CVE-2008-4197

HIGH Year: 2008
CVSS v3 Score
8.8
High
CVSS v2 Score
9.3
Critical
Weakness Type
CWE-908
View all →

Vulnerability Description

Opera before 9.52 on Windows, Linux, FreeBSD, and Solaris, when processing custom shortcut and menu commands, can produce argument strings that contain uninitialized memory, which might allow user-assisted remote attackers to execute arbitrary code or conduct other attacks via vectors related to activation of a shortcut.

Related Vulnerabilities

CVE-2008-2934

HIGH
CVSS:8.8(High)

Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file that triggers a free of an...

CWE-9082008

CVE-2008-3475

HIGH
CVSS:8.8(High)

Microsoft Internet Explorer 6 does not properly handle errors related to using the componentFromPoint method on xml objects that have been (1) incorrectly initialized or (2) deleted, which allows remo...

CWE-9082008

CVE-2018-6981

HIGH
CVSS:8.8(High)

VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG, VMware ESXi 6.0 without ESXi600-201811401-BG, VMware Workstation 15, VMware Workstation 14.1.3 or below, ...

CWE-9082018

CVE-2019-13135

HIGH
CVSS:8.8(High)

ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c.

CWE-9082019

CVE-2019-2105

HIGH
CVSS:8.8(High)

In FileInputStream::Read of file_input_stream.cc, there is a possible memory corruption due to uninitialized data. This could lead to remote code execution in an unprivileged process with no additiona...

CWE-9082019

CVE-2020-6398

HIGH
CVSS:8.8(High)

Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

CWE-9082020