Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Mozilla Products Memory Corruption and Security Bypass Vulnerabilities

Multiple vulnerabilities have been identified in Mozilla Firefox and Thunderbird, which could be exploited by attackers to bypass security restrictions, disclose sensitive information, cause a denial of service or compromise a vulnerable system.1. Memory corruption errors in the JavaScript and browser engines when parsing...
Last Update Date: 28 Jan 2011 Release Date: 23 Jul 2009 5318 Views

RISK: Medium Risk

Medium Risk

Google Chrome Javascript Memory Corruption Vulnerabilities

Two vulnerabilities have been identified in Google Chrome, which could be exploited by remote attackers to compromise a vulnerable system.1. A heap overflow error when evaluating a specially crafted regular expression in Javascript, which could be exploited to crash an affected browser and execute arbitrary...
Last Update Date: 28 Jan 2011 Release Date: 20 Jul 2009 5372 Views

RISK: Medium Risk

Medium Risk

Oracle Products Multiple Vulnerabilities ( 16 July 2009 )

Multiple vulnerabilities have been identified in various Oracle and BEA products, which could be exploited by remote or local attackers to cause a denial of service, read and manipulate certain data, disclose sensitive information, conduct SQL injection attacks, bypass security restrictions, or execute arbitrary...
Last Update Date: 28 Jan 2011 Release Date: 16 Jul 2009 5412 Views

RISK: Medium Risk

Medium Risk

Oracle Products Multiple Vulnerabilities ( 16 July 2009 )

Multiple vulnerabilities have been identified in various Oracle and BEA products, which could be exploited by remote or local attackers to cause a denial of service, read and manipulate certain data, disclose sensitive information, conduct SQL injection attacks, bypass security restrictions, or execute arbitrary...
Last Update Date: 28 Jan 2011 Release Date: 16 Jul 2009 5320 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Publisher Pointer Dereference Vulnerability ( 15 July 2009 )

A remote code execution vulnerability exists in the way that Microsoft Office Publisher opens, imports, and converts files created in versions older than Microsoft Office Publisher 2007. An attacker could exploit the vulnerability by creating a specially crafted Publisher file that could be included as an e...
Last Update Date: 28 Jan 2011 Release Date: 15 Jul 2009 5164 Views

RISK: Medium Risk

Medium Risk

Microsoft Video ActiveX Control Vulnerability ( 15 July 2009 )

A remote code execution vulnerability exists in the Microsoft Video ActiveX Control, msvidctl.dll. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who...
Last Update Date: 28 Jan 2011 Release Date: 15 Jul 2009 5193 Views

RISK: Medium Risk

Medium Risk

Microsoft ISA Server 2006 Radius OTP Bypass Vulnerability ( 15 July 2009 )

An elevation of privilege vulnerability exists in ISA Server 2006 authentication when configured with Radius OTP. The vulnerability could allow an unauthenticated user access to any Web published resource. With knowledge of administrator account usernames, an attacker who successfully exploited this vulnerability could take complete control of...
Last Update Date: 28 Jan 2011 Release Date: 15 Jul 2009 5245 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Embedded OpenType Font Engine Multiple Vulnerabilities ( 15 July 2009 )

1. Embedded OpenType Font Heap Overflow VulnerabilityA remote code execution vulnerability exists in the way that Microsoft Windows Embedded OpenType (EOT) font technology parses data records in specially crafted embedded fonts. If a user is logged on with administrative user rights, an attacker who successfully...
Last Update Date: 28 Jan 2011 Release Date: 15 Jul 2009 5204 Views

RISK: Medium Risk

Medium Risk

Microsoft DirectShow Multiple Vulnerabilities ( 15 July 2009 )

1. DirectX NULL Byte Overwrite VulnerabilityA remote code execution vulnerability exists in the way that Microsoft DirectShow parses QuickTime media files. This vulnerability could allow code execution if a user opened a specially crafted QuickTime file. If a user is logged on with administrative user rights, ...
Last Update Date: 28 Jan 2011 Release Date: 15 Jul 2009 5204 Views

RISK: Medium Risk

Medium Risk

Mozilla Firefox Memory Corruption Vulnerability

A vulnerability has been identified in Mozilla Firefox, which could be exploited by remote attackers to compromise an affected system. This issue is caused by a memory corruption error when handling certain elements, which could be exploited by remote attackers to execute arbitrary code by tricking a...
Last Update Date: 28 Jan 2011 Release Date: 15 Jul 2009 5410 Views