Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Microsoft Windows CSRSS Local Elevation of Privilege Vulnerability ( 15 September 2010 )

An elevation of privilege vulnerability exists in the Windows CSRSS due to the way that the CSRSS assigns memory for specific user transactions. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then install programs...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 5090 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows IIS Multiple Vulnerabilities ( 15 September 2010 )

1. IIS Repeated Parameter Request Denial of Service VulnerabilityA denial of service vulnerability exists in Internet Information Services (IIS) that could allow an attacker who successfully exploited this vulnerability to interrupt service, causing the server to become un-responsive. An attacker could exploit the...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 5175 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows LSASS Heap Overflow Vulnerability ( 15 September 2010 )

An authenticated elevation of privilege vulnerability exists in Microsoft Windows due to the way that the Local Security Authority Subsystem Service (LSASS) improperly handles certain Lightweight Directory Access Protocol (LDAP) messages. The vulnerability exists in implementations of Active Directory, Active Directory Application Mode (...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 5043 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Heap Based Buffer Overflow in Outlook Vulnerability ( 15 September 2010 )

A remote code execution vulnerability exists in the way that Microsoft Outlook parses content in a specially crafted e-mail message. This vulnerability exists only in configurations where Outlook connects to an Exchange Server in Online Mode. Configurations where Outlook connects to an Exchange Server in the...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 5054 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Print Spooler Service Impersonation Vulnerability ( 15 September 2010 )

A remote code execution vulnerability exists in the Windows Print Spooler service that could allow a remote, unauthenticated attacker to execute arbitrary code on an affected Windows XP system. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could...
Last Update Date: 28 Jan 2011 Release Date: 15 Sep 2010 5008 Views

RISK: Medium Risk

Medium Risk

Adobe Flash Player Vulnerability

A vulnerability has been identified in Adobe Flash Player, which could be exploited by attackers to compromise a vulnerable system. This vulnerability is exploited in the wild.
Last Update Date: 28 Jan 2011 Release Date: 14 Sep 2010 5292 Views

RISK: Medium Risk

Medium Risk

Apple iOS for iPhone and iPod touch Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Apple iOS for iPhone and iPod touch, which could be exploited by attackers to disclose sensitive information, bypass security restrictions or compromise an affected system. These issues are caused by errors in VoiceOver, FaceTime, ImageIO, and WebKit, ...
Last Update Date: 28 Jan 2011 Release Date: 10 Sep 2010 5412 Views

RISK: Medium Risk

Medium Risk

Apple Safari Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Apple Safari, which could be exploited by remote attackers to compromise a vulnerable system.1. Due to an input validation error in WebKit's handling of floating point data types, which could be exploited by attackers to execute arbitrary...
Last Update Date: 28 Jan 2011 Release Date: 9 Sep 2010 5107 Views

RISK: Medium Risk

Medium Risk

Mozilla Products Multiple Vulnerabilities

Multiple vulnerabilitieshave been identified in Mozilla Firefox, Thunderbird and SeaMonkey, which could be exploited by attackers to manipulate or disclose certain data, bypass security restrictions or compromise a vulnerable system.1. Due to memory corruption errors in the browser engine when parsing malformed data, ...
Last Update Date: 28 Jan 2011 Release Date: 9 Sep 2010 5079 Views

RISK: Medium Risk

Medium Risk

Adobe Acrobat / Reader SING Font Buffer Overflow Vulnerability

A vulnerability has been identified in Adobe Acrobat and Reader, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by a buffer overflow error in the "CoolType.dll" module when processing a PDF document containing malformed SING (Smart...
Last Update Date: 28 Jan 2011 Release Date: 9 Sep 2010 5217 Views