Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Microsoft Windows MPEG-4 Codec Vulnerability ( 15 September 2010 )

A remote code execution vulnerability exists in the way that the MPEG-4 codec handles supported format files. This vulnerability could allow code execution if a user opened a specially crafted media file. If a user is logged on with administrative user rights, an attacker who...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 4098 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows RPC Memory Corruption Vulnerability ( 15 September 2010 )

An unauthenticated remote code execution vulnerability exists in the way that the Remote Procedure Call (RPC) client implementation allocates memory when parsing specially crafted RPC responses. An attempt to exploit the vulnerability would not require authentication, allowing an attacker to exploit the vulnerability by sending a...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 4137 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows CSRSS Local Elevation of Privilege Vulnerability ( 15 September 2010 )

An elevation of privilege vulnerability exists in the Windows CSRSS due to the way that the CSRSS assigns memory for specific user transactions. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 4175 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows IIS Multiple Vulnerabilities ( 15 September 2010 )

1. IIS Repeated Parameter Request Denial of Service VulnerabilityA denial of service vulnerability exists in Internet Information Services (IIS) that could allow an attacker who successfully exploited this vulnerability to interrupt service, causing the server to become un-responsive. An attacker could exploit the...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 4245 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows LSASS Heap Overflow Vulnerability ( 15 September 2010 )

An authenticated elevation of privilege vulnerability exists in Microsoft Windows due to the way that the Local Security Authority Subsystem Service (LSASS) improperly handles certain Lightweight Directory Access Protocol (LDAP) messages. The vulnerability exists in implementations of Active Directory, Active Directory Application Mode (...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 4151 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Heap Based Buffer Overflow in Outlook Vulnerability ( 15 September 2010 )

A remote code execution vulnerability exists in the way that Microsoft Outlook parses content in a specially crafted e-mail message. This vulnerability exists only in configurations where Outlook connects to an Exchange Server in Online Mode. Configurations where Outlook connects to an Exchange Server in the...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 4120 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Print Spooler Service Impersonation Vulnerability ( 15 September 2010 )

A remote code execution vulnerability exists in the Windows Print Spooler service that could allow a remote, unauthenticated attacker to execute arbitrary code on an affected Windows XP system. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 4134 Views

RISK: Medium Risk

Medium Risk

Adobe Flash Player Vulnerability

A vulnerability has been identified in Adobe Flash Player, which could be exploited by attackers to compromise a vulnerable system. This vulnerability is exploited in the wild.
Last Update Date: 28 Jan 2011 Release Date: 14 Sep 2010 4385 Views

RISK: Medium Risk

Medium Risk

Apple iOS for iPhone and iPod touch Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Apple iOS for iPhone and iPod touch, which could be exploited by attackers to disclose sensitive information, bypass security restrictions or compromise an affected system. These issues are caused by errors in VoiceOver, FaceTime, ImageIO, and WebKit, ...
Last Update Date: 28 Jan 2011 Release Date: 10 Sep 2010 4536 Views

RISK: Medium Risk

Medium Risk

Apple Safari Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Apple Safari, which could be exploited by remote attackers to compromise a vulnerable system.1. Due to an input validation error in WebKit's handling of floating point data types, which could be exploited by attackers to execute arbitrary...
Last Update Date: 28 Jan 2011 Release Date: 9 Sep 2010 4199 Views