Next Page >>
Windows
VMware ACE 2.6,
VMware ACE 2.5.3 and earlier,
VMware Server 2.0.2 and earlier,
VMware Fusion 3.0,
VMware Fusion 2.0.6 and earlier,
VMware VIX API for Windows 1.6.x,
VMware ESXi 4.0 before patch ESXi400-201002402-BG
VMware ESXi 3.5 before patch ESXe350-200912401-T-BG
VMware ACE 2.6,
VMware ACE 2.5.3 and earlier,
VMware Server 2.0.2 and earlier,
VMware Fusion 3.0,
VMware Fusion 2.0.6 and earlier,
VMware VIX API for Windows 1.6.x,
VMware ESXi 4.0 before patch ESXi400-201002402-BG
VMware ESXi 3.5 before patch ESXe350-200912401-T-BG
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
Workstation 6.5.x any 6.5.1 build 126130 or later
Workstation 6.0.x any upgrade to at least 6.5.1
Workstation 5.5.x any 5.5.9 build 126128 or later
provided by VMware when run in IE. Under specific circumstances,
exploitation of these ActiveX controls might result in denial-of-
service or can allow running of arbitrary code when the user
browses a malicious Web site or opens a malicious file in IE
browser. An attempt to run unsafe ActiveX controls in IE might
result in pop-up windows warning the user.
Note: IE can be configured to run unsafe ActiveX controls without
prompting. VMware recommends that you retain the default
settings in IE, which prompts when unsafe actions are
requested.
Severity: CA has given this vulnerability a Medium risk rating.
Affected Products:
CA ARCserve Backup r12.0 Windows
CA ARCserve Backup r11.5 Windows SP3 and prior*
CA ARCserve Backup r11.1 Windows*
CA ARCserve Backup r11.1 Netware*
CA Server Protection Suite r2
CA Business Protection Suite r2
- --------------------------------------------------------------------------
Summary
=======
Two vulnerabilities exist in the Cisco VPN Client for Microsoft Windows
that may allow unprivileged users to elevate their privileges to those of
the LocalSystem account.
A workaround exists for one of the two vulnerabilities disclosed in this
advisory.
+---------------------------------------------------------------------
Summary
=======
CiscoWorks Common Services for Microsoft Windows contains a
vulnerability that could allow an authenticated, remote attacker to
execute arbitrary commands on the affected system with the privileges
of a system administrator.
Cisco has released free software updates that address this
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP Data Protector Express 3.x and 4.x and HP Data
Protector Express Single Server Edition (SSE) 3.x and 4.x running on supported Microsoft Windows, Linux, and
NetWare versions. The vulnerability could be exploited locally to create a Denial of Service (DoS) or to execute
arbitrary code.
Potential Security Impact: Local Denial of Service (DoS), execution of arbitrary code
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP Data Protector Express 3.x and 4.x and HP Data Protector Express Single Server Edition (SSE) 3.x and 4.x running on supported Microsoft Windows, Linux, and NetWare versions. The vulnerability could be exploited locally to create a Denial of Service (DoS) or to execute arbitrary code.
References: CVE-2010-3007, ZDI-CAN 581
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP Data Protector Express 3.x and HP Data Protector Express SSE 3.x prior to build 56936
Potential Security Impact: Local Denial of Service (DoS), execution of arbitrary code
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP Data Protector Express 3.x and 4.x and HP Data Protector Express Single Server Edition (SSE) 3.x and 4.x running on supported Microsoft Windows, Linux, and NetWare versions. The vulnerability could be exploited locally to create a Denial of Service (DoS) or to execute arbitrary code.
References: CVE-2009-0714
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP Data Protector Express 3.x and HP Data Protector Express SSE 3.x prior to build 47065
VUPEN Security Research - Microsoft Windows OpenType CFF Driver Stack
Overflow Vulnerability (CVE-2011-0034)
http://www.vupen.com/english/research.php
I. BACKGROUND
---------------------
"Microsoft Windows is a series of software operating systems and graphical
(to get the scripts mentioned by this advisory please get the full
version at http://www.hexale.org/advisories/OCHOA-2010-0209.txt; I did
not include them here to reduce the size of this email)
Windows SMB NTLM Authentication Weak Nonce Vulnerability
Security Advisory
Hernan Ochoa (hernan@gmail.com) - Agustin Azubel (agustin.azubel@gmail.com)
Title: Windows SMB NTLM Authentication Weak Nonce Vulnerability
method.
4. *Vulnerable packages*
. Microsoft Windows 2000 (SP4 and previous)
. Microsoft Windows XP (SP3, SP2 and previous)
. Microsoft Windows 2003 (SP2 and previous)
. Microsoft Windows 2008 (SP2 and previous)
. Microsoft Windows 2008 R2
. Microsoft Exchange Server 2003 (SP3, SP2 and previous)
Writers Team.
