VirtueMart Shopping Cart

Custom-BuiltPCs.com
Your Cart is currently empty.

Home Category Blog Security Bulletins - April21
Security Bulletins - April21 PDF Print E-mail
Article Index
Security Bulletins
April21
April20
April 16
April 16 15
April 14
April cont
Security Bulletins Cont
Security Bulletins Cont 2
All Pages

 

April 21, 2010

2010-04-21: MIT Kerberos KDC 'handle_tgt_authdata()' Denial Of Service Vulnerability An attacker may exploit this issue to crash the KDC service, resulting in a denial-of-service condition.

http://www.securityfocus.com/bid/38260

 

 

April 21, 2010

2010-04-21: MIT Kerberos AES and RC4 Decryption Integer Underflow Vulnerabilities Attackers can exploit these issues to execute arbitrary code with SYSTEM-level privileges. Failed attacks will result in denial-of-service conditions.

http://www.securityfocus.com/bid/37749

 

 

April 21, 2010

2010-04-21: MIT Kerberos 'gss_accept_sec_context()' Denial Of Service Vulnerability An attacker may exploit this issue to cause the affected application to crash, denying service to legitimate users.

http://www.securityfocus.com/bid/38904

 

 

April 21, 2010

2010-04-21: MIT Kerberos KDC Cross-Realm Referral NULL Pointer Dereference Denial Of Service Vulnerability An attacker may exploit this issue to crash the KDC service, resulting in denial-of-service conditions. Given the nature of this issue, the attacker may also be able to run arbitrary code, but this has not been confirmed.

http://www.securityfocus.com/bid/37486

 

 

April 21, 2010

2010-04-21: Microsoft Windows SMB Client Response Parsing Remote Code Execution Vulnerability An attacker can exploit this issue to execute code with SYSTEM-level privileges. Failed exploit attempts will likely cause denial-of-service conditions.

http://www.securityfocus.com/bid/39336

 

 

April 21, 2010

2010-04-21: Microsoft Windows SMB Client Memory Allocation Remote Code Execution Vulnerability An attacker can exploit this issue to execute code with SYSTEM-level privileges. Failed exploit attempts will likely cause denial-of-service conditions.

http://www.securityfocus.com/bid/39312

 

 

April 21, 2010

2010-04-21: Microsoft Windows SMB Packet Remote Denial of Service Vulnerability A remote attacker can exploit this issue to crash the Windows kernel, denying service to legitimate users.

http://www.securityfocus.com/bid/36989

 

 

April 21, 2010

2010-04-21: Microsoft Windows SMB Client Message Size Remote Code Execution Vulnerability An attacker can exploit this issue to execute code with SYSTEM-level privileges. Failed exploit attempts will likely cause denial-of-service conditions.

http://www.securityfocus.com/bid/39340

 

 

April 21, 2010

2010-04-21: Microsoft Windows SMB Client Transaction Response Remote Stack Buffer Overflow Vulnerability An attacker can exploit this issue to execute code with SYSTEM-level privileges. Failed exploit attempts will likely cause denial-of-service conditions.

http://www.securityfocus.com/bid/39339

 

 

April 21, 2010

2010-04-21: Microsoft Windows MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file. A successful exploit may allow arbitrary code to run in the context of the currently logged-in user. Failed attack attempts may result in a denial-of-service condition.

http://www.securityfocus.com/bid/39303

 

 

April 21, 2010

2010-04-21: Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability Attackers can exploit this issue by enticing an unsuspecting victim to run or install a specially modified signed Portable Executable (PE) or cabinet file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application.

http://www.securityfocus.com/bid/39328

 

 

April 21, 2010

2010-04-21: Microsoft Windows Cabinet File Viewer Cabview Validation Remote Code Execution Vulnerability Attackers can exploit this issue by enticing an unsuspecting victim to run or install a specially modified signed cabinet ('.cab') file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application.

http://www.securityfocus.com/bid/39332

 

 

April 21, 2010

2010-04-21: Simasy CMS 'id' Parameter SQL Injection Vulnerability Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

http://www.securityfocus.com/bid/30774

 

 

April 21, 2010

2010-04-21: Adobe Acrobat and Reader CVE-2010-0193 Denial of Service Vulnerability Attackers can exploit this issue to crash the application, resulting in a denial-of-service condition. Due to the nature of this issue, arbitrary code execution may also be possible but this has not been confirmed.

http://www.securityfocus.com/bid/39524

 

 

April 21, 2010

2010-04-21: Adobe Acrobat and Reader CVE-2010-0192 Denial of Service Vulnerability Attackers can exploit this issue to crash the application, resulting in a denial-of-service condition. Due to the nature of this issue arbitrary code execution may also be possible but this has not been confirmed.

http://www.securityfocus.com/bid/39523

 

 

April 21, 2010

2010-04-21: Adobe Acrobat and Reader CVE-2010-0195 Embedded Font Handling Remote Code Execution Vulnerability An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

http://www.securityfocus.com/bid/39417

 

 

April 21, 2010

2010-04-21: Adobe Acrobat and Reader CVE-2010-0204 Remote Code Execution Vulnerability Attackers can exploit this issue to execute arbitrary code in the context of the user running an affected application or to cause a denial-of-service condition.

http://www.securityfocus.com/bid/39522

 

 

April 21, 2010

2010-04-21: Adobe Acrobat and Reader CVE-2010-0190 Cross Site Scripting Vulnerability Attackers can exploit this issue to execute arbitrary code in the context of the user running an affected application; other attacks may also be possible.

http://www.securityfocus.com/bid/39515

 

