Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Microsoft Windows CryptoAPI Multiple Vulnerabilities( 14 October 2009 )

1. Null Truncation in X.509 Common Name VulnerabilityA spoofing vulnerability exists in the Microsoft Windows CryptoAPI component when parsing ASN.1 information from X.509 certificates. An attacker who successfully exploited this vulnerability could impersonate another user or system.2. Integer Overflow...
Last Update Date: 28 Jan 2011 Release Date: 14 Oct 2009 4485 Views

RISK: Medium Risk

Medium Risk

Microsoft .NET Framework Multiple Vulnerabilities( 14 October 2009 )

1. Microsoft .NET Framework Pointer Verification VulnerabilityA remote code execution vulnerability exists in the Microsoft .NET Framework that could allow a malicious Microsoft .NET application to obtain a managed pointer to stack memory that is no longer used. The malicious Microsoft .NET application could...
Last Update Date: 28 Jan 2011 Release Date: 14 Oct 2009 4751 Views

RISK: Medium Risk

Medium Risk

Microsoft Internet Explorer Multiple Vulnerabilities( 14 October 2009 )

1. Data Stream Header Corruption VulnerabilityA remote code execution vulnerability exists in the way that Internet Explorer processes data stream headers in specific situations. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability...
Last Update Date: 28 Jan 2011 Release Date: 14 Oct 2009 4413 Views

RISK: Medium Risk

Medium Risk

Adobe Reader and Acrobat Multiple Code Execution Vulnerability

Multiple vulnerabilities have been identified in Adobe Reader and Acrobat, which could be exploited by attackers to bypass security restrictions, gain knowledge of sensitive information, cause a denial of service or compromise a vulnerable system. These issues are caused by memory corruptions, integer and heap...
Last Update Date: 28 Jan 2011 Release Date: 12 Oct 2009 4568 Views

RISK: Medium Risk

Medium Risk

CA Anti-Virus Engine RAR Heap Corruption and DoS Vulnerabilities

Two vulnerabilities have been identified in various CA products, which could be exploited by attackers or malware to cause a denial of service or compromise a vulnerable system.1. A heap corruption error in the Anti-Virus engine arclib component when processing malformed RAR archives, ...
Last Update Date: 28 Jan 2011 Release Date: 12 Oct 2009 4729 Views

RISK: Medium Risk

Medium Risk

IBM Informix Client and Connect ".nfx" File Buffer Overflow Vulnerability

A vulnerability has been identified in IBM Informix Client and Informix Connect, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by a buffer overflow error in the SetNet32 utility when processing a ".nfx" file containing a malformed field (...
Last Update Date: 28 Jan 2011 Release Date: 6 Oct 2009 4695 Views

RISK: Medium Risk

Medium Risk

GoogleApps "googleapps.url.mailto:" Argument Injection Vulnerability

A vulnerability has been identified in Google Apps, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by an error in the "googleapps.exe"application when processing parameters passed to the "---renderer-path" argument via...
Last Update Date: 28 Jan 2011 Release Date: 5 Oct 2009 4556 Views

RISK: Medium Risk

Medium Risk

Novell NetWare RPC CALLIT Buffer Overflow Vulnerability

A vulnerability has been identified in Novell NetWare, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by a stack overflow error in the NFS Portmapper (PKERNEL.NLM) when processing malformed RPC CALLIT requests, which could be...
Last Update Date: 28 Jan 2011 Release Date: 2 Oct 2009 4610 Views

RISK: Medium Risk

Medium Risk

Google Chrome v8 Engine Floating Point Memory Corruption Vulnerability

A vulnerability has been identified in Google Chrome, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by a memory corruption error in the v8 engine when parsing strings into floating point numbers via the "dtoa()" implementation, which could...
Last Update Date: 28 Jan 2011 Release Date: 2 Oct 2009 4619 Views

RISK: Medium Risk

Medium Risk

IBM Installation Manager "iim:" URI Remote Library Injection Vulnerability

A vulnerability has been identified in IBM Installation Manager, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by an error in the "IBMIM.exe" file when processing parameters passed to the "-vm" argument via the...
Last Update Date: 28 Jan 2011 Release Date: 2 Oct 2009 4618 Views