6867 matches found
Microsoft Windows Kerberos 'Ticket-Granting-Ticket' Remote Denial of Service Vulnerability
Description Microsoft Windows Kerberos is prone to a remote denial-of-service vulnerability. A remote attacker can exploit this issue to cause the affected Windows domain controller to stop responding, resulting in a denial-of-service condition. Technologies Affected Avaya Meeting Exchange - Clie...
Microsoft Hyper-V Local Denial of Service Vulnerability
Description Microsoft Hyper-V is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to crash the affected computer, denying service to legitimate users. Technologies Affected Microsoft Windows Server 2008 for x64-based Systems Microsoft Windows Server 2008 for...
Microsoft Windows SMB Pathname Remote Buffer Overflow Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the Microsoft Server Message Block SMB protocol software. An authenticated attacker can exploit this issue to execute code with SYSTEM-level privileges. Failed exploit attempts will likely cause...
Microsoft PowerPoint 'LinkedSlideAtom' Heap Overflow Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious PowerPoint file. Successful exploits would allow the attacker to execute arbitrary code in the context of the currently...
Microsoft PowerPoint Viewer TextCharsAtom Record Stack Overflow Remote Code Execution Vulnerability
Description Microsoft PowerPoint Viewer is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious PowerPoint file. Successful exploits would allow the attacker to execute arbitrary code in the context of the currentl...
Symantec Altiris Notification Server 6.x Static Encryption Key
SUMMARY Symantecs Altiris Notification Server 6.0.x web console stores a static encryption key for encrypted credentials entered by the administrator. These credentials include ones used to enumerate the computers within a windows domain during discovery sessions allowing dissemination of Altiris...
Internet Explorer CVE-2010-0249 'srcElement()' Remote Code Execution Vulnerability
Description Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the application and possibly the computer. Failed attacks will cause...
Microsoft Windows Embedded OpenType Font Engine LZCOMP Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the Embedded OpenType font engine. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Successful exploits may aid in the compromise of affected...
Adobe Reader and Acrobat 'newplayer()' JavaScript Method Remote Code Execution Vulnerability
Description Adobe Reader and Acrobat are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code. Failed exploit attempts will likely cause denial-of-service conditions. This issue affects Reader and Acrobat 9.2 and prior versions. Technologies...
Microsoft Protected Extensible Authentication Protocol Memory Corruption Vulnerability
Description The implementation of the Microsoft Protected Extensible Authentication Protocol PEAP used by Microsoft's Internet Authentication System is prone to a remote memory-corruption vulnerability. A remote attacker can exploit this issue to execute arbitrary code with SYSTEM-level privilege...
Microsoft Active Directory Federation Services Header Validation Remote Code Execution Vulnerability
Description Microsoft Active Directory Federation Services ADFS is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the application, which may aid in further attacks. Technologies Affected Microsoft Windows Server 2003...
Microsoft Internet Explorer (CVE-2009-3671) Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks m...
Microsoft Project Invalid Resource Memory Allocation Remote Code Execution Vulnerability
Description Microsoft Project is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft WordPad and Office Text Converters Word 97 File Parsing Memory Corruption Vulnerability
Description Microsoft WordPad and Office Text Converters are prone to a remote memory-corruption vulnerability. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts may result in denial-of-service conditions...
Microsoft Windows LSASS ISAKMP Message Remote Denial of Service Vulnerability
Description Microsoft Windows Local Security Authority Subsystem Service LSASS is prone to a remote denial-of-service vulnerability. A remote attacker can exploit this issue to consume an excessive amount of resources, denying service to legitimate users. Technologies Affected Microsoft Windows...
Microsoft Protected Extensible Authentication Protocol Authentication Bypass Vulnerability
Description The implementation of the Protected Extensible Authentication Protocol PEAP used by Microsoft's Internet Authentication System is prone to an authentication-bypass vulnerability. Successful exploits would allow an attacker to gain unauthorized access to network resources. Technologies...
Microsoft Internet Explorer CSS Race Condition Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks m...
Microsoft Windows Active Directory Single Sign On Authentication Spoofing Vulnerability
Description Microsoft Windows Active Directory Federation Services ADFS is prone to an authentication-spoofing vulnerability affecting single sign-on SSO websites because it fails to properly implement session management. Successful exploits will allow attackers to authenticate to trusted servers...
Microsoft Internet Explorer 'CAttrArray' Object Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks m...
Adobe Illustrator Encapsulated Postscript File Remote Buffer Overflow Vulnerability
Description Adobe Illustrator is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting victim to open a malicious Encapsulated PostScript file. Successfully...
