6867 matches found
Microsoft Windows MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability
Description Microsoft Windows is prone to a remote buffer-overflow vulnerability when handling specially crafted Audio Video Interleave AVI files. Specifically, this issue arises in the Microsoft MPEG Layer-3 codecs. An attacker can exploit this issue by enticing an unsuspecting user to open a...
Microsoft Visio Index Calculation Memory Corruption Remote Code Execution Vulnerability
Description Microsoft Visio is prone to a remote code-execution vulnerability. This issue arises when the application processes a malicious file. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts will result in a...
Microsoft Windows ISATAP Component IPv6 Address Spoofing Vulnerability
Description Microsoft Windows is prone to a spoofing vulnerability that affects the ISATAP component. An attacker can exploit this issue to spoof IPv6 addresses. This may allow the attacker to bypass filtering devices that rely on the source IPv6 addresses; information disclosure and other attack...
Microsoft Windows Cabinet File Viewer Cabview Validation Remote Code Execution Vulnerability
Description Microsoft Windows Cabinet File Viewer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting victim to run or install a specially modified signed cabinet '.cab' file. Successful exploits can allow attackers to execute arbitrary...
Microsoft Windows Kernel Image File Relocation Local Denial Of Service Vulnerability
Description Microsoft Windows is prone to a local denial-of-service vulnerability that affects the Windows kernel. Attackers can exploit this issue to cause affected computers to become unresponsive and restart, causing a denial-of-service condition. Technologies Affected Avaya Meeting Exchange -...
Microsoft Windows Media Service Transport Information Packet Stack Buffer Overflow Vulnerability
Description Microsoft Windows Media Service is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute arbitrary code within the context of the affected...
Adobe Acrobat and Reader CVE-2010-1241 'CoolType.dll' Remote Code Execution Vulnerability
Description Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. The following products are...
Microsoft Windows SMB Client Memory Allocation Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute code with SYSTEM-level privileges. Failed exploit attempts will likely cause denial-of-service conditions. Technologies Affected Avaya Meeting Exchange - Client...
JustSystems Ichitaro Font Information Processing Remote Code Execution Vulnerability
Description Ichitaro is prone to a remote code-execution vulnerability. Attackers may exploit this issue to execute arbitrary code within the context of the vulnerable application. Failed attempts will result in a denial-of-service condition. Ichitaro 2010 and prior versions are vulnerable...
Oracle JRE Java Platform SE and Java Deployment Toolkit Plugins Code Execution Vulnerabilities
Description Java Runtime Environment JRE is prone to arbitrary code-execution vulnerabilities that affect multiple Java plugins for multiple browsers. Attackers can exploit these issues to execute arbitrary code in the context of the user running the vulnerable applications. The issues affect Jav...
Oracle Java SE and Java for Business CVE-2010-0094 Remote Java Runtime Environment Vulnerability
Description Oracle Java SE and Java for Business are prone to a remote vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. An attacker does not require privileges to exploit this vulnerability. This vulnerability affects the following supported...
Oracle Java SE and Java for Business 'MixerSequencer' Remote Code Execution Vulnerability
Description Oracle Java SE and Java for Business are prone to a remote code-execution vulnerability affecting the 'Sound' component. Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result...
Microsoft Internet Explorer 'Tabular Data Control' ActiveX Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks m...
Oracle Java Runtime Environment 'HsbParser.getSoundBank()' Remote Heap Buffer Overflow Vulnerability
Description Oracle Java SE and Java for Business are prone to a remote heap-based buffer-overflow vulnerability affecting the Java Runtime Environment JRE. Attackers can exploit this issue to execute arbitrary code within the context of the user invoking the JRE. Versions prior to Java 5.0 Update...
Microsoft Data Access Components ActiveX Data Objects Memory Corruption Vulnerability
Description Microsoft Data Access Components are prone to a remote memory-corruption vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of the...
Microsoft Internet Explorer 'CStyleSheet' Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. NOTE: This issue was originally...
Microsoft Excel MDXTUPLE Record Remote Heap Buffer Overflow Vulnerability
Description Microsoft Excel is prone to a remote heap-based buffer-overflow vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user...
Microsoft Excel EntExU2 Record Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Windows Movie Maker and Producer '.mswmm' Buffer Overflow Vulnerability
Description Microsoft Movie Maker and Producer are prone to a buffer-overflow vulnerability because the applications fail to perform adequate boundary checks on user-supplied data. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Excel Object Type Confusion Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Excel MDXSET Record Remote Heap Buffer Overflow Vulnerability
Description Microsoft Excel is prone to a remote heap-based buffer-overflow vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user...
Microsoft Excel FNGROUPNAME Record Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Excel XLSX File Parsing Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims to open a specially crafted 'XLXS' Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Excel DbOrParamQry Record Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Internet Explorer 'iepeers.dll' Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Meetin...
Multi-Vendor Autonomy KeyView Filter Module OLE Document Processing Overflow
SUMMARY Symantec products that ship a third-party Autonomy KeyView filter have updated the module to address a vulnerability in the processing of specifically crafted OLE documents reported against the KeyView module. AFFECTED PRODUCTS Product | Version | Build | Solutions ---|---|---|--- Symante...
Symantec IM Manager Local-Access Cross-site Scripting
SUMMARY Symantecs IM Manager management console is susceptible to a cross-site scripting issue. AFFECTED PRODUCTS Product | Version | Solutions ---|---|--- Symantec IM Manager | 8.3 and 8.4 | Upgrade to 8.4.13 Note: Customers running 8.3 versions of Symantec IM Manager should upgrade to the lates...