8. *Technical Description / Proof of Concept Code*
Operating systems based on Microsoft Windows NT technologies provide a
flat 32-bit virtual address space that describes 4 gigabytes of virtual
memory to 32-bit processes. This address space is used by the process to
map its executable code and the data that it uses during its runtime.
For performance and efficiency reasons the process address space is
usually split so that 2 GB of address space are directly accessible by
VUPEN Security Research - Microsoft Windows OLE Automation Integer Underflow
Vulnerability (MS11-038)
Website : http://www.vupen.com/english/research.php
Twitter : http://twitter.com/vupen
I. BACKGROUND
---------------------
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP Data Protector Express 3.x and 4.x and HP Data Protector
Express Single Server Edition (SSE) 3.x and 4.x running on supported Microsoft Windows versions. The vulnerability could be
exploited locally to create a Denial of Service (DoS) or to execute arbitrary code.
References: CVE-2010-3008, ZDI-CAN 582
I. BACKGROUND
---------------------
"Microsoft Internet Explorer is a web browser developed by Microsoft and
included as part of the Microsoft Windows line of operating systems with
more than 60% of the worldwide usage share of web browsers." (Wikipedia)
II. DESCRIPTION
---------------------
I. BACKGROUND
---------------------
"Microsoft Internet Explorer is a web browser developed by Microsoft and
included as part of the Microsoft Windows line of operating systems with
more than 60% of the worldwide usage share of web browsers." (Wikipedia)
II. DESCRIPTION
---------------------
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02535850
Version: 1
HPSBMA02596 SSRT100271 rev.1 - HP AssetCenter and HP AssetManager for AIX, HP-UX, Linux, Solaris and Windows , Remote Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-10-18
Last Updated: 2010-10-18
------------------------------------------------------------------------
See also
------------------------------------------------------------------------
- CVE-2012-0013 [2]
- MS12-005 [3] Vulnerability in Microsoft Windows Could Allow Remote
Code Execution (2584146)
- KB2584146 [4] MS12-005: Vulnerability in Microsoft Windows could allow
remote code execution: January 10, 2012
- SSD: [5] SecuriTeam Secure Disclosure program
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter 4.1 Windows Update 1
vCenter 4.0 Windows affected, patch pending
VirtualCenter 2.5 Windows affected, no patch planned
Update Manager 4.1 Windows Update 1
Update Manager 4.0 Windows affected, patch pending
VUPEN Security Research - Microsoft Windows Kernel "GetDCEx()" Memory
Corruption Vulnerability (CVE-2010-0484)
http://www.vupen.com/english/research.php
I. BACKGROUND
---------------------
"Microsoft Windows is the operating system developed by Microsoft. As of
#####################################################################################
Application: Microsoft Outlook Express
Microsoft Windows Mail
Platforms: Windows 2000
Windows XP
Windows Vista
Windows server 2003
Windows Server 2008 SR2
to at least 2.5.5 and preferably the newest release available before
the end of extended support.
3. Problem description:
a. VMware Tools Local Privilege Escalation on Windows-based guest OS
The VMware Tools Package provides support required for shared folders
(HGFS) and other features.
An input validation error is present in the Windows-based VMware
Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack
-------------------------------------------------------------------------
CVE-2010-0232
In order to support BIOS service routines in legacy 16bit applications, the
Windows NT Kernel supports the concept of BIOS calls in the Virtual-8086 mode
monitor code. These are implemented in two stages, the kernel transitions to
the second stage when the #GP trap handler (nt!KiTrap0D) detects that the
faulting cs:eip matches specific magic values.
VUPEN Security Research - Microsoft Windows Shell Graphics BMP "height"
Integer Overflow Vulnerability
http://www.vupen.com/english/research.php
I. BACKGROUND
---------------------
"Microsoft Windows is a series of software operating systems and graphical
VUPEN Security Research - Microsoft Windows Shell Graphics biCompression
Buffer Overflow Vulnerability
http://www.vupen.com/english/research.php
I. BACKGROUND
---------------------
"Microsoft Windows is a series of software operating systems and graphical
The way temporary files are handled by the mounting process could
result in a race condition. This issue could allow a local user on
the host to elevate their privileges.
VMware Workstation and Player running on Microsoft Windows are not
affected.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-4295 to this issue.
VUPEN Security Research - Microsoft Windows Shell Graphics BMP "width"
Integer Overflow Vulnerability
http://www.vupen.com/english/research.php
I. BACKGROUND
---------------------
"Microsoft Windows is a series of software operating systems and graphical
VUPEN Security Research - Microsoft Windows GDI+ Size Handling Integer
Overflow Vulnerability
http://www.vupen.com/english/research.php
I. BACKGROUND
---------------------
"Microsoft Windows is a series of software operating systems and graphical
Next Page>>
|
