Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Microsoft Internet Explorer Multiple Vulnerabilities (29 July 2009)

1. Memory Corruption VulnerabilityA remote code execution vulnerability exists in the way that Internet Explorer handles a memory object. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution...
Last Update Date: 28 Jan 2011 Release Date: 29 Jul 2009 4067 Views

RISK: Medium Risk

Medium Risk

KDE KHTML Numeric Character References Memory Corruption Vulnerability

A vulnerability has been identified in KDE, which could be exploited by malicious people to potentially compromise a user's system.The vulnerability is caused due to an error in KHTML when processing numeric character references and can be exploited to corrupt memory.
Last Update Date: 28 Jan 2011 Release Date: 28 Jul 2009 4269 Views

RISK: Medium Risk

Medium Risk

Adobe Acrobat/Reader and Flash Player Code Execution Vulnerability

A vulnerability has been identified in Adobe Acrobat, Reader and Flash Player, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by an error in the "flash9f.dll" and "authplay.dll" modules when processing...
Last Update Date: 28 Jan 2011 Release Date: 23 Jul 2009 4231 Views

RISK: Medium Risk

Medium Risk

Mozilla Products Memory Corruption and Security Bypass Vulnerabilities

Multiple vulnerabilities have been identified in Mozilla Firefox and Thunderbird, which could be exploited by attackers to bypass security restrictions, disclose sensitive information, cause a denial of service or compromise a vulnerable system.1. Memory corruption errors in the JavaScript and browser engines when parsing...
Last Update Date: 28 Jan 2011 Release Date: 23 Jul 2009 4222 Views

RISK: Medium Risk

Medium Risk

Google Chrome Javascript Memory Corruption Vulnerabilities

Two vulnerabilities have been identified in Google Chrome, which could be exploited by remote attackers to compromise a vulnerable system.1. A heap overflow error when evaluating a specially crafted regular expression in Javascript, which could be exploited to crash an affected browser and execute arbitrary...
Last Update Date: 28 Jan 2011 Release Date: 20 Jul 2009 4275 Views

RISK: Medium Risk

Medium Risk

Oracle Products Multiple Vulnerabilities ( 16 July 2009 )

Multiple vulnerabilities have been identified in various Oracle and BEA products, which could be exploited by remote or local attackers to cause a denial of service, read and manipulate certain data, disclose sensitive information, conduct SQL injection attacks, bypass security restrictions, or execute arbitrary...
Last Update Date: 28 Jan 2011 Release Date: 16 Jul 2009 4317 Views

RISK: Medium Risk

Medium Risk

Oracle Products Multiple Vulnerabilities ( 16 July 2009 )

Multiple vulnerabilities have been identified in various Oracle and BEA products, which could be exploited by remote or local attackers to cause a denial of service, read and manipulate certain data, disclose sensitive information, conduct SQL injection attacks, bypass security restrictions, or execute arbitrary...
Last Update Date: 28 Jan 2011 Release Date: 16 Jul 2009 4220 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Publisher Pointer Dereference Vulnerability ( 15 July 2009 )

A remote code execution vulnerability exists in the way that Microsoft Office Publisher opens, imports, and converts files created in versions older than Microsoft Office Publisher 2007. An attacker could exploit the vulnerability by creating a specially crafted Publisher file that could be included as an e...
Last Update Date: 28 Jan 2011 Release Date: 15 Jul 2009 4060 Views

RISK: Medium Risk

Medium Risk

Microsoft Video ActiveX Control Vulnerability ( 15 July 2009 )

A remote code execution vulnerability exists in the Microsoft Video ActiveX Control, msvidctl.dll. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who...
Last Update Date: 28 Jan 2011 Release Date: 15 Jul 2009 4097 Views

RISK: Medium Risk

Medium Risk

Microsoft ISA Server 2006 Radius OTP Bypass Vulnerability ( 15 July 2009 )

An elevation of privilege vulnerability exists in ISA Server 2006 authentication when configured with Radius OTP. The vulnerability could allow an unauthenticated user access to any Web published resource. With knowledge of administrator account usernames, an attacker who successfully exploited this vulnerability could take complete control of...
Last Update Date: 28 Jan 2011 Release Date: 15 Jul 2009 4108 Views