Symantec’s Altiris Deployment and Notification Management Web Console RunCmd Vulnerability
SUMMARY Symantecs Altiris Deployment Solution, Notification Server and Symantec Management Platform web consoles install a vulnerable ActiveX control. Exploitation of one of the methods used by this control could possibly lead to unauthorized information disclosure, system information corruption ...
Microsoft Internet Explorer 'Style' Object Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks m...
Microsoft Excel Document Parsing Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Windows Kernel NULL Pointer Dereference Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. This issue stems from a NULL-pointer dereference. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in t...
Microsoft Excel 'PivotTable' Cache Record Memory Corruption Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Excel Malformed BIFF Record Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Windows Web Services on Devices API Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute code with SYSTEM-level privileges. Failed exploit attempts will likely cause denial-of-service conditions. Technologies Affected Microsoft Windows Server 2008 Datacenter...
Microsoft Windows License Logging Server Remote Heap Buffer Overflow Vulnerability
Description The Microsoft Windows License Logging Server is prone to a remote heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges...
Microsoft Active Directory LDAP Request Stack Exhaustion Denial Of Service Vulnerability
Description Microsoft Active Directory is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the server, denying access to legitimate users. Technologies Affected Avaya Meeting Exchange - Client Registration Server Avaya Meeting Exchange - Enterprise Edition...
Microsoft Excel Index Parsing Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Word Record Parsing Remote Stack Buffer Overflow Vulnerability
Description Microsoft Word is prone to a remote stack-buffer overflow vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Word '.doc' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running th...
Microsoft Excel Formula Parsing Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Windows Kernel GDI Data Validation Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. This issue affects the Graphics Device Interface GDI. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result ...
Microsoft Excel Field Parsing Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Excel 'SxView' Memory Corruption Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Excel 'FEATHEADER' Record Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...
Symantec Altiris Deployment Solution and Notification Server Management Web Console Browse and Save
SUMMARY Symantecs Altiris Deployment Solution and Notification Server web consoles install a vulnerable ActiveX control. Exploitation of this issue could possibly lead to unauthorized information disclosure, system information corruption or potentially allow arbitrary code execution in the contex...
Sun Java SE November 2009 Multiple Security Vulnerabilities
Description Sun has released updates to address multiple security vulnerabilities in Java SE. Successful exploits may allow attackers to bypass certain security restrictions, run untrusted applets with elevated privileges, execute arbitrary code, and cause denial-of-service conditions. Other...
Adobe Reader and Acrobat U3D File Invalid Array Index Remote Vulnerability
Description Adobe Reader and Acrobat are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code. Failed exploit attempts will likely cause denial-of-service conditions. This issue was previously covered in BID 36638 Adobe Reader and Acrobat...
Microsoft Internet Explorer HTML Component Handling Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks m...
Microsoft Windows Kernel Exception Handler Local Denial Of Service Vulnerability
Description Microsoft Windows is prone to a local denial-of-service vulnerability that affects the Windows kernel. The issue stems from an error in the kernel's exception handler. Attackers may exploit this issue to restart the system, causing a denial-of-service condition. Technologies Affected...
Microsoft Internet Explorer 'Event' Object Copy Constructor Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks m...
Microsoft GDI+ Malformed Office BMP File Integer Overflow Remote Code Execution Vulnerability
Description Microsoft GDI+ is prone to a remote code-execution vulnerability because the vector graphics link library improperly processes BMP files in Microsoft Office documents. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user...
Microsoft Windows SMB2 Command Value Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute code with SYSTEM-level privileges. Failed exploit attempts will likely cause denial-of-service conditions. Technologies Affected Microsoft Windows 7 RC Microsoft Windows ...
Microsoft .NET Framework Type Verification Remote Code Execution Vulnerability
Description The .NET Framework is prone to a remote code-execution vulnerability because it fails to properly verify .NET applications before running them. Successful exploits may allow an attacker to execute arbitrary code with the privileges of the currently logged-in user. Failed attacks will...
Microsoft Indexing Service ActiveX Control Remote Code Execution Vulnerability
Description The Microsoft Indexing Service ActiveX control is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of an...
Microsoft Silverlight and .NET Framework CLR Interface Handling Remote Code Execution Vulnerability
Description Microsoft Silverlight and .NET Framework are prone to a remote code-execution vulnerability because they fail to properly handle interfaces when running .NET applications. Successful exploits may allow an attacker to execute arbitrary code with the privileges of the currently logged-i...
Microsoft GDI+ Malformed Office Object Memory Corruption Remote Code Execution Vulnerability
Description Microsoft GDI+ is prone to a remote code-execution vulnerability because the vector graphics link library improperly processes Microsoft Office objects. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit...
Microsoft Windows Media Runtime File Compression Remote Memory Corruption Vulnerability
Description Microsoft Windows Media Runtime is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affecte...
Microsoft Internet Explorer 'writing-mode' Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks m...