Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Microsoft WordPad and Office Text converter Memory Corruption Vulnerability( 09 December 2009 )

A remote code execution vulnerability exists in the way that text converters in Microsoft WordPad and Microsoft Office Word process memory when a user opens a specially crafted Word 97 file.
Last Update Date: 28 Jan 2011 Release Date: 9 Dec 2009 4569 Views

RISK: Medium Risk

Medium Risk

Microsoft Internet Explorer Multiple Vulnerabilities( 09 December 2009 )

1. ATL COM Initialization VulnerabilityA remote code execution vulnerability exists in an ActiveX control built with vulnerable Microsoft Active Template Library (ATL) headers. This vulnerability only directly affects systems with components and controls installed that were built using Visual Studio ATL. Components and controls built...
Last Update Date: 28 Jan 2011 Release Date: 9 Dec 2009 4380 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Project Memory Validation Vulnerability( 09 December 2009 )

A remote code execution vulnerability exists in the way that Microsoft Office Project handles specially crafted Project files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; ...
Last Update Date: 28 Jan 2011 Release Date: 9 Dec 2009 4452 Views

RISK: Medium Risk

Medium Risk

BlackBerry Products PDF Distiller Code Execution Vulnerabilities

Multiple vulnerabilities have been identified in BlackBerry Enterprise Server and BlackBerry Professional Software, which could be exploited by attackers to compromise a vulnerable device. These issues are caused by memory corruption errors in the PDF distiller of the BlackBerry Attachment Service component when processing malformed PDF files, ...
Last Update Date: 28 Jan 2011 Release Date: 4 Dec 2009 4431 Views

RISK: Medium Risk

Medium Risk

VMware Products Multiple Code Execution and Security Bypass Vulnerabilities

Multiple vulnerabilities have been identified in various VMware products, which could be exploited by remote attackers to bypass security restrictions, disclose sensitive information, cause a denial of service or compromise a vulnerable system. These issues are caused by errors in JRE, Tomcat, ntp, ...
Last Update Date: 28 Jan 2011 Release Date: 24 Nov 2009 4713 Views

RISK: Medium Risk

Medium Risk

HPOpenView Operations Default Account Code Execution Vulnerability

A vulnerability has been identified in HP OpenView Operations, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused due to a hidden account being present within the Tomcat users XML file, which could allow remote attackers to gain unauthorized access...
Last Update Date: 28 Jan 2011 Release Date: 24 Nov 2009 4646 Views

RISK: Medium Risk

Medium Risk

MicrosoftInternet Explorer CSS Handling Code Execution Vulnerability

A vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by a dangling pointer in the Microsoft HTML Viewer (mshtml.dll) when retrieving certain CSS/STYLE objects via the "...
Last Update Date: 28 Jan 2011 Release Date: 23 Nov 2009 4484 Views

RISK: Medium Risk

Medium Risk

OperaFloating Point Number Handling Memory Corruption Vulnerability

A vulnerability has been identified in Opera, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by a memory corruption error when processing floating point numbers, which could allow remote attackers to crash an affected browser or execute arbitrary code by...
Last Update Date: 28 Jan 2011 Release Date: 23 Nov 2009 4635 Views

RISK: Medium Risk

Medium Risk

KDEkdelibs Floating Point Numbers Memory Corruption Vulnerability

A vulnerability has been identified in KDE kdelibs, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by a memory corruption error when processing floating point numbers, which could allow remote attackers to crash an affected browser or execute arbitrary code...
Last Update Date: 28 Jan 2011 Release Date: 23 Nov 2009 4640 Views

RISK: Medium Risk

Medium Risk

Apple Safari Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Apple Safari, which could be exploited by attackers to disclose sensitive information, bypass security restrictions, cause a denial of service or compromise an affected system.1. An integer overflow error in ColorSync when processing images with a malformed color...
Last Update Date: 28 Jan 2011 Release Date: 13 Nov 2009 4612 Views