Vulnerabili
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3221 | 9.3 |
Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and Word Viewer do not properly handle a malformed record during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memor
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-2747 | 9.3 |
Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle an uninitialized pointer during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Wo
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3242 | 9.3 |
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Ghost Record Ty
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-2750 | 9.3 |
Array index error in Microsoft Word 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3230 | 9.3 |
Integer overflow in Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel document with crafted record information, aka "Excel Record Parsing Integer Overflow Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3235 | 9.3 |
Microsoft Excel 2002 SP3 does not properly validate formula information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Formula Biff Record Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3216 | 9.3 |
Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a crafted Word document containing bookmarks that trigger use of an invalid pointer and memory corruption, aka "Word Bookmarks Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3217 | 9.3 |
Double free vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a Word document with crafted List Format Override (LFO) records, aka "Word Pointer Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3236 | 9.3 |
Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Ou
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-2748 | 9.3 |
Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly check an unspecified boundary during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3231 | 9.3 |
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Excel Record Pa
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3239 | 9.3 |
Microsoft Excel 2002 SP3 does not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Extra Out of Boundary Record Parsing Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3220 | 9.3 |
Unspecified vulnerability in Microsoft Word 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Parsing Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3214 | 9.3 |
Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Word Viewer;
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3232 | 9.3 |
Microsoft Excel 2003 SP3 and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record informa
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3234 | 9.3 |
Microsoft Excel 2002 SP3 does not properly validate formula information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Formula Substream Memory Corruption Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-3219 | 9.3 |
Array index vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Parsing Vulnerability."
|
12-10-2018 - 21:58 | 13-10-2010 - 19:00 | |
CVE-2010-1263 | 9.3 |
Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do n
|
12-10-2018 - 21:57 | 08-06-2010 - 20:30 | |
CVE-2010-2549 | 7.2 |
Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2 and Server 2008 Gold and SP2 allows local users to gain privileges or cause a denial of service (system crash) by using a large number of calls to the NtUs
|
19-09-2017 - 01:31 | 02-07-2010 - 19:00 |