Microsoft Vulnerability Research (MSVR) Advisories Archive
Microsoft Vulnerability Research (MSVR) Advisories describe security vulnerabilities that Microsoft or security researchers discovered in third-party products or services, and which Microsoft has disclosed to the affected vendors. Microsoft performs this disclosure to the affected vendor under the procedures described in Coordinated Vulnerability Disclosure.
Protect Your PC
Microsoft has the following information about how you can help protect your PC:
- IT Professionals can visit the IT Pro Security Community.
- The Security TechCenter provides additional information about security in Microsoft products.
All Published or Updated MSVR Advisories:
| Advisory Number | Advisory Description | Date |
| Vulnerability in SumatraPDF Reader Could Allow Remote Code Execution | ||
| Vulnerability in DjVuLibre Could Allow Remote Code Execution | ||
| Vulnerability in VMware VMCI.sys Could Allow Local Elevation of Privilege | ||
| Vulnerability in VMware OVF Tool Could Allow Arbitrary Code Execution | ||
| Vulnerability in Lenovo ThinkPad Bluetooth with Enhanced Data Rate Software Could Allow Arbitrary Code Execution | ||
| Memory Corruption in QuickTime Could Allow Arbitrary Code Execution | ||
| Oracle AutoVue DXF Parsing Could Allow Arbitrary Code Execution | ||
| Oracle AutoVue DGN Parsing Could Allow Arbitrary Code Execution | ||
| Memory Corruption in Symantec Ghost Could Allow Arbitrary Code Execution | ||
| Vulnerabilities in Ektron CMS Could Allow Arbitrary Code Execution | ||
| Vulnerabilities in FFmpeg Libavcodec Could Allow Arbitrary Code Execution | ||
| Memory Corruption in Google SketchUp Could Allow Arbitrary Code Execution | ||
| Vulnerabilities in SumatraPDF Reader Could Allow Arbitrary Code Execution | ||
| Vulnerability in Foxit Reader Could Allow Arbitrary Code Execution | ||
| Safari Content-Disposition Handling Could Allow Cross-site Scripting | ||
| Vulnerabilities in Nullsoft Winamp Could Allow Arbitrary Code Execution | ||
| Vulnerability in Cisco WebEx Player Could Allow Remote Code Execution | ||
| Vulnerability in LongTail Video JW Player Could Allow Cross-Site Scripting | ||
| Vulnerability in Google Chrome Could Allow Local Code Execution | ||
| Apple QuickTime MPEG Parsing Memory Corruption | ||
| Vulnerability in RealNetworks Helix Universal Media Server Could Allow Denial of Service | ||
| Vulnerabilities in RealNetworks Helix Server Could Allow Arbitrary Script Execution | ||
| JPEG 2000 Memory Overwrite Vulnerability in OpenJPEG Could Allow Arbitrary Code Execution | ||
| Vulnerability in DotNetNuke Could Allow Arbitrary Script Execution | ||
| Vulnerability in DotNetNuke Could Allow Arbitrary Script Execution | ||
| Vulnerabilities in XnViewer Could Allow Remote Code Execution | ||
| Vulnerability in Hex-Rays IDA Pro, IDAPython Plugin Could Allow Arbitrary Script Execution | ||
| Vulnerability in NVIDIA Stereoscopic 3D Driver Could Allow Elevation of Privilege | ||
| Vulnerability in Wireshark Allows For Arbitrary Script Execution | ||
| Vulnerability in Wireshark Could Allow Remote Code Execution | ||
| Vulnerability in FFmpeg Could Allow Remote Code Execution | ||
| Vulnerability in FFmpeg Matroska Format Decoder Could Allow Remote Code Execution | ||
| Vulnerability in WordPress Could Allow Cross-Domain Script Execution | ||
| Vulnerability in Apple Safari Could Allow Information Disclosure | ||
| Vulnerability in Google Picasa Could Allow Remote Code Execution | ||
| Clickjacking Vulnerability in Facebook.com Could Allow Account Compromise | ||
| Vulnerability in Google SketchUp Could Allow Remote Code Execution | ||
| Vulnerability in Foxit Reader Could Allow Remote Code Execution | ||
| Vulnerability in RealNetworks RealPlayer RichFX Component Could Allow Remote Code Execution | ||
| Vulnerability in RealNetworks RealPlayer Could Allow Remote Code Execution | ||
| HTML5 Implementation in Chrome, Opera, and Safari Could Allow Information Disclosure | ||
| Use-After-Free Object Lifetime Vulnerability in Chrome Could Allow Sandboxed Remote Code Execution |
Disclamer
The information provided in this page is provided "as is" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.