Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

MicrosoftInternet Explorer CSS Handling Code Execution Vulnerability

A vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by a dangling pointer in the Microsoft HTML Viewer (mshtml.dll) when retrieving certain CSS/STYLE objects via the "...
Last Update Date: 28 Jan 2011 Release Date: 23 Nov 2009 5298 Views

RISK: Medium Risk

Medium Risk

OperaFloating Point Number Handling Memory Corruption Vulnerability

A vulnerability has been identified in Opera, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by a memory corruption error when processing floating point numbers, which could allow remote attackers to crash an affected browser or execute arbitrary code by...
Last Update Date: 28 Jan 2011 Release Date: 23 Nov 2009 5402 Views

RISK: Medium Risk

Medium Risk

KDEkdelibs Floating Point Numbers Memory Corruption Vulnerability

A vulnerability has been identified in KDE kdelibs, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by a memory corruption error when processing floating point numbers, which could allow remote attackers to crash an affected browser or execute arbitrary code...
Last Update Date: 28 Jan 2011 Release Date: 23 Nov 2009 5406 Views

RISK: Medium Risk

Medium Risk

Apple Safari Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Apple Safari, which could be exploited by attackers to disclose sensitive information, bypass security restrictions, cause a denial of service or compromise an affected system.1. An integer overflow error in ColorSync when processing images with a malformed color...
Last Update Date: 28 Jan 2011 Release Date: 13 Nov 2009 5398 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Word File Information Memory Corruption Vulnerability( 11 November 2009 )

A remote code execution vulnerability exists in the way that Microsoft Office Word handles a specially crafted Word file that includes a malformed record. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, ...
Last Update Date: 28 Jan 2011 Release Date: 11 Nov 2009 5267 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows License Logging Server Heap Overflow Vulnerability( 11 November 2009 )

An unauthenticated remote code execution vulnerability exists in the way that the Microsoft License Logging Server software handles specially crafted RPC packets. An attempt to exploit the vulnerability would not require authentication, allowing an attacker to exploit the vulnerability by sending a specially crafted network message to a...
Last Update Date: 28 Jan 2011 Release Date: 11 Nov 2009 5208 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Web Services on Devices API Memory Corruption Vulnerability( 11 November 2009 )

A remote code execution vulnerability exists in the Web Services on Devices API (WSDAPI) on Windows systems. The vulnerability is due to the service not properly handling a WSDAPI message with a specially crafted header. An attacker who successfully exploited this vulnerability could take complete control...
Last Update Date: 28 Jan 2011 Release Date: 11 Nov 2009 5204 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Excel Multiple Vulnerabilities( 11 November 2009 )

1. Excel Cache Memory Corruption VulnerabilityA remote code execution vulnerability exists in the way that Microsoft Office Excel handles specially crafted Excel files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, ...
Last Update Date: 28 Jan 2011 Release Date: 11 Nov 2009 5233 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Active Directory LSASS Recursive Stack Overflow Vulnerability( 11 November 2009 )

A denial of service vulnerability exists in implementations of Active Directory on Microsoft Windows 2000 Server, Windows Server 2003, and Windows Server 2008. The vulnerability also exists in implementations of Active Directory Application Mode (ADAM) when installed on Windows XP and Windows Server 2003, ...
Last Update Date: 28 Jan 2011 Release Date: 11 Nov 2009 5261 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities( 11 November 2009 )

1. Win32k NULL Pointer Dereferencing VulnerabilityAn elevation of privilege vulnerability exists because the Windows kernel does not properly validate an argument passed to a Windows kernel system call. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install...
Last Update Date: 28 Jan 2011 Release Date: 11 Nov 2009 5297 Views