iDefense Security Advisory 04.08.08 - Remote exploitation of an integer overflow vulnerability in multiple versions of Microsoft Corp.'s Windows operating system could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense has confirmed the existence of this vulnerability in Windows 2000 SP4 and Windows XP SP2.
03d39e0c171617bc6bed7fb6be3e14daf1be8b9c372dfa5615c0ba6aa4d0858eiDefense Security Advisory 04.08.08 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s Microsoft Help 2.5 ActiveX control allows an attacker to execute arbitrary code with the privileges of the logged-on user. iDefense has confirmed this vulnerability in version 2.05.50727.42 of hxvz.dll, which is installed with Visual Studio 2005.
588d2439063be1e77858d28dd76b3cadb193e7df46f39974193b547dca836bc3iDefense Security Advisory 04.03.08 - Remote exploitation of multiple buffer overflow vulnerabilities in Computer Associates International Inc.'s Alert Notification Service may allow an authenticated attacker to execute arbitrary code with SYSTEM privileges. iDefense confirmed the existence of these vulnerabilities with Computer Associates' Threat Manager for the Enterprise version 8.1. Other products that contain the Alert Notification Service are suspected to be vulnerable as well.
d2635673c2b1130946fdc1be1208fdda6b3c6b4a0194893ff02ff0286ff13710iDefense Security Advisory 04.03.08 - Local exploitation of a directory traversal vulnerability within the pkgadd program distributed with SCO Group Inc's UnixWare operating system allows attackers to gain root privileges. iDefense confirmed the existence of this vulnerability within version 7.1.4 of UnixWare with all patches available as of August 27th, 2007 installed. Previous versions are suspected to be vulnerable.
e6b4547375884db2c879ca5739a6c5e714edfebea5ad31056106838c96345215iDefense Security Advisory 04.02.08 - Remote exploitation of a design error in an ActiveX control installed with Symantec Norton Internet Security 2008 could allow for the execution of arbitrary code. iDefense confirmed that this vulnerability exists in version 2.7.0.1 of the control that is installed with the 2008 version of Norton Internet Security. Other versions may also be available.
5be4b9d21805341d776a7b716a5a5f1eb50df26bccc1ca202afa95016e8145d0iDefense Security Advisory 04.02.08 - Remote exploitation of a buffer overflow vulnerability in an ActiveX control installed by Symantec Norton Internet Security 2008 could allow for the execution of arbitrary code. iDefense confirmed that this vulnerability exists in version 2.7.0.1 of the control that is installed with the 2008 version of Norton Internet Security. Other versions may also be available.
ca21fd621e3cf9ded91bc115596d8b243f9c036394ddb1f9f3db5e74c636c369iDefense Security Advisory 04.02.08 - Remote exploitation of a buffer overflow vulnerability in Borland Software Corp.'s CaliberRM enterprise software requirements management system could allow attackers to execute arbitrary code with SYSTEM level privileges. iDefense confirmed that the trial version of Borland CaliberRM 2006 (file version 9.0.809.000) is vulnerable. The actual vulnerable component is StarTeam Multicast Service 6.4. Other Borland products containing StarTeam Multicast Service component, such as Borland StarTeam, may also be affected.
159b775b557eef960fa0dbc9a097aadf2c2e86589748b24658d30310f1915c46iDefense Security Advisory 03.31.08 - Remote exploitation of an untrusted library loading vulnerability in Macrovision's InstallShield InstallScript One-Click Install ActiveX control allows remote attackers to execute code with the privileges of the currently logged in user. iDefense confirmed this vulnerability exists in version 12.0 of the Macrovision InstallShield InstallScript One-Click Install ActiveX Control. Previous versions of the control are reported to be vulnerable to variations of this attack. Previous versions are known to use different CLSIDs.
43de1fe2a2db8c9142cfcc62930c4a7e8244c9a74ebd86de23f0101133587ac1iDefense Security Advisory 03.18.08 - Remote exploitation of a heap based buffer overflow vulnerability in CUPS, as included in various vendors' operating system distributions, could allow an attacker to execute arbitrary code with the privileges of the affected service. iDefense has confirmed the existence of this vulnerability in CUPS version 1.3.5. Previous versions may also be affected.
e4d46a9684678e8df75b6c25e33e27ad6c93aaad48aaa56e0bb3ec5a591a62b0iDefense Security Advisory 03.11.08 - Remote exploitation of an input validation error in the handling of "mailto" URIs by Microsoft Corp.'s Outlook may allow arbitrary code execution. It is possible to construct a "mailto" URI which causes the web browser to pass extra command line switches to Outlook. These switches can modify Outlook's account configuration. iDefense has confirmed the existence of this vulnerability in Microsoft Outlook 2007 on Windows XP SP2. Previous versions may also be affected.
