Adobe Acrobat and Reader CVE-2011-2096 Remote Heap Buffer Overflow Vulnerability

Description Adobe Acrobat and Reader are prone to a remote heap-based buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Adobe Reader and Acrobat versions prior to 10.1 are affected. Technologies...

Microsoft Internet Explorer Time Element Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected...

Microsoft Excel WriteAV Memory Corruption CVE-2011-1278 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability due to a memory-corruption error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...

Microsoft Internet Explorer Selection Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected...

Microsoft Windows MHTML Mime-Formatted Request Information Disclosure Vulnerability

Description Microsoft Windows is prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks. Attackers can exploit this issue by enticing an unsuspecting user to visit a specially crafted webpage...

Microsoft Excel Buffer Overflow CVE-2011-1276 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability due to a buffer-overflow error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...

Microsoft Active Directory Certificate Services Web Enrollment Cross-Site Scripting Vulnerability

Description Microsoft Active Directory Certificate Services are prone to a cross-site scripting vulnerability because the Web Enrollment component fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...

Multi-Vendor Autonomy Verity Keyview PRZ Reader Filter Overflow

SUMMARY Symantec products that ship with the Verity KeyView Filter have updated the module to address a security issue being reported in the content filter processing of specifically crafted document formats. AFFECTED PRODUCTS Product | Version | Build | Solutions ---|---|---|--- Symantec Mail...

Adobe Flash Player ActionScript Virtual Machine CVE-2011-0618 Remote Integer Overflow Vulnerability

Description Adobe Flash Player is prone to a remote integer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies...

Adobe Flash Player CVE-2011-0619 Remote Memory Corruption Vulnerability

Description Adobe Flash Player is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies...

Microsoft Windows Internet Name Service (WINS) Failed Response Remote Code Execution Vulnerability

Description Microsoft Windows Internet Name Service WINS is prone to a remote code-execution vulnerability because it fails to properly validate certain replication packets. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Successful attacks will result in a...

Microsoft PowerPoint (CVE-2011-1270) Remote Buffer Overflow Vulnerability

Description Microsoft PowerPoint is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will cause a denial-of-service condition. Technologies Affected...

Microsoft PowerPoint (CVE-2011-1269) Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing a victim to open a malicious PowerPoint file. Successful exploits will result in the execution of arbitrary code with the privileges of the user running the...

Open Handset Alliance Android Privilege Escalation Vulnerability

Description Open Handset Alliance Android is prone to a privilege-escalation vulnerability because it fails to properly handle certain socket messages. Successfully exploiting this issue can allow attackers to corrupt memory and execute arbitrary code with superuser privileges, leading to a...

Microsoft Excel CVE-2011-0103 Memory Corruption Vulnerability

Description Microsoft Excel is prone to a memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

Microsoft Internet Explorer Frame Tag Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability, An attacker can exploit this issue to access content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information or may aid in further...

Microsoft Excel Data Validation Record Parsing Buffer Overflow Vulnerability

Description Microsoft Excel is prone to a buffer-overflow vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0662) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1234) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0674) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1239) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Excel 'RealTimeData' Record Parsing Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

Microsoft Internet Explorer Layout Handling Use After Free Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote use-after-free memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Successfully exploiting this issue may allow attackers to execute arbitrary code in t...

Microsoft Internet Explorer JavaScript Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability, An attacker can exploit this issue to access content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information which may aid in...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0670) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1235) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1227) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft PowerPoint Invalid 'TimeColorBehaviorContainer' Record Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing a victim to open a malicious PowerPoint file. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application...

Microsoft Office Shared Component DLL Loading Arbitrary Code Execution Vulnerability

Description Microsoft Office is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Libra...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1232) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1229) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Excel CVE-2011-0098 Heap Based Buffer Overflow Vulnerability

Description Microsoft Excel is prone to a heap-based buffer-overflow vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running t...

Microsoft VBScript And JScript Scripting Engines Remote Code Execution Vulnerability

Description Microsoft VBScript and JScript scripting engines are prone to a remote code-execution vulnerability. Attackers can leverage this issue by enticing unsuspecting users to view a malicious webpage. Successful exploits would allow arbitrary code to run with the privileges of the currently...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1234) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1241) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1233) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0672) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0671) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1240) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0667) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1228) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1230) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Windows OpenType Font (OTF) Driver Stack Overflow Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the OpenType Font OTF driver. To exploit this issue on Windows 7, Windows Vista, Windows Server 2008, and Windows Server 2008 R2, an attacker must entice an unsuspecting user into visiting a malicious...

Microsoft Windows SMB Client Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the SMB client. Successful exploits can allow attackers to execute arbitrary code with full user rights. Successfully exploiting this issue will result in the complete compromise of affected computers...

Microsoft WordPad Text Converter (CVE-2011-0028) Remote Code Execution Vulnerability

Description Microsoft WordPad is prone to a remote code-execution vulnerability. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts may result in denial-of-service conditions. Technologies Affected Avaya...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1242) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0675) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft GDI+ EMF Image Processing Integer Overflow Memory Corruption Vulnerability

Description Microsoft GDI+ is prone to a remote memory-corruption vulnerability that occurs when an application that uses the library tries to process a specially crafted Enhanced Metafile EMF image file. An attacker can exploit this issue to execute arbitrary code with the privileges of the...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1238) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0677) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...