Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Microsoft Windows HTTP Services Multiple Vulnerabilities( 15 April 2009 )

1. Windows HTTP Services Integer Underflow VulnerabilityA remote code execution vulnerability exists in the way that Windows HTTP Services handle specific values that are returned by a remote Web server. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker...
Last Update Date: 28 Jan 2011 Release Date: 15 Apr 2009 5318 Views

RISK: Medium Risk

Medium Risk

Microsoft WordPad and Office Text Converters Multiple Vulnerabilities( 15 April 2009 )

1. WordPad and Office Text Converter Memory Corruption VulnerabilityA remote code execution vulnerability exists in the way that text converters in WordPad and Microsoft Office process memory when a user opens a specially crafted Word 6 file that includes malformed data.2. WordPad Word 97 Text Converter...
Last Update Date: 28 Jan 2011 Release Date: 15 Apr 2009 5182 Views

RISK: Medium Risk

Medium Risk

Microsoft DirectShow MJPEG Decompression Vulnerability( 15 April 2009 )

A remote code execution vulnerability exists in the way Microsoft DirectShow handles supported format files. This vulnerability could allow code execution if a user opened a specially crafted MJPEG file. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability...
Last Update Date: 28 Jan 2011 Release Date: 15 Apr 2009 5161 Views

RISK: Medium Risk

Medium Risk

Microsoft ISA Server and Forefront Threat Management Gateway (Medium Business Edition) Multiple Vulnerabilities( 15 April 2009 )

1. Web Proxy TCP State Limited Denial of Service VulnerabilityA denial of service vulnerability exists in the way the firewall engine handles TCP state for Web proxy or Web publishing listeners. The vulnerability could allow a remote user to cause a Web listener to stop responding to new...
Last Update Date: 28 Jan 2011 Release Date: 15 Apr 2009 5211 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Excel Multiple Memory Corruption Vulnerabilities( 15 April 2009 )

1. Memory Corruption VulnerabilityA remote code execution vulnerability exists in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed object. An attacker who successfully exploited this vulnerability could take complete control of an affected system...
Last Update Date: 28 Jan 2011 Release Date: 15 Apr 2009 5139 Views

RISK: Medium Risk

Medium Risk

ClamAVcli_url_canon()" Buffer Overflow and UPack DoS Vulnerabilities

Multiple vulnerabilities have been identified in ClamAV, which could be exploited by attackers or malware to cause a denial of service or compromise a vulnerable system.1. A buffer overflow error in the "cli_url_canon()" [libclamav/phishcheck.c] function when processing specially crafted...
Last Update Date: 28 Jan 2011 Release Date: 14 Apr 2009 5455 Views

RISK: Medium Risk

Medium Risk

HPOpenView Performance Agent DynaZip Buffer Overflow Vulnerability

A vulnerability has been identified in HP OpenView Performance Agent and HP Performance Agent, which could be exploited by remote attackers to compromise a vulnerable system.Buffer overflow errors in the "dzip32.dll" and "dzips32.dll" libraries when repairing, adding, ...
Last Update Date: 28 Jan 2011 Release Date: 14 Apr 2009 5604 Views

RISK: Medium Risk

Medium Risk

SunSolaris and SEAM Kerberos Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Sun Solaris and SEAM (Sun Enterprise Authentication Mechanism), which could be exploited by remote attackers to cause a denial of service or compromise a vulnerable system. These issues are caused by errors in Kerberos.1. A NULL pointer dereference...
Last Update Date: 28 Jan 2011 Release Date: 14 Apr 2009 5304 Views

RISK: Medium Risk

Medium Risk

Novell NetIdentity Client Agent Remote Code Execution Vulnerability

A vulnerability has been identified in Novell NetIdentity Client, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by an input validation error within "xtagent.exe" when handling RPC messages over the "XTIERRPCPIPE" named pipe, which...
Last Update Date: 28 Jan 2011 Release Date: 8 Apr 2009 5485 Views

RISK: Medium Risk

Medium Risk

VMwareProducts Code Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities have been identified in various VMware products, which could be exploited by attackers or malicious users to cause a denial of service, gain elevated privileges, or execute arbitrary code.1. An unspecified error in a guest virtual device driver, which could allow...
Last Update Date: 28 Jan 2011 Release Date: 7 Apr 2009 5581 Views