Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Microsoft Windows VBScript/JScript Remote Code Execution Vulnerability( 09 April 2008 )

A remote code execution vulnerability exists in the way that the VBScript and JScript scripting engines decode script in Web pages. This vulnerability could allow remote code execution if a user opened a specially crafted file or visited a Web site that is running specially crafted script. If...
Last Update Date: 28 Jan 2011 Release Date: 9 Apr 2008 2623 Views

RISK: Medium Risk

Medium Risk

Symantec Mail Security Attachment Parsing Vulnerabilities

Multiple vulnerabilities have been identifed in Symantec Mail Security for SMTP, Symantec Mail Security for Domino and Symantec Mail Security for Exchange, which can be exploited by malicious people to compromise a vulnerable system.The vulnerabilities are caused due to various errors within the third-party...
Last Update Date: 28 Jan 2011 Release Date: 9 Apr 2008 2811 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows GDI Overflow Vulnerability( 09 April 2008 )

1. GDI Heap Overflow VulnerabilityA remote code execution vulnerability exists in the way that GDI handles integer calculations. The vulnerability could allow remote code execution if a user opens a specially crafted EMF or WMF image file. An attacker who successfully exploited this vulnerability could take complete...
Last Update Date: 28 Jan 2011 Release Date: 9 Apr 2008 2611 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Kernel Vulnerability( 09 April 2008 )

An elevation of privilege vulnerability exists due to the Windows kernel improperly validating input passed from user mode to the kernel. The vulnerability could allow an attacker to run code with elevated privileges. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control...
Last Update Date: 28 Jan 2011 Release Date: 9 Apr 2008 2594 Views

RISK: Medium Risk

Medium Risk

Microsoft Project Memory Validation Vulnerability( 09 April 2008 )

A remote code execution vulnerability exists in the way Microsoft Project handles specially crafted Project files. An attacker could exploit the vulnerability by sending a malformed file which could be included as an e-mail attachment, or hosted on a specially crafted or compromised Web site.
Last Update Date: 28 Jan 2011 Release Date: 9 Apr 2008 2602 Views

RISK: Medium Risk

Medium Risk

Microsoft Visio Multiple Vulnerabilities( 09 April 2008 )

1. Visio Object Header VulnerabilityA remote code execution vulnerability exists in the way Microsoft Visio validates object header data in specially crafted files. An attacker could exploit the vulnerability by sending a malformed file which could be included as an e-mail attachment, or hosted on...
Last Update Date: 28 Jan 2011 Release Date: 9 Apr 2008 2739 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows ActiveX Object Memory Corruption Vulnerability( 09 April 2008 )

A remote code execution vulnerability exists in the ActiveX control hxvz.dll. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this...
Last Update Date: 28 Jan 2011 Release Date: 9 Apr 2008 2581 Views

RISK: Medium Risk

Medium Risk

Lotus Notes Multiple Keyview Parsing Vulnerabilities

Multiple vulnerabilities have been identified in Lotus Notes, which can be exploited by malicious people to compromise a user's system.The vulnerabilities are caused due to various errors within certain third-party file viewers and can be exploited to cause buffer overflows when a specially...
Last Update Date: 28 Jan 2011 Release Date: 9 Apr 2008 2832 Views

RISK: Medium Risk

Medium Risk

Microsoft DNS Client DNS Spoofing Attack Vulnerability( 09 April 2008 )

A spoofing vulnerability exists in Windows DNS clients. The vulnerability could allow an unauthenticated attacker to send malicious responses to DNS requests made by vulnerable clients, thereby spoofing or redirecting Internet traffic from legitimate locations.
Last Update Date: 28 Jan 2011 Release Date: 9 Apr 2008 2613 Views

RISK: Medium Risk

Medium Risk

Opera Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Opera, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system.1. Due to an invalid memory access when handling newsfeed prompts, which could be exploited by attackers to...
Last Update Date: 28 Jan 2011 Release Date: 7 Apr 2008 2837 Views