Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:microsoft:windows_7:-:sp1:x86:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2013-1286 |
The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1285 and CVE-2013-1287. Published: March 12, 2013; 8:55:01 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2013-1285 |
The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 do not properly handle objects in memory, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Windows USB Descriptor Vulnerability," a different vulnerability than CVE-2013-1286 and CVE-2013-1287. Published: March 12, 2013; 8:55:01 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2013-0094 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer removeChild Use After Free Vulnerability." Published: March 12, 2013; 8:55:01 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2013-0093 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer onBeforeCopy Use After Free Vulnerability." Published: March 12, 2013; 8:55:01 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2013-0092 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer GetMarkupPtr Use After Free Vulnerability." Published: March 12, 2013; 8:55:01 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2013-0091 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CElement Use After Free Vulnerability." Published: March 12, 2013; 8:55:01 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2013-0090 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CCaret Use After Free Vulnerability." Published: March 12, 2013; 8:55:01 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2013-0089 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CMarkupBehaviorContext Use After Free Vulnerability." Published: March 12, 2013; 8:55:01 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2013-0088 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer saveHistory Use After Free Vulnerability." Published: March 12, 2013; 8:55:01 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2013-0087 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer OnResize Use After Free Vulnerability." Published: March 12, 2013; 8:55:01 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2013-0074 |
Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Double Dereference Vulnerability." Published: March 12, 2013; 8:55:01 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2013-2556 |
Unspecified vulnerability in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 through SP1 allows attackers to bypass the ASLR protection mechanism via unknown vectors, as demonstrated against Adobe Flash Player by VUPEN during a Pwn2Own competition at CanSecWest 2013, aka "ASLR Security Feature Bypass Vulnerability." Published: March 11, 2013; 6:55:01 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2013-2554 |
Unspecified vulnerability in Microsoft Windows 7 allows attackers to bypass the ASLR and DEP protection mechanisms via unknown vectors, as demonstrated against Firefox by VUPEN during a Pwn2Own competition at CanSecWest 2013, a different vulnerability than CVE-2013-0787. Published: March 11, 2013; 6:55:01 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2013-2553 |
Unspecified vulnerability in the kernel in Microsoft Windows 7 allows local users to gain privileges via unknown vectors, as demonstrated by Nils and Jon of MWR Labs during a Pwn2Own competition at CanSecWest 2013, a different vulnerability than CVE-2013-0912. Published: March 11, 2013; 6:55:01 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2013-0073 |
The Windows Forms (aka WinForms) component in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly restrict the privileges of a callback function during object creation, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application, aka "WinForms Callback Elevation Vulnerability." Published: February 13, 2013; 7:04:12 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2013-0030 |
The Vector Markup Language (VML) implementation in Microsoft Internet Explorer 6 through 10 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via a crafted web site, aka "VML Memory Corruption Vulnerability." Published: February 13, 2013; 7:04:12 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2013-0029 |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CHTML Use After Free Vulnerability." Published: February 13, 2013; 7:04:12 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2013-0024 |
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer pasteHTML Use After Free Vulnerability." Published: February 13, 2013; 7:04:11 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2013-0019 |
Use-after-free vulnerability in Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer COmWindowProxy Use After Free Vulnerability." Published: February 13, 2013; 7:04:11 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2013-0004 |
Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate the permissions of objects in memory, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application, aka "Double Construction Vulnerability." Published: January 09, 2013; 1:09:40 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |