Microsoft Internet Explorer CVE-2014-1815 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Internet explorer 6, 7, 8, 9, 10, and 11 are...

Symantec Workspace Streaming XMLRPC Unauthenticated Access

SUMMARY The management server for Symantec Workspace Streaming SWS does not properly handle external XMLRPC requests, which could potentially allow unauthorized access to restricted server-side data and server functionality. A remote user could potential create a backdoor on the targeted server...

Symantec Critical System Protection for Windows Default Policy Bypass

SUMMARY Symantec Critical System Protection SCSP, Windows version, default policy settings can be susceptible to policy bypass when installed on an out-of-the-box unpatched windows server. While this is not in any way a normal installation, it could permit unauthorized access to information store...

Adobe Flash Player CVE-2014-0515 Buffer Overflow Vulnerability

Description Adobe Flash Player is prone to a buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Attackers can exploit this issue to execute arbitrary code within the context of the affected application...

Microsoft Internet Explorer CVE-2014-1776 Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Symantec Encryption Desktop Memory Access Violations

SUMMARY Symantecs Encryption Desktop is susceptible to memory access violations when attempting to parse specific malformed certificate files. This could result in a possible application crash if a malicious individual could entice an authorized user to successfully click on a malformed file...

Symantec Messaging Gateway Management Console Reflected XSS

SUMMARY Symantecs Messaging Gateway management console is susceptible to a reflected cross-site scripting XSS issue found in one of the administrative interface pages. Successful exploitation could result in potential session hijacking or unauthorized actions directed against the console with the...

Microsoft Word File Converting CVE-2014-1757 Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

Microsoft Internet Explorer CVE-2014-1751 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing...

Microsoft Windows CVE-2014-0315 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. A successful exploit may allow arbitrary code to run in the context of the currently logged-in user. Failed attack attempts may result in a denial-of-service condition. Technologies Affected Avaya Aura Conferencing...

Microsoft Internet Explorer CVE-2014-1760 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing...

Microsoft Internet Explorer CVE-2014-1753 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing Standard Avaya...

Microsoft Publisher CVE-2014-1759 Remote Code Execution Vulnerability

Description Microsoft Publisher is prone to a remote code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts may result in a denial-of-service condition. Technologies Affect...

Microsoft Word File Processing CVE-2014-1758 Remote Stack Buffer Overflow Vulnerability

Description Microsoft Word is prone to a remote stack-based buffer-overflow vulnerability. Successful exploits will allow attackers to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies...

Microsoft Internet Explorer CVE-2014-1752 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing...

Microsoft Internet Explorer CVE-2014-1755 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing...

Microsoft Internet Explorer CVE-2014-0325 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing...

Symantec LiveUpdate Administrator Unauthenticated/Unauthorized Account Access Modification and SQL i

SUMMARY The management GUI for Symantec LiveUpdate Administrator does not properly protect the forgotten password functionality of the web interface. An unauthorized individual with knowledge of the email address for an authorized LUA user can potentially force an arbitrary password reset leading...

Multiple IBM Products CVE-2014-0880 Security Bypass Vulnerability

Description Multiple IBM Products are prone to a security bypass vulnerability. Attackers can exploit this issue to bypass security restrictions to perform unauthorized actions; this may aid in launching further attacks. The following products are vulnerable: IBM SAN Volume Controller 6.3, 6.4,...

Microsoft Word CVE-2014-1761 Remote Memory Corruption Vulnerability

Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

Microsoft Internet Explorer Multiple Arbitrary Code Execution Vulnerabilities

Description Microsoft Internet Explorer is prone to multiple arbitrary code-execution vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition...

Microsoft Internet Explorer CVE-2014-0298 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability due to a use-after-free condition. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies...

Microsoft Internet Explorer CVE-2014-0312 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability due to a use-after-free condition. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies...

Microsoft Internet Explorer CVE-2014-0299 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing 6...

Microsoft Internet Explorer CVE-2014-0324 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing 6...

Microsoft Windows Kernel 'Win32k.sys' CVE-2014-0300 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges and gain access to kernel memory. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura Conferencing...

Microsoft Internet Explorer CVE-2014-0321 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing 6...

Microsoft Internet Explorer CVE-2014-0297 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability due to a use-after-free condition. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies...

Microsoft Internet Explorer CVE-2014-0305 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing 6...

Microsoft Internet Explorer CVE-2014-0311 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing 6...

Microsoft Internet Explorer CVE-2014-0314 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing 6...

Microsoft Internet Explorer CVE-2014-0306 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing 6...

Microsoft Internet Explorer CVE-2014-0307 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing 6...

Microsoft Internet Explorer CVE-2014-0309 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing 6...

Microsoft Windows Security Account Manager Remote protocol Security Bypass Vulnerability

Description Microsoft Windows is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and aid in brute-force attacks; other attacks may also be possible. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura...

Microsoft Silverlight CVE-2014-0319 DEP/ASLR Security Bypass Vulnerability

Description Microsoft Silverlight is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Microsoft Silverlight 5 Developer...

Microsoft Internet Explorer CVE-2014-0302 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing 6...

Microsoft Internet Explorer CVE-2014-0304 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing 6...

Microsoft Internet Explorer CVE-2014-0303 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing 6...

Microsoft Internet Explorer CVE-2014-0308 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing 6...

Microsoft Windows Kernel 'Win32k.sys' CVE-2014-0323 Local Information Disclosure Vulnerability

Description Microsoft Windows is prone to a local information-disclosure vulnerability. An attacker can leverage this issue to disclose kernel memory and obtain sensitive information that may aid in further attacks. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura...

Microsoft DirectShow CVE-2014-0301 Remote Code Execution Vulnerability

Description Microsoft DirectShow is prone to a remote code-execution vulnerability. Successful exploits allow remote attackers to execute arbitrary code in the context of the user running the application that uses DirectShow. Failed exploit attempts will result in a denial-of-service condition...

Microsoft Internet Explorer CVE-2014-0313 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing 6...

Symantec Endpoint Protection Manager Vulnerabilities

SUMMARY The management console for Symantec Endpoint Protection Manager does not properly handle external XML data, which could potentially allow unauthorized access to restricted server-side data and console management functionality. The management console for Symantec Endpoint Protection Manage...

Microsoft Internet Explorer CVE-2014-0322 Use-After-Free Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Microsoft Internet Explorer CVE-2014-0284 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya CallPilot 4.0 Avaya...

Microsoft .NET Framework CVE-2014-0295 ASLR Security Bypass Vulnerability

Description Microsoft .NET Framework is prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and execute arbitrary code by exploiting another vulnerability in the application. Technologies Affected Avaya Aura Conferencing 6.0 SP1...

Microsoft Internet Explorer CVE-2014-0267 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya CallPilot 4.0 Avaya...

Microsoft Internet Explorer CVE-2014-0283 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya CallPilot 4.0 Avaya...

Microsoft Internet Explorer CVE-2014-0288 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya CallPilot 4.0 Avaya...