VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the mshtml.dll module when processing CollectionCache objects, which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP.
e3d29879255e1ff2003388a8d7447ab0c086cfdc1cb25b9bc5b4605cfe1e6951
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a heap overflow error in the mshtml.dll module when processing "Col" elements, which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP.
58b473d4348bb610fc06c374fb2c748a08cf5103cd4a273b9e7f79bc45b2b21e
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the mshtml.dll module when processing GetAtomTable objects, which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP.
8e4efee72018e74d74bd0e481367967504569eb75b76d4050a7fef60ffc11887
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. The vulnerability is caused by an invalid object being used when parsing a malformed video via "NetStream.appendBytes", which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP enabled.
9b4488d35212ce158b36f3b2eb967b148fddbf040de1f99a30ab5a53f3202ef4
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the "vgx.dll" component when processing certain VML behaviors, which could be exploited by attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
b26b14f8e0513c5015cfa528b828f45892990e4d864673868941be4f05ba2bf9
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a memory corruption error within the Matrix3D class when processing malformed 3D data within SWF files, which could be exploited by attackers to potentially compromise a vulnerable system or disclose memory information by tricking a user into visiting a specially crafted web page. Adobe Flash Player versions 11.1.102.62 and below are affected.
cd2efadbb305725a418111b28128ed5c65004213052f530f752893ddaadc11f6
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by an integer overflow error when processing malformed image data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file. Versions affected include Adobe Acrobat and Reader X (10.1.1) and prior and Adobe Acrobat and Reader 9.4.7 and prior.
c94c13dce309f884bd280837f2c98fd26f4a3b8efdb37192552ad693c35c02fe
VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows. The vulnerability is caused by a use-after-free error in the "mshtml.dll" module when handling a specific Time behavior, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
cba9bea32ea67c8da60c966ebfc113a9ade45175f2c308da67602f022e70e159
VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows. The vulnerability is caused by a use-after-free error in the TIME (datime.dll) module when loaded via a specific behavior, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
363771ff8fedc0e7c3eb4df5ff9a4fe0bc4f64c4b34e44157b5e85bbbd053e8e
VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows Media Player. The vulnerability is caused by a buffer overflow error in the XDSCodec & Encypter/Decrypter Tagger Filters "ENCDEC.DLL" within Windows Media Player when processing certain fields within a DVR-MS (Digital Video Recording) file, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page or a malicious ".dvr-ms" media file.
abe71c0175b7a06c7b13a1c8e877a119177040e1b36f365f7231fe6642d78a92
VUPEN Vulnerability Research Team discovered a vulnerability in Adobe Flash Player. The vulnerability is caused by an uninitialized stack variable when processing an invalid "SAlign" property of the Flash ActiveX control, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page. Versions prior to 11.1.102.55 are affected.
10561391d54ae2a2a00c408b11bdbca9246b41da1060d29b93367e7f6c836d46
VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "mshtml.dll" component when processing the "X-UA-COMPATIBLE" keyword of a "META" tag, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
48c8c110e7a16caf9bec75c333999b1e5148e63511b0674e0649301d7dfb1252
VUPEN Vulnerability Research Team discovered a vulnerability in Google Chrome. The vulnerability is caused by a stale pointer in the WebKit engine when deleting certain child tags in a specific order, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page. Google Chrome versions prior to 14.0.835.202 are affected.
a76cbf6bdbee711ebfce8dc173c64df62c4636a89ebcd164f53aaf43db1e466f
VUPEN Vulnerability Research Team discovered a vulnerability in Google Chrome. The vulnerability is caused by a stale pointer in the WebKit engine when deleting a Ruby tag and its children in a specific order, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
f155029aeaa8cd2c97b5f87a4c567067ee56940483899fa350ddc410ece08479
VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "ICalProcessYearlyRule()" function within the "gwwww1.dll" component when processing a malformed "BYWEEKNO" property in a Calendar, which could be exploited by remote unauthenticated attackers to compromise a vulnerable server via a specially crafted email message. Versions 8.0.2 SP2 Hot Patch 2 and below are affected.
db76992fc18da1157668a6a0332cdb40c29764ed690037608ce8caa1dc451bd4
VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "NgwIRecurParam::integerList()" function within the "gwwww1.dll" component when processing a malformed "RRULE" integer list in a Calendar, which could be exploited by remote unauthenticated attackers to compromise a vulnerable server via a specially crafted email message. Versions 8.0.2 SP2 Hot Patch 2 and below are affected.
d697fda1f2bceeef87278e911dee69649d6ee0b25eb8e452101f1275579c8d3a
VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "NgwIRecurByWeekdayParam::bywdaylist()" function within the "gwwww1.dll" component when processing a malformed "RRULE" property in a Calendar, which could be exploited by remote unauthenticated attackers to compromise a vulnerable server via a specially crafted email message. Versions 8.0.2 SP2 Hot Patch 2 and below are affected.
e9739b7f115e53c739cde3bd056999eafde0be533a0e278ee536f5712c2718be
VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "NgwiCalVTimeZoneBody::ParseSelf()" function within the "GWWWW1.dll" component when processing an overly long "TZNAME" variable in a Calendar, which could be exploited by remote unauthenticated attackers to compromise a vulnerable server via a specially crafted email message. Versions 8.0.2 SP2 Hot Patch 2 and below are affected.
0fb64ec06cda7f994892c85c8e9e82d31139cb63a4a29b85ddd54be492cda0fa
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a heap corruption error when processing malformed Formula records within an Excel document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted XLS document.
fea05647dde36d6873e65a4a370929a4399740a72e46e76f9aa3a5901033bd1f
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing malformed BMP data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
ec1e544d4bc46b70a53f70b750297c806bc34953226e435c1cb63dc94f5ab888
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing malformed IFF data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
5fb97c8c1204aa3b8013ee8b94958c995a3ed2f749e599c67bd76aa36f7e01cb
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing malformed PCX data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
b1ba18f240b0fc7ab7cbc3817b3c949894e5a9a8549bbf6fc8cc226b4f78f497
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a stack overflow error when processing a malformed picture within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
3db1febf32ab77cc17ebcd7c9b80069c45e57860fe630d2d2dd0f8123ffdd44b
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing a picture file with malformed dimensions, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF document.
837ea15f51f8c653c8bc8201a780499c8e1592e20f9dbba46a5b7260bd924b43
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing a malformed "BitsPerSample" field of a TIFF image, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF document.
7ce131d21eca659ae6009e41e847bfa961c8330c5d51752a35eb2562fe1bb645
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Shockwave. The vulnerability is caused by an array indexing error in the "dirapi.dll" component when processing malformed data within the "rcsL" record, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
ebae7c8e4b3e98c31ecdf30a8b7435873c1dc320927f43e66e6c37e4eda6e5ea