6867 matches found
Microsoft DirectX DirectShow Pointer Validation Remote Code Execution Vulnerability
Description Microsoft DirectX is prone to a remote code-execution vulnerability that resides in the DirectShow component. Successful exploits allow remote attackers to execute arbitrary code in the context of the user running the application that uses DirectX. Failed exploit attempts will result ...
Microsoft DirectX DirectShow Length Record Remote Code Execution Vulnerability
Description Microsoft DirectX is prone to a remote code-execution vulnerability that resides in the DirectShow component. Successful exploits allow remote attackers to execute arbitrary code in the context of the user running the application that uses DirectX. Failed exploit attempts will result ...
Microsoft Publisher Object Handler Data Pointer Dereference Remote Code Execution Vulnerability
Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing a victim to open a malicious Publisher file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...
Microsoft Windows Embedded OpenType Font Engine Integer Overflow Vulnerability
Description Microsoft Windows is prone to a remotely exploitable integer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it into an insufficiently sized memory buffer. Remote attackers can exploit this issue to execute arbitrary machine code in...
Mozilla Firefox 3.5 'TraceMonkey' Component Remote Code Execution Vulnerability
Description Mozilla Firefox is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed attempts will likely result in denial-of-service conditions. The issue affects...
Microsoft Office Web Components ActiveX Control 'msDataSourceObject()' Code Execution Vulnerability
Description Microsoft Office Web Components is prone to a remote code-execution vulnerability that affects the OWC10.Spreadsheet ActiveX control. The control is identified by the following CLSIDs: 0002E541-0000-0000-C000-000000000046 0002E559-0000-0000-C000-000000000046 An attacker could exploit...
Microsoft Active Template Library Header Data Remote Code Execution Vulnerability
Description The Microsoft Active Template Library ATL is prone to a remote code-execution vulnerability. This issue affects a private version of the ATL used internally by Microsoft; components written by other vendors are likely unaffected. Remote attackers can exploit this issue to execute...
Specifically Crafted Archive/Container Files can Bypass Initial Scans
SUMMARY Specifically-crafted archive and container files can potentially bypass initial malware scans in some products. AFFECTED PRODUCTS Products --- Symantec Mail Security for Domino Symantec Mail Security for Microsoft Exchange Symantec Mail Security for SMTP Symantec Brightmail Gateway Symant...
Microsoft Internet Explorer 'setCapture()' Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause...
Microsoft Windows Print Spooler Local Information Disclosure Vulnerability
Description Microsoft Windows Messenger is prone to a local information-disclosure vulnerability that affects the Print Spooler service. Successfully exploiting this issue allows attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Avaya Messaging...
Microsoft Windows Print Spooler Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the Print Spooler service. A remote authenticated attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges, which can result in the complete compromise of affected computers...
Microsoft Active Directory Memory Leak Denial Of Service Vulnerability
Description Microsoft Active Directory is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the server, denying access to legitimate users. Technologies Affected Avaya Messaging Application Server Avaya Messaging Application Server MM 1.1 Avaya Messaging...
Microsoft Internet Explorer (CVE-2009-1141) Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks m...
Microsoft Windows DNS Devolution Third-Level Domain Name Resolving Weakness
...
Microsoft Internet Explorer 'onreadystatechange' Corrupt Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause...
Microsoft RPC Marshalling Engine Remote Code Execution Vulnerability
Description Microsoft Windows RPC Marshalling Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue by sending a specially crafted RPC request to an affected computer. Successfully exploiting this issue will allow the attacker to execute arbitrary code with...
Microsoft Internet Explorer Event Handler Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause...
Microsoft Excel String Copy Stack Overflow Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Windows Pointer Validation Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...
Microsoft Excel Array Indexing Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Internet Explorer XMLHttpRequest Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause...
Microsoft Windows Argument Validation Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...
Microsoft Windows Search Script Injection Vulnerability
Description Microsoft Windows Search is prone to a script-injection vulnerability because it fails to adequately sanitize user-supplied input when previewing search results. Successful exploits will cause malicious script code to run in the local context, allowing attackers to steal potentially...
Microsoft Internet Explorer Malformed Row Property Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause...
Microsoft Word Record Parsing Length Field Remote Stack Buffer Overflow Vulnerability
Description Microsoft Word is prone to a stack-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected...
