Microsoft revealed there have been hacker using the Microsoft Edge vulnerability in the attack-vulnerability warning-the black bar safety net

Microsoft today to Windows 7, Windows 8.1, Windows 1 0 and Office to push a security update to fix vulnerabilities. These updates fixes the IE, Microsoft Edge, Office, Windows and Skype Business 4 9 security vulnerabilities. This 4 9 a security vulnerability 5 the vulnerability can be used to...

Nepal Earthquake Disaster Email Scams

US-CERT warns users of potential email scams citing the earthquake in Nepal. The scam emails may contain links or attachments that may direct users to phishing or malware infected websites. Phishing emails and websites requesting donations for fraudulent charitable organizations commonly appear...

Pearson eSIS Enterprise Student Information System XSS vulnerability

Overview Pearson eSIS Enterprise Student Information System contains a XSS vulnerability. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'Pearson eSIS Enterprise Student Information System contains a reflected cross-site scripting vulnerabilit...

VUPlayer malformed playlist buffer overflow

Overview VUPlayer fails to properly handle malformed playlists. This vulnerability may allow a remote attacker to execute arbitrary code. Description VUPlayer is a freeware audio player for the Microsoft Windows platform. It can play various types of media files, such as MP3s. A Playlist .PLS or...

Microsoft Internet Explorer VML buffer overflow

Overview Microsoft Internet Explorer IE fails to properly handle Vector Markup Language tags. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft IE version 5.0 and higher supports the Vector Markup Language VML,...

Microsoft Internet Explorer TIF Folder arbitrary file access vulnerability

Overview A vulnerability in the way Microsoft Internet Explorer handles drag and drop operations may allow access of arbitrary files within the Temporary Internet Files folder. Description Microsoft Internet Explorer contains a vulnerability that could be exploited when handling drag and drop...

US-CERT Technical Cyber Security Alert TA06-270A -- Microsoft Internet Explorer WebViewFolderIcon ActiveX Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA06-270A Microsoft Internet Explorer WebViewFolderIcon ActiveX Vulnerability Original release date: September 27, 2006 Last revised: -- Source: US-CERT Systems Affected Microsoft Windows...

US-CERT Vulnerability Note VU#416092

Vulnerability Note VU416092 Microsoft Internet Explorer VML stack buffer overflow Overview Microsoft Internet Explorer IE fails to properly handle Vector Markup Language tags. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. I...

Microsoft Internet Explorer createTextRange() vulnerability

Overview Microsoft Internet Explorer IE fails to properly handle the createTextRange DHTML method, possibly allowing a remote, unauthenticated attacker to execute arbitrary code. Description DHTML, TextRanges, and the createTextRange Method According to Microsoft:Dynamic HTML DHTML is built on an...

WebEOC is vulnerable to cross-site scripting attacks

Overview WebEOC contains multiple cross-site scripting vulnerabilities that may allow a remote attacker to inject and execute arbitrary script using a vulnerable WebEOC site. Description WebEOC is a web-based crisis information management application that provides functions to gather, coordinate,...

Microsoft Color Management Module buffer overflow during profile tag validation

Overview Microsoft Color Management Module contains a flaw that may allow an attacker to execute arbitrary code. Description The Microsoft Color Management Module provides consistent color management operations between applications and devices, and transforms between colorspaces such as 'RGB' and...

Microsoft Internet Explorer buffer overflow in PNG image rendering component

Overview A buffer overflow in the PNG image rendering component of Microsoft Internet Explorer IE may allow a remote attacker to execute code on a vulnerable system. Description The Portable Network Graphics PNG image format is used as an alternative to other image formats such as the Graphics...

Microsoft Internet Explorer URL validation routine contains a buffer overflow

Overview A vulnerability in Microsoft Internet Explorer could allow a remote attacker to execute arbitrary code on a vulnerable system. Description Microsoft Internet Explorer IE contains an unspecified vulnerability in the way that it handles certain URLs. The process that checks the URL contain...

Microsoft Internet Explorer DHTML objects contain a race condition

Overview A race condition in the way that Internet Explorer handles DHTML objects may allow a remote attacker to execute arbitrary code on a vulnerable system. Description According to Microsoft:Dynamic HTML DHTML is built on an object model that extends the traditional static HTML document which...

Opera may insecurely execute binary data encoded in a URI

Overview The Opera web browser fails to validate data encoded using the RFC 2397 scheme. A remote attacker may be able to execute arbitrary code on a vulnerable system. Description The Opera web browser fails to properly handle binary data encoded following the RFC 2397 specification for sending...