Symantec Client Proxy Buffer Overflow in Older Product Versions
SUMMARY The Symantec Client Proxy integrated into older versions of Symantec AntiVirus and Symantec Client Security is vulnerable to a buffer overflow. AFFECTED PRODUCTS Product | Version | Solutions ---|---|--- Symantec AntiVirus | 10.0.x | Upgrade to SAV 10.1 MR9 10.1.x | Upgrade to to MR9 10.2...
Input validation errors in SYMLTCOM.dll can lead to a buffer overflow.
SUMMARY The Symantec Client Proxy integrated into older versions of Symantec AntiVirus and Symantec Client Security is vulnerable to a buffer overflow. AFFECTED PRODUCTS Product | Version | Solutions ---|---|--- Symantec AntiVirus | 10.0.x | Upgrade to SAV 10.1 MR9 10.1.x | Upgrade to to MR9 10.2...
Symantec Event Manipulation Potential Scan Bypass
SUMMARY On-demand scanning with Symantec AntiVirus can be bypassed by denying read access to user files. AFFECTED PRODUCTS Product | Version | Solutions ---|---|--- Symantec AntiVirus | 10.0.x | Upgrade to MR9 10.1.x Symantec AntiVirus | 10.2.x | Not Vulnerable Symantec Client Security | 3.0.x |...
Adobe Acrobat and Reader CVE-2010-0188 Remote Code Execution Vulnerability
Description Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. The following products are...
Microsoft PowerPoint File Path Handling Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing a victim to open a malicious PowerPoint file. Successful exploits would allow the attacker to execute arbitrary code in the context of the currently logged-in user...
Microsoft Windows Header MDL Fragmentation Remote Code Execution Vulnerability
Description Microsoft Windows TCP/IP protocol implementation is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful attacks will completely compromise affected computers. Technologies Affected...
Microsoft Windows ICMPv6 Route Information Remote Code Execution Vulnerability
Description Microsoft Windows TCP/IP protocol implementation is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful attacks will completely compromise affected computers. Failed exploit attempts will...
Microsoft Windows SMB Client Pool Corruption Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute code with SYSTEM-level privileges. Failed exploit attempts will likely cause denial-of-service conditions. Technologies Affected Avaya Meeting Exchange - Client...
Microsoft Windows Kerberos 'Ticket-Granting-Ticket' Remote Denial of Service Vulnerability
Description Microsoft Windows Kerberos is prone to a remote denial-of-service vulnerability. A remote attacker can exploit this issue to cause the affected Windows domain controller to stop responding, resulting in a denial-of-service condition. Technologies Affected Avaya Meeting Exchange - Clie...
Microsoft Office 'OfficeArtSpgr' Container Pointer Overwrite Remote Code Execution Vulnerability
Description Microsoft Office is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious Office file. Successful exploits would allow the attacker to execute arbitrary code in the context of the currently logged-in user...
Microsoft PowerPoint Viewer TextBytesAtom Record Stack Overflow Remote Code Execution Vulnerability
Description Microsoft PowerPoint Viewer is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious PowerPoint file. Successful exploits would allow the attacker to execute arbitrary code in the context of the currentl...
Microsoft PowerPoint 'OEPlaceholderAtom' Record Invalid Index Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious PowerPoint file. Successful exploits would allow the attacker to execute arbitrary code in the context of the currently...
Microsoft Windows ICMPv6 Router Advertisement Remote Code Execution Vulnerability
Description Microsoft Windows TCP/IP protocol implementation is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful attacks will completely compromise affected computers. Failed exploit attempts will...
Microsoft PowerPoint Viewer TextCharsAtom Record Stack Overflow Remote Code Execution Vulnerability
Description Microsoft PowerPoint Viewer is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious PowerPoint file. Successful exploits would allow the attacker to execute arbitrary code in the context of the currentl...
Microsoft Windows Client/Server Run-time Subsystem Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability in the Client/Server Run-time Subsystem CSRSS. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Successful exploits may result in the complete compromise of affected...
Microsoft Windows Double Free Memory Corruption Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed explo...
Microsoft Data Analyzer 'max3activex.dll' ActiveX Control Remote Code Execution Vulnerability
Description The Microsoft Data Analyzer is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of the application...
Microsoft Hyper-V Local Denial of Service Vulnerability
Description Microsoft Hyper-V is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to crash the affected computer, denying service to legitimate users. Technologies Affected Microsoft Windows Server 2008 for x64-based Systems Microsoft Windows Server 2008 for...
Microsoft Windows SMB NTLM Authentication Unauthorized Access Vulnerability
Description Microsoft Windows is prone to an unauthorized access vulnerability that affects the Microsoft Server Message Block SMB protocol software. An unauthenticated attacker can exploit this issue to gain access to resources with the privileges of an authorized user, which may lead to other...
Microsoft Windows TCP/IP Selective Acknowledgement Remote Denial of Service Vulnerability
Description Microsoft Windows TCP/IP protocol implementation is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to render the affected system unresponsive and cause it to automatically restart. Repeated attacks will cause denial-of-service conditions...
Microsoft DirectX DirectShow AVI File Parsing Remote Code Execution Vulnerability
Description Microsoft DirectX is prone to a remote code-execution vulnerability. Successful exploits allow remote attackers to execute arbitrary code in the context of the user running an application that uses DirectX. Failed exploit attempts will result in a denial-of-service condition...
Microsoft PowerPoint 'OEPlaceholderAtom' Record Corrupt Memory Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious PowerPoint file. Successful exploits would allow the attacker to execute arbitrary code in the context of the currently...
Microsoft Windows SMB Null Pointer Remote Denial of Service Vulnerability
Description Microsoft Windows is prone to a remote denial-of-service vulnerability that affects the Microsoft Server Message Block SMB protocol software. An attacker can exploit this issue to crash the system, denying service to legitimate users. Technologies Affected Microsoft Windows 2000...