Provides the latest RSS feeds for Viruses News. For more headlines on Breaking, National, Business, Finance, Sports and World News, visit our home page Wisconsin Star.com http://www.wisconsinstar.com/index.php/cat/ce5b8f8593c611c0/ en-us Sun, 26 May 2013 01:39:35 -0400 Sun, 26 May 2013 01:39:35 -0400 30 Mac malware can spread via USB stick, email attachments, website download, or even a silent drive-by installation where the user doesn't realize their Mac's security has been ... http://www.wisconsinstar.com/index.php/sid/214763492/scat/ce5b8f8593c611c0 Sat, 25 May 2013 15:47:11 -0400 http://www.wisconsinstar.com/index.php/sid/214763492/scat/ce5b8f8593c611c0 Developing an H7N9 flu vaccine is tricky -- reliant on both cutting-edge technology and the lowly chicken egg. Every step of the way, things can go wrongDeveloping a flu vaccine is tricky -- reliant on both cutting-edge technology and the lowly chicken egg. Every step of the way, things can go ... http://www.wisconsinstar.com/index.php/sid/214762813/scat/ce5b8f8593c611c0 Sat, 25 May 2013 14:18:26 -0400 http://www.wisconsinstar.com/index.php/sid/214762813/scat/ce5b8f8593c611c0 Riyadh: Cyber hackers attacked several official Saudi websites on Saturday, posting an Algerian flag on their homepages that later vanished, local media reported.The website of the information ministry was among the hacked sites, according to state news broadcaster Al-Ekhbariya and newspapers.The ... http://www.wisconsinstar.com/index.php/sid/214762264/scat/ce5b8f8593c611c0 Sat, 25 May 2013 13:40:22 -0400 http://www.wisconsinstar.com/index.php/sid/214762264/scat/ce5b8f8593c611c0 JERUSALEM - An Israeli security expert says Syrian hackers tried to break into the computers of the water system of the city of Haifa. Speaking at a lecture on Saturday in the southern city of Beersheba, Yitzhak Ben Yisrael, Israel's former cyber security adviser, said that a group calling itself "The Syrian Electronic Army" had launched the failed attack two weeks ago. In April, ... http://www.wisconsinstar.com/index.php/sid/214762113/scat/ce5b8f8593c611c0 Sat, 25 May 2013 13:25:17 -0400 http://www.wisconsinstar.com/index.php/sid/214762113/scat/ce5b8f8593c611c0 News | NEW DELHI, INDIA: Blue Coat Systems, Inc., a provider of Web security and WAN optimization solutions, today announced that Blue Coat Security Labs has identified a new variant of a fake anti-virus attack that uses Web advertisements to relay users into the Shnakule network, which is currently the largest and most effective Malware Delivery Network on the ... http://www.wisconsinstar.com/index.php/sid/214761763/scat/ce5b8f8593c611c0 Sat, 25 May 2013 12:29:23 -0400 http://www.wisconsinstar.com/index.php/sid/214761763/scat/ce5b8f8593c611c0 Description The Microsoft .NET Framework is prone to a security-bypass vulnerability. Attackers can exploit this issue to perform denial-of-service attacks, scan network resources, and obtain potentially sensitive information that was not intended to be ... http://www.wisconsinstar.com/index.php/sid/214759571/scat/ce5b8f8593c611c0 Sat, 25 May 2013 08:13:56 -0400 http://www.wisconsinstar.com/index.php/sid/214759571/scat/ce5b8f8593c611c0 Description JBoss Enterprise Application Platform is prone to multiple vulnerabilities, including an information-disclosure issue and multiple authentication-bypass issues. An attacker can exploit these issues to bypass certain security restrictions to obtain sensitive information or gain unauthorized access to the ... http://www.wisconsinstar.com/index.php/sid/214757587/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:40 -0400 http://www.wisconsinstar.com/index.php/sid/214757587/scat/ce5b8f8593c611c0 Description Microsoft SharePoint is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied data. A remote attacker could exploit this vulnerability using directory-traversal strings (such as '../') to obtain sensitive information or elevate their privileges. This could help the attacker launch further ... http://www.wisconsinstar.com/index.php/sid/214757586/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:38 -0400 http://www.wisconsinstar.com/index.php/sid/214757586/scat/ce5b8f8593c611c0 Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service ... http://www.wisconsinstar.com/index.php/sid/214757585/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:37 -0400 http://www.wisconsinstar.com/index.php/sid/214757585/scat/ce5b8f8593c611c0 Description Microsoft IIS is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data. Remote attackers can exploit this issue to execute arbitrary commands with the privileges of the application; this may disclose sensitive ... http://www.wisconsinstar.com/index.php/sid/214757584/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:35 -0400 http://www.wisconsinstar.com/index.php/sid/214757584/scat/ce5b8f8593c611c0 Description Microsoft System Center Configuration Manager is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch ... http://www.wisconsinstar.com/index.php/sid/214757588/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:34 -0400 http://www.wisconsinstar.com/index.php/sid/214757588/scat/ce5b8f8593c611c0 Description Multiple vendors' implementations of the DNS protocol are prone to a DNS-spoofing vulnerability because the software fails to securely implement random values when performing DNS queries. Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to launch man-in-the-middle attacks. This issue affects Microsoft ... http://www.wisconsinstar.com/index.php/sid/214757589/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:33 -0400 http://www.wisconsinstar.com/index.php/sid/214757589/scat/ce5b8f8593c611c0 Description Microsoft Visual Studio Team Foundation Server is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and ... http://www.wisconsinstar.com/index.php/sid/214757590/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:29 -0400 http://www.wisconsinstar.com/index.php/sid/214757590/scat/ce5b8f8593c611c0 Description Microsoft SharePoint is prone to an open-redirection vulnerability because the application fails to properly sanitize user-supplied input. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link, they may be redirected to an attacker-controlled site; this may aid in phishing attacks. Other ... http://www.wisconsinstar.com/index.php/sid/214757592/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:28 -0400 http://www.wisconsinstar.com/index.php/sid/214757592/scat/ce5b8f8593c611c0 Description Microsoft SharePoint is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also ... http://www.wisconsinstar.com/index.php/sid/214757591/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:26 -0400 http://www.wisconsinstar.com/index.php/sid/214757591/scat/ce5b8f8593c611c0 Description Microsoft Windows is prone to a remote command-injection that affects the Windows Shell component vulnerability because it fails to adequately sanitize user-supplied input data. Attackers can exploit this issue to execute arbitrary shell commands with user-level privileges. This may facilitate the remote compromise of affected ... http://www.wisconsinstar.com/index.php/sid/214757593/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:25 -0400 http://www.wisconsinstar.com/index.php/sid/214757593/scat/ce5b8f8593c611c0 Description Foxit Reader is prone to multiple remote vulnerabilities, Attackers may leverage these issues to execute arbitrary code in the context of the application. Successful exploits may compromise the application and the underlying computer. Failed attacks will cause denial-of-service conditions. The issues affect Foxit Reader 3.0.2009.1301, 3.0, and 2.3. Other versions may also be ... http://www.wisconsinstar.com/index.php/sid/214757594/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:23 -0400 http://www.wisconsinstar.com/index.php/sid/214757594/scat/ce5b8f8593c611c0 Description Microsoft Anti-Cross Site Scripting (AntiXSS) Library is