Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Microsoft Internet Explorer Multiple Vulnerabilities( 15 April 2009 )

1. Blended Threat Remote Code Execution VulnerabilityA blended threat remote code execution vulnerability exists in the way that Internet Explorer locates and opens files on the system. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page...
Last Update Date: 28 Jan 2011 Release Date: 15 Apr 2009 5467 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Multiple Privilege Escalation Vulnerabilities( 15 April 2009 )

1. Windows MSDTC Service Isolation VulnerabilityAn elevation of privilege vulnerability exists in the Microsoft Distributed Transaction Coordinator (MSDTC) transaction facility in Microsoft Windows platforms. MSDTC leaves a NetworkService token that can be impersonated by any process that calls into it. The vulnerability allows a process...
Last Update Date: 28 Jan 2011 Release Date: 15 Apr 2009 5663 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows HTTP Services Multiple Vulnerabilities( 15 April 2009 )

1. Windows HTTP Services Integer Underflow VulnerabilityA remote code execution vulnerability exists in the way that Windows HTTP Services handle specific values that are returned by a remote Web server. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker...
Last Update Date: 28 Jan 2011 Release Date: 15 Apr 2009 5521 Views

RISK: Medium Risk

Medium Risk

Microsoft WordPad and Office Text Converters Multiple Vulnerabilities( 15 April 2009 )

1. WordPad and Office Text Converter Memory Corruption VulnerabilityA remote code execution vulnerability exists in the way that text converters in WordPad and Microsoft Office process memory when a user opens a specially crafted Word 6 file that includes malformed data.2. WordPad Word 97 Text Converter...
Last Update Date: 28 Jan 2011 Release Date: 15 Apr 2009 5395 Views

RISK: Medium Risk

Medium Risk

Microsoft DirectShow MJPEG Decompression Vulnerability( 15 April 2009 )

A remote code execution vulnerability exists in the way Microsoft DirectShow handles supported format files. This vulnerability could allow code execution if a user opened a specially crafted MJPEG file. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability...
Last Update Date: 28 Jan 2011 Release Date: 15 Apr 2009 5389 Views

RISK: Medium Risk

Medium Risk

Microsoft ISA Server and Forefront Threat Management Gateway (Medium Business Edition) Multiple Vulnerabilities( 15 April 2009 )

1. Web Proxy TCP State Limited Denial of Service VulnerabilityA denial of service vulnerability exists in the way the firewall engine handles TCP state for Web proxy or Web publishing listeners. The vulnerability could allow a remote user to cause a Web listener to stop responding to new...
Last Update Date: 28 Jan 2011 Release Date: 15 Apr 2009 5416 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Excel Multiple Memory Corruption Vulnerabilities( 15 April 2009 )

1. Memory Corruption VulnerabilityA remote code execution vulnerability exists in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed object. An attacker who successfully exploited this vulnerability could take complete control of an affected system...
Last Update Date: 28 Jan 2011 Release Date: 15 Apr 2009 5345 Views

RISK: Medium Risk

Medium Risk

ClamAVcli_url_canon()" Buffer Overflow and UPack DoS Vulnerabilities

Multiple vulnerabilities have been identified in ClamAV, which could be exploited by attackers or malware to cause a denial of service or compromise a vulnerable system.1. A buffer overflow error in the "cli_url_canon()" [libclamav/phishcheck.c] function when processing specially crafted...
Last Update Date: 28 Jan 2011 Release Date: 14 Apr 2009 5699 Views

RISK: Medium Risk

Medium Risk

HPOpenView Performance Agent DynaZip Buffer Overflow Vulnerability

A vulnerability has been identified in HP OpenView Performance Agent and HP Performance Agent, which could be exploited by remote attackers to compromise a vulnerable system.Buffer overflow errors in the "dzip32.dll" and "dzips32.dll" libraries when repairing, adding, ...
Last Update Date: 28 Jan 2011 Release Date: 14 Apr 2009 5845 Views

RISK: Medium Risk

Medium Risk

SunSolaris and SEAM Kerberos Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Sun Solaris and SEAM (Sun Enterprise Authentication Mechanism), which could be exploited by remote attackers to cause a denial of service or compromise a vulnerable system. These issues are caused by errors in Kerberos.1. A NULL pointer dereference...
Last Update Date: 28 Jan 2011 Release Date: 14 Apr 2009 5528 Views