7156ee06ae2b1666a162d1ef60b7458511c3b4ab23d425ed51aebc8ea63bd76biDefense Security Advisory 03.11.08 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel 2003 could allow attackers to execute arbitrary code in the context of the currently logged on user. This vulnerability specifically exists due to the improper handling of malformed formulas. By creating a document containing a specially crafted formula, an attacker is able to cause memory corruption that leads to arbitrary code execution. iDefense has confirmed the existence of this vulnerability in Excel 2003 SP2. Other versions may also be affected.
f4e45a1af3d8b4ea59a40e602ea77eb18b0fe56f6d631339417be9ea8976a6e4iDefense Security Advisory 03.11.08 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s Excel spreadsheet application allows attackers to execute arbitrary code in the context of the user who started Excel. The vulnerability exists in the handling of DVAL records in BIFF8 format spreadsheet files. When certain fields are set to invalid values, heap corruption occurs. iDefense has confirmed the existence of this vulnerability in Microsoft Excel 2003 and Excel 2007. Previous versions may also be affected.
c4d8db378bfdeb338b825ddadf8c149435713e8ce88adf268a9eaac242ee4335iDefense Security Advisory 03.10.08 - Local exploitation of a design error in the "sdbstarter" program, as distributed with SAP AG's MaxDB, could allow attackers to elevate privileges to root. iDefense has confirmed the existence of this vulnerability in SAP AG's MaxDB version 7.6.0.37 on both Linux and Solaris. Other versions for Unix-like systems are suspected to be vulnerable. Windows releases do not include the "sdbstarter" program.
e25791d8f91e8f1822104cfacb99ec2d95d9f65329ac297bf4a23704c69dcd0biDefense Security Advisory 03.10.08 - Remote exploitation of a signedness error in the "vserver" component of SAP AG's MaxDB could allow attackers to execute arbitrary code. After accepting a connection, the "vserver" process forks and reads parameters from the client into various structures. When doing so, it trusts values sent from the client to be valid. By sending a specially crafted request, an attacker can cause heap corruption. This leads to a potentially exploitable memory corruption condition. iDefense has confirmed the existence of this vulnerability in SAP AG's MaxDB version 7.6.0.37 on Linux. Other versions may also be affected.
5056f2863ba140bae005f3c4d0de93a71191bb4c6a5c44d80d5b9c3fc09aa6c1iDefense Security Advisory 02.26.08 - Remote exploitation of a heap based buffer overflow vulnerability in Mozilla Organization's Thunderbird could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability exists when parsing the external-body MIME type in an electronic mail. When calculating the number of bytes to allocate for a heap buffer, sufficient space is not reserved for all of the data being copied into the buffer. This results in up to 3 bytes of the buffer being overflowed, potentially allowing for the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in Thunderbird version 2.0.0.9 on Linux and Windows. Previous versions may also be affected.
6bcbbedf8e21d3aec4e7200bc10753035e4d6a719690b0eb2fb4f2d04030ead2iDefense Security Advisory 02.26.08 - Remote exploitation of a stack based buffer overflow vulnerability in Symantec Scan Engine version 5.1.2 could allow an unauthenticated attacker to execute arbitrary code with the privileges of the scan engine process. Symantec Scan Engine listens on TCP port 1344 to accept files for scanning using the Internet Content Adaptation Protocol (ICAP). If the service is sent a specially malformed RAR file, a stack-based buffer overflow will occur. iDefense has confirmed this vulnerability in the Linux build of the Symantec Scan Engine version 5.1.2. This issue does not affect the Windows build of the product. Previous versions are suspected to be vulnerable.
6ac782bba3d896cd76c3ac9a217fb02fe152735e066ce969750e3900b11bdb99iDefense Security Advisory 02.26.08 - Remote exploitation of a Denial of Service vulnerability in Symantec Scan Engine version 5.1.2 could allow an unauthenticated attacker to create a denial of service (DoS) condition. Symantec Scan Engine listens on TCP port 1344 to accept files for scanning using the Internet Content Adaptation Protocol (ICAP). If the service is sent a malformed RAR file, the service will consume massive amounts of memory. This can result in a denial of service condition for the application and operating system. iDefense confirmed the existence of this vulnerability in Symantec Scan Engine 5.1.2. This issue affects both the Windows and Linux builds of the product. Previous versions are suspected to be vulnerable.
