Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Adobe Flash Player Code Execution and Clickjacking Vulnerabilities

Multiple vulnerabilities have been identified in Adobe Flash Player, which could be exploited by attackers to gain knowledge of sensitive information, manipulate certain data, cause a denial of service or compromise a vulnerable system.1. A vulnerability is caused by an invalid object references when...
Last Update Date: 28 Jan 2011 Release Date: 26 Feb 2009 5502 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Excel Invalid Object Reference Vulnerability

A vulnerability has been reported in Microsoft Excel, which can be exploited by malicious people to compromise a user's system.The vulnerability is caused due to an error that may cause an invalid object to be referenced when opening an Excel document.Successful exploitation allows...
Last Update Date: 28 Jan 2011 Release Date: 25 Feb 2009 5292 Views

RISK: Medium Risk

Medium Risk

Adobe Acrobat and Reader Image Stream Code Execution Vulnerability

A vulnerability has been identified in Adobe Acrobat and Reader, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by a buffer overflow error when processing a malformed image stream within a PDF document, which could allow attackers to cause a...
Last Update Date: 28 Jan 2011 Release Date: 23 Feb 2009 5523 Views

RISK: Medium Risk

Medium Risk

Apple Mac OS X Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Apple Mac OS X, which could be exploited by remote or local attackers to disclose sensitive information, bypass security restrictions, cause a denial of service or compromise an affected system.1. A race condition error in the AFP Server...
Last Update Date: 28 Jan 2011 Release Date: 16 Feb 2009 5475 Views

RISK: Medium Risk

Medium Risk

RealNetworks RealPlayer Internet Video Recording Multiple Vulnerabilities

Two vulnerabilities have been identified in RealNetworks RealPlayer, which could be exploited by attackers to compromise a vulnerable system.1. Due to a heap corruption error when processing Internet Video Recording (IVR) files containing a malformed field that determines the length of a structure, ...
Last Update Date: 28 Jan 2011 Release Date: 11 Feb 2009 5412 Views

RISK: Medium Risk

Medium Risk

Microsoft Internet Explorer Multiple Vulnerabilities( 11 February 2009 )

1. Uninitialized Memory Corruption VulnerabilityA remote code execution vulnerability exists in the way Internet Explorer accesses an object that has been deleted. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow...
Last Update Date: 28 Jan 2011 Release Date: 11 Feb 2009 5093 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Visio Multiple Vulnerabilities( 11 February 2009 )

1. Memory Validation VulnerabilityA remote code execution vulnerability exists in the way Microsoft Office Visio validates object data when opening up Visio files. An attacker could exploit the vulnerability by sending a specially crafted file which could be included as an e-mail attachment, or hosted...
Last Update Date: 28 Jan 2011 Release Date: 11 Feb 2009 5165 Views

RISK: Medium Risk

Medium Risk

BlackBerry Application Web Loader ActiveX Control Buffer Overflow Vulnerability

A vulnerability has been identified in BlackBerry Application Web Loader, which could be exploited by remote attackers to compromise an affected system. This issue is caused by a buffer overflow error in the RIM AxLoader ActiveX control (AxLoader.ocx or AxLoader.dll) when processing...
Last Update Date: 28 Jan 2011 Release Date: 11 Feb 2009 5422 Views

RISK: Medium Risk

Medium Risk

Microsoft Exchange Server Multiple Vulnerabilities( 11 February 2009 )

1. Memory Corruption VulnerabilityA remote code execution vulnerability exists in the way Microsoft Exchange Server decodes the Transport Neutral Encapsulation Format (TNEF) data for a message.2. Literal Processing VulnerabilityA denial of service vulnerability exists in the EMSMDB2 (Electronic Messaging System Microsoft Data Base...
Last Update Date: 28 Jan 2011 Release Date: 11 Feb 2009 5245 Views

RISK: Medium Risk

Medium Risk

Microsoft SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability( 11 February 2009 )

A remote code execution vulnerability exists in the way that SQL Server checks parameters in the "sp_replwritetovarbin" extended stored procedure. The vulnerability could allow remote code execution if untrusted users have access to an affected system or if a SQL injection vulnerability exists on an affected system...
Last Update Date: 28 Jan 2011 Release Date: 11 Feb 2009 5275 Views