Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Microsoft Office COM Validation Vulnerability ( 09 June 2010 )

A remote code execution vulnerability exists in the way that affected Microsoft Office software validates COM object instantiation. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; ...
Last Update Date: 28 Jan 2011 Release Date: 9 Jun 2010 5207 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Excel Multiple Vulnerabilities( 09 June 2010 )

1. Excel Record Parsing Memory Corruption VulnerabilityA remote code execution vulnerability exists in the way that Microsoft Office Excel handles specially crafted Excel files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view...
Last Update Date: 28 Jan 2011 Release Date: 9 Jun 2010 5162 Views

RISK: Medium Risk

Medium Risk

Microsoft SharePoint Multiple Vulnerabilities( 09 June 2010 )

1. Help.aspx XSS VulnerabilityA cross-site scripting and spoofing vulnerability exists in Microsoft Windows SharePoint Services 3. and Microsoft Office SharePoint Server 2007 that could allow an attacker to convince a user to run a malicious script. An attacker who successfully exploited the vulnerability...
Last Update Date: 28 Jan 2011 Release Date: 9 Jun 2010 5157 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows ActiveX Multiple Vulnerabilities ( 09 June 2010 )

1. Microsoft Data Analyzer ActiveX Control Vulnerability A remote code execution vulnerability exists in the Microsoft Data Analyzer ActiveX Control. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code...
Last Update Date: 28 Jan 2011 Release Date: 9 Jun 2010 5112 Views

RISK: Medium Risk

Medium Risk

Microsoft IIS Authentication Memory Corruption Vulnerability( 09 June 2010 )

A remote code execution vulnerability exists in Internet Information Services (IIS). The vulnerability is due to improper parsing of authentication information. An attacker who successfully exploited this vulnerability could execute code in the context of the Worker Process Identity (WPI).
Last Update Date: 28 Jan 2011 Release Date: 9 Jun 2010 5488 Views

RISK: Medium Risk

Medium Risk

Microsoft Internet Explorer Multiple Vulnerabilities ( 09 June 2010 )

1. Cross-Domain Information Disclosure Vulnerability An information disclosure vulnerability exists in the way that Internet Explorer caches data and incorrectly allows the cached content to be called, potentially bypassing Internet Explorer domain restriction. An attacker could exploit the vulnerability by constructing a specially crafted Web...
Last Update Date: 28 Jan 2011 Release Date: 9 Jun 2010 5269 Views

RISK: Medium Risk

Medium Risk

Apple Safari Multiple Vulnerabilities

Multiple vulnerabilitieshave been identified in Apple Safari, which could be exploited by attackers to disclose sensitive information, bypass security restrictions or compromise an affected system. These issues are caused by use-after-free, double free, integer truncation, heap overflow, memory corruption...
Last Update Date: 28 Jan 2011 Release Date: 9 Jun 2010 5699 Views

RISK: Medium Risk

Medium Risk

Microsoft .NET Framework XML Signature HMAC Truncation Authentication Bypass Vulnerability( 09 June 2010 )

A data tampering vulnerability exists in the Microsoft .NET Framework that could allow an attacker to tamper with signed XML content without being detected. In custom applications, the security impact depends on the specific usage scenario. Scenarios in which signed XML messages are transmitted over a...
Last Update Date: 28 Jan 2011 Release Date: 9 Jun 2010 5446 Views

RISK: Medium Risk

Medium Risk

OpenOffice.org Code Execution and Security Bypass Vulnerabilities

Two vulnerabilities have been identified in OpenOffice.org, which could be exploited by attackers to bypass security restrictions or compromise a vulnerable system.1. An error when using the built-in scripting IDE to explore python code, which could allow attackers to execute arbitrary...
Last Update Date: 28 Jan 2011 Release Date: 8 Jun 2010 5458 Views

RISK: Medium Risk

Medium Risk

Adobe Flash Player SWF Data Processing Code Execution Vulnerability

A vulnerability has been identified in Adobe Flash Player, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by a memory corruption error when processing malformed data within a SWF file, which could be exploited by attackers to execute arbitrary...
Last Update Date: 28 Jan 2011 Release Date: 7 Jun 2010 5412 Views