Microsoft Excel Record Pointer Corruption Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Internet Explorer Cached Content Cross Domain Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to access local files or content from a browser window in another domain or security...
Microsoft Excel Malformed Shared String Table Record Integer Overflow Vulnerability
Description Microsoft Excel is prone to an integer-overflow vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application...
Microsoft Excel QSIR Record Pointer Corruption Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel '.xls' file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Excel Record Object Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Windows Print Spooler 'EnumeratePrintShares()' Remote Stack Buffer Overflow Vulnerability
Description Microsoft Windows is prone to a remote stack-based buffer-overflow vulnerability that affects the Windows Print Spooler. Exploiting this vulnerability allows attackers to execute arbitrary code with system-level privileges. Failed exploit attempts will likely cause denial-of-service...
Microsoft Word Record Parsing Buffer Overflow Vulnerability
Description Microsoft Word is prone to a buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft Office...
Microsoft Excel Field Sanitization Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Active Directory Encoded LDAP String Memory Corruption Remote Code Execution Vulnerability
Description Microsoft Active Directory is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the application. Successful exploits will completely compromise the affected computer. Failed attacks will cause denial-of-service...
Microsoft Visual Studio 'MSCOMM32.OCX' ActiveX Control Heap Buffer Overflow Vulnerability
Description Microsoft Visual Studio is prone to a remote heap-based buffer-overflow vulnerability. Attackers may exploit this issue by enticing an unsuspecting victim to view a malicious webpage. Successful exploits will allow attackers to execute arbitrary code within the context of the affected...
Microsoft Office Works for Windows Document Converters Remote Code Execution Vulnerability
Description Microsoft Office Works for Windows document converters are prone to a remote code-execution vulnerability because the application fails to properly handle specially crafted files. An attacker could exploit this issue by enticing a victim to open a malicious '.wps' file. Successful...
Microsoft IIS 5.0 WebDAV Authentication Bypass Vulnerability
Description Microsoft Internet Information Services IIS is prone to an authentication-bypass vulnerability because it fails to properly enforce access restrictions on certain requests to a site that requires authentication. An attacker can exploit this issue to gain unauthorized access to protect...
Microsoft DirectX DirectShow QuickTime Video Remote Code Execution Vulnerability
Description Microsoft DirectX is prone to a remote code-execution vulnerability because the DirectShow component fails to properly handle QuickTime media files. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the user running the application...
Sun Java Runtime Environment ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities
Description Sun Java Runtime Environment is prone to multiple remote buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied data. Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of th...
Microsoft PowerPoint Sound Data (CVE-2009-0223) Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...
Microsoft PowerPoint Invalid Record Type Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue can allow the attacker to execute arbitrary code in the context of the currently...
Microsoft PowerPoint Data Out of Bounds Remote Stack Buffer Overflow Vulnerabilities
Description Microsoft PowerPoint is prone to multiple remote stack-based buffer-overflow vulnerabilities. An attacker could exploit these issues by enticing a victim to open a malicious PowerPoint file. Successfully exploiting these issues would allow the attacker to execute arbitrary code in the...
Microsoft PowerPoint Invalid Record Type Integer Overflow Vulnerability
Description Microsoft PowerPoint is prone to an integer-overflow vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...
Microsoft PowerPoint Notes Container Heap Memory Corruption Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...
Microsoft PowerPoint Paragraph Data Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...
Microsoft PowerPoint Sound Data (CVE-2009-0225) Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing a victim to open a malicious PowerPoint 95 file. Successfully exploiting this issue can allow the attacker to execute arbitrary code in the context of the currently...
Microsoft PowerPoint Sound Data (CVE-2009-1129) Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...
Microsoft PowerPoint Sound Data (CVE-2009-1137) Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...
Microsoft PowerPoint Sound Data (CVE-2009-1128) Multiple Remote Code Execution Vulnerabilities
Description Microsoft PowerPoint is prone to multiple remote code-execution vulnerabilities An attacker could exploit these issues by enticing a victim to open a malicious PowerPoint file. Successfully exploiting these issues would allow the attacker to execute arbitrary code in the context of th...
Microsoft PowerPoint Sound Data (CVE-2009-0222) Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...