Microsoft Windows License Logging Service Buffer Overflow Vulnerability

Description A buffer overflow exists in the Microsoft Windows License Logging Service. This could allow remote execution of arbitrary code. Technologies Affected Microsoft Small Business Server 2000 Microsoft Small Business Server 2003 Microsoft Windows 2000 Advanced Server Microsoft Windows 2000...

Microsoft Windows SharePoint Services Cross-Site Scripting and Spoofing Vulnerability

Description A cross-site scripting and spoofing vulnerability affects Microsoft Windows SharePoint Services and SharePoint Team Services. A remote attacker may carry out a cross-site scripting attack to execute arbitrary HTML and script code in a user's browser. It is also possible to poison Web...

Microsoft Windows Named Pipe Remote Information Disclosure Vulnerability

Description A remote information disclosure vulnerability affects Microsoft Windows. This issue is due to a failure of the application to securely store potentially sensitive system information. An attacker may leverage this issue to disclose the user names of all users connected to a network...

Microsoft Windows User32.DLL ANI File Header Handling Stack-Based Buffer Overflow Vulnerability

Description A stack-based buffer overflow vulnerability is reported to affect the ANI animated cursor files handler on Microsoft Windows operating systems. The vulnerability exists in the ANI file header handling routines contained in the 'user32.dll' library. Ultimately the issue may be leverage...

Microsoft Windows Indexing Service Buffer Overflow Vulnerability

Description Microsoft Indexing Service is reported prone to a buffer overflow vulnerability. This issue results from insufficient boundary checks performed by the application when copying user-supplied data in to sensitive process buffers. A remote or local attacker may execute arbitrary code on ...

Apple ITunes Playlist Buffer Overflow Vulnerability

Description Apple iTunes is prone to a buffer overflow vulnerability. This issue is exposed when the application parses 'm3u' and 'pls' playlist files. As these files may originate from an external source, this issue is considered remotely exploitable. If the vulnerability is successfully...

Microsoft Windows LoadImage API Function Integer Overflow Vulnerability

Description Microsoft Windows is prone to a remote integer-overflow vulnerability because it fails to properly ensure that user-supplied input doesn't overflow integer values. Attackers may exploit this issue to cause data to be copied past the end of a memory buffer. This issue resides in the...

Microsoft Word for Windows 6.0 Converter Font Conversion Buffer Overflow Vulnerability

Description Microsoft Word for Windows 6.0 Converter is reported prone to a buffer overflow vulnerability. An attacker may exploit this issue to gain unauthorized access to a vulnerable computer in the context of the user running the application. This issue specifically exists in the Font...

Microsoft Windows LSASS Connection Validation Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege escalation vulnerability through LSASS Local Security Authority Subsystem Service. The vulnerability appears to be due to an error in the implementation of an enhanced access control feature. Attackers can exploit this vulnerability to...

Microsoft Windows DHCP Server Logging Remote Denial Of Service Vulnerability

Description Microsoft Windows DHCP server on NT 4 server platforms is reported susceptible to a remote denial of service vulnerability in its logging functionality. This issue is due to a failure of the application to properly handle user-supplied network input. This vulnerability allows remote...

Microsoft Windows DHCP Server Remote Buffer Overflow Vulnerability

Description Microsoft Windows DHCP server on NT 4 server platforms is reported susceptible to a remote buffer overflow vulnerability. This issue is due to insufficient bounds checking of user-supplied network data. This vulnerability allows remote attackers to execute arbitrary code in the contex...

Microsoft Windows WINS Name Value Handling Remote Buffer Overflow Vulnerability

Description The WINS server contains a buffer-overflow vulnerability that can allow attackers to corrupt WINS process memory. The issue occurs because the software fails to perform sufficient boundary checks on computer 'name' data that is handled during a WINS transaction. Ultimately, a WINS...

Microsoft Windows Kernel Unchecked LPC Buffer Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a locally exploitable privilege escalation vulnerability. This is reportedly due to an unchecked buffer that is exposed through the LPC Local Procedure Call interface in the Windows kernel. Successful exploitation would permit a local attacker to compromi...

