Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Microsoft Windows Vista TCP/IP Vulnerability( 13 February 2008 )

A denial of service vulnerability exists in TCP/IP processing in Windows Vista. An attacker could exploit the vulnerability by creating a specially crafted DHCP server that returns a specially crafted packet to a host, corrupting TCP/IP structures and causing the affected system to stop...
Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2234 Views

RISK: Medium Risk

Medium Risk

Microsoft Word Memory Corruption Vulnerability( 13 February 2008 )

A remote code execution vulnerability exists in the way that Word handles specially crafted Word files. The vulnerability could allow remote code execution if a user opens a specially crafted Word file that includes a malformed value. An attacker who successfully exploited this vulnerability could take complete control...
Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2231 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Publisher Multiple Vulnerabilities( 13 February 2008 )

1. Publisher Invalid Memory Reference VulnerabilityA remote code execution vulnerability exists in the way Microsoft Office Publisher validates application data when loading Publisher files to memory. An attacker could exploit the vulnerability by constructing a specially crafted Publisher (.pub) file. When a user views the...
Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2240 Views

RISK: Medium Risk

Medium Risk

Microsoft OLE Heap Overrun Vulnerability( 13 February 2008 )

A remote code execution vulnerability exists in Object Linking and Embedding (OLE) Automation that could allow an attacker who successfully exploited this vulnerability to make changes to the system with the permissions of the logged-on user. If a user is logged on with administrative user...
Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2247 Views

RISK: Medium Risk

Medium Risk

Microsoft Internet Information Services (IIS) File Change Notification Vulnerability ( 13 February 2008 )

A local elevation of privilege vulnerability exists in the way that the Internet Information Service handles file change notifications in the FTPRoot, NNTPFile\Root, and WWWRoot folders. An attacker who successfully exploited this vulnerability could execute arbitrary code in the context of local system. An...
Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2245 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Execution Jump Vulnerability( 13 February 2008 )

The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office document with a malformed object inserted into the document. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view...
Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2235 Views

RISK: Medium Risk

Medium Risk

Apple Mac OS X Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Apple Mac OS X, which could be exploited by remote or local attackers to cause a denial of service, disclose sensitive information, bypass security restrictions or compromise an affected system.1. Due to a memory corruption error in Safari...
Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2423 Views

RISK: Medium Risk

Medium Risk

ClamAV Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Clam AntiVirus (ClamAV), which could be exploited by remote attackers or malware to cause a denial of service or take complete control of an affected system.1. Due to a heap corruption error in the "libclamav/mew....
Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2460 Views

RISK: Medium Risk

Medium Risk

Microsoft Active Directory Vulnerability( 13 February 2008 )

A denial of service vulnerability exists in implementations of Active Directory on Microsoft Windows 2000 and Windows Server 2003. The vulnerability also exists in implementations of Active Directory Application Mode (ADAM) when installed on Windows XP and Windows Server 2003. The vulnerability is due to improper...
Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2211 Views

RISK: Medium Risk

Medium Risk

Microsoft Internet Information Services (IIS) ASP Vulnerability( 13 February 2008 )

A remote code execution vulnerability exists in the way that Internet Information Services handles input to ASP Web pages. An attacker could exploit the vulnerability by passing malicious input to a Web site's ASP page. An attacker who successfully exploited this vulnerability could then perform any...
Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2240 Views