Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Novell iPrint Client Remote Buffer Overflow Vulnerabilities

Two vulnerabilities have been identified in Novell iPrint Client, which could be exploited by remote attackers to compromise a vulnerable system.1. Due to a buffer overflow error in "ienipp.ocx" when processing an overly long "target-frame" parameter, which...
Last Update Date: 28 Jan 2011 Release Date: 9 Dec 2009 5342 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Active Directory Federation Services (ADFS) Multiple Vulnerabilities( 09 December 2009 )

1. Single Sign On Spoofing in ADFS Vulnerabilityspoofing vulnerability in Active Directory Federation Services could allow an attacker to impersonate an authenticated user if the attacker has access to a workstation and Web browser recently used by the targeted user to access a Web site that offers single sign...
Last Update Date: 28 Jan 2011 Release Date: 9 Dec 2009 5188 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Internet Authentication Service Multiple Vulnerabilities( 09 December 2009 )

1. Internet Authentication Service Memory Corruption VulnerabilityA remote code execution vulnerability exists in implementations of Protected Extensible Authentication Protocol (PEAP) on the Internet Authentication Service. The vulnerability is due to incorrect copying into memory of messages received by the server when handling PEAP authentication attempts. ...
Last Update Date: 28 Jan 2011 Release Date: 9 Dec 2009 5263 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Local Security Authority Subsystem Service (LSASS) Resource Exhaustion Vulnerability( 09 December 2009 )

A denial of service vulnerability exists in Microsoft Windows due to the way that the Local Security Authority Subsystem Service (LSASS) improperly handles specially crafted ISAKMP messages communicated through IPsec.
Last Update Date: 28 Jan 2011 Release Date: 9 Dec 2009 5355 Views

RISK: Medium Risk

Medium Risk

Microsoft WordPad and Office Text converter Memory Corruption Vulnerability( 09 December 2009 )

A remote code execution vulnerability exists in the way that text converters in Microsoft WordPad and Microsoft Office Word process memory when a user opens a specially crafted Word 97 file.
Last Update Date: 28 Jan 2011 Release Date: 9 Dec 2009 5323 Views

RISK: Medium Risk

Medium Risk

Microsoft Internet Explorer Multiple Vulnerabilities( 09 December 2009 )

1. ATL COM Initialization VulnerabilityA remote code execution vulnerability exists in an ActiveX control built with vulnerable Microsoft Active Template Library (ATL) headers. This vulnerability only directly affects systems with components and controls installed that were built using Visual Studio ATL. Components and controls built...
Last Update Date: 28 Jan 2011 Release Date: 9 Dec 2009 5172 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Project Memory Validation Vulnerability( 09 December 2009 )

A remote code execution vulnerability exists in the way that Microsoft Office Project handles specially crafted Project files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; ...
Last Update Date: 28 Jan 2011 Release Date: 9 Dec 2009 5232 Views

RISK: Medium Risk

Medium Risk

BlackBerry Products PDF Distiller Code Execution Vulnerabilities

Multiple vulnerabilities have been identified in BlackBerry Enterprise Server and BlackBerry Professional Software, which could be exploited by attackers to compromise a vulnerable device. These issues are caused by memory corruption errors in the PDF distiller of the BlackBerry Attachment Service component when processing malformed PDF files, ...
Last Update Date: 28 Jan 2011 Release Date: 4 Dec 2009 5196 Views

RISK: Medium Risk

Medium Risk

VMware Products Multiple Code Execution and Security Bypass Vulnerabilities

Multiple vulnerabilities have been identified in various VMware products, which could be exploited by remote attackers to bypass security restrictions, disclose sensitive information, cause a denial of service or compromise a vulnerable system. These issues are caused by errors in JRE, Tomcat, ntp, ...
Last Update Date: 28 Jan 2011 Release Date: 24 Nov 2009 5462 Views

RISK: Medium Risk

Medium Risk

HPOpenView Operations Default Account Code Execution Vulnerability

A vulnerability has been identified in HP OpenView Operations, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused due to a hidden account being present within the Tomcat users XML file, which could allow remote attackers to gain unauthorized access...
Last Update Date: 28 Jan 2011 Release Date: 24 Nov 2009 5423 Views