Microsoft Word for Windows 6.0 Converter Table Conversion Buffer Overflow Vulnerability

Description Microsoft Word for Windows 6.0 Converter is reported prone to a buffer overflow vulnerability. An attacker may exploit this issue to gain unauthorized access to a vulnerable computer in the context of the user running the application. This issue specifically exists in the Table...

Microsoft ISA and Proxy Server Web Site Spoofing Vulnerability

Description Microsoft ISA and Proxy Server are reportedly prone to a Web site spoofing vulnerability. Successful exploitation of this issue could allow a remote attacker to spoof a trusted Web site. If a connection were made to the spoofed Web site using SSL, the malicious site would not be able ...

Microsoft Internet Explorer Malformed IFRAME Remote Buffer Overflow Vulnerability

Description Microsoft Internet Explorer is reported prone to a remote buffer overflow vulnerability. This issue presents itself due to insufficient boundary checks performed by the application and results in arbitrary code execution or a denial of service. This issue does not affect the following...

Microsoft Windows HTML Help Control Cross-Zone Scripting Vulnerability

Description The Microsoft Windows HTML Help ActiveX control hhctrl.ocx is prone to a vulnerability that may permit cross-zone scripting. The HTML Help control is a component that allows help functionality to be inserted in an HTML file. It is possible to exploit this vulnerability through Interne...

Microsoft Excel File Handler Buffer Overflow Vulnerability

Description Microsoft Excel is reported prone to an buffer overflow vulnerability. The issue presents itself when the vulnerable software handles a malicious Excel file. Ultimately a remote attacker may exploit this vulnerability to execute arbitrary code. Code execution will occur in the context...

Microsoft Internet Explorer Secure Sockets Layer Caching Vulnerability

Description Microsoft Internet Explorer is reported prone to a Secure Sockets Layer caching vulnerability. It is reported that arbitrary content may be cached to the computer that is viewing a malicious site when this vulnerability is exploited. This cached content will be rendered in the context...

Microsoft Internet Explorer Double Byte Character Set Handling Address Bar Spoofing Vulnerability

Description It is reported that Microsoft Internet Explorer is prone to a vulnerability that may allow a malicious Web page to spoof the address bar of the browser. This vulnerability presents itself due to a malfunction that occurs when certain double byte characters are encountered. As a result...

Microsoft Internet Explorer Unspecified showHelp Zone Bypass Vulnerability

Description Microsoft Security Bulletin MS04-038 includes fixes to address an unspecified vulnerability in Internet Explorer that may permit elevation of zone privileges by bypassing from the Internet Zone to the Local Zone. The vendor has stated that additional security verifications have been...

Microsoft SMTP Service and Exchange Routing Engine Buffer Overflow Vulnerability

Description The Microsoft Windows 2003 SMTP Service and Exchange Routing Engine have been reported prone to a buffer overflow. This occurs during the processing responses to DNS lookups. Successful exploitation could allow for remote code execution in the context of the vulnerable service...

Microsoft Internet Explorer Plug-in Navigations Handling Address Bar Spoofing Vulnerability

Description It is reported that Microsoft Internet Explorer is prone to a vulnerability that may allow a malicious Web page containing embedded flash multimedia to spoof the address bar of the browser. This could be used to lure Web users into a false sense of trust since a malicious or spoofed...

Microsoft NNTP Component Heap Overflow Vulnerability

Description The Microsoft Network News Transfer Protocol NNTP Component is prone to a buffer overflow condition. Successful exploitation of this vulnerability could allow remote code execution in the context of the process accessing the vulnerable component. Technologies Affected Avaya DefinityOn...

Microsoft XML Parser Remote Denial of Service Vulnerability

Description Microsoft XML Parser is prone to a remote denial of service vulnerability when handling malformed requests. The vulnerability can be exploited through the WebDAV XML message handler of Microsoft IIS server. It is reported that this issue requires a remote attacker to create specially...