a8d0c9bb8554be518607891bdcf3d22cf2d57140317ed7203d41bd4eb3437307iDefense Security Advisory 02.20.08 - Remote exploitation of a denial of service vulnerability in Symantec Corp.'s Veritas Storage Foundation scheduler service could allow an unauthenticated attacker to crash the service. iDefense Labs have confirmed Veritas Storage Foundation for Windows version 5.0 (with VxSchedService.exe version 5.0.9.298) is vulnerable. It is suspected that all previous versions are vulnerable.
ad3d7be92f9e551f7e7effc574221fa05e17f6ef7b2c9601acba53e0925f0205iDefense Security Advisory 02.19.08 - Remote exploitation of multiple heap overflow vulnerabilities in EMC Corp.'s RepliStor could allow an unauthenticated attacker to execute arbitrary code with SYSTEM privileges. iDefense has confirmed the existence of these vulnerabilities in EMC RepliStor version 6.2 SP2. Previous versions may also be affected.
f6b201a399d7e3b18a39c000839a38b6ffcaed2ca3d31bea6313b242f920f322iDefense Security Advisory 02.12.08 - Remote exploitation of a memory corruption vulnerability in Adobe Systems Inc.'s Flash Media Server 2 could allow an unauthenticated attacker to execute arbitrary code with SYSTEM privileges. iDefense has confirmed the existence of this vulnerability in Flash Media Server 2 version 2.0.4 on Windows. Previous versions, as well as the Linux version, may also be affected.
c24c0422987a63d9ce3685d664e3001b3a73da5313e2c7262b6dde58f8a7b41eiDefense Security Advisory 02.12.08 - Remote exploitation of multiple integer overflow vulnerabilities in Adobe Systems Inc.'s Flash Media Server 2 could allow an unauthenticated attacker to execute arbitrary code with SYSTEM privileges. iDefense has confirmed the existence of these vulnerabilities in Flash Media Server 2 version 2.0.4 on Windows. Previous versions, as well as the Linux version, may also be affected.
2e64e8df4dc7951f44406cdbed0622875b0af4ae13a8f0ace23f48943e8de520iDefense Security Advisory 02.12.08 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Internet Explorer web browser allows attackers to execute arbitrary code within the context of the affected user. When certain properties are assigned malformed values, memory can be corrupted in a way that leads to Internet Explorer making a call to a member function of an already released property object. If the memory location of the released property object happens to be filled by attacker controlled content, the attacker can execute arbitrary code. iDefense testing shows that Internet Explorer 6.0 and Internet Explorer 7.0, with all available security patches as of October 22nd, 2007, are vulnerable. Older versions of Internet Explorer may also be vulnerable.
cb84e9245e55d2a2c47e77f12aecf8560df63b3fdffffa624ec9996d05b17bb9iDefense Security Advisory 02.12.08 - Remote exploitation of a buffer overflow vulnerability in Microsoft Corp.'s Works Converter allows attackers to execute arbitrary code as the current user. This vulnerability stems from improper input validation of section length headers when converting a Microsoft Works document (WPS extension) to Rich Text Format (RTF). When certain fields are modified, such as the length or count values, a stack-based buffer overflow occurs. This leads to a directly exploitable condition. iDefense confirmed that wkcvqd01.dll version 7.03.0616.0, as included with Microsoft Office 2003, is vulnerable. Older versions of Microsoft Office as well as Microsoft Works are also assumed vulnerable.
207cf5b468a23064f67c4182942fefed2de146debb30ce9c6b79cfdd7b4223b3iDefense Security Advisory 02.12.08 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s Works Converter, as included with Microsoft Office, could potentially allow an attacker to execute arbitrary code as the current user. This vulnerability stems from improper input validation of OLE structures within wkcvqd01.dll when converting a Microsoft Works document (WPS extension) to Rich Text Format (RTF). When certain fields are modified, such as the length or count values, heap corruption can occur. This leads to a potentially exploitable condition. iDefense has confirmed that wkcvqd01.dll version 7.03.0616.0, as included with Microsoft Office 2003, is vulnerable to this issue. Older versions are assumed to be vulnerable as well. Additionally, Microsoft Works itself is suspected to be vulnerable.
32ffb0aa2cf242fe619293167d1c2c969fe87d8c43749f7ae32ff4984f67495aiDefense Security Advisory 02.12.08 - Remote exploitation of an integer overflow vulnerability in Clam AntiVirus' ClamAV, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the affected process. iDefense has confirmed the existence of this vulnerability in ClamAV 0.92. Previous versions may also be affected.
a41220bd562f0751be2d8a4c85b3aa329da8712ae380c55def9f43dd8a24c6b3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed