Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Kerberos AES and RC4 Decryption Integer Underflow Vulnerabilities

Multiple vulnerabilities have been identified in Kerberos, which could be exploited by remote attackers to cause a denial of service or compromise a vulnerable system. These issues are caused by integer underflow errors in the AES and RC4 decryption operations when processing an invalid ciphertext, which could...
Last Update Date: 28 Jan 2011 Release Date: 14 Jan 2010 4668 Views

RISK: Medium Risk

Medium Risk

Oracle Products Multiple Vulnerabilities

A vulnerability has been identified in various Oracle products and components, which could be exploited by attackers to cause a denial of service, disclose sensitive information or compromise a vulnerable system.
Last Update Date: 28 Jan 2011 Release Date: 13 Jan 2010 4677 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Embedded OpenType Font Engine Vulnerability

A remote code execution vulnerability exists in the way that the Microsoft Windows Embedded OpenType (EOT) Font Engine decompresses specially crafted EOT fonts. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an...
Last Update Date: 28 Jan 2011 Release Date: 13 Jan 2010 4329 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Flash Player Multiple Vulnerabilities

A vulnerability has been identified in Flash Player, which could be exploited by attackers to compromise a vulnerable system.The vulnerability is caused due to a use-after-free error in the bundled version of Flash Player when unloading Flash objects while these are still being...
Last Update Date: 28 Jan 2011 Release Date: 13 Jan 2010 4393 Views

RISK: Medium Risk

Medium Risk

Novell iManager eDirectory Plugin Schema Buffer Overflow Vulnerability

A vulnerability has been identified in Novell iManager, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by a buffer overflow error in the eDirectory plugin when importing or exporting data from the schema, which could be exploited to crash an...
Last Update Date: 28 Jan 2011 Release Date: 11 Jan 2010 4591 Views

RISK: Medium Risk

Medium Risk

VMware ESX and vMA Multiple Vulnerabilities

Multiple vulnerabilities have been identified in VMware ESX and vMA, which could be exploited by attackers to manipulate or disclose certain data, bypass security restrictions or compromise a vulnerable system. These issues are caused by errors in NSS and NSPR.
Last Update Date: 28 Jan 2011 Release Date: 8 Jan 2010 4674 Views

RISK: Medium Risk

Medium Risk

Adobe Flash Media Server Directory Traversal and DoS Vulnerabilities

Two vulnerabilities have been identified in Adobe Flash Media Server, which could be exploited by remote attackers to cause a denial of service or compromise a vulnerable system.1. An unspecified directory traversal error which could lead to FMS loading arbitrary DLLs present on the server....
Last Update Date: 28 Jan 2011 Release Date: 22 Dec 2009 4655 Views

RISK: Medium Risk

Medium Risk

Winamp Module Decoder Plug-in Buffer Overflow Vulnerabilities

Multiple vulnerabilities have been identified in Winamp, which could be exploited by attackers to compromise a vulnerable system. These issues are caused by buffer and integer overflow errors in the Module Decoder Plug-in (IN_MOD.DLL) when processing malformed Impulse Tracker, Ultratracker or...
Last Update Date: 28 Jan 2011 Release Date: 18 Dec 2009 4598 Views

RISK: Medium Risk

Medium Risk

Mozilla Products Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Mozilla Firefox, SeaMonkey and Thunderbird which could be exploited by attackers to manipulate or disclose certain data, bypass security restrictions or compromise a vulnerable system.1. A memory corruption errors in the JavaScript and browser engines when parsing malformed data...
Last Update Date: 28 Jan 2011 Release Date: 17 Dec 2009 4619 Views

RISK: Medium Risk

Medium Risk

Adobe Reader and Acrobat Unspecified Code Execution Vulnerability

A vulnerability has been identified in Adobe Reader and Acrobat, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by an unspecified memory corruption error, which could be exploited by attackers to execute arbitrary code by tricking a user into...
Last Update Date: 28 Jan 2011 Release Date: 15 Dec 2009 4596 Views