Deja Vu: Another Adobe Flash Player Security Update Released

What’s better than one Flash Player update a week? Why two, of course. Adobe released its regularly scheduled security updates today, including another set of fixes for its ubiquitous Flash Player, less than a week after an emergency patch took care of two zero-day vulnerabilities being exploited...

Microsoft Internet Explorer 6/7/8 mshtml!CDwnBindInfo对象释放后重用代码执行漏洞

BUGTRAQ ID: 57070 CVECAN ID: CVE-2012-4792 Microsoft Internet Explorer是微软公司推出的一款网页浏览器。 Internet Explorer在mshtml!CDwnBindInfo对象的处理上存在释放后重用漏洞，远程攻击者可能利用此漏洞通过诱使用户访问恶意网页内容导致执行任意代码控制用户系统。 此漏洞是0day漏洞，目前已被发现用于执行针对性的攻击。 不受影响系统： Microsoft Internet Explorer 9.x Microsoft Internet Explorer 10.x 0 Microsoft...

Microsoft Word RTF File 'listoverridecount'远程代码执行漏洞（MS12-079)

BUGTRAQ ID: 56834 CVECAN ID: CVE-2012-2539 Microsoft Word 属于办公软件是微软公司的一个文字处理器应用程序。 Microsoft Word 在解析listoverridecount相关的RTF（Rich Text Format）数据时存在漏洞。通过诱使用户浏览恶意网站或在e-mail邮件中打开特定格式的rtf文件，未经身份验证的远程攻击者可利用此漏洞以当前用户权限执行任意代码。 0 Microsoft Office 2003 Professional Edition Microsoft Office Word Viewer...

Exploit Code Released for ASP.NET Flaw

A few days after MIcrosoft released a patch to fix a vulnerability in ASP.NET that could enable a denial-of-service attack, someone has released exploit code for the vulnerability. The proof-of-concept exploit code was posted to the Full Disclosure mailing list and is available for download from...

MS KB2641690: Fraudulent Digital Certificates Could Allow Spoofing (deprecated)

Due to the issuance of several fraudulent SSL certificates, two DigiCert Sdn. Bhd. intermediate certificates have been placed in the Microsoft Untrusted Certificate Store. %NASLMINLEVEL 999999 @DEPRECATED@ C Tenable Network Security, Inc. include"compat.inc"; if description scriptid56955;...

Windows Kernel Zero Day Vulnerability Found in Duqu Installer

Windows Kernel Zero Day Vulnerability Found in Duqu Installer Duqu malware attack exploited a zero-day vulnerability in the Windows kernel, according to security researchers tracking the Stuxnet-like cyber-surveillance Trojan. The vulnerability has since been reported to Microsoft and Microsoft i...

Two Remote Code Execution Vulnerabilities in Internet Explorer

Vulnerability 1: Internet Explorer Select Element Remote Code Execution Original advisory: http://ifsec.blogspot.com/2011/10/internet-explorer-select-element-remote.html I. OVERVIEW There is a vulnerability in Internet Explorer which enables execution of arbitrary code if the user visits a web pa...

PT-2011-2970 · Microsoft · Windows Server 2003 +4

Name of the Vulnerable Software and Affected Versions: Windows XP versions SP2 through SP3 Windows Server 2003 version SP2 Windows Vista versions SP1 through SP2 Windows Server 2008 versions Gold through R2 SP1 Windows 7 versions Gold through SP1 Description: The issue allows local users to gain...

PT-2011-2551 · Microsoft · Windows Server 2003 +4

Name of the Vulnerable Software and Affected Versions: Windows XP versions SP2 through SP3 Windows Server 2003 version SP2 Windows Vista versions SP1 through SP2 Windows Server 2008 versions Gold through R2 SP1 Windows 7 versions Gold through SP1 Description: The issue allows local users to gain...

PT-2011-2971 · Microsoft · Windows Server 2003 +4

Name of the Vulnerable Software and Affected Versions: Windows XP versions SP2 through SP3 Windows Server 2003 version SP2 Windows Vista versions SP1 through SP2 Windows Server 2008 versions Gold through R2 SP1 Windows 7 versions Gold through SP1 Description: The issue allows local users to gain...

Microsoft Windows Fraudulent Digital Certificates Spoofing Vulnerability

This NVT has been replaced by NVT gbmswindowsfraudulentdigitalcertspoofingvuln.nasl OID:1.3.6.1.4.1.25623.1.0.801953. The host is installed with Microsoft Windows operating system and is prone to Spoofing vulnerability. OpenVAS Vulnerability Test $Id:...

MS Windows Token Kidnapping Problems Resurface

Microsoft’s problems with Token Kidnapping .pdf on the Windows platform aren’t going away anytime soon. More than a year after Microsoft issued a patch to cover privilege escalation issues that could lead to complete system takeover, a security researcher plans to use the Black Hat conference...

Microsoft Office Access FieldList ActiveX控件实例化内存破坏漏洞（MS10-044）

BUGTRAQ ID: 41444 CVE ID: CVE-2010-1881 Microsoft Access是微软Office套件中的关系数据库管理系统。 Microsoft Access实例化FieldList ActiveX控件的未初始化变量时存在内存破坏漏洞，成功利用此漏洞的攻击者可能以登录用户的身份运行任意代码。 Microsoft Access 2003 SP3 临时解决方法： 禁止在Internet Explorer中运行COM对象。要为值为53230327-172B-11D0-AD40-00A0C90DC8D9的CLSID设置 kill...

Opera may be used as a vector for a font issue in the underlying operating system – Opera Security Advisories

Opera may be used as a vector for a font issue in the underlying operating system – Opera Security Advisories OPCOM Team | June 19, 2010 Affected versions This vulnerability may be targeted through Opera for Windows. Severity Extremely Severe Description A flaw in the font handling on the Windows...

Microsoft Windows #GP陷阱处理器本地权限提升漏洞

BUGTRAQ ID: 37864 CVE ID: CVE-2010-0232 Microsoft Windows是微软发布的非常流行的操作系统。 Windows的内核GP陷井处理例程对执行的环境做了一些不正确的假设，本地普通用户权限的攻击者可以通过伪造执行环境中的数据使操作系统在ring0层执行指定的任意指令，从而取得对系统的完全控制。此漏洞影响几乎所有的x86 32位的Windows系统。 为了在老式的16位应用中支持BIOS服务例程，Windows NT内核支持Virtual-8086模式监控代码中的BIOS调用，分两个阶段实现。当GP陷阱处理器（nt!KiTrap0D）检测到出错...

Sourcefire November Vulnerability Report

Sourcefire VRT researcher Alain Zidouemba talks about Microsoft Patch Tuesday, the SSL renegotiation flaw and the iPhone worm...

Microsoft IIS FTP Server NLST Command Remote Overflow

Added: 09/03/2009 CVE: CVE-2009-3023 BID: 36189 OSVDB: 57589 Background Microsoft Internet Information Server IIS includes a web server and an FTP server. Problem A stack overflow in the FTP server in IIS 5 and 6.0 via a crafted NLST command that uses wildcards allows remote authenticated users t...

Microsoft IIS FTP Server NLST Command Remote Overflow

Added: 09/03/2009 CVE: CVE-2009-3023 BID: 36189 OSVDB: 57589 Background Microsoft Internet Information Server IIS includes a web server and an FTP server. Problem A stack overflow in the FTP server in IIS 5 and 6.0 via a crafted NLST command that uses wildcards allows remote authenticated users t...

Microsoft Windows WINS Server网络报文整数溢出漏洞（MS09-039）

BUGTRAQ ID: 35981 CVECAN ID: CVE-2009-1924 Microsoft Windows是微软发布的非常流行的操作系统。 Windows服务器上的WINS.exe进程用于为NetBIOS网络提供名称解析服务。在从受信任的WINS复制伙伴收到特制WINS报文中时没有充分验证数据结构，如果远程攻击者提供了特制的请求，就可以触发整数溢出，导致以SYSTEM权限执行任意代码。 Microsoft Windows 2000 Server SP4 临时解决方法： 在防火墙上屏蔽TCP 42和UDP 42端口。 厂商补丁： Microsoft ---------...

Microsoft Windows打印后台程序本地信息泄露漏洞(MS09-022)

BUGTRAQ ID: 35208 CVECAN ID: CVE-2009-0229 Microsoft Windows是微软发布的非常流行的操作系统。 Windows的打印服务没有正确的检查分隔符页面中可能包含的文件，攻击者可以登录到系统并创建特制的分隔符页面，导致读取或打印系统上的任何文件。即使用户没有管理访问权，也可以执行这些操作。但是，匿名用户无法利用此漏洞，也无法以远程方式利用此漏洞。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Vista SP2 Microsoft Windows...