Skip to main content

Special Announcement

  • 25 Jun 2024

    Announcement for Change of Chinese Name

    Please note that the Chinese name of HKCERT is changed from 「香港電腦保安事故協調中心」 to 「香港網絡安全事故協調中心」 with immediate effect.

    The English name, abbreviation, web address and email address remained unchanged.

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Sun Java Runtime Environment Remote Code Execution Vulnerabilities

Two vulnerabilities have been identified in Sun Java Runtime Environment, which could be exploited by remote attackers to take complete control of an affected system. These issues are caused by unspecified errors when handling certain untrusted applications or applets, which could be exploited by a malicious web...
Last Update Date: 28 Jan 2011 Release Date: 11 Feb 2008 4720 Views

RISK: Medium Risk

Medium Risk

Adobe Reader/Acrobat Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Adobe Reader and Acrobat, which could be exploited by attackers to bypass security restrictions or take complete control of an affected system. These issues are caused by input validation and buffer overflow errors when handling malformed data, which could be exploited...
Last Update Date: 28 Jan 2011 Release Date: 11 Feb 2008 5045 Views

RISK: Medium Risk

Medium Risk

Mozilla Firefox and SeaMonkey Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Mozilla Firefox and SeaMonkey, which could be exploited by attackers to bypass security restrictions, disclose sensitive information, cause a denial of service or take complete control of an affected system.1. A memory corruption errors in the browser and...
Last Update Date: 28 Jan 2011 Release Date: 11 Feb 2008 4762 Views

RISK: Medium Risk

Medium Risk

Mozilla Thunderbird Multiple Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Mozilla Thunderbird, which could be exploited by attackers to bypass security restrictions, disclose sensitive information, cause a denial of service or take complete control of an affected system.1. A memory corruption errors in the browser and JavaScript engines...
Last Update Date: 28 Jan 2011 Release Date: 11 Feb 2008 4677 Views

RISK: Medium Risk

Medium Risk

Nero Media Player M3U File Processing Buffer Overflow Vulnerability

A vulnerability has been identified in Nero Media Player, which could be exploited by attackers to cause a denial of service or take complete control of an affected system. This issue is caused by a buffer overflow error when processing a M3U file containing overly long data, ...
Last Update Date: 28 Jan 2011 Release Date: 6 Feb 2008 5092 Views

RISK: Medium Risk

Medium Risk

UltraVNC Multiple Buffer Overflow Vulnerabilities

A vulnerability has been identified in UltraVNC, which could be exploited by attackers to cause a denial of service or take complete control of an affected system. A buffer overflow error in the [vncviewer/ClientConnection.cpp] function and multiple boundary errors within the [...
Last Update Date: 28 Jan 2011 Release Date: 5 Feb 2008 4858 Views

RISK: Medium Risk

Medium Risk

Yahoo! Music Jukebox ActiveX Multiple Buffer Overflow Vulnerabilities

Multiple vulnerabilities have been identified in Yahoo! Music Jukebox, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system. These issues are caused by buffer overflow errors in the "datagrid.dll" and "...
Last Update Date: 28 Jan 2011 Release Date: 5 Feb 2008 4724 Views

RISK: Medium Risk

Medium Risk

Facebook Photo Uploader Control Remote Buffer Overflow Vulnerabilities

Multiple vulnerabilities have been identified in Facebook Photo Uploader, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system. These issues are caused by buffer overflow errors in the "ImageUploader4.ocx" ActiveX control when...
Last Update Date: 28 Jan 2011 Release Date: 5 Feb 2008 4751 Views

RISK: Medium Risk

Medium Risk

Cisco Wireless Control System Apache Tomcat JK Web Server Connector Buffer Overflow Vulnerability

A vulnerability has been identified in Cisco Wireless Control System (WCS), which could be exploited by remote attackers to cause a denial of service or execute arbitrary code. This issue is due to a buffer overflow error in the mod_jk library when processing overly long URLs via...
Last Update Date: 28 Jan 2011 Release Date: 1 Feb 2008 4899 Views

RISK: Medium Risk

Medium Risk

Winamp Ultravox Streaming Metadata Parsing Buffer Overflow Vulnerabilities

Multiple vulnerabilities have been identified in Winamp, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system. These issues are caused by buffer overflow errors in "in_mp3.dll" when constructing stream titles while parsing...
Last Update Date: 28 Jan 2011 Release Date: 21 Jan 2008 4826 Views