prone to a security-bypass vulnerability that affects the sanitization module. An attacker can exploit this vulnerability to bypass the filter and conduct cross-site scripting attacks. Successful exploits may allow attackers to execute arbitrary script code and steal cookie-based authentication credentials. Microsoft ... http://www.wisconsinstar.com/index.php/sid/214757595/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:21 -0400 http://www.wisconsinstar.com/index.php/sid/214757595/scat/ce5b8f8593c611c0 Description Microsoft Windows is prone to a remote denial-of-service vulnerability that occurs in the Windows kernel 'Win32k.sys' kernel-mode device driver. A remote attacker can exploit this issue to crash the Windows kernel, denying service to legitimate ... http://www.wisconsinstar.com/index.php/sid/214757596/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:20 -0400 http://www.wisconsinstar.com/index.php/sid/214757596/scat/ce5b8f8593c611c0 Description Microsoft SharePoint is prone to a script-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to perform unauthorized actions such as issuing SharePoint commands on the SharePoint ... http://www.wisconsinstar.com/index.php/sid/214757597/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:19 -0400 http://www.wisconsinstar.com/index.php/sid/214757597/scat/ce5b8f8593c611c0 Description Open Handset Alliance Android is prone to a privilege-escalation vulnerability because it fails to properly handle certain socket messages. Successfully exploiting this issue can allow attackers to corrupt memory and execute arbitrary code with superuser privileges, leading to a complete compromise of the ... http://www.wisconsinstar.com/index.php/sid/214757599/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:17 -0400 http://www.wisconsinstar.com/index.php/sid/214757599/scat/ce5b8f8593c611c0 Description Microsoft Active Directory Certificate Services are prone to a cross-site scripting vulnerability because the Web Enrollment component fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal potentially sensitive ... http://www.wisconsinstar.com/index.php/sid/214757598/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:16 -0400 http://www.wisconsinstar.com/index.php/sid/214757598/scat/ce5b8f8593c611c0 Description JustSystems Ichitaro is prone to a remote buffer-overflow vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will result in a denial-of-service ... http://www.wisconsinstar.com/index.php/sid/214757600/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:14 -0400 http://www.wisconsinstar.com/index.php/sid/214757600/scat/ce5b8f8593c611c0 Description Adobe Flash Player is prone to a remote memory corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. NOTE: This issue was previously discussed in BID 44669 (Adobe Flash Player APSB10-26 Multiple Remote ... http://www.wisconsinstar.com/index.php/sid/214757601/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:12 -0400 http://www.wisconsinstar.com/index.php/sid/214757601/scat/ce5b8f8593c611c0 Description Microsoft Office is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) ... http://www.wisconsinstar.com/index.php/sid/214757602/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:10 -0400 http://www.wisconsinstar.com/index.php/sid/214757602/scat/ce5b8f8593c611c0 Description Microsoft VBScript and JScript scripting engines are prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks. Attackers can exploit this issue by enticing an unsuspecting user to visit a specially crafted ... http://www.wisconsinstar.com/index.php/sid/214757603/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:09 -0400 http://www.wisconsinstar.com/index.php/sid/214757603/scat/ce5b8f8593c611c0 Description Microsoft Windows is prone to a remote stack-based buffer-overflow vulnerability in the Windows Graphics Rendering Engine because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious '.MIC' or office file. NOTE: To exploit this issue, the target must view the ... http://www.wisconsinstar.com/index.php/sid/214757604/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:07 -0400 http://www.wisconsinstar.com/index.php/sid/214757604/scat/ce5b8f8593c611c0 Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening an Office document containing a specially crafted Tagged Image File Format (TIFF) image. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the currently logged-in user. Failed exploit ... http://www.wisconsinstar.com/index.php/sid/214757609/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:06 -0400 http://www.wisconsinstar.com/index.php/sid/214757609/scat/ce5b8f8593c611c0 Description Microsoft Windows Failover Clustering is prone to a security-bypass vulnerability. Local attackers can exploit this issue to perform unauthorized actions against the administrative shares on the failover cluster ... http://www.wisconsinstar.com/index.php/sid/214757608/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:04 -0400 http://www.wisconsinstar.com/index.php/sid/214757608/scat/ce5b8f8593c611c0 Description Microsoft PowerPoint is prone to a remote heap-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will cause a denial-of-service ... http://www.wisconsinstar.com/index.php/sid/214757607/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:02 -0400 http://www.wisconsinstar.com/index.php/sid/214757607/scat/ce5b8f8593c611c0 Description Microsoft Forefront Unified Access Gateway (UAG) is prone to a spoofing vulnerability. An attacker can exploit this issue to spoof a UAG server or redirect legitimate network traffic intended for a UAG server. This may allow the attacker to masquerade as a legitimate server, aiding in further ... http://www.wisconsinstar.com/index.php/sid/214757606/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:43:01 -0400 http://www.wisconsinstar.com/index.php/sid/214757606/scat/ce5b8f8593c611c0 Description Microsoft Silverlight and Microsoft .NET Framework are prone to a remote code-execution vulnerability. Successful exploits will allow the attacker to execute arbitrary code within the context of the application. Failed exploit attempts will likely result in a denial-of-service ... http://www.wisconsinstar.com/index.php/sid/214757610/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:58 -0400 http://www.wisconsinstar.com/index.php/sid/214757610/scat/ce5b8f8593c611c0 Description Adobe Acrobat and Reader are prone to a heap-based buffer-overflow vulnerability because they fail to properly validate user-supplied input. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts will result in a denial of service. The following products are affected: Adobe Reader 9.3.1 and prior for ... http://www.wisconsinstar.com/index.php/sid/214757612/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:57 -0400 http://www.wisconsinstar.com/index.php/sid/214757612/scat/ce5b8f8593c611c0 Description Java Runtime Environment (JRE) is prone to arbitrary code-execution vulnerabilities that affect multiple Java plugins for multiple browsers. Attackers can exploit these issues to execute arbitrary code in the context of the user running the vulnerable applications. The issues affect Java Runtime Environment versions 1.6.0_10 and later (JRE 6 Update 10 and later); other versions may ... http://www.wisconsinstar.com/index.php/sid/214757611/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:54 -0400 http://www.wisconsinstar.com/index.php/sid/214757611/scat/ce5b8f8593c611c0 Description Microsoft Windows is prone to a vulnerability that may allow a file to automatically run because the software fails to properly handle 'LNK' files or 'PIF' files. An attacker may exploit this issue to execute arbitrary code. The attacker must entice a victim to view a specially crafted shortcut. NOTE: This issue is being exploited in the wild with W32.Stuxnet ... http://www.wisconsinstar.com/index.php/sid/214757613/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:49 -0400 http://www.wisconsinstar.com/index.php/sid/214757613/scat/ce5b8f8593c611c0 Description Microsoft XML Core Service is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of the currently logged-in ... http://www.wisconsinstar.com/index.php/sid/214757614/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:47 -0400 http://www.wisconsinstar.com/index.php/sid/214757614/scat/ce5b8f8593c611c0 Description Microsoft Internet Explorer and Microsoft SharePoint are prone to a cross-domain information-disclosure vulnerability because they fail to properly enforce the same-origin policy. An attacker can exploit this issue to access local files or content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information or may aid in ... http://www.wisconsinstar.com/index.php/sid/214757615/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:46 -0400 http://www.wisconsinstar.com/index.php/sid/214757615/scat/ce5b8f8593c611c0 Description Sun Java Runtime Environment and Java Development Kit are prone to multiple security vulnerabilities. Successful exploits may allow attackers to violate the same-origin policy, obtain sensitive information, bypass security restrictions, run untrusted applets with elevated privileges, and cause denial-of-service conditions. This may result in a compromise of affected computers. These ... http://www.wisconsinstar.com/index.php/sid/214757616/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:44 -0400 http://www.wisconsinstar.com/index.php/sid/214757616/scat/ce5b8f8593c611c0 Description Microsoft Outlook Express and Windows Mail are prone to a remote integer-overflow vulnerability because the applications fail to perform boundary checks on integer values. Successfully exploiting this issue will allow an attacker to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts will result in a denial-of-service ... http://www.wisconsinstar.com/index.php/sid/214757617/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:39 -0400 http://www.wisconsinstar.com/index.php/sid/214757617/scat/ce5b8f8593c611c0 Description Ichitaro is prone to a remote code-execution vulnerability. Attackers may exploit this issue to execute arbitrary code within the context of the vulnerable application. Failed attempts will result in a denial-of-service condition. Ichitaro 2010 and prior versions are ... http://www.wisconsinstar.com/index.php/sid/214757618/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:37 -0400 http://www.wisconsinstar.com/index.php/sid/214757618/scat/ce5b8f8593c611c0 Description Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the browser. Successful exploits will compromise the application and possibly the computer. Failed attacks will cause denial-of-service ... http://www.wisconsinstar.com/index.php/sid/214757619/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:36 -0400 http://www.wisconsinstar.com/index.php/sid/214757619/scat/ce5b8f8593c611c0 Description Microsoft WordPad and Office Text Converters are prone to a remote memory-corruption vulnerability. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts may result in denial-of-service ... http://www.wisconsinstar.com/index.php/sid/214757620/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:35 -0400 http://www.wisconsinstar.com/index.php/sid/214757620/scat/ce5b8f8593c611c0 Description Adobe Illustrator is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting victim to open a malicious Encapsulated PostScript file. Successfully exploiting this issue will allow attackers to execute arbitrary code with the privileges of the user ... http://www.wisconsinstar.com/index.php/sid/214757621/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:32 -0400 http://www.wisconsinstar.com/index.php/sid/214757621/scat/ce5b8f8593c611c0 Description The implementation of the Microsoft Protected Extensible Authentication Protocol (PEAP) used by Microsoft's Internet Authentication System is prone to a remote memory-corruption vulnerability. A remote attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts ... http://www.wisconsinstar.com/index.php/sid/214757622/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:31 -0400 http://www.wisconsinstar.com/index.php/sid/214757622/scat/ce5b8f8593c611c0 Description Microsoft Active Directory is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the server, denying access to legitimate ... http://www.wisconsinstar.com/index.php/sid/214757623/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:29 -0400 http://www.wisconsinstar.com/index.php/sid/214757623/scat/ce5b8f8593c611c0 Description EasyBits Extras Manager is prone to an unspecified vulnerability. The cause and impact of this issue are currently unknown. This issue affects versions prior to Extras Manager 2.0.0.67 shipped with versions prior to Skype 4.1.0.179 for Windows. Very few technical details are currently available. We will update this BID as more information ... http://www.wisconsinstar.com/index.php/sid/214757624/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:28 -0400 http://www.wisconsinstar.com/index.php/sid/214757624/scat/ce5b8f8593c611c0 Description Microsoft Windows is prone to an authentication-bypass vulnerability in the Telnet protocol. An attacker can exploit this issue to gain unauthorized access to the affected computer with the privileges of the victim. Successful exploits may compromise the affected ... http://www.wisconsinstar.com/index.php/sid/214757625/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:26 -0400 http://www.wisconsinstar.com/index.php/sid/214757625/scat/ce5b8f8593c611c0 Description Microsoft Office Web Components OWC10 ActiveX control is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to visit a maliciously crafted webpage. Successfully exploiting this issue will allow the attacker to execute arbitrary code within the context of an affected application that uses the ActiveX control (typically Internet ... http://www.wisconsinstar.com/index.php/sid/214757626/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:24 -0400 http://www.wisconsinstar.com/index.php/sid/214757626/scat/ce5b8f8593c611c0 Description Adobe Reader is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application or crash the application, denying service to legitimate users. Reader 8.1.4 for Linux is vulnerable; other versions or platforms may also be affected. UPDATE (April 30, 2009): Further information from ... http://www.wisconsinstar.com/index.php/sid/214757627/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:23 -0400 http://www.wisconsinstar.com/index.php/sid/214757627/scat/ce5b8f8593c611c0 Description Microsoft Internet Information Services (IIS) is prone to an authentication-bypass vulnerability because it fails to properly enforce access restrictions on certain requests to a site that requires authentication. An attacker can exploit this issue to gain unauthorized access to protected resources, which may lead to other attacks. This issue affects IIS ... http://www.wisconsinstar.com/index.php/sid/214757628/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:21 -0400 http://www.wisconsinstar.com/index.php/sid/214757628/scat/ce5b8f8593c611c0 Description Microsoft Excel is prone to an integer-overflow vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the ... http://www.wisconsinstar.com/index.php/sid/214757629/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:20 -0400 http://www.wisconsinstar.com/index.php/sid/214757629/scat/ce5b8f8593c611c0 Description Microsoft Windows is prone to a weakness that affects the Windows DNS client and arises because of a design error in the DNS devolution process. The attacker could set up a malicious site and carry out attacks against victims who are inadvertently directed to the malicious site. These attacks could include disclosure of the private IP address, disclosure of authentication ... http://www.wisconsinstar.com/index.php/sid/214757630/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:18 -0400 http://www.wisconsinstar.com/index.php/sid/214757630/scat/ce5b8f8593c611c0 Description Microsoft Windows HTTP Services (WinHTTP) is prone to a security-bypass vulnerability because of an error in verifying website certificates. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers, which will aid in further ... http://www.wisconsinstar.com/index.php/sid/214757631/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:17 -0400 http://www.wisconsinstar.com/index.php/sid/214757631/scat/ce5b8f8593c611c0 Description Microsoft ISA (Internet Security and Acceleration) Server and Forefront Threat Management Gateway (TMG) are prone to a cross-site scripting vulnerability because the software fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the ... http://www.wisconsinstar.com/index.php/sid/214757634/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:15 -0400 http://www.wisconsinstar.com/index.php/sid/214757634/scat/ce5b8f8593c611c0 Description Microsoft Word is prone to a remote heap memory-corruption vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious RTF file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently logged-in ... http://www.wisconsinstar.com/index.php/sid/214757633/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:14 -0400 http://www.wisconsinstar.com/index.php/sid/214757633/scat/ce5b8f8593c611c0 Description Microsoft SharePoint Server is prone to a vulnerability that could let remote attackers gain unauthorized access. A successful exploit will let attackers access certain administrative functions of the SharePoint ... http://www.wisconsinstar.com/index.php/sid/214757632/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:13 -0400 http://www.wisconsinstar.com/index.php/sid/214757632/scat/ce5b8f8593c611c0 Description RealPlayer is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks of user-supplied input before copying it to an insufficiently sized memory buffer. Attackers can exploit this issue to execute arbitrary code in the context of the application using the affected control (typically Internet Explorer). Successful attacks can ... http://www.wisconsinstar.com/index.php/sid/214757635/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:11 -0400 http://www.wisconsinstar.com/index.php/sid/214757635/scat/ce5b8f8593c611c0 Description Autonomy KeyView is prone to multiple buffer-overflow vulnerabilities. Successfully exploiting these issues could allow an attacker to execute arbitrary code in the context of the user running the application. Multiple applications incorporate the vulnerable KeyView component, so they are also considered vulnerable to these issues. NOTE: These issues are similar to those described ... http://www.wisconsinstar.com/index.php/sid/214757636/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:10 -0400 http://www.wisconsinstar.com/index.php/sid/214757636/scat/ce5b8f8593c611c0 Description The Microsoft Message Queuing service (MSMQ) is prone to a remote heap-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges, facilitating the complete compromise of an affected computer. Failed exploit attempts will result in a denial-of-service condition. This issue is exploitable remotely on Windows 2000 systems only. ... http://www.wisconsinstar.com/index.php/sid/214757637/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:08 -0400 http://www.wisconsinstar.com/index.php/sid/214757637/scat/ce5b8f8593c611c0 Description Microsoft Office is prone to a cross-site scripting vulnerability that arises because the software fails to handle specially crafted CDO protocol URIs in a proper manner. Successfully exploiting this issue may allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based ... http://www.wisconsinstar.com/index.php/sid/214757638/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:07 -0400 http://www.wisconsinstar.com/index.php/sid/214757638/scat/ce5b8f8593c611c0 Description Microsoft Excel is prone to a vulnerability that allows unauthorized access to remote data source credentials that have been cached in Excel files. This issue is limited to Microsoft Excel 2007 and Microsoft Office 2008 for ... http://www.wisconsinstar.com/index.php/sid/214757639/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:06 -0400 http://www.wisconsinstar.com/index.php/sid/214757639/scat/ce5b8f8593c611c0 Description RealNetworks RealPlayer 'rmoc3260.dll' ActiveX control is prone to a memory-corruption vulnerability. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the application using the affected ActiveX control. Failed exploit attempts will likely crash the ... http://www.wisconsinstar.com/index.php/sid/214757640/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:04 -0400 http://www.wisconsinstar.com/index.php/sid/214757640/scat/ce5b8f8593c611c0 Description Multiple Adobe products are prone to a buffer-overflow vulnerability because they fail to perform adequate boundary checks on user-supplied input. The vulnerability occurs when handling malformed image header data in image files. Successfully exploiting this issue allows attackers to execute arbitrary code with the privileges of a user running one of the applications. Failed exploit ... http://www.wisconsinstar.com/index.php/sid/214757641/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:03 -0400 http://www.wisconsinstar.com/index.php/sid/214757641/scat/ce5b8f8593c611c0 Description Adobe Acrobat and Reader are prone to multiple arbitrary remote code-execution and security vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the user running the affected application. Other attacks are also possible. Versions prior to Adobe Acrobat and Adobe Reader 8.1.2 are vulnerable to these ... http://www.wisconsinstar.com/index.php/sid/214757642/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:01 -0400 http://www.wisconsinstar.com/index.php/sid/214757642/scat/ce5b8f8593c611c0 Description Microsoft DirectX is prone to a stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the user running the application that uses DirectX. Failed exploit attempts will result in a denial-of-service ... http://www.wisconsinstar.com/index.php/sid/214757643/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:42:00 -0400 http://www.wisconsinstar.com/index.php/sid/214757643/scat/ce5b8f8593c611c0 Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service ... http://www.wisconsinstar.com/index.php/sid/214757645/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:57 -0400 http://www.wisconsinstar.com/index.php/sid/214757645/scat/ce5b8f8593c611c0 Description Microsoft Object Linking and Embedding (OLE) Automation is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input before copying it to an insufficiently sized buffer. An attacker could exploit this issue by enticing a victim to open a malicious web document. Successfully exploiting this issue would allow the ... http://www.wisconsinstar.com/index.php/sid/214757646/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:55 -0400 http://www.wisconsinstar.com/index.php/sid/214757646/scat/ce5b8f8593c611c0 Description Mercury Mail Transport System is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks when handling AUTH CRAM-MD5 requests. Attackers can exploit this issue to execute arbitrary code with the privileges of the user running the application. Successful exploits will compromise the computer. Failed exploit attempts will result ... http://www.wisconsinstar.com/index.php/sid/214757647/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:54 -0400 http://www.wisconsinstar.com/index.php/sid/214757647/scat/ce5b8f8593c611c0 Description Microsoft Visual FoxPro ActiveX control is prone to a vulnerability that lets attackers execute arbitrary commands. Successfully exploiting this issue allows remote attackers to execute arbitrary commands in the context of the application using the ActiveX control (typically Internet Explorer). Microsoft Visual FoxPro 6.0 is vulnerable to this issue; other