Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Google Chrome Memory Corruption and Security Bypass Vulnerabilities

Multiple vulnerabilities have been identified in Google Chrome, which could be exploited by remote attackers to bypass restrictions, gain knowledge of sensitive information, cause a denial of service or potentially compromise a vulnerable system.1. Due to an unspecified error which could allow web sites...
Last Update Date: 28 Jan 2011 Release Date: 27 Jan 2010 5422 Views

RISK: Medium Risk

Medium Risk

Microsoft Internet Explorer Multiple Vulnerabilities ( 22 January 2010 )

1. XSS Filter Script Handling Vulnerability An XSS filter bypass vulnerability exists in the way that Internet Explorer 8 disables an HTML attribute in otherwise appropriately filtered HTTP response data. The vulnerability could allow initially disabled scripts to run in the wrong security context, leading to information...
Last Update Date: 28 Jan 2011 Release Date: 22 Jan 2010 5272 Views

RISK: Medium Risk

Medium Risk

Sun Java System Web Server Two Vulnerabilities

Some vulnerabilities have been reported in Sun Java System Web Server, which can be exploited by malicious people to disclose sensitive information and potentially compromise a vulnerable system.1. Due to a boundary error when processing the "OPTIONS" requests which can be exploited to cause...
Last Update Date: 28 Jan 2011 Release Date: 21 Jan 2010 5368 Views

RISK: Medium Risk

Medium Risk

RealNetworks RealPlayer Multiple Code Execution Vulnerabilities

Multiple vulnerabilities have been identified in RealNetworks RealPlayer, which could be exploited by remote attackers to compromise a vulnerable system.1. Due to a heap overflow error when processing a malformed ASM Rulebook, which could be exploited to execute arbitrary code.2. Due to...
Last Update Date: 28 Jan 2011 Release Date: 21 Jan 2010 5368 Views

RISK: Medium Risk

Medium Risk

Adobe Shockwave Player Buffer and Integer Overflow Vulnerabilities

Multiple vulnerabilities have been identified in Adobe Shockwave Player, which could be exploited by remote attackers to compromise a vulnerable system. These issues are caused by buffer and integer overflow errors when processing Shockwave files or 3D models, which could be exploited to execute arbitrary code by...
Last Update Date: 28 Jan 2011 Release Date: 21 Jan 2010 5356 Views

RISK: Medium Risk

Medium Risk

Apple Mac OS X Code Execution and Security Bypass Vulnerabilities

Multiple vulnerabilities have been identified in Apple Mac OS X, which could be exploited by remote or local attackers to disclose sensitive information, bypass security restrictions, cause a denial of service or compromise an affected system.1. Due to a boundary error in CoreAudio which...
Last Update Date: 28 Jan 2011 Release Date: 21 Jan 2010 5414 Views

RISK: Medium Risk

Medium Risk

Microsoft Internet Explorer Invalid Pointer Reference Vulnerability

A vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by attackers to compromise a vulnerable system. The vulnerability exists as an invalid pointer reference within Internet Explorer. It is possible under certain conditions for the invalid pointer to be accessed after an object...
Last Update Date: 28 Jan 2011 Release Date: 15 Jan 2010 5219 Views

RISK: Medium Risk

Medium Risk

Adobe Reader and Acrobat Multiple Code Execution Vulnerabilities

Multiple vulnerabilities have been identified in Adobe Reader and Acrobat, which could be exploited by attackers to bypass security restrictions, gain knowledge of sensitive information, cause a denial of service or compromise a vulnerable system.1. Due to an integer overflow error in the U3D...
Last Update Date: 28 Jan 2011 Release Date: 14 Jan 2010 5492 Views

RISK: Medium Risk

Medium Risk

Kerberos AES and RC4 Decryption Integer Underflow Vulnerabilities

Multiple vulnerabilities have been identified in Kerberos, which could be exploited by remote attackers to cause a denial of service or compromise a vulnerable system. These issues are caused by integer underflow errors in the AES and RC4 decryption operations when processing an invalid ciphertext, which could...
Last Update Date: 28 Jan 2011 Release Date: 14 Jan 2010 5485 Views

RISK: Medium Risk

Medium Risk

Oracle Products Multiple Vulnerabilities

A vulnerability has been identified in various Oracle products and components, which could be exploited by attackers to cause a denial of service, disclose sensitive information or compromise a vulnerable system.
Last Update Date: 28 Jan 2011 Release Date: 13 Jan 2010 5498 Views