Microsoft Internet Explorer Remote Memory Corruption Vulnerability
2010.January.21
Summary:
========
Fortinet's FortiGuard Labs has discovered a memory corruption vulnerability in Microsoft's Internet Explorer.
Impact:
=======
Remote Code Execution.
Fortinet Discovers Microsoft Office Project Vulnerability (MS09-074)
2009.December.08
Summary:
Fortinet's FortiGuard Labs Discovers Memory Corruption Vulnerability in Microsoft Office Project.
Impact:
Remote Code Execution.
Fortinet Discovers Vulnerability in Indeo Codec
2009.December.08
Summary:
Fortinet's FortiGuard Labs Discovers Memory Corruption Vulnerability in Indeo Codec.
Impact:
Remote Code Execution.
Fortinet Discovers Adobe Flash Player Vulnerability
2010.Nov.04
Summary:
Fortinet's FortiGuard Labs has discovered a Memory corruption vulnerability in Adobe Flash Player(Flash10h.ocx), which may lead to arbitrary code
execution or Denial of Service.
Impact:
Arbitrary Code Execution or Denial of Service
The Cisco PSIRT is not aware of malicious use of the vulnerabilities
described in this advisory.
These vulnerabilities were discovered and reported to Cisco by Xiaopeng
Zhang and Zhenhua Liu of Fortinet's FortiGuard Labs. The FortiGuard Labs
advisory is available at http://www.fortiguard.com. Cisco would like to
thank FortiGuard Labs for reporting these vulnerabilities to us and for
working with us on a coordinated disclosure.
Status of this Notice: FINAL
(CVE-2009-3794).
* Jim Cheng of EffectiveUI reported an unspecified data injection
vulnerability (CVE-2009-3796).
* Bing Liu of Fortinet's FortiGuard Labs reported multiple
unspecified memory corruption vulnerabilities (CVE-2009-3797,
CVE-2009-3798).
* Damian Put reported an integer overflow in the
Verifier::parseExceptionHandlers() function (CVE-2009-3799).
