10 Most Vulnerable Software Apps of 2009

Vulnerabilities that allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E. allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009.

Does not properly remove references to destroyed objects during Shockwave Flash file processing, which allows remote attackers to execute arbitrary code via a crafted file, related to a “buffer overflow issue.” Allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to a “privilege escalation vulnerability.” Allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, related to a “null pointer vulnerability.”

Allows remote attackers to execute arbitrary code via a crafted web page that triggers memory corruption, related to an “invalid string length vulnerability.” Array index error in Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site.

Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via a crafted filename, as demonstrated by displaying a non-executable extension for an executable file. Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors.

Unspecified vulnerability in the JPEG JFIF Decoder in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x?before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to gain privileges via a crafted image file, aka Bug Id 6862969. Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and?JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 does not properly parse color profiles, which allows remote attackers to gain privileges via a crafted image file.

Opera before 9.64 allows remote attackers to execute arbitrary code via a crafted JPEG image that triggers memory corruption.

Buffer overflow in Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and possibly execute arbitrary code via a crafted MP3 audio file. Heap-based buffer overflow in?Apple QuickTime before 7.6 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via an AVI movie file with an invalid nBlockAlign value in the _WAVEFORMATEX structure.

A DLL file in RealNetworks RealPlayer 11 allows remote attackers to execute arbitrary code via a crafted Internet Video Recording (IVR) file with a modified field that controls an unspecified structure length and triggers heap corrup tion, related to use of RealPlayer through a Windows Explorer plugin.

?Apple Safari, possibly before 4.0.3, on Mac OS X does not properly handle a?‘\0’ character in a domain name in the subject’s Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification?Authority, a related issue to CVE-2009-2408.

Buffer overflow in ImageIO in Apple Mac OS X 10.5 before 10.5.8, and Safari before 4.0.3, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with crafted EXIF metadata.

Buffer overflow in the XML parser in Trillian 3.1.9.0, and possibly earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DTD file.