Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Cisco Unified IP Phone Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Cisco Unified IP Phones, which could be exploited by attackers to cause a denial of service or take complete control of an affected device.1. A buffer overflow error when parsing DNS responses, which could be exploited by attackers to...
Last Update Date: 28 Jan 2011 Release Date: 15 Feb 2008 2514 Views

RISK: Medium Risk

Medium Risk

Microsoft Internet Explorer Multiple Vulnerabilities( 13 February 2008 )

1. HTML Rendering Memory Corruption VulnerabilityA remote code execution vulnerability exists in the way Internet Explorer interprets HTML with certain layout combinations. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow...
Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2265 Views

RISK: Medium Risk

Medium Risk

Microsoft Works File Converter Multiple Vulnerabilities( 13 February 2008 )

1. Microsoft Works File Converter Input Validation VulnerabilityA remote code execution vulnerability exists in Microsoft Works File Converter due to the way that it improperly validates section length headers with the .wps format. An attacker who successfully exploited this vulnerability could take complete control of an affected...
Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2299 Views

RISK: Medium Risk

Medium Risk

Novell Client "EnumPrinters" Function Remote Stack Overflow Vulnerability

A vulnerability has been identified in Novell Client for Windows, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system. This issue is caused by a logical error in the "EnumPrinters" (nwspool.dll) ...
Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2524 Views

RISK: Medium Risk

Medium Risk

Microsoft WebDAV Mini-Redirector Heap Overflow Vulnerability( 13 February 2008 )

A remote code execution vulnerability exists in the way that the WebDAV Mini-Redirector handles responses. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or...
Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2298 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Vista TCP/IP Vulnerability( 13 February 2008 )

A denial of service vulnerability exists in TCP/IP processing in Windows Vista. An attacker could exploit the vulnerability by creating a specially crafted DHCP server that returns a specially crafted packet to a host, corrupting TCP/IP structures and causing the affected system to stop...
Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2287 Views

RISK: Medium Risk

Medium Risk

Microsoft Word Memory Corruption Vulnerability( 13 February 2008 )

A remote code execution vulnerability exists in the way that Word handles specially crafted Word files. The vulnerability could allow remote code execution if a user opens a specially crafted Word file that includes a malformed value. An attacker who successfully exploited this vulnerability could take complete control...
Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2279 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Publisher Multiple Vulnerabilities( 13 February 2008 )

1. Publisher Invalid Memory Reference VulnerabilityA remote code execution vulnerability exists in the way Microsoft Office Publisher validates application data when loading Publisher files to memory. An attacker could exploit the vulnerability by constructing a specially crafted Publisher (.pub) file. When a user views the...
Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2297 Views

RISK: Medium Risk

Medium Risk

Microsoft OLE Heap Overrun Vulnerability( 13 February 2008 )

A remote code execution vulnerability exists in Object Linking and Embedding (OLE) Automation that could allow an attacker who successfully exploited this vulnerability to make changes to the system with the permissions of the logged-on user. If a user is logged on with administrative user...
Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2303 Views

RISK: Medium Risk

Medium Risk

Microsoft Internet Information Services (IIS) File Change Notification Vulnerability ( 13 February 2008 )

A local elevation of privilege vulnerability exists in the way that the Internet Information Service handles file change notifications in the FTPRoot, NNTPFile\Root, and WWWRoot folders. An attacker who successfully exploited this vulnerability could execute arbitrary code in the context of local system. An...
Last Update Date: 28 Jan 2011 Release Date: 13 Feb 2008 2298 Views