6867 matches found
Microsoft DirectX DirectShow Pointer Validation Remote Code Execution Vulnerability
Description Microsoft DirectX is prone to a remote code-execution vulnerability that resides in the DirectShow component. Successful exploits allow remote attackers to execute arbitrary code in the context of the user running the application that uses DirectX. Failed exploit attempts will result ...
Microsoft ISA Server Radius OTP Authentication Bypass Vulnerability
Description Microsoft ISA Server is prone to an authentication-bypass vulnerability. An attacker with knowledge of a valid account name can exploit this issue to bypass authentication and gain access to arbitrary resources within the context of the selected account. Technologies Affected Microsof...
Microsoft DirectX DirectShow Length Record Remote Code Execution Vulnerability
Description Microsoft DirectX is prone to a remote code-execution vulnerability that resides in the DirectShow component. Successful exploits allow remote attackers to execute arbitrary code in the context of the user running the application that uses DirectX. Failed exploit attempts will result ...
Microsoft Windows Embedded OpenType Font Engine Heap Overflow Vulnerability
Description Microsoft Windows is prone to a remotely exploitable heap-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it into an insufficiently sized memory buffer. Remote attackers can exploit this issue to execute arbitrary machine...
Microsoft Office Web Components ActiveX Control 'msDataSourceObject()' Code Execution Vulnerability
Description Microsoft Office Web Components is prone to a remote code-execution vulnerability that affects the OWC10.Spreadsheet ActiveX control. The control is identified by the following CLSIDs: 0002E541-0000-0000-C000-000000000046 0002E559-0000-0000-C000-000000000046 An attacker could exploit...
Mozilla Firefox 3.5 'TraceMonkey' Component Remote Code Execution Vulnerability
Description Mozilla Firefox is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed attempts will likely result in denial-of-service conditions. The issue affects...
Microsoft Active Template Library Header Data Remote Code Execution Vulnerability
Description The Microsoft Active Template Library ATL is prone to a remote code-execution vulnerability. This issue affects a private version of the ATL used internally by Microsoft; components written by other vendors are likely unaffected. Remote attackers can exploit this issue to execute...
Specifically Crafted Archive/Container Files can Bypass Initial Scans
SUMMARY Specifically-crafted archive and container files can potentially bypass initial malware scans in some products. AFFECTED PRODUCTS Products --- Symantec Mail Security for Domino Symantec Mail Security for Microsoft Exchange Symantec Mail Security for SMTP Symantec Brightmail Gateway Symant...
Microsoft Windows Pointer Validation Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...
Microsoft Internet Explorer Cached Content Cross Domain Information Disclosure Vulnerability
Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to access local files or content from a browser window in another domain or security...
Microsoft Word Record Parsing Buffer Overflow Vulnerability
Description Microsoft Word is prone to a buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft Office...
Microsoft Word Record Parsing Length Field Remote Stack Buffer Overflow Vulnerability
Description Microsoft Word is prone to a stack-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected...
Microsoft Active Directory Memory Leak Denial Of Service Vulnerability
Description Microsoft Active Directory is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the server, denying access to legitimate users. Technologies Affected Avaya Messaging Application Server Avaya Messaging Application Server MM 1.1 Avaya Messaging...
Microsoft Excel Record Pointer Corruption Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Windows Print Spooler Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the Print Spooler service. A remote authenticated attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges, which can result in the complete compromise of affected computers...
Microsoft Internet Explorer 'onreadystatechange' Corrupt Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause...
Microsoft Excel Array Indexing Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Excel QSIR Record Pointer Corruption Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel '.xls' file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Excel Field Sanitization Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Windows Print Spooler Local Information Disclosure Vulnerability
Description Microsoft Windows Messenger is prone to a local information-disclosure vulnerability that affects the Print Spooler service. Successfully exploiting this issue allows attackers to obtain sensitive information that may aid in further attacks. Technologies Affected Avaya Messaging...
Microsoft Internet Explorer Malformed Row Property Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause...
Microsoft Windows Argument Validation Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...
Microsoft Windows DNS Devolution Third-Level Domain Name Resolving Weakness
...
Microsoft Windows Search Script Injection Vulnerability
Description Microsoft Windows Search is prone to a script-injection vulnerability because it fails to adequately sanitize user-supplied input when previewing search results. Successful exploits will cause malicious script code to run in the local context, allowing attackers to steal potentially...
Microsoft Visual Studio 'MSCOMM32.OCX' ActiveX Control Heap Buffer Overflow Vulnerability
Description Microsoft Visual Studio is prone to a remote heap-based buffer-overflow vulnerability. Attackers may exploit this issue by enticing an unsuspecting victim to view a malicious webpage. Successful exploits will allow attackers to execute arbitrary code within the context of the affected...
Microsoft RPC Marshalling Engine Remote Code Execution Vulnerability
Description Microsoft Windows RPC Marshalling Engine is prone to a remote code-execution vulnerability. An attacker can exploit this issue by sending a specially crafted RPC request to an affected computer. Successfully exploiting this issue will allow the attacker to execute arbitrary code with...
Microsoft Excel Record Object Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Office Works for Windows Document Converters Remote Code Execution Vulnerability
Description Microsoft Office Works for Windows document converters are prone to a remote code-execution vulnerability because the application fails to properly handle specially crafted files. An attacker could exploit this issue by enticing a victim to open a malicious '.wps' file. Successful...
Microsoft Windows Print Spooler 'EnumeratePrintShares()' Remote Stack Buffer Overflow Vulnerability
Description Microsoft Windows is prone to a remote stack-based buffer-overflow vulnerability that affects the Windows Print Spooler. Exploiting this vulnerability allows attackers to execute arbitrary code with system-level privileges. Failed exploit attempts will likely cause denial-of-service...
Microsoft Active Directory Encoded LDAP String Memory Corruption Remote Code Execution Vulnerability
Description Microsoft Active Directory is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the application. Successful exploits will completely compromise the affected computer. Failed attacks will cause denial-of-service...
Microsoft Excel String Copy Stack Overflow Remote Code Execution Vulnerability
Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...
Microsoft Excel Malformed Shared String Table Record Integer Overflow Vulnerability
Description Microsoft Excel is prone to an integer-overflow vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application...
Microsoft Internet Explorer Event Handler Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause...
Microsoft Internet Explorer 'setCapture()' Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause...
Microsoft Internet Explorer XMLHttpRequest Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the browser and possibly the computer. Failed attacks may cause...
Microsoft Internet Explorer (CVE-2009-1141) Uninitialized Memory Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks m...
Microsoft IIS 5.0 WebDAV Authentication Bypass Vulnerability
Description Microsoft Internet Information Services IIS is prone to an authentication-bypass vulnerability because it fails to properly enforce access restrictions on certain requests to a site that requires authentication. An attacker can exploit this issue to gain unauthorized access to protect...
Microsoft DirectX DirectShow QuickTime Video Remote Code Execution Vulnerability
Description Microsoft DirectX is prone to a remote code-execution vulnerability because the DirectShow component fails to properly handle QuickTime media files. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the user running the application...
Sun Java Runtime Environment ActiveX Control Multiple Remote Buffer Overflow Vulnerabilities
Description Sun Java Runtime Environment is prone to multiple remote buffer-overflow vulnerabilities because the application fails to perform adequate boundary checks on user-supplied data. Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of th...
Microsoft PowerPoint Sound Data (CVE-2009-0225) Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing a victim to open a malicious PowerPoint 95 file. Successfully exploiting this issue can allow the attacker to execute arbitrary code in the context of the currently...
Microsoft PowerPoint Sound Data (CVE-2009-0227) Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing a victim to open a specially crafted PowerPoint 4.0 file. Successfully exploiting this issue can allow the attacker to execute arbitrary code in the context of the...
Microsoft PowerPoint Paragraph Data Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...
Microsoft PowerPoint Sound Data (CVE-2009-0226) Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing a victim to open a specially crafted PowerPoint 4.0 file. Successfully exploiting this issue can allow an attacker to execute arbitrary code in the context of the...
Microsoft PowerPoint Sound Data (CVE-2009-1129) Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...
Microsoft PowerPoint Sound Data (CVE-2009-1137) Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...
Microsoft PowerPoint Sound Data (CVE-2009-0222) Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...
Microsoft PowerPoint Sound Data (CVE-2009-0223) Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...
Microsoft PowerPoint Invalid Record Type Remote Code Execution Vulnerability
Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue can allow the attacker to execute arbitrary code in the context of the currently...
Microsoft PowerPoint Invalid Record Type Integer Overflow Vulnerability
Description Microsoft PowerPoint is prone to an integer-overflow vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...
Microsoft PowerPoint Data Out of Bounds Remote Stack Buffer Overflow Vulnerabilities
Description Microsoft PowerPoint is prone to multiple remote stack-based buffer-overflow vulnerabilities. An attacker could exploit these issues by enticing a victim to open a malicious PowerPoint file. Successfully exploiting these issues would allow the attacker to execute arbitrary code in the...