Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

HP OpenView Network Node Manager Code Execution Vulnerabilities

Multiple vulnerabilities have been identified in HP OpenView Network Node Manager (OV NNM), which could be exploited by remote attackers to compromise a vulnerable system.1. A format string error within the "ovet_demandpoll.exe" process (invoked via the "webappmon.exe...
Last Update Date: 28 Jan 2011 Release Date: 13 May 2010 5605 Views

RISK: Medium Risk

Medium Risk

IrfanView PSD Image Parsing Multiple Vulnerabilities

Multiple vulnerabilities have been identified in IrfanView, which could be exploited by attackers to compromise a vulnerable system.1. A sign-extension error when parsing certain PSD images can be exploited to cause a heap-based buffer overflow by tricking a user into opening a...
Last Update Date: 28 Jan 2011 Release Date: 13 May 2010 5378 Views

RISK: Medium Risk

Medium Risk

Microsoft Outlook Express and Windows Mail Integer Overflow Vulnerability( 12 May 2010 )

An unauthenticated remote code execution vulnerability exists in the way that Windows Mail Client handles specially crafted mail responses. An attempt to exploit the vulnerability would not require authentication, allowing an attacker to exploit the vulnerability by sending a specially crafted response to a client initiating a connection...
Last Update Date: 28 Jan 2011 Release Date: 12 May 2010 5515 Views

RISK: Medium Risk

Medium Risk

Microsoft Visual Basic for Applications VBE6.DLL Stack Memory Corruption Vulnerability( 12 May 2010 )

A remote code execution vulnerability exists in the way that Microsoft Visual Basic for Applications searches for ActiveX controls. This vulnerability could allow remote code execution if a host application opens and passes a specially crafted file to the Visual Basic for Applications runtime. If a user is...
Last Update Date: 28 Jan 2011 Release Date: 12 May 2010 5307 Views

RISK: Medium Risk

Medium Risk

Apple Safari "parent.close()" Code Execution Vulnerability

A vulnerability has been identified in Apple Safari, which could be exploited by attackers to compromise a vulnerable system.The vulnerability is caused due to an error in the handling of parent windows and can result in a function call using an invalid pointer. This can be...
Last Update Date: 28 Jan 2011 Release Date: 10 May 2010 5306 Views

RISK: Medium Risk

Medium Risk

Adobe Photoshop CS4 TIFF Handling Buffer Overflow Vulnerabilities

Multiple vulnerabilities have been identified in Adobe Photoshop CS4, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by buffer overflow errors when processing malformed ".TIFF" files, which could be exploited by attackers to crash an affected application or...
Last Update Date: 28 Jan 2011 Release Date: 4 May 2010 5411 Views

RISK: Medium Risk

Medium Risk

Google Chrome Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Google Chrome, which could be exploited by attackers to bypass security restrictions or compromise a vulnerable system.1. Due to a memory corruption error within HTML5 Media handling.2. Due to a memory corruption error within font handling....
Last Update Date: 28 Jan 2011 Release Date: 29 Apr 2010 5373 Views

RISK: Medium Risk

Medium Risk

Opera Browser "document.write()" Uninitialized Memory Vulnerability

A vulnerability has been identified in Opera, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused due to an uninitialized memory when writing a large amount of data to a web page e.g. using the "document....
Last Update Date: 28 Jan 2011 Release Date: 28 Apr 2010 5430 Views

RISK: Medium Risk

Medium Risk

Google Chrome mutliple Vulnerabilities

Multiple vulnerabilities have been identified in Google Chrome, which could be exploited by remote attackers to bypass restrictions, disclose sensitive information or compromise a vulnerable system.1. An unspecified type confusion error with forms.2. A HTTP request errors, which could allow cross...
Last Update Date: 28 Jan 2011 Release Date: 22 Apr 2010 5375 Views

RISK: Medium Risk

Medium Risk

MIT Kerberos KDC "process_tgs_req()" Double Free Vulnerability

A vulnerability has been identified in MIT Kerberos, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by a double free error within the "process_tgs_req()" function when handling renewal or validation of existing tickets, which could allow attackers...
Last Update Date: 28 Jan 2011 Release Date: 22 Apr 2010 5410 Views