Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Microsoft WordPad and Office Text Converters Multiple Vulnerabilities( 15 April 2009 )

1. WordPad and Office Text Converter Memory Corruption VulnerabilityA remote code execution vulnerability exists in the way that text converters in WordPad and Microsoft Office process memory when a user opens a specially crafted Word 6 file that includes malformed data.2. WordPad Word 97 Text Converter...
Last Update Date: 28 Jan 2011 Release Date: 15 Apr 2009 2813 Views

RISK: Medium Risk

Medium Risk

Microsoft DirectShow MJPEG Decompression Vulnerability( 15 April 2009 )

A remote code execution vulnerability exists in the way Microsoft DirectShow handles supported format files. This vulnerability could allow code execution if a user opened a specially crafted MJPEG file. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability...
Last Update Date: 28 Jan 2011 Release Date: 15 Apr 2009 2760 Views

RISK: Medium Risk

Medium Risk

Microsoft ISA Server and Forefront Threat Management Gateway (Medium Business Edition) Multiple Vulnerabilities( 15 April 2009 )

1. Web Proxy TCP State Limited Denial of Service VulnerabilityA denial of service vulnerability exists in the way the firewall engine handles TCP state for Web proxy or Web publishing listeners. The vulnerability could allow a remote user to cause a Web listener to stop responding to new...
Last Update Date: 28 Jan 2011 Release Date: 15 Apr 2009 2836 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Excel Multiple Memory Corruption Vulnerabilities( 15 April 2009 )

1. Memory Corruption VulnerabilityA remote code execution vulnerability exists in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed object. An attacker who successfully exploited this vulnerability could take complete control of an affected system...
Last Update Date: 28 Jan 2011 Release Date: 15 Apr 2009 2797 Views

RISK: Medium Risk

Medium Risk

ClamAVcli_url_canon()" Buffer Overflow and UPack DoS Vulnerabilities

Multiple vulnerabilities have been identified in ClamAV, which could be exploited by attackers or malware to cause a denial of service or compromise a vulnerable system.1. A buffer overflow error in the "cli_url_canon()" [libclamav/phishcheck.c] function when processing specially crafted...
Last Update Date: 28 Jan 2011 Release Date: 14 Apr 2009 3086 Views

RISK: Medium Risk

Medium Risk

HPOpenView Performance Agent DynaZip Buffer Overflow Vulnerability

A vulnerability has been identified in HP OpenView Performance Agent and HP Performance Agent, which could be exploited by remote attackers to compromise a vulnerable system.Buffer overflow errors in the "dzip32.dll" and "dzips32.dll" libraries when repairing, adding, ...
Last Update Date: 28 Jan 2011 Release Date: 14 Apr 2009 3284 Views

RISK: Medium Risk

Medium Risk

SunSolaris and SEAM Kerberos Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Sun Solaris and SEAM (Sun Enterprise Authentication Mechanism), which could be exploited by remote attackers to cause a denial of service or compromise a vulnerable system. These issues are caused by errors in Kerberos.1. A NULL pointer dereference...
Last Update Date: 28 Jan 2011 Release Date: 14 Apr 2009 3003 Views

RISK: Medium Risk

Medium Risk

Novell NetIdentity Client Agent Remote Code Execution Vulnerability

A vulnerability has been identified in Novell NetIdentity Client, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by an input validation error within "xtagent.exe" when handling RPC messages over the "XTIERRPCPIPE" named pipe, which...
Last Update Date: 28 Jan 2011 Release Date: 8 Apr 2009 3132 Views

RISK: Medium Risk

Medium Risk

VMwareProducts Code Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities have been identified in various VMware products, which could be exploited by attackers or malicious users to cause a denial of service, gain elevated privileges, or execute arbitrary code.1. An unspecified error in a guest virtual device driver, which could allow...
Last Update Date: 28 Jan 2011 Release Date: 7 Apr 2009 3210 Views

RISK: Medium Risk

Medium Risk

Microsoft Office PowerPoint Remote Code Execution Vulnerability

A vulnerability in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file.
Last Update Date: 28 Jan 2011 Release Date: 3 Apr 2009 2900 Views