Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

IBM Lotus Expeditor "cai:" URI Handler Command Injection Vulnerability

A vulnerability has been identified in IBM Lotus Expeditor, which could be exploited by remote attackers to take complete control of an affected system. This issue is caused by an input validation error when handling "cai" URIs and passing the "-launcher" argument to the...
Last Update Date: 28 Jan 2011 Release Date: 2 May 2008 4408 Views

RISK: Medium Risk

Medium Risk

WordPress Cookie Integrity Protection Privilege Escalation Vulnerability

A vulnerability has been identified in WordPress, which could be exploited by attackers to compromise an affected web site. This issue is caused by an error in the MAC calculation procedure when handling the "USERNAME" and "EXPIRY_TIME" parameters contained in the authentication cookie, ...
Last Update Date: 28 Jan 2011 Release Date: 29 Apr 2008 4379 Views

RISK: Medium Risk

Medium Risk

StarOffice/StarSuite Multiple Vulnerabilities

Multiple vulnerabilities have been identified in StarOffice/StarSuite, which could be exploited by attackers to cause a denial of service or compromise an affected system. These issues are caused by heap overflow and corruption errors when processing specially crafted ODF text documents with XForms, or when...
Last Update Date: 28 Jan 2011 Release Date: 29 Apr 2008 4367 Views

RISK: Medium Risk

Medium Risk

HP Software Update HPeDiag ActiveX Control Multiple Vulnerabilities

Multiple vulnerabilities have been identified in HP Software Update, which could be exploited by remote attackers to gain knowledge of sensitive information or take complete control of an affected system.1. Due to a buffer overflow error in the HPeDiag ActiveX control when handling malformed data passed...
Last Update Date: 28 Jan 2011 Release Date: 28 Apr 2008 4412 Views

RISK: Medium Risk

Medium Risk

Cisco Network Admission Control Shared Secret Vulnerability

A vulnerability has been identified in the Cisco Network Admission Control (NAC) Appliance, which could allow an attacker to obtain the shared secret that is used between the Cisco Clean Access Server (CAS) and the Cisco Clean Access Manager (CAM).
Last Update Date: 28 Jan 2011 Release Date: 25 Apr 2008 4445 Views

RISK: Medium Risk

Medium Risk

Adobe Products BMP Handling Buffer Overflow Vulnerability

A vulnerability has been identified in multiple Adobe products, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system. This issue is caused by a buffer overflow error when parsing malformed BMP images, which could be...
Last Update Date: 28 Jan 2011 Release Date: 23 Apr 2008 4372 Views

RISK: Medium Risk

Medium Risk

ICQ Personal Status Manager Vulnerability

A vulnerability has been identified in ICQ, which could be exploited by attackers to cause a denial of service or compromise an affected system. This issue is caused by a buffer overflow error in the Personal Status Manager feature when processing a specially crafted status message, which...
Last Update Date: 28 Jan 2011 Release Date: 22 Apr 2008 4415 Views

RISK: Medium Risk

Medium Risk

Mozilla JavaScript Garbage Collector Vulnerability

A vulnerability has been identified in Mozilla Firefox, Thunderbird and SeaMonkey, which could be exploited by remote attackers to cause a denial of service or compromise a vulnerable system. This issue is caused by memory corruption errors in the JavaScript Garbage Collector when processing malformed data, ...
Last Update Date: 28 Jan 2011 Release Date: 18 Apr 2008 4463 Views

RISK: Medium Risk

Medium Risk

OpenOffice Multiple Vulnerabilities

Multiple vulnerabilities have been identified in OpenOffice.org, which could be exploited by attackers to cause a denial of service or compromise an affected system. These issues are caused by heap overflow and corruption errors when processing specially crafted ODF text documents with XForms, or when...
Last Update Date: 28 Jan 2011 Release Date: 18 Apr 2008 4535 Views

RISK: Medium Risk

Medium Risk

CA Products DSM "gui_cm_ctrls" ActiveX Vulnerability

A vulnerability has been identified in various CA products, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system. This issue is caused by input validation errors in the DSM "gui_cm_ctrls" ActiveX control when handling...
Last Update Date: 28 Jan 2011 Release Date: 18 Apr 2008 4476 Views