Microsoft Internet Explorer Developer Toolbar (CVE-2010-1261) Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Meetin...

Microsoft Windows Media Decompression (CVE-2010-1879) Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability when handling compressed media files. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file. A successful exploit may allow arbitrary code to run in the context of the currently...

Microsoft Excel 'ExternName' Record Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running...

Microsoft IIS Authentication Remote Code Execution Vulnerability

Description Microsoft IIS is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. This issue affects IIS 6.0, 7.0 and 7.5...

Microsoft Excel RTD Records Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running...

Microsoft Excel SxView Record Parsing Memory Corruption Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running...

Microsoft Excel CVE-2010-1251 Record Parsing Stack Corruption Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running...

Microsoft Windows Kernel 'Win32k.sys' Window Creation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel when a new window is created. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromis...

Microsoft Excel HFPicture Record Parsing Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running...

Internet Explorer and SharePoint 'toStaticHTML' Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer and Microsoft SharePoint are prone to a cross-domain information-disclosure vulnerability because they fail to properly enforce the same-origin policy. An attacker can exploit this issue to access local files or content from a browser window in another doma...

Microsoft Excel Real Time Data (RTD) Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running...

Microsoft Excel Malformed Chart Sheet Substream Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running...

Microsoft Internet Explorer Developer Toolbar HTML Element Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Meetin...

Microsoft Excel EDG and Publisher Record Parsing Remote Heap Buffer Overflow Vulnerability

Description Microsoft Excel is prone to a remote heap-based buffer-overflow vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the...

Microsoft Excel WOPT Record Parsing Heap Memory Corruption Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running...

Microsoft Windows COM Object Validation Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious Excel, PowerPoint, Publisher, Visio, Wordpad, or Word file. Successful exploits would allow the attacker to execute arbitrary code in the...

Microsoft Windows Media Decompression (CVE-2010-1880) Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability when handling compressed media files. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file. A successful exploit may allow arbitrary code to run in the context of the currently...

Microsoft Excel OBJ Record Stack Overflow Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running...

Microsoft Windows OpenType Compact Font Format Driver Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Attackers may exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts...

Microsoft Excel CVE-2010-1252 String Parsing Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running...

Microsoft Internet Explorer Uninitialized Memory (CVE-2010-1259) Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Meetin...

Microsoft Windows Kernel 'Win32k.sys' TrueType Font Parsing Code Execution Vulnerability

Description Microsoft Windows is prone to a local code-execution vulnerability. This issue affects the Windows kernel and arises when TrueType fonts are parsed. Successfully exploiting this issue will allow an attacker to execute arbitrary code with kernel-level privileges, completely compromisin...

Microsoft Excel 'DBQueryExt' ActiveX Data Object (ADO) Parsing Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running...

Microsoft Internet Explorer 8 Developer Tools Remote Code Execution Vulnerability

Description Microsoft Internet Explorer 8 Developer Tools 'iedvtool.dll' ActiveX control is prone to a remote code-execution vulnerability that stems from a memory-corruption issue. An attacker can exploit this issue to execute arbitrary code in the context of the application, usually Internet...

Microsoft Excel CVE-2010-0821 'SxView' Record Parsing Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running...

Microsoft SharePoint Help Page Remote Denial of Service Vulnerability

Description Microsoft SharePoint is prone to a remote denial-of-service vulnerability. A remote attacker can exploit this issue to crash the affected application, denying service to legitimate users. Technologies Affected Avaya Meeting Exchange - Client Registration Server Avaya Meeting Exchange ...

Adobe Flash Player, Reader, and Acrobat 'authplay.dll' Remote Code Execution Vulnerability

Description Adobe Flash Player, Reader, and Acrobat are prone to a remote code execution vulnerability. Adobe reports that this vulnerability is being exploited in the wild. This vulnerability is present in the following versions: Flash Player 10.0.45.2, 9.0.262, and earlier Flash Player 10.0.x a...

JustSystems Ichitaro Character Attributes Processing Remote Code Execution Vulnerability

Description Ichitaro is prone to a remote code-execution vulnerability. Attackers may exploit this issue to execute arbitrary code within the context of the vulnerable application. Failed attempts will result in a denial-of-service condition. Ichitaro 2009 and prior versions are vulnerable...

Microsoft Outlook Express And Windows Mail Common Library Integer Overflow Vulnerability

Description Microsoft Outlook Express and Windows Mail are prone to a remote integer-overflow vulnerability because the applications fail to perform boundary checks on integer values. Successfully exploiting this issue will allow an attacker to execute arbitrary code with the privileges of the...

Microsoft Visual Basic for Applications Text Parsing Stack Buffer Overflow Vulnerability

Description Microsoft Visual Basic for Applications VBA is prone to a remote stack-based buffer-overflow vulnerability because of an error related to searching for embedded ActiveX controls within a Microsoft Office document. An attacker could exploit this issue to corrupt stack memory and execut...