 

April 21, 2010

2010-04-21: Adobe Acrobat and Reader CVE-2010-0197 Remote Code Execution Vulnerability Attackers can exploit this issue to execute arbitrary code in the context of the user running an affected application or to cause a denial-of-service condition.

http://www.securityfocus.com/bid/39518

 

 

April 21, 2010

2010-04-21: Adobe Acrobat and Reader GIF Data Remote Buffer Overflow Vulnerability Attackers can exploit this issue to execute arbitrary code in the context of the user running an affected application or to cause a denial-of-service condition.

http://www.securityfocus.com/bid/39514

 

 

April 21, 2010

2010-04-21: Adobe Acrobat and Reader CVE-2010-1241 'CoolType.dll' Remote Code Execution Vulnerability An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

http://www.securityfocus.com/bid/39470

 

 

April 21, 2010

2010-04-21: Adobe Acrobat and Reader PNG Data Remote Buffer Overflow Vulnerability Attackers can exploit this issue to execute arbitrary code in the context of the user running an affected application or to cause a denial-of-service condition.

http://www.securityfocus.com/bid/39505

 

 

April 21, 2010

2010-04-21: Adobe Reader CVE-2010-0200 Remote Code Execution Vulnerability An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

http://www.securityfocus.com/bid/39227

 

 

April 21, 2010

2010-04-21: Joomla! Seber Cart Component 'view' Parameter Local File Include Vulnerability An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.

http://www.securityfocus.com/bid/39237

 

 

April 21, 2010

2010-04-21: uplusware UplusFtp Multiple Remote Buffer Overflow Vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

http://www.securityfocus.com/bid/38102

 

 

April 21, 2010

2010-04-21: WB News '/base/Comments.php' HTML Injection Vulnerability Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing an attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible.

http://www.securityfocus.com/bid/39626

 

 

April 21, 2010

2010-04-21: LightNEasy 'get_file.php' Local File Disclosure Vulnerability An attacker can exploit this vulnerability to obtain potentially sensitive information from local files on computers running the vulnerable application. This may aid in further attacks.

http://www.securityfocus.com/bid/39623

 

 

April 21, 2010

2010-04-21: ZipGenius ZIP Archive Stack Buffer Overflow Vulnerability An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

http://www.securityfocus.com/bid/39622

 

 

April 21, 2010

2010-04-21: LightNEasy 'language' Parameter Local File Include Vulnerability An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.

http://www.securityfocus.com/bid/39621

 

 

April 21, 2010

2010-04-21: PortfolioDesign.org Portfolio for Joomla! 'phpThumb.php' Remote File Disclosure Vulnerability An attacker can exploit this vulnerability to view local files in the context of the webserver process, which may aid in further attacks.

http://www.securityfocus.com/bid/39620

 

 

April 21, 2010

2010-04-21: v2marketplacescript Arbitrary File Upload Vulnerability An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.

http://www.securityfocus.com/bid/39618

 

 

April 21, 2010

2010-04-21: SpeedProject SpeedCommander ZIP Archive Buffer Overflow Vulnerability An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

http://www.securityfocus.com/bid/39616

 

 

April 21, 2010

2010-04-21: DBSite wb CMS 'index.php' Multiple Cross Site Scripting Vulnerabilities An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.

http://www.securityfocus.com/bid/39613

 

 

April 21, 2010

2010-04-21: Cisco Small Business Video Surveillance Cameras & 4-Port Router Authentication Bypass Vulnerability Successful exploits allow remote authenticated attackers to obtain other users' passwords and gain access to the vulnerable device. This will completely compromise an affected device.

http://www.securityfocus.com/bid/39612

 

 

April 21, 2010

2010-04-21: openMairie openRegistreCIL Local and Remote File Include Vulnerabilities Exploiting these issues may allow a remote attacker to obtain sensitive information or compromise the application and the underlying computer; other attacks are also possible.

http://www.securityfocus.com/bid/39611

 

 

April 21, 2010

2010-04-21: Elastix 'id_nodo' Parameter Local File Include Vulnerability An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.

http://www.securityfocus.com/bid/39610

 

 

April 21, 2010

2010-04-21: e107 'e107_admin/banner.php' SQL Injection Vulnerability Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

http://www.securityfocus.com/bid/39609

 

 

April 21, 2010

2010-04-21: Webmoney Web Merchant Interface Component for Joomla! Local File Include Vulnerability An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.

http://www.securityfocus.com/bid/39608

 

 

April 21, 2010

2010-04-21: MMS Blog Component for Joomla! 'controller' Parameter Local File Include Vulnerability An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.

http://www.securityfocus.com/bid/39607

 

 

April 21, 2010

2010-04-21: OrgChart Component for Joomla! 'controller' Parameter Local File Include Vulnerability An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.

http://www.securityfocus.com/bid/39606

 

 

April 21, 2010

2010-04-21: phpThumb() 'fltr[]' Parameter Command Injection Vulnerability Attackers can exploit this issue to execute arbitrary commands in the context of the webserver. Note that successful exploitation requires 'ImageMagick' to be installed.

http://www.securityfocus.com/bid/39605

 

 

April 21, 2010

2010-04-21: imlib2 'src/lib/image.h' Remote Buffer Overflow Vulnerability Attackers can exploit this issue to execute arbitrary code in the context of the user running the application that uses the affected library. Failed exploit attempts may result in a denial-of-service condition.

http://www.securityfocus.com/bid/39604

 

 



 


Copyright © 2002-2018 Custom-BuiltPCs.com All Rights Reserved Custom-BuiltPCs.com