iDefense Security Advisory 08.10.10
http://labs.idefense.com/intelligence/vulnerabilities/
Aug 10, 2010
I. BACKGROUND
Microsoft Word is a word processing application from Microsoft Office.
For more information about Microsoft Word, see the following website:
VUPEN Security Research - Microsoft Internet Explorer boundElements
Property Use-after-free Vulnerability (CVE-2010-2557)
http://www.vupen.com/english/research.php
I. BACKGROUND
-
Microsoft Internet Explorer is a web browser developed by Microsoft and
included
as part of
VUPEN Security Research - Microsoft Internet Explorer
OnPropertyChange_Src() Use-after-free Vulnerability (CVE-2010-2556)
http://www.vupen.com/english/research.php
I. BACKGROUND
-
Microsoft Internet Explorer is a web browser developed by Microsoft and
included
as part of
VUPEN Security Research - Microsoft Internet Explorer CIframeElement
Object Use-after-free Vulnerability (CVE-2010-2558)
http://www.vupen.com/english/research.php
I. BACKGROUND
-
Microsoft Internet Explorer is a web browser developed by Microsoft and
included
as part of
VUPEN Security Research - Microsoft Internet Explorer Table Element
Use-after-free Vulnerability (CVE-2010-2560)
http://www.vupen.com/english/research.php
I. BACKGROUND
-
Microsoft Internet Explorer is a web browser developed by Microsoft and
included
as part of the
Dear List,
I'm writing on behalf of the Check Point Vulnerability Discovery Team to
publish the following vulnerability.
Check Point Software Technologies - Vulnerability Discovery Team (VDT)
http://www.checkpoint.com/defense/
Microsoft Office Word HTML Linked Objects Memory Corruption
PR10-07: Unauthenticated File Retrieval (traversal) within ColdFusion
administration console
Vulnerability found: 17th April 2010
Vendor informed: 19th April 2010
Vulnerability fixed: 10th August 2010
Severity: High
Description:
Adobe ColdFusion is a easy to use and very widely adopted
(Note: This advisory can also be found at http://pdfsig-collision.florz.de/)
= Summary =
The specification of the Portable Document Format (PDF) from version
1.3 onward, including ISO 19005-1:2005 (PDF/A-1) and ISO 32000-1:2008
(equivalent to PDF 1.7), ostensibly defines a mechanism for
ZDI-10-150: Microsoft Office Word sprmCMajority Record Parsing Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-150
August 11, 2010
-- CVE ID:
CVE-2010-1900
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Microsoft
-- Affected Products:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: SQL Injection Vulnerability in Cisco
Wireless Control System
Advisory ID: cisco-sa-20100811-wcs
Revision 1.0
For Public Release 2010 August 11 1600 UTC (GMT
ZDI-10-151: SAP Crystal Reports 2008 GIOP Message Size Integer Overflow Remote
Code Execution Vulnerability
http://dvlabs.tippingpoint.com/advisory/ZDI-10-151
August 11, 2010
-- Affected Vendors:
SAP
-- Affected Products:
SAP Crystal Reports
-- TippingPoint(TM) IPS Customer Protection:
CORRECTION:
===
TPTI-10-07: SAP Crystal Reports 2008 GIOP Message Size Integer Overflow Remote
Code Execution Vulnerability
http://dvlabs.tippingpoint.com/advisory/TPTI-10-07
August 11, 2010
==
Should replace
==
ZDI-10-151: SAP Crystal Reports 2008 GIOP Message
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE
Application Control Engine Module and Cisco ACE 4710 Application
Control Engine
Advisory ID: cisco-sa-20100811-ace
Revision 1.0
For Public Release 2010 August 11 1600 UTC (GMT
==
Secunia Research 11/08/2010
- glpng PNG Processing Two Integer Overflow Vulnerabilities -
==
Table of Contents
Affected
14 matches
Mail list logo