JBoss Enterprise Application Platform Multiple Vulnerabilities

Description JBoss Enterprise Application Platform is prone to multiple vulnerabilities, including an information-disclosure issue and multiple authentication-bypass issues. An attacker can exploit these issues to bypass certain security restrictions to obtain sensitive information or gain...

Symantec Altiris Deployment Solution dbmanager Denial of Service

SUMMARY Symantecs Altiris Deployment Solution is susceptible to a denial of service which can temporarily halt deployment solution activity. An attacker would need to be on the network segment to effectively implement the denial of service. AFFECTED PRODUCTS Product | Version | Build | Solutions...

Microsoft Visio Attribute Validation Memory Corruption Remote Code Execution Vulnerability

Description Microsoft Visio is prone to a remote code-execution vulnerability. This issue arises when the application processes a malicious file. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts will result in a...

Microsoft Windows MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability

Description Microsoft Windows is prone to a remote buffer-overflow vulnerability when handling specially crafted Audio Video Interleave AVI files. Specifically, this issue arises in the Microsoft MPEG Layer-3 codecs. An attacker can exploit this issue by enticing an unsuspecting user to open a...

Microsoft Windows Media Service Transport Information Packet Stack Buffer Overflow Vulnerability

Description Microsoft Windows Media Service is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code within the context of the affected...

Microsoft Windows Kernel Exception Handling Local Denial Of Service Vulnerability

Description Microsoft Windows is prone to a local denial-of-service vulnerability that affects the Windows kernel. Attackers can exploit this issue to cause affected computers to become unresponsive and restart, causing a denial-of-service condition. Technologies Affected Avaya Meeting Exchange -...

Microsoft Windows Kernel Virtual Path Local Denial Of Service Vulnerability

Description Microsoft Windows is prone to a local denial-of-service vulnerability that affects the Windows kernel. Attackers may exploit this issue to cause affected computers to become unresponsive and restart, causing a denial-of-service condition. Technologies Affected Avaya Meeting Exchange -...

Adobe Acrobat and Reader CLOD Mesh Declaration Block Heap Buffer Overflow Vulnerability

Description Adobe Acrobat and Reader are prone to a heap-based buffer-overflow vulnerability because they fail to properly validate user-supplied input. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts will resu...

Microsoft Windows SMB Client Message Size Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute code with SYSTEM-level privileges. Failed exploit attempts will likely cause denial-of-service conditions. Technologies Affected Avaya Meeting Exchange - Client...

Microsoft Visio Index Calculation Memory Corruption Remote Code Execution Vulnerability

Description Microsoft Visio is prone to a remote code-execution vulnerability. This issue arises when the application processes a malicious file. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts will result in a...

Microsoft Windows Kernel Symbolic Link Creation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...

Adobe Acrobat and Reader CVE-2010-0195 Embedded Font Handling Remote Code Execution Vulnerability

Description Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. The following products are...

Microsoft Windows Kernel Symbolic Link Local Denial Of Service Vulnerability

Description Microsoft Windows is prone to a local denial-of-service vulnerability that affects the Windows kernel. Attackers can exploit this issue to cause affected computers to become unresponsive and restart, causing a denial-of-service condition. Due to the nature of this issue, code executio...

Microsoft Windows SMB Client Transaction Response Remote Stack Buffer Overflow Vulnerability

Description Microsoft Windows is prone to a remote stack-based buffer-overflow vulnerability. An attacker can exploit this issue to execute code with SYSTEM-level privileges. Failed exploit attempts will likely cause denial-of-service conditions. Technologies Affected Avaya Meeting Exchange -...

Microsoft Windows Kernel Registry Key Symbolic Link Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...

Microsoft Publisher File Conversion Textbox Remote Buffer Overflow Vulnerability

Description Microsoft Publisher is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue by enticing a victim to open a malicious Publisher file. Successfully exploiting this issue would allow an attacker to execute arbitrary code in the context of the currently...

Microsoft Windows SMTP Server Memory Allocation Information Disclosure Vulnerability

Description Microsoft Windows SMTP Server is prone to an information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information. Any information obtained may lead to further attacks. Technologies Affected Avaya Meeting Exchange - Client Registration Server...

Microsoft Windows Cabinet File Viewer Cabview Validation Remote Code Execution Vulnerability

Description Microsoft Windows Cabinet File Viewer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting victim to run or install a specially modified signed cabinet '.cab' file. Successful exploits can allow attackers to execute arbitrary...

Microsoft Windows Kernel NULL Pointer Local Denial Of Service Vulnerability

Description Microsoft Windows is prone to a local denial-of-service vulnerability that affects the Windows kernel. Attackers can exploit this issue to cause affected computers to become unresponsive and restart, causing a denial-of-service condition. Due to the nature of this issue, code executio...

Adobe Acrobat and Reader CVE-2010-1241 'CoolType.dll' Remote Code Execution Vulnerability

Description Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. The following products are...