versions may also be ... http://www.wisconsinstar.com/index.php/sid/214757649/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:52 -0400 http://www.wisconsinstar.com/index.php/sid/214757649/scat/ce5b8f8593c611c0 Description Multiple 2Wire routers are prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to execute arbitrary actions on an affected ... http://www.wisconsinstar.com/index.php/sid/214757648/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:51 -0400 http://www.wisconsinstar.com/index.php/sid/214757648/scat/ce5b8f8593c611c0 Description A vulnerability in TCP implementations may permit unauthorized remote users to reset TCP sessions. This issue affects products released by multiple vendors. Exploiting this issue may permit remote attackers to more easily approximate TCP sequence numbers. The problem is that affected implementations will accept TCP sequence numbers within a certain range of the expected sequence ... http://www.wisconsinstar.com/index.php/sid/214757650/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:49 -0400 http://www.wisconsinstar.com/index.php/sid/214757650/scat/ce5b8f8593c611c0 Description Apple QuickTime is prone to a remote buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized stack-based memory buffer. This issue occurs when handling specially crafted RTSP Response headers. Attackers can leverage this issue to execute arbitrary machine code in the context of the user ... http://www.wisconsinstar.com/index.php/sid/214757651/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:46 -0400 http://www.wisconsinstar.com/index.php/sid/214757651/scat/ce5b8f8593c611c0 Description Microsoft Windows DNS Server is prone to a vulnerability that permits an attacker to spoof responses to DNS requests. A successful attack will corrupt the DNS cache with attacker-specified content. This may aid in further attacks such as ... http://www.wisconsinstar.com/index.php/sid/214757652/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:45 -0400 http://www.wisconsinstar.com/index.php/sid/214757652/scat/ce5b8f8593c611c0 Description Apple QuickTime plug-in is prone to an arbitrary-script-execution weakness when executing QuickTime Media Link files (.qtl). An attacker can exploit this issue to execute arbitrary script code in the context of the affected application and load local content in a user's browser. Although this weakness doesn't pose any direct security threat by itself, an attacker may use it ... http://www.wisconsinstar.com/index.php/sid/214757653/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:43 -0400 http://www.wisconsinstar.com/index.php/sid/214757653/scat/ce5b8f8593c611c0 Description Sun Solaris 10 is prone to a vulnerability that allows remote attackers to bypass authentication. Successfully exploiting this issue allows remote attackers to gain remote access to vulnerable computers. If the targeted computer is configured to allow non-console logins for superusers, then remote superuser access is possible. Update: By exploiting the same underlying flaw, ... http://www.wisconsinstar.com/index.php/sid/214757654/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:42 -0400 http://www.wisconsinstar.com/index.php/sid/214757654/scat/ce5b8f8593c611c0 Description Adobe Acrobat is prone to a command-execution vulnerability when handling malicious PDF files. Remote attackers can exploit this issue to compromise affected computers.. The vendor reports that this issue can be exploited only through Internet Explorer 7 installed on Microsoft Windows XP. This issue is related to the one described in BID 25945 (Microsoft Windows URI Handler Command ... http://www.wisconsinstar.com/index.php/sid/214757655/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:40 -0400 http://www.wisconsinstar.com/index.php/sid/214757655/scat/ce5b8f8593c611c0 Description Microsoft Windows is prone to a local privilege-escalation vulnerability due to a lack of proper input validation. A local attacker can exploit this issue to elevate user privileges. Successful exploits will result in the complete compromise of vulnerable ... http://www.wisconsinstar.com/index.php/sid/214757657/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:39 -0400 http://www.wisconsinstar.com/index.php/sid/214757657/scat/ce5b8f8593c611c0 Description Microsoft Agent is prone to a vulnerability that could allow a malicious website to spoof trusted content. This could result in a user downloading and executing malicious files thinking they are ... http://www.wisconsinstar.com/index.php/sid/214757656/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:37 -0400 http://www.wisconsinstar.com/index.php/sid/214757656/scat/ce5b8f8593c611c0 Description Trend Micro ServerProtect is prone to multiple remote stack-based buffer-overflow vulnerabilities because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Exploiting these issues allows attackers to execute arbitrary machine code with SYSTEM-level ... http://www.wisconsinstar.com/index.php/sid/214757658/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:36 -0400 http://www.wisconsinstar.com/index.php/sid/214757658/scat/ce5b8f8593c611c0 Description Ichitaro is prone to an unspecified remotely exploitable code-execution vulnerability. Remote attackers may exploit this issue to execute arbitrary code within the context of the currently logged in user. This issue is being exploited in the wild by Trojan.Tarodrop.D. Few details are available regarding this issue. This BID will be updated when more information ... http://www.wisconsinstar.com/index.php/sid/214757659/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:35 -0400 http://www.wisconsinstar.com/index.php/sid/214757659/scat/ce5b8f8593c611c0 Description Symantec AntiVirus products that include the Symantec Decomposer are prone to multiple remote vulnerabilities related to the handling of CAB and RAR archives. These issues include a denial-of-service vulnerability and a buffer-overflow vulnerability. Successfully exploiting these issues allows remote attackers to execute arbitrary machine code with SYSTEM-level privileges or to cause ... http://www.wisconsinstar.com/index.php/sid/214757660/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:33 -0400 http://www.wisconsinstar.com/index.php/sid/214757660/scat/ce5b8f8593c611c0 Description Windows Firewall for Windows Vista is prone to a vulnerability that may permit a bypass of existing firewall rules. An attacker may trigger this vulnerability by sending malicious network data through the Teredo network transport system to obtain sensitive information; other attacks are also possible. Note that Windows Vista systems configured with a 'Public' network ... http://www.wisconsinstar.com/index.php/sid/214757661/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:31 -0400 http://www.wisconsinstar.com/index.php/sid/214757661/scat/ce5b8f8593c611c0 Description Microsoft Excel is prone to an unspecified security vulnerability. Very little information is currently available regarding this issue. We will update this BID as more information ... http://www.wisconsinstar.com/index.php/sid/214757662/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:30 -0400 http://www.wisconsinstar.com/index.php/sid/214757662/scat/ce5b8f8593c611c0 Description A vulnerability has been discovered in Microsoft Visual Basic for Applications. The vulnerability occurs due to insufficient bounds checking when checking the properties of malicious documents. As a result, a malformed document may be able to trigger a buffer-overflow within the affected application, effectively allowing for the execution of arbitrary code. Microsoft Office, Access, ... http://www.wisconsinstar.com/index.php/sid/214757664/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:29 -0400 http://www.wisconsinstar.com/index.php/sid/214757664/scat/ce5b8f8593c611c0 Description Outlook Express is prone to a cross-domain information-disclosure vulnerability. This vulnerability may let a malicious website access properties of a site in an arbitrary external domain in the context of the victim's browser. Attackers could exploit this issue to access sensitive information (such as cookies or passwords) that is associated with the external ... http://www.wisconsinstar.com/index.php/sid/214757663/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:27 -0400 http://www.wisconsinstar.com/index.php/sid/214757663/scat/ce5b8f8593c611c0 Description Components of the .NET Compact Framework for Microsoft Windows CE are prone to multiple vulnerabilities. Exploiting these issues may allow remote attackers to cause denial-of-service conditions, corrupt memory, or execute arbitrary machine code in the context of the affected application. This facilitates the remote compromise of affected computers. Other attacks are also ... http://www.wisconsinstar.com/index.php/sid/214757665/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:25 -0400 http://www.wisconsinstar.com/index.php/sid/214757665/scat/ce5b8f8593c611c0 Description Microsoft Windows Vista is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may allow them to gain unauthorized access to the affected ... http://www.wisconsinstar.com/index.php/sid/214757666/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:23 -0400 http://www.wisconsinstar.com/index.php/sid/214757666/scat/ce5b8f8593c611c0 Description Symantec Norton Antivirus ActiveX control is prone to a remote code-execution vulnerability. An attacker may exploit this issue by enticing victims into opening a maliciously crafted HTML document. Successful exploits will allow attackers to execute arbitrary code in the context of the user visiting a malicious web page. Failed exploit attempts will likely result in ... http://www.wisconsinstar.com/index.php/sid/214757667/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:22 -0400 http://www.wisconsinstar.com/index.php/sid/214757667/scat/ce5b8f8593c611c0 Description Microsoft Windows GDI Font Rasterizer is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain complete control of an affected computer. Failed attempts will likely cause the operating system to crash, resulting in denial-of-service ... http://www.wisconsinstar.com/index.php/sid/214757668/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:21 -0400 http://www.wisconsinstar.com/index.php/sid/214757668/scat/ce5b8f8593c611c0 Description Ipswitch IMail is prone to multiple remote vulnerabilities. Attackers may exploit these issues to deny service for legitimate users, obtaoin potentially sensitive information, and execute arbitrary code. The vulnerabilities include a directory-traversal issue, two remote denial-of-service issues, and multiple buffer-overflow ... http://www.wisconsinstar.com/index.php/sid/214757669/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:19 -0400 http://www.wisconsinstar.com/index.php/sid/214757669/scat/ce5b8f8593c611c0 Description XML-RPC for PHP is affected by a remote code-injection vulnerability. An attacker may exploit this issue to execute arbitrary commands or code in the context of the webserver. This may facilitate various attacks, including unauthorized remote access. XML-RPC for PHP 1.1 and prior versions are affected by this issue. Other applications using this library are also ... http://www.wisconsinstar.com/index.php/sid/214757670/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:18 -0400 http://www.wisconsinstar.com/index.php/sid/214757670/scat/ce5b8f8593c611c0 Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability when parsing certain FTP server responses. Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the affected application. This facilitates the remote compromise of affected ... http://www.wisconsinstar.com/index.php/sid/214757671/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:15 -0400 http://www.wisconsinstar.com/index.php/sid/214757671/scat/ce5b8f8593c611c0 Description Microsoft Antivirus Engine is prone to an integer-overflow vulnerability when the application processes maliciously crafted files. This issue is currently being exploited via Portable Document Files (PDF), but other Microsoft applications are also reported vulnerable. An attacker could exploit this issue by enticing a victim into receiving or opening a malicious Office file. If the ... http://www.wisconsinstar.com/index.php/sid/214757677/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:14 -0400 http://www.wisconsinstar.com/index.php/sid/214757677/scat/ce5b8f8593c611c0 Description Microsoft Windows Routing and Remote Access is prone to a memory-corruption vulnerability. This issue is due to the software's failure to properly bounds-check user-supplied network data before copying it to an insufficiently sized memory buffer. This issue allows remote attackers to execute arbitrary machine code on affected computers with SYSTEM-level privileges. This ... http://www.wisconsinstar.com/index.php/sid/214757676/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:12 -0400 http://www.wisconsinstar.com/index.php/sid/214757676/scat/ce5b8f8593c611c0 Description Microsoft FrontPage Server Extensions are prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before it is rendered to other users. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user, with the privileges of the victim user's ... http://www.wisconsinstar.com/index.php/sid/214757675/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:11 -0400 http://www.wisconsinstar.com/index.php/sid/214757675/scat/ce5b8f8593c611c0 Description Apple Mac OS X is prone to an arbitrary command-execution vulnerability when processing metadata in archive files. Commands would be executed in the context of the user opening the archive file. Attackers can reportedly use Safari and Apple Mail as exploitation vectors for this vulnerability. Mac OS X 10.4.5 is reported to be vulnerable. Earlier versions may also be ... http://www.wisconsinstar.com/index.php/sid/214757674/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:10 -0400 http://www.wisconsinstar.com/index.php/sid/214757674/scat/ce5b8f8593c611c0 Description Various Cisco IOS, PIX Firewall, Firewall Services Module (FWSM), VPN 3000 Series Concentrator, and MDS Series SanOS releases are prone to denial of service attacks. These issues are due to security flaws in Cisco's IPSec implementation. The vulnerabilities may be triggered by malformed IKE traffic. Successful attacks will cause most affected devices to restart. For Cisco MDS ... http://www.wisconsinstar.com/index.php/sid/214757673/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:08 -0400 http://www.wisconsinstar.com/index.php/sid/214757673/scat/ce5b8f8593c611c0 Description Darryl Burgdorf Webhints is prone to a remote command execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied ... http://www.wisconsinstar.com/index.php/sid/214757672/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:06 -0400 http://www.wisconsinstar.com/index.php/sid/214757672/scat/ce5b8f8593c611c0 Description AWStats Rawlog Plugin is reported prone to an input validation vulnerability. The issue is reported to exist because user supplied 'logfile' URI data passed to the 'awstats.pl' script is not sanitized. An attacker may exploit this condition to execute commands remotely or disclose contents of web server readable files. It should be noted that although this ... http://www.wisconsinstar.com/index.php/sid/214757678/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:05 -0400 http://www.wisconsinstar.com/index.php/sid/214757678/scat/ce5b8f8593c611c0 Description Microsoft Windows Explorer Web View is affected by an arbitrary script injection vulnerability. An attacker can exploit this issue by crafting a malicious file and placing it on a Web site or sending it to a user through email followed by enticing them to preview it in Windows Explorer. A successful attack can result in a remote compromise in the context of the vulnerable ... http://www.wisconsinstar.com/index.php/sid/214757679/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:04 -0400 http://www.wisconsinstar.com/index.php/sid/214757679/scat/ce5b8f8593c611c0 Description Cisco IOS Firewall Authentication Proxy is prone to a buffer overflow condition. Successful exploitation of this issue could cause a denial of service or potential execution of arbitrary code. This issue affects the FTP and Telnet protocols, but not ... http://www.wisconsinstar.com/index.php/sid/214757680/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:02 -0400 http://www.wisconsinstar.com/index.php/sid/214757680/scat/ce5b8f8593c611c0 Description Microsoft Internet Explorer is prone to a security vulnerability that may let a Web page execute malicious script code in the context of an arbitrary domain or browser security zone. This issue is the result of a security flaw in the browser security model when handling URIs when a Web folder view is rendered. If exploited to access a foreign domain, this could allow script code ... http://www.wisconsinstar.com/index.php/sid/214757681/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:41:01 -0400 http://www.wisconsinstar.com/index.php/sid/214757681/scat/ce5b8f8593c611c0 Description The PKINIT implementation in Microsoft Windows is susceptible to a man in the middle vulnerability. This issue is due to a failure of the software to properly validate network data. This issue is only exploitable by attackers that have access to valid logon credentials. Attackers exploit this issue to spoof the domain controller/KDC during the initial authentication process. By ... http://www.wisconsinstar.com/index.php/sid/214757682/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:59 -0400 http://www.wisconsinstar.com/index.php/sid/214757682/scat/ce5b8f8593c611c0 Description Microsoft has released an update to address various issues affecting Outlook Express 6.0 running on Windows XP. These issues may allow remote attackers to cause the client to crash or disclose sensitive information. Reportedly remote attackers may cause the client to crash by sending specially crafted email messages. Another issue allows the default news server account to be ... http://www.wisconsinstar.com/index.php/sid/214757683/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:58 -0400 http://www.wisconsinstar.com/index.php/sid/214757683/scat/ce5b8f8593c611c0 Description Microsoft Internet Security and Acceleration (ISA) server is prone to an information disclosure vulnerability. Reports indicate that the issue manifests when an ISA server is publishing a Web service that has Basic authentication enabled, but the Web publishing rules that process the request are configured as 'SSL required'. An attacker that has the ability to intercept ... http://www.wisconsinstar.com/index.php/sid/214757684/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:56 -0400 http://www.wisconsinstar.com/index.php/sid/214757684/scat/ce5b8f8593c611c0 Description A stack-based buffer overflow vulnerability is reported to affect the ANI (animated cursor files) handler on Microsoft Windows operating systems. The vulnerability exists in the ANI file header handling routines contained in the 'user32.dll' library. Ultimately the issue may be leveraged to force the execution of attacker-supplied instructions. It has been reported that ... http://www.wisconsinstar.com/index.php/sid/214757685/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:55 -0400 http://www.wisconsinstar.com/index.php/sid/214757685/scat/ce5b8f8593c611c0 Description A cross-site scripting and spoofing vulnerability affects Microsoft Windows SharePoint Services and SharePoint Team Services. A remote attacker may carry out a cross-site scripting attack to execute arbitrary HTML and script code in a user's browser. It is also possible to poison Web browser and intermediate proxy server caches by placing spoofed content in the ... http://www.wisconsinstar.com/index.php/sid/214757686/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:52 -0400 http://www.wisconsinstar.com/index.php/sid/214757686/scat/ce5b8f8593c611c0 Description A remotely exploitable buffer overflow vulnerability exists in the Microsoft Internet Explorer Install Engine ActiveX control. This vulnerability is caused by insufficient bounds checking of arguments passed to the control leading to a heap overflow. The vulnerability may be exploited to execute arbitrary code in the context of the client ... http://www.wisconsinstar.com/index.php/sid/214757688/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:45 -0400 http://www.wisconsinstar.com/index.php/sid/214757688/scat/ce5b8f8593c611c0 Description Microsoft (Graphics Device Interface) GDI+ JPEG handler is reported prone to an integer underflow vulnerability when handling JPEG format images. This issue presents itself due to a lack of sufficient sanity checks performed on certain JPEG data before this data employed as a bounds value for a memory copy operation. A specially crafted JPEG image may trigger this vulnerability and ... http://www.wisconsinstar.com/index.php/sid/214757690/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:44 -0400 http://www.wisconsinstar.com/index.php/sid/214757690/scat/ce5b8f8593c611c0 Description Apple iTunes is prone to a buffer overflow vulnerability. This issue is exposed when the application parses 'm3u' and 'pls' playlist files. As these files may originate from an external source, this issue is considered remotely exploitable. If the vulnerability is successfully exploited, it will result in execution of arbitrary code in the context of the user ... http://www.wisconsinstar.com/index.php/sid/214757689/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:42 -0400 http://www.wisconsinstar.com/index.php/sid/214757689/scat/ce5b8f8593c611c0 Description Microsoft Word for Windows 6.0 Converter is reported prone to a buffer overflow vulnerability. An attacker may exploit this issue to gain unauthorized access to a vulnerable computer in the context of the user running the application. This issue specifically exists in the Table Conversion functionality of the application. It is reported that this issue may be exploited when a ... http://www.wisconsinstar.com/index.php/sid/214757691/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:41 -0400 http://www.wisconsinstar.com/index.php/sid/214757691/scat/ce5b8f8593c611c0 Description Microsoft ISA and Proxy Server are reportedly prone to a Web site spoofing vulnerability. Successful exploitation of this issue could allow a remote attacker to spoof a trusted Web site. If a connection were made to the spoofed Web site using SSL, the malicious site would not be able to spoof the certificate of the legitimate site. This would likely cause a warning message to appear ... http://www.wisconsinstar.com/index.php/sid/214757692/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:39 -0400 http://www.wisconsinstar.com/index.php/sid/214757692/scat/ce5b8f8593c611c0 Description It is reported that Microsoft Internet Explorer is prone to a vulnerability that may allow a malicious Web page containing embedded flash multimedia to spoof the address bar of the browser. This could be used to lure Web users into a false sense of trust since a malicious or spoofed site may pose as a site that is trusted by the ... http://www.wisconsinstar.com/index.php/sid/214757693/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:38 -0400 http://www.wisconsinstar.com/index.php/sid/214757693/scat/ce5b8f8593c611c0 Description Microsoft Security Bulletin MS04-038 includes fixes to address an unspecified vulnerability in Internet Explorer that may permit elevation of zone privileges by bypassing from the Internet Zone to the Local Zone. The vendor has stated that additional security verifications have been added to prevent the showHelp DHTML method from being abused by a malicious Web site to load HTML Help ... http://www.wisconsinstar.com/index.php/sid/214757694/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:36 -0400 http://www.wisconsinstar.com/index.php/sid/214757694/scat/ce5b8f8593c611c0 Description Mambo open source is reportedly affected by multiple input validation vulnerabilities. These issues are due to a failure of the application to properly validate user-supplied URI parameters. An attacker may leverage these issues to execute arbitrary server-side script code on an affected computer, to carry out cross-site scripting attacks, and to make SLQ injection attacks against ... http://www.wisconsinstar.com/index.php/sid/214757695/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:35 -0400 http://www.wisconsinstar.com/index.php/sid/214757695/scat/ce5b8f8593c611c0 Description Microsoft Exchange Outlook Web Access (OWA) is prone to HTTP response splitting attacks. This issue could permit hostile script to be injected into client sessions, which could gain access to properties of the OWA server and Web pages hosted on the site. It is noted that the attacker must authenticate to OWA to be in a position to exploit this issue. If successfully exploited, this ... http://www.wisconsinstar.com/index.php/sid/214757696/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:34 -0400 http://www.wisconsinstar.com/index.php/sid/214757696/scat/ce5b8f8593c611c0 Description The Microsoft Windows HTML Help facility is prone to a remotely exploitable heap overflow vulnerability. This vulnerability could be exploited from a malicious Web page or through HTML email to execute arbitrary code with the privileges of the currently logged in ... http://www.wisconsinstar.com/index.php/sid/214757697/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:32 -0400 http://www.wisconsinstar.com/index.php/sid/214757697/scat/ce5b8f8593c611c0 Description Microsoft Internet Explorer is prone to a security weakness that may permit malicious HTML documents to create or overwrite files on a victim file system when interpreted from the Local Zone (or other Security Zones with relaxed security restrictions, such as the Intranet Zone). This weakness depends on scripting that abuses the ADODB.Stream Object to write an attacker-specified file ... http://www.wisconsinstar.com/index.php/sid/214757698/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:31 -0400 http://www.wisconsinstar.com/index.php/sid/214757698/scat/ce5b8f8593c611c0 Description Various Microsoft Windows operating systems are prone to a remotely exploitable stack-based buffer overrun via the PCT (Private Communications Transport) protocol. Successful exploitation of this issue could allow a remote attacker to execute malicious code on a vulnerable system, resulting in full system compromise. The vulnerability may also reportedly be exploitable by a local ... http://www.wisconsinstar.com/index.php/sid/214757699/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:30 -0400 http://www.wisconsinstar.com/index.php/sid/214757699/scat/ce5b8f8593c611c0 Description A problem exists in the Virtual DOS Machine (VDM) that may allow a local user to elevate their privilege level. The issue exists because an attacker may use the VDM to write arbitrary code to protected kernel memory ... http://www.wisconsinstar.com/index.php/sid/214757700/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:28 -0400 http://www.wisconsinstar.com/index.php/sid/214757700/scat/ce5b8f8593c611c0 Description It has been reported that Microsoft ASN.1 library is prone to a double free heap memory corruption vulnerability that may allow a remote attacker to execute arbitrary code on a vulnerable system. Exploitation of this issue is likely to cause a denial of service condition due to the unique layout of memory structures in affected systems, however, it is possible to leverage this issue ... http://www.wisconsinstar.com/index.php/sid/214757702/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:27 -0400 http://www.wisconsinstar.com/index.php/sid/214757702/scat/ce5b8f8593c611c0 Description It has been reported that Microsoft Windows is prone to a vulnerability in the method of creation of object identities that may allow unauthorized network communication. This issue is due to a design error that causes the process to be carried out insecurely. This issue may be leveraged by a local attacker to open unauthorized network ports on the affected system. This may facilitate ... http://www.wisconsinstar.com/index.php/sid/214757704/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:22 -0400 http://www.wisconsinstar.com/index.php/sid/214757704/scat/ce5b8f8593c611c0 Description The Microsoft Negotiate Security Software Provider (SSP) interface is prone to a remote buffer overflow vulnerability. In most cases, exploitation would result in a denial of service, but arbitrary code execution is ... http://www.wisconsinstar.com/index.php/sid/214757706/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:17 -0400 http://www.wisconsinstar.com/index.php/sid/214757706/scat/ce5b8f8593c611c0 Description Microsoft Windows SSL library is reported to be prone to a denial of service vulnerability. It has been reported that an attacker could trigger this issue by sending a specially crafted TCP message that causes the protocol to fail resulting in a denial of service. Successful exploitation of this issue in Windows 2000 and Windows XP would cause the systems to stop accepting SSL ... http://www.wisconsinstar.com/index.php/sid/214757705/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:15 -0400 http://www.wisconsinstar.com/index.php/sid/214757705/scat/ce5b8f8593c611c0 Description Microsoft has reported a vulnerability in the Help and Support Center that is related to how HCP URIs are validated. This issue could reportedly be exploited via a malicious web page or HTML e-mail to execute arbitrary code on a client system. The issue may permit an attacker to inject invocation arguments when HCP URIs cause the HelpCtr.exe component to be executed. By placing ... http://www.wisconsinstar.com/index.php/sid/214757707/scat/ce5b8f8593c611c0 Sat, 25 May 2013 06:40:14 -0400 http://www.wisconsinstar.com/index.php/sid/214757707/scat/ce5b8f8593c611c0 Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue to access local files or content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information that may aid in further ... http://www.wisconsinstar.com/index.php/sid/214756580/scat/ce5b8f8593c611c0 Sat, 25 May 2013 05:05:44 -0400 http://www.wisconsinstar.com/index.php/sid/214756580/scat/ce5b8f8593c611c0 Description Microsoft XML Core Services (MSXML) is prone to a cross-domain information-disclosure vulnerability because the application fails to properly handle certain error checks. An attacker can exploit this issue to harvest potentially sensitive information from a web page in another domain. Information obtained may aid in further ... http://www.wisconsinstar.com/index.php/sid/214756581/scat/ce5b8f8593c611c0 Sat, 25 May 2013 05:05:43 -0400 http://www.wisconsinstar.com/index.php/sid/214756581/scat/ce5b8f8593c611c0 Marta Strzeszewski, a blogger and crafter, made her own sewing-machine table from an inexpensive Ikea dining table.<!--IPTC: Marta Strzeszewski, a blogger and crafter (From Marta With Love), made her own sewing table from an inexpensive Ikea dining table. CREDIT Provided by Marta ... http://www.wisconsinstar.com/index.php/sid/214754746/scat/ce5b8f8593c611c0 Sat, 25 May 2013 02:18:58 -0400 http://www.wisconsinstar.com/index.php/sid/214754746/scat/ce5b8f8593c611c0 Internet security has always been a serious concern with the number of viruses, trojans, worms and malware applications out there. PCKeeper is a next generation internet security software that can protect users from threats online and ... http://www.wisconsinstar.com/index.php/sid/214750458/scat/ce5b8f8593c611c0 Fri, 24 May 2013 19:51:32 -0400 http://www.wisconsinstar.com/index.php/sid/214750458/scat/ce5b8f8593c611c0