Microsoft RPC Runtime Library Remote Denial Of Service And Information Disclosure Vulnerability

Description Microsoft RPC Runtime Library is affected by a remote denial of service and information disclosure vulnerability. This issue is due to a failure of the library to properly handle exceptional network traffic. An attacker may leverage this issue to disclose potentially sensitive...

Microsoft Windows Compressed (zipped) Folder Buffer Overflow Vulnerability

Description Microsoft Windows contains a buffer overflow in the Compressed zipped Folders feature. A maliciously crafted compressed file could overrun an internal buffer causing arbitrary code to be executed in the security context of the current user. Technologies Affected Avaya DefinityOne Medi...

Microsoft Internet Explorer Heartbeat ActiveX Control Unspecified Vulnerability

Description An unspecified vulnerability exists in the Microsoft Internet Explorer Heartbeat MSN gaming ActiveX control Hrtbeat.ocx. Technologies Affected Avaya DefinityOne Media Servers Avaya IP600 Media Servers Avaya Modular Messaging MSS 1.1.0 Avaya Modular Messaging MSS 2.0.0 Avaya S3400...

Microsoft Internet Explorer Install Engine ActiveX Control Buffer Overflow Vulnerability

Description A remotely exploitable buffer overflow vulnerability exists in the Microsoft Internet Explorer Install Engine ActiveX control. This vulnerability is caused by insufficient bounds checking of arguments passed to the control leading to a heap overflow. The vulnerability may be exploited...

Microsoft Windows Kernel Virtual DOS Machine Privilege Escalation Vulnerability

Description Microsoft Windows Kernel Virtual DOS Machine is reported prone to a local privilege-escalation vulnerability. The Microsoft Virtual DOS Machine VDM is a protected environment that emulates MS-DOS on Windows NT-based operating systems. This issue is caused by an access-validation error...

Microsoft Windows NetDDE Remote Buffer Overflow Vulnerability

Description Microsoft Windows NetDDE is affected by a remote buffer-overflow vulnerability because the application fails to properly verify the lengths of strings contained within unspecified network messages before copying them into finite buffers. Note that NetDDE is not activated by default on...

Microsoft Windows WMF/EMF Image Format Rendering Remote Buffer Overflow Vulnerability

Description Microsoft Windows WMF/EMF image-rendering library is affected by a remote buffer-overflow vulnerability because it fails to properly verify the lengths of strings contained within an affected image file before copying them into finite buffers. Any code execution that occurs will take...

Microsoft Window Management API Local Privilege Escalation Vulnerability

Description Microsoft has reported that several unspecified Window Management API functions can allow a local attacker to change the attributes of an application with higher-level privileges to gain elevated privileges on a vulnerable computer. This issue represents a fundamental design flaw;...

Microsoft Windows Kernel Local Denial of Service Vulnerability

Description The Microsoft Windows kernel is prone to a denial-of-service vulnerability that can allow a local attacker to cause a vulnerable computer to stop responding and to restart. This issue does not pose a privilege-escalation threat. Technologies Affected Avaya DefinityOne Media Servers...

Mambo Open Source Multiple Input Validation Vulnerabilities

Description Mambo open source is reportedly affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly validate user-supplied URI parameters. An attacker may leverage these issues to execute arbitrary server-side script code on an...

Microsoft WordPerfect Converter Remote Buffer Overflow Vulnerability

Description Microsoft WordPerfect Converter is reported prone to a remote buffer overflow vulnerability when handling malformed files. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable computer to gain unauthorized access. To carry out an attack, the attacke...

Microsoft GDI+ Library JPEG Segment Length Integer Underflow Vulnerability

Description Microsoft Graphics Device Interface GDI+ JPEG handler is reported prone to an integer underflow vulnerability when handling JPEG format images. This issue presents itself due to a lack of sufficient sanity checks performed on certain JPEG data before this data employed as a bounds val...

AWStats Rawlog Plugin Logfile Parameter Input Validation Vulnerability

Description AWStats Rawlog Plugin is reported prone to an input validation vulnerability. The issue is reported to exist because user supplied 'logfile' URI data passed to the 'awstats.pl' script is not sanitized. An attacker may exploit this condition to execute commands remotely or disclose...

Microsoft Exchange Outlook Web Access HTTP Response Splitting Vulnerability

Description Microsoft Exchange Outlook Web Access OWA is prone to HTTP response splitting attacks. This issue could permit hostile script to be injected into client sessions, which could gain access to properties of the OWA server and Web pages hosted on the site. It is noted that the attacker mu...

Microsoft Windows POSIX Subsystem Buffer Overflow Local Privilege Escalation Vulnerability

Description The Microsoft POSIX subsystem implementation is prone to a local buffer overflow vulnerability. A local attacker may exploit this vulnerability in order to run code with elevated privileges, fully compromising the vulnerable computer. Technologies Affected Avaya S3400 Message...

Microsoft Windows Utility Manager Local Privilege Escalation Variant Vulnerability

Description Microsoft Utility Manager is prone to a local privilege escalation vulnerability. It is reported that a local user may influence the Utility Manager into executing an attacker-supplied application with elevated privileges. The cause of this issue is that the Utility Manager will attem...

Microsoft IIS 4 Redirect Remote Buffer Overflow Vulnerability

Description Microsoft IIS 4.0 is reported prone to a buffer overflow vulnerability when handling redirects. It is reported that an attacker may exploit this vulnerability by issuing a large request to an affected IIS Web server. An attacker may exploit this issue to execute arbitrary code in the...

Microsoft Outlook Express Malformed Email Header Denial Of Service Vulnerability

Description Microsoft Outlook Express is prone to a security vulnerability when processing emails with malformed header data. A remote attacker may potentially exploit this issue to cause a persistent denial of service in the email client. This issue is only reported to affect Outlook Express 6.0...

Microsoft Windows Task Scheduler Remote Buffer Overflow Vulnerability

Description Microsoft Task Scheduler is reported prone to a remote stack-based buffer overflow vulnerability. The source of the vulnerability is that data in '.job' files is copied into an internal buffer without sufficient bounds checking. It is reported that a remote attacker may exploit this...

Microsoft Windows HTML Help Heap Overflow Vulnerability

Description The Microsoft Windows HTML Help facility is prone to a remotely exploitable heap overflow vulnerability. This vulnerability could be exploited from a malicious Web page or through HTML email to execute arbitrary code with the privileges of the currently logged in user. Technologies...

Microsoft Windows Program Group Converter Filename Local Buffer Overrun Vulnerability

Description Microsoft Windows Program Group Converter grpconv.exe is reported prone to a buffer overrun vulnerability. The issue is reported to exist due to a lack of sufficient validation performed on filename data. An attacker may craft a malicious file and present it to a victim in order to...

Microsoft DirectX DirectPlay Remote Malformed Packet Denial Of Service Vulnerability

Description Microsoft DirectX DirectPlay is affected by a remote denial of service vulnerability. This issue is due to a failure of the affected library to properly handle malformed network data. An attacker can exploit this vulnerability to cause an application using the affected DirectPlay...

Microsoft Windows Terminal Server Patch Unspecified Denial Of Service Vulnerability

Description The Terminal Server patch issued in Microsoft advisory MS01-052 has been found to be prone to an unspecified denial of service vulnerability. The affected patch was originally issued to deal with the issue outlined in the Microsoft Windows 2000/NT Terminal Server Service RDP DoS...

Microsoft Windows HSC DVD Driver Upgrade Code Execution Vulnerability

Description A security vulnerability has been reported in Microsoft Windows XP and Server 2003 operating systems. This issue exists in the Help and Support Center HSC and is due to how the feature handles HCP invocation URIs for DVD driver upgrades. This issue could be exploited from a malicious...

Multiple Vendor TCP Sequence Number Approximation Vulnerability

Description A vulnerability in TCP implementations may permit unauthorized remote users to reset TCP sessions. This issue affects products released by multiple vendors. Exploiting this issue may permit remote attackers to more easily approximate TCP sequence numbers. The problem is that affected...