Microsoft IIS Request Header Buffer Overflow Vulnerability

Description Microsoft IIS is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. This issue affects IIS 7.5 on Windows 7...

Microsoft Windows CSRSS Memory Allocation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. This issue affects...

Microsoft IIS Repeated Parameter Request Denial of Service Vulnerability

Description Microsoft IIS is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to force the affected application to become unresponsive, denying service to legitimate users. This issue affects IIS 5.1, 6.0, 7.0, and 7.5. Technologies Affected Avaya Aura...

Microsoft Windows and Office Uniscribe Font Parsing Engine Remote Code Execution Vulnerability

Description Microsoft Windows and Office are prone to a remote code-execution vulnerability when handling crafted font data. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file or webpage. A successful exploit may allow arbitrary code to run in the context...

CVE-2010-3186

IBM WebSphere Application Server WAS 7.x before 7.0.0.13, and WebSphere Application Server Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, when a JAX-WS application is used, does not properly handle an IncludeTimestamp setting in the WS-Security policy, which has unspecified impact and...

CVE-2010-3186

IBM WebSphere Application Server 7.x before 7.0.0.13 and WebSphere Application Server Feature Pack for Web Services 6.1.0.9 through 6.1.0.32 are affected when using a JAX-WS application; the WS-Security policy IncludeTimestamp setting is not handled correctly, with unspecified impact and remote a...

Adobe Flash Media Server < 3.0.6 / 3.5.4 Multiple Vulnerabilities (APSB10-19)

The remote host is running Adobe Flash Media Server, an application server for Flash-based applications. The version running on the remote host is earlier than version 3.0.6 or 3.5.4. Such versions are potentially affected by the following vulnerabilities : - An issue in a JS method could result ...

Microsoft Internet Explorer 'OnPropertyChange_Src()' Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...

Microsoft Windows 'xxxCreateWindowEx()' Window Creation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker may exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...

Microsoft Windows SChannel Certificate Request Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability that affects SChannel. Successful exploits will allow an attacker to run arbitrary code in the context of the currently logged-in user. Technologies Affected Avaya Aura Conferencing 6.0 Avaya Aura Conferencing 6.0...

Microsoft Windows SMB Stack Exhaustion Denial of Service Vulnerability

Description Microsoft Windows is prone to a denial-of-service vulnerability that affects the Microsoft Server Message Block SMB protocol software. A remote attacker can exploit this issue to stop the affected system from responding, resulting in denial-of-service conditions. Technologies Affected...

Microsoft Windows CVE-2010-1895 User Pool Overflow Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker may exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...

Microsoft Windows 'xxxRealDrawMenuItem()' Function Local Denial Of Service Vulnerability

Description Microsoft Windows is prone to a local denial-of-service vulnerability that occurs in the Windows kernel. A local attacker may exploit this issue to cause the affected computer to crash and reboot, resulting in a denial-of-service condition. Technologies Affected Avaya Aura Conferencin...

Microsoft Windows SMB Pool Overflow Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the Microsoft Server Message Block SMB protocol software. A remote attacker can exploit this issue to execute code with SYSTEM-level privileges. Failed exploit attempts will likely cause denial-of-service...

Microsoft Internet Explorer Event Handler Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to access local files or content from a browser window in another domain or security...

Microsoft Internet Explorer "CIframeElement" Use After Free Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...

Microsoft Internet Explorer 'boundElements' Use-After-Free Error Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...

EUVD-2010-2976

Stack-based buffer overflow in the IConfigurationAccess interface in the Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control in Wonderware Application Server WAS before 3.1 SP2 P01, as used in the Wonderware Archestra Integrated Development Environment IDE and the InFusion...

CVE-2010-2974

The CVE-2010-2974 issue is a stack-based buffer overflow in the IConfigurationAccess interface of the Wonderware ArchestrA ConfigurationAccessComponent ActiveX control used by Wonderware Application Server (WAS) and related IDE/IEE. Affected software runs prior to 3.1 SP2 P01. An attacker can sup...

Oracle Critical Patch Update Advisory - July 2010

Oracle Critical Patch Update Advisory - July 2010 Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are...