Next Page >>
Vulnerability Research Team
CA Advisory Date: 2008-10-09
Reported By:
Haifei Li of Fortinet's FortiGuard Global Security Research Team
Vulnerability Research Team of Assurent Secure Technologies, a
TELUS Company
Greg Linares of eEye Digital Security
Impact: A remote attacker can cause a denial of service or
CA Advisory Date: 2008-07-31
Reported By: Vulnerability Research Team of Assurent Secure
Technologies, a TELUS Company
Impact: A remote attacker can execute arbitrary code or cause a
denial of service condition.
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a critical vulnerability
affecting Microsoft Office Excel.
The vulnerability is caused by a heap overflow error when processing
malformed EDG (recType 0x88) and Publisher (recType 0x89) records, which
could be exploited by attackers to execute arbitrary code by tricking
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a critical vulnerability
in Microsoft Office Word.
The vulnerability is caused by a buffer overflow error when processing
certain data within a Word document, which could be exploited by remote
attackers to execute arbitrary code by tricking a user into opening a
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a vulnerability in
Apple Quicktime.
The flaw is caused by a heap overflow error when processing FLC
encoded movie files, which could be exploited by attackers to
execute arbitrary code by tricking a user into visiting a specially
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a critical vulnerability
affecting Microsoft Internet Explorer.
The vulnerability is caused by a use-after-free error within the
"OnPropertyChange_Src()" function when handling malformed HTML/JS data,
which could be exploited by remote attackers to execute arbitrary code
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a critical vulnerability
in Microsoft Office Word.
The vulnerability is caused by the use of an invalid pointer when processing
bookmarks in a Word document, which could be exploited by remote
attackers to execute arbitrary code by tricking a user into opening
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a critical vulnerability
in Microsoft Office Excel.
The vulnerability is caused by a dangling pointer when processing
certain Formula records in an Excel file, which could be exploited
by remote attackers to execute arbitrary code by tricking a user into
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a critical vulnerability
in Microsoft Office Excel.
The vulnerability is caused by a heap corruption error when processing
malformed Formula records within an Excel document, which could be exploited
by attackers to compromise a vulnerable system by tricking a user into
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a critical vulnerability
in Microsoft Office Excel.
The vulnerability is caused by an array indexing error when processing
RealTimeData records in an Excel file, which could be exploited by remote
attackers to execute arbitrary code by tricking a user into opening a
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a vulnerability in
Sun Java JDK/JRE.
The flaw is caused by a buffer overflow error within the Unpack200
component when processing malformed data, which could be exploited by
attackers to execute arbitrary code via a malicious archive.
CVE-2010-2704 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
The Hewlett-Packard Company thanks Sebastien Renaud of VUPEN Vulnerability Research Team for reporting this vulnerability to security-alert@hp.com.
RESOLUTION
HP has made patches available to resolve the vulnerabilities for NNM v7.53.
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a critical vulnerability
in Oracle Java.
The vulnerability is caused by an integer overflow error in the Color
Management Module (CMM) when processing a malformed "pseq" tag within
an ICC profile, which could be exploited by attackers to execute arbitrary
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a critical vulnerability
in Oracle Java.
The vulnerability is caused by an integer overflow error in the Color
Management Module (CMM) when processing a malformed "clrt" tag within
an ICC profile, which could be exploited by attackers to execute arbitrary
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a critical vulnerability
in Microsoft Office Word.
The vulnerability is caused by an error when handling return values while
parsing certain data in a Word document, which could be exploited by remote
attackers to execute arbitrary code by tricking a user into opening a
CVE-2010-2704 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
The Hewlett-Packard Company thanks Sebastien Renaud of VUPEN Vulnerability Research Team for reporting this vulnerability to security-alert@hp.com.
RESOLUTION
HP has made hotfixes available to resolve the vulnerabilities for NNM v7.53.
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a critical vulnerability in
HP OpenView Network Node Manager (OV NNM).
This vulnerability is caused by a buffer overflow error in the
"nnmrptconfig.exe"
CGI when processing an overly long parameter value, which could be exploited
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft
Windows Media Player.
The vulnerability is caused by a buffer overflow error in the XDSCodec &
Encypter/Decrypter Tagger Filters "ENCDEC.DLL" within Windows Media Player
when processing certain fields within a DVR-MS (Digital Video Recording)
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-1564 and CVE-2009-1565 to these
issues.
VMware would like to thank iDefense, Sebastien Renaud of VUPEN
Vulnerability Research Team (http://www.vupen.com) and Alin Rad Pop
of Secunia Research for reporting these issues to us.
To remediate the above issues either install the stand alone movie
decoder or update your product using the table below.
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a vulnerability in Google
Chrome.
The vulnerability is caused by a stale pointer in the WebKit engine when
deleting certain child tags in a specific order, which could be exploited by
remote attackers to compromise a vulnerable system via a specially crafted
Adobe's Portable Document Format (PDF).
II. DESCRIPTION ---------------------
VUPEN Vulnerability Research Team discovered three critical
vulnerabilities affecting Adobe Acrobat and Reader.
These vulnerabilities are caused by memory corruption errors within
the U3D filter when processing malformed data in a PDF file,
which could allow attackers to execute arbitrary code by tricking
---------------
January 19th 2009
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: David Marshall and r@b13$
Vulnerability Description
-------------------------
NetMRI contains a cross-site scripting (XSS) issue whereby portions of the GET request are echoed back in an error page. This allows scripting tags to be executed by the browser to perform XSS attacks. Such an attack would require convincing a user to click on a specially crafted link.
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a vulnerability in
Apple Safari.
The flaw is caused by an integer overflow error in ColorSync when
processing certain images with an embedded color profile, which
could be exploited by attackers to potentially execute arbitrary
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a critical vulnerability
affecting Microsoft Internet Explorer.
The vulnerability is caused by a use-after-free error when processing
"CIframeElement" objects, which could be exploited by remote attackers to
execute arbitrary code by tricking a user into visiting a specially crafted
---------------
October 14, 2008
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Corey LeBleu and r@b13$
Vulnerability Description
-------------------------
The Citrix Broadcast Server administrative login page is vulnerable to trivial SQL injections via the txtUID HTTP POST parameter. An attacker could leverage this flaw to obtain unauthorized access to the web interface or to extract data from the database via blind SQL injection.
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a critical vulnerability
in Microsoft Office Publisher.
The vulnerability is caused by a memory corruption error when handling
malformed
Publisher documents, which could be exploited by remote attackers to execute
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a critical vulnerability
in Novell GroupWise.
The vulnerability is caused by a buffer overflow error in the
"NgwIRecurByWeekdayParam::bywdaylist()"
function within the "gwwww1.dll" component when processing a malformed
--------
Medium
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: princeofnigeria and r@b13$
Date Discovered
---------------
1/29/2008
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a critical vulnerability
in Microsoft Office.
The vulnerability is caused by an integer overflow error in the MSO
component
when parsing certain values within an Office document, which could be
II. DESCRIPTION
---------------------
VUPEN Vulnerability Research Team discovered a vulnerability in Google
Chrome.
The vulnerability is caused by a stale pointer in the WebKit engine when
deleting a Ruby tag and its children in a specific order, which could be
exploited by remote attackers to compromise a vulnerable system via a
Next Page>>
|
