Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Google Chrome Flash Plugin Vulnerabilities

Multiple vulnerabilitieshave been identified in Google Chrome, which could be exploited by attackers to disclose sensitive information or compromise a vulnerable system.
Last Update Date: 28 Jan 2011 Release Date: 12 Aug 2010 5411 Views

RISK: Medium Risk

Medium Risk

Adobe Flash Media Server Multiple Code Execution and DoS Vulnerabilities

Multiple vulnerabilitieshave been identified in Adobe Flash Media Server, which could be exploited by attackers to cause a denial of service or compromise a vulnerable system.1. Due to an unspecified error related to a JS method, which could allow denial of service attacks.2...
Last Update Date: 28 Jan 2011 Release Date: 12 Aug 2010 5302 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Tracing Feature for Services Multiple Vulnerabilities ( 11 August 2010 )

1. Tracing Registry Key ACL VulnerabilityAn elevation of privilege vulnerability exists when Windows places incorrect access control lists (ACLs) on the registry keys for the Tracing Feature for Services. The vulnerability could allow an attacker to run code with elevated privileges. An attacker who successfully...
Last Update Date: 28 Jan 2011 Release Date: 11 Aug 2010 5076 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Kernel Multiple Vulnerabilities ( 11 August 2010 )

1. Windows Kernel Data Initialization VulnerabilityAn elevation of privilege vulnerability exists in the Windows Kernel due to the way the kernel deals with specific thread creation attempts. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs...
Last Update Date: 28 Jan 2011 Release Date: 11 Aug 2010 5057 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities ( 11 August 2010 )

1. Win32k Bounds Checking VulnerabilityA denial of service vulnerability exists in the Windows kernel-mode drivers due to the improper validation of an argument passed to a system call. An attacker could exploit the vulnerability by running a specially crafted application causing the system to become unresponsive...
Last Update Date: 28 Jan 2011 Release Date: 11 Aug 2010 5101 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Networking Multiple Vulnerabilities ( 11 August 2010 )

1. IPv6 Memory Corruption VulnerabilityA denial of service vulnerability exists in TCP/IP processing in Microsoft Windows due to an error in the processing of specially crafted IPv6 packets with a malformed extension header. An attacker could exploit the vulnerability by sending the target system a small...
Last Update Date: 28 Jan 2011 Release Date: 11 Aug 2010 5051 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows SMB Server Multiple Vulnerabilities ( 11 August 2010 )

1. SMB Pool Overflow VulnerabilityAn unauthenticated remote code execution vulnerability exists in the way that Microsoft Server Message Block (SMB) Protocol software handles specially crafted SMB packets. An attempt to exploit the vulnerability would not require authentication, allowing an attacker to exploit the vulnerability by...
Last Update Date: 28 Jan 2011 Release Date: 11 Aug 2010 5250 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Secure Channel (SChannel) Multiple Vulnerabilities ( 11 August 2010 )

1. TLS/SSL Renegotiation VulnerabilityA spoofing vulnerability exists in the TLS/SSL protocol, implemented in the Microsoft Windows SChannel authentication component. An attacker who successfully exploited this vulnerability would be able to introduce information on a TLS/SSL protected connection, effectively sending traffic...
Last Update Date: 28 Jan 2011 Release Date: 11 Aug 2010 5152 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Shell Shortcut Icon Loading Vulnerability ( 11 August 2010 )

A remote code execution vulnerability exists in affected versions of Microsoft Windows. The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. An attacker who successfully exploited this...
Last Update Date: 28 Jan 2011 Release Date: 11 Aug 2010 5059 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Word Multiple Vulnerabilities ( 11 August 2010 )

1. Word Record Parsing VulnerabilityA remote code execution vulnerability exists in the way that Microsoft Office Word handles malformed records inside a specially crafted Word file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs...
Last Update Date: 28 Jan 2011 Release Date: 11 Aug 2010 5165 Views