Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Google Chrome Javascript Memory Corruption Vulnerabilities

Two vulnerabilities have been identified in Google Chrome, which could be exploited by remote attackers to compromise a vulnerable system.1. A heap overflow error when evaluating a specially crafted regular expression in Javascript, which could be exploited to crash an affected browser and execute arbitrary...
Last Update Date: 28 Jan 2011 Release Date: 20 Jul 2009 4771 Views

RISK: Medium Risk

Medium Risk

Oracle Products Multiple Vulnerabilities ( 16 July 2009 )

Multiple vulnerabilities have been identified in various Oracle and BEA products, which could be exploited by remote or local attackers to cause a denial of service, read and manipulate certain data, disclose sensitive information, conduct SQL injection attacks, bypass security restrictions, or execute arbitrary...
Last Update Date: 28 Jan 2011 Release Date: 16 Jul 2009 4811 Views

RISK: Medium Risk

Medium Risk

Oracle Products Multiple Vulnerabilities ( 16 July 2009 )

Multiple vulnerabilities have been identified in various Oracle and BEA products, which could be exploited by remote or local attackers to cause a denial of service, read and manipulate certain data, disclose sensitive information, conduct SQL injection attacks, bypass security restrictions, or execute arbitrary...
Last Update Date: 28 Jan 2011 Release Date: 16 Jul 2009 4717 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Publisher Pointer Dereference Vulnerability ( 15 July 2009 )

A remote code execution vulnerability exists in the way that Microsoft Office Publisher opens, imports, and converts files created in versions older than Microsoft Office Publisher 2007. An attacker could exploit the vulnerability by creating a specially crafted Publisher file that could be included as an e...
Last Update Date: 28 Jan 2011 Release Date: 15 Jul 2009 4559 Views

RISK: Medium Risk

Medium Risk

Microsoft Video ActiveX Control Vulnerability ( 15 July 2009 )

A remote code execution vulnerability exists in the Microsoft Video ActiveX Control, msvidctl.dll. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who...
Last Update Date: 28 Jan 2011 Release Date: 15 Jul 2009 4593 Views

RISK: Medium Risk

Medium Risk

Microsoft ISA Server 2006 Radius OTP Bypass Vulnerability ( 15 July 2009 )

An elevation of privilege vulnerability exists in ISA Server 2006 authentication when configured with Radius OTP. The vulnerability could allow an unauthenticated user access to any Web published resource. With knowledge of administrator account usernames, an attacker who successfully exploited this vulnerability could take complete control of...
Last Update Date: 28 Jan 2011 Release Date: 15 Jul 2009 4632 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Embedded OpenType Font Engine Multiple Vulnerabilities ( 15 July 2009 )

1. Embedded OpenType Font Heap Overflow VulnerabilityA remote code execution vulnerability exists in the way that Microsoft Windows Embedded OpenType (EOT) font technology parses data records in specially crafted embedded fonts. If a user is logged on with administrative user rights, an attacker who successfully...
Last Update Date: 28 Jan 2011 Release Date: 15 Jul 2009 4580 Views

RISK: Medium Risk

Medium Risk

Microsoft DirectShow Multiple Vulnerabilities ( 15 July 2009 )

1. DirectX NULL Byte Overwrite VulnerabilityA remote code execution vulnerability exists in the way that Microsoft DirectShow parses QuickTime media files. This vulnerability could allow code execution if a user opened a specially crafted QuickTime file. If a user is logged on with administrative user rights, ...
Last Update Date: 28 Jan 2011 Release Date: 15 Jul 2009 4578 Views

RISK: Medium Risk

Medium Risk

Mozilla Firefox Memory Corruption Vulnerability

A vulnerability has been identified in Mozilla Firefox, which could be exploited by remote attackers to compromise an affected system. This issue is caused by a memory corruption error when handling certain elements, which could be exploited by remote attackers to execute arbitrary code by tricking a...
Last Update Date: 28 Jan 2011 Release Date: 15 Jul 2009 4774 Views

RISK: Medium Risk

Medium Risk

MicrosoftOffice Web Components Remote Code Execution Vulnerability

A vulnerability has been identified in Microsoft Office Web Components, which could be exploited by remote attackers to compromise an affected system. This issue is caused by a memory corruption error in the "OWC10.DLL" and "OWC11.DLL" ActiveX controls, which...
Last Update Date: 28 Jan 2011 Release Date: 14 Jul 2009 4882 Views