Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Google Chrome Multiple Vulnerabilities

Multiple vulnerabilitieshave been identified in Google Chrome, which could be exploited by attackers to bypass restrictions, crash an affected browser or compromise a vulnerable system. These issues are caused by use-after-free and input validation errors, and race conditions related to document APIs...
Last Update Date: 28 Jan 2011 Release Date: 16 Sep 2010 5315 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Uniscribe Font Parsing Engine Memory Corruption Vulnerability ( 15 September 2010 )

A remote code execution vulnerability exists in affected versions of Microsoft Windows and Microsoft Office. The vulnerability exists because Windows and Office incorrectly parse specific font types in such a way that could allow remote code execution. An attacker who successfully exploited this vulnerability could run arbitrary code...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 5157 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows WordPad Word 97 Text Converter Memory Corruption Vulnerability ( 15 September 2010 )

A remote code execution vulnerability exists in the way that Microsoft WordPad processes memory when parsing a specially crafted Word 97 document. The vulnerability could allow remote code execution if a user opens a specially crafted Word file that includes a malformed structure.
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 5133 Views

RISK: Medium Risk

Medium Risk

Samba SID Parsing Buffer Overflow Vulnerability

A vulnerability has been identified in Samba, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by a buffer overflow error in the "sid_parse()" function and the related "dom_sid_parse()" function in the source4 code when reading a...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 5395 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows MPEG-4 Codec Vulnerability ( 15 September 2010 )

A remote code execution vulnerability exists in the way that the MPEG-4 codec handles supported format files. This vulnerability could allow code execution if a user opened a specially crafted media file. If a user is logged on with administrative user rights, an attacker who...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 5210 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows RPC Memory Corruption Vulnerability ( 15 September 2010 )

An unauthenticated remote code execution vulnerability exists in the way that the Remote Procedure Call (RPC) client implementation allocates memory when parsing specially crafted RPC responses. An attempt to exploit the vulnerability would not require authentication, allowing an attacker to exploit the vulnerability by sending a...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 5252 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows CSRSS Local Elevation of Privilege Vulnerability ( 15 September 2010 )

An elevation of privilege vulnerability exists in the Windows CSRSS due to the way that the CSRSS assigns memory for specific user transactions. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 5308 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows IIS Multiple Vulnerabilities ( 15 September 2010 )

1. IIS Repeated Parameter Request Denial of Service VulnerabilityA denial of service vulnerability exists in Internet Information Services (IIS) that could allow an attacker who successfully exploited this vulnerability to interrupt service, causing the server to become un-responsive. An attacker could exploit the...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 5442 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows LSASS Heap Overflow Vulnerability ( 15 September 2010 )

An authenticated elevation of privilege vulnerability exists in Microsoft Windows due to the way that the Local Security Authority Subsystem Service (LSASS) improperly handles certain Lightweight Directory Access Protocol (LDAP) messages. The vulnerability exists in implementations of Active Directory, Active Directory Application Mode (...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 5242 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Heap Based Buffer Overflow in Outlook Vulnerability ( 15 September 2010 )

A remote code execution vulnerability exists in the way that Microsoft Outlook parses content in a specially crafted e-mail message. This vulnerability exists only in configurations where Outlook connects to an Exchange Server in Online Mode. Configurations where Outlook connects to an Exchange Server in the...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 5265 Views

Subscribe To:

Mailing List
RSS Feed

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY