Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:microsoft:windows_vista:-:sp2:~~business_n~~x64~
There are 376 matching records.
Displaying matches 201 through 220.
Vuln ID Summary CVSS Severity
CVE-2013-1288

Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CTreeNode Use After Free Vulnerability."

Published: March 12, 2013; 8:55:01 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-1287

The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1285 and CVE-2013-1286.

Published: March 12, 2013; 8:55:01 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2013-1286

The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1285 and CVE-2013-1287.

Published: March 12, 2013; 8:55:01 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2013-1285

The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1286 and CVE-2013-1287.

Published: March 12, 2013; 8:55:01 PM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2013-0094

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer removeChild Use After Free Vulnerability."

Published: March 12, 2013; 8:55:01 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-0093

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer onBeforeCopy Use After Free Vulnerability."

Published: March 12, 2013; 8:55:01 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-0092

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer GetMarkupPtr Use After Free Vulnerability."

Published: March 12, 2013; 8:55:01 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-0091

Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CElement Use After Free Vulnerability."

Published: March 12, 2013; 8:55:01 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-0090

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CCaret Use After Free Vulnerability."

Published: March 12, 2013; 8:55:01 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-0089

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CMarkupBehaviorContext Use After Free Vulnerability."

Published: March 12, 2013; 8:55:01 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-0088

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer saveHistory Use After Free Vulnerability."

Published: March 12, 2013; 8:55:01 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-0087

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer OnResize Use After Free Vulnerability."

Published: March 12, 2013; 8:55:01 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-0073

The Windows Forms (aka WinForms) component in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly restrict the privileges of a callback function during object creation, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application, aka "WinForms Callback Elevation Vulnerability."

Published: February 13, 2013; 7:04:12 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-0030

The Vector Markup Language (VML) implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via a crafted web site, aka "VML Memory Corruption Vulnerability."

Published: February 13, 2013; 7:04:12 AM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-0029

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CHTML Use After Free Vulnerability."

Published: February 13, 2013; 7:04:12 AM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-0024

Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer pasteHTML Use After Free Vulnerability."

Published: February 13, 2013; 7:04:11 AM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-0019

Use-after-free vulnerability in Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer COmWindowProxy Use After Free Vulnerability."

Published: February 13, 2013; 7:04:11 AM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-0005

The WCF Replace function in the Open Data (aka OData) protocol implementation in Microsoft .NET Framework 3.5, 3.5 SP1, 3.5.1, and 4, and the Management OData IIS Extension on Windows Server 2012, allows remote attackers to cause a denial of service (resource consumption and daemon restart) via crafted values in HTTP requests, aka "Replace Denial of Service Vulnerability."

Published: January 09, 2013; 1:09:40 PM -0500
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2013-0004

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate the permissions of objects in memory, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application, aka "Double Construction Vulnerability."

Published: January 09, 2013; 1:09:40 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-0003

Buffer overflow in a System.DirectoryServices.Protocols (S.DS.P) namespace method in Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application that leverages a missing array-size check during a memory copy operation, aka "S.DS.P Buffer Overflow Vulnerability."

Published: January 09, 2013; 1:09:40 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH