1569 matches found
USN-1061-1: iTALC vulnerability
Stéphane Graber discovered that the iTALC private keys shipped with the Edubuntu Live DVD were not correctly regenerated once Edubuntu was installed. If an iTALC client was installed with the vulnerable keys, a remote attacker could gain control of the system. Only systems using keys from the...
Security updates available for Adobe Reader and Acrobat
Security updates available for Adobe Reader and Acrobat Release date: February 8, 2011 Vulnerability identifier: APSB11-03 CVE Numbers: CVE-2010-4091, CVE-2011-0562, CVE-2011-0563, CVE-2011-0564, CVE-2011-0565, CVE-2011-0566, CVE-2011-0567, CVE-2011-0568, CVE-2011-0570, CVE-2011-0585,...
Microsoft OpenType Font Format Driver Double Free Code Execution (MS10-091; CVE-2010-3957)
OpenType is a font format developed jointly by Microsoft and Adobe as an extension of Apple's TrueType font format. A remote code execution vulnerability has been reported in the way Microsoft Windows OpenType Font OTF format driver improperly parses specially crafted OpenType fonts. A remote...
Microsoft Graphics Filters TIFF Image Converter Heap Overflow (MS10-105; CVE-2010-3947)
Tagged Image File Format TIFF is a container format for storing images, including photographs and line art. A remote code execution vulnerability has been discovered in the way that Microsoft Office parses specially crafted TIFF image files. The vulnerability is due to an error in Microsoft Offic...
Microsoft Graphics Filters TIFF Image Converter Buffer Overflow (MS10-105; CVE-2010-3949; CVE-2010-3950)
Tagged Image File Format TIFF is a container format for storing images, including photographs and line art. A buffer overflow vulnerability has been discovered in the way that Microsoft Office parses specially crafted TIFF image files. The vulnerability is due to an error in Microsoft Office TIFF...
Microsoft Graphics Filters PICT Image Converter Integer Overflow (MS10-105; CVE-2010-3946)
PICT is a graphics file format that allows the interchange of graphics both bitmapped and vector, and some limited text support, between Mac applications. A remote code execution vulnerability has been discovered in the way that Microsoft Office allocates buffer size when handling PICT image file...
Cisco IOS HTTP Unauthorized Administrative Access
This module exploits a vulnerability in the Cisco IOS HTTP Server. By sending a GET request for "/level/num/exec/..", where num is between 16 and 99, it is possible to bypass authentication and obtain full system control. IOS 11.3 - 12.2 are reportedly vulnerable. This module tested successfully...
ProFTPD受控制源软件包后门安全漏洞
ProFTPD是一款开放源代码FTP服务程序。 ProFTPD的特定时期版本被插入了后门代码,远程攻击者可利用这些后门非授权获取对FTP服务器的访问,从而控制系统。 此问题影响项目的主FTP服务器和所有镜像服务器发布的被攻击的ProFTPD 1.3.3c源代码包,此代码包中包含允许远程root权限访问的后门。2010年11月28日至12月2日期间下载的源代码受此问题影响。 ProFTPD Project ProFTPD 1.3.x 厂商补丁: ProFTPD Project --------------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Microsoft Word RTF文件解析栈溢出漏洞(MS10-087)
BUGTRAQ ID: 44652 CVE ID: CVE-2010-3333 Word是微软Office套件中的文字处理工具。 在处理RTF文档中的特定控制字时Word未经执行长度检查便将其属性字符串拷贝到了栈缓冲区中,这可能触发栈溢出。成功利用此漏洞的攻击者可以完全控制受影响的系统。 Microsoft Office XP SP3 Microsoft Office for Mac 2011 Microsoft Office 2010 Microsoft Office 2008 for Mac Microsoft Office 2007 SP2 Microsoft Office 200...
Microsoft OpenType Font Parsing Elevation of Privilege (MS10-078; CVE-2010-2740)
OpenType is a font format developed jointly by Microsoft and Adobe as an extension of Apple's TrueType font format. An OpenType font file contains data, in table format, that comprises either a TrueType or a PostScript outline font. An elevation of privilege vulnerability has been reported in the...
Microsoft Browser Embedded Media Player Memory Corruption (MS10-082; CVE-2010-2745)
Windows Media Player is a feature of the Windows operating system for personal computers. It is used for playing audio and video. A remote code execution vulnerability has been reported in Windows Media Player. The vulnerability is due to an error in the Windows Media Player that improperly...
Microsoft Internet Explorer MSHTML Uninitialized Memory Corruption (MS10-071; CVE-2010-3331)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has not been initialized or has been deleted when a document in an HTML format is opened in Microsoft Word. To trigger this issue, ...
linux-flashplugin -- multiple vulnerabilities
Adobe Product Security Incident Response Team reports: Critical vulnerabilities have been identified in Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 10.1.95.1 for Android. These vulnerabilities, including CVE-2010-3654...
Microsoft Outlook RTF Email Parsing Heap Based Buffer Overflow (MS10-064; CVE-2010-2728)
Microsoft Outlook is an e-mail application and a personal information manager. A remote code execution vulnerability has been reported in the way that Microsoft Outlook parses content in a specially crafted e-mail message. The vulnerability is due to an error in Microsoft Outlook that fails to...
Adobe Warns of Flash Player Zero-Day Attack
The zero-day hacker attacks against Adobe’s software products are coming fast and furious. Less than a week after the discovery of a sophisticated malware attack against an unpatched security hole in Adobe Reader/Acrobat, the company has issued a new warning for in-the-wild attacks against a...
Microsoft Word sprmCMajority Record Parsing Remote Code Execution (MS10-056; CVE-2010-1900)
A remote code execution vulnerability exists in the way that Microsoft Office Word handles malformed records inside of a specially crafted Word file. Exploitation of this vulnerability requires that a user open a specially crafted Word file with an affected version of Microsoft Office Word. An...
Update Protection against Adobe Shockwave Player DIR Files PAMI Chunk Code Execution Vulnerability (APSB10-12)
A remote code execution vulnerability has been identified in Adobe Shockwave Player. Adobe Shockwave is a multimedia player that allows Adobe Director applications to be published on the Internet and viewed in a web browser by anyone who has the Shockwave plug-in installed. An attacker can exploi...
CGI Generic XML Injection
By sending specially crafted parameters to one or more CGI scripts hosted on the remote web server, Nessus was able to get a very different response, which suggests that it may have been able to modify the behavior of the application and directly access a SOAP back-end. An attacker may be able to...
Microsoft MPEG Layer-3 Codecs Remote Code Execution Vulnerability (977816)
This host is missing a critical security update according to Microsoft Bulletin MS10-026. OpenVAS Vulnerability Test $Id: secpodms10-026.nasl 5934 2017-04-11 12:28:28Z antu123 $ Microsoft MPEG Layer-3 Codecs Remote Code Execution Vulnerability 977816 Authors: Madhuri D Updated By: Madhuri D on...
Energizer DUO USB battery charger software allows unauthorized remote system access
Overview The software available for the Energizer DUO USB battery charger contains a backdoor that allows unauthorized remote system access. Description Energizer DUO is a USB battery charger. An optional Windows application that allows the user to view the battery charging status has been...