Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Apple Safari Memory Corruption and Address Bar Spoofing Vulnerabilities

Multiple vulnerabilities have been identified in Apple Safari for Windows, which could be exploited by remote attackers to spoof arbitrary web sites, cause a denial of service or compromise a vulnerable system.1. Due to a memory corruption error when handling overly long filenames, which...
Last Update Date: 28 Jan 2011 Release Date: 26 Mar 2008 5627 Views

RISK: Medium Risk

Medium Risk

Mac OS X Multiple Vulnerabilities

Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.1. Multiple boundary errors in AFP client when processing "afp://" URLs can be exploited to cause stack-based buffer overflows when a user connects to a malicious AFP server....
Last Update Date: 28 Jan 2011 Release Date: 20 Mar 2008 5668 Views

RISK: Medium Risk

Medium Risk

MIT Kerberos Updates for Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Kerberos, which could be exploited by attackers to gain knowledge of sensitive information, cause a denial of service or take complete control of an affected system.1. Due to an errors in KDC when handling krb4 messages, which could...
Last Update Date: 28 Jan 2011 Release Date: 20 Mar 2008 5729 Views

RISK: Medium Risk

Medium Risk

Apple Safari Command Execution and Cross Site Scripting Vulnerabilities

Multiple vulnerabilities have been identified in Apple Safari, which could be exploited by remote attackers to bypass security restrictions, cause a denial of service, disclose sensitive information, or execute arbitrary code.1. Due to an error in the validation of certificates, which could...
Last Update Date: 28 Jan 2011 Release Date: 19 Mar 2008 5719 Views

RISK: Medium Risk

Medium Risk

CA BrightStor ARCserve Backup List Control Code Execution Vulnerability

A vulnerability has been identified in CA BrightStor ARCserve Backup, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system. This issue is caused by a buffer overflow error in the "ListCtrl.ocx" ActiveX...
Last Update Date: 28 Jan 2011 Release Date: 18 Mar 2008 5812 Views

RISK: Medium Risk

Medium Risk

F-Secure Products Archive Handling Code Execution Vulnerabilities

Multiple vulnerabilities have been identified in various F-Secure products, which could be exploited by attackers or malware to cause a denial of service or take complete control of an affected system. These issues are caused by memory corruption errors when processing malformed archives, which could...
Last Update Date: 28 Jan 2011 Release Date: 18 Mar 2008 5697 Views

RISK: Medium Risk

Medium Risk

Cisco User-Changeable Password Remote Buffer Overflow Vulnerabilities

Multiple vulnerabilities have been identified in Cisco User-Changeable Password (UCP), which could be exploited by remote attackers to execute arbitrary scripting code, cause a denial of service or take complete control of an affected system.1. Due to a buffer overflow errors in...
Last Update Date: 28 Jan 2011 Release Date: 14 Mar 2008 5822 Views

RISK: Medium Risk

Medium Risk

McAfee ePolicy Orchestrator "logDetail()" Format String Vulnerability

A vulnerability has been identified in McAfee ePolicy Orchestrator, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system. This issue is caused by a format string error in the "logDetail()" [applib.dll] ...
Last Update Date: 28 Jan 2011 Release Date: 14 Mar 2008 5741 Views

RISK: Medium Risk

Medium Risk

Microsoft Office Web Components Two Vulnerabilites( 12 March 2008 )

1. Office Web Components URL Parsing VulnerabilityA remote code execution vulnerability exists in the way Microsoft Office Web Components manages memory resources when parsing specially crafted URLs. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page...
Last Update Date: 28 Jan 2011 Release Date: 12 Mar 2008 5692 Views

RISK: Medium Risk

Medium Risk

Microsoft Outlook URI Vulnerability( 12 March 2008 )

A remote code execution exists in Outlook. The vulnerability could allow remote code execution if Outlook is passed a specially crafted mailto URI. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users...
Last Update Date: 28 Jan 2011 Release Date: 12 Mar 2008 5467 Views