 |
|
|
|
Microsoft Office multiple security vulnerabilities
updated since 14.10.2008 | | Published: |  | 15.10.2008 | | Source: |  | MICROSOFT | | SecurityVulns ID: |  | 9360 | | Type: |  | local | | Level: |  | 5/10 | | Description: |  | cdo: URI information leak, multiple Excel memory corruptions. |
| Affected: |  | MICROSOFT : Office 2000 | | | | MICROSOFT : Office XP | | | | MICROSOFT : Office 2003 | | | | MICROSOFT : Office 2007 | | CVE: |  | CVE-2008-4020 (Cross-site scripting (XSS) vulnerability in Microsoft Office XP SP3 allows remote attackers to inject arbitrary web script or HTML via a document that contains a "Content-Disposition: attachment" header and is accessed through a cdo: URL, which renders the content instead of raising a File Download dialog box, aka "Vulnerability in Content-Disposition Header Vulnerability.") | | | | CVE-2008-4019 (Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office SharePoint Server 2007 Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file containing a formula within a cell, aka "Formula Parsing Vulnerability.") | | | | CVE-2008-3477 (Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not properly validate data in the VBA Performance Cache when processing an Office document with an embedded object, which allows remote attackers to execute arbitrary code via an Excel file containing a crafted value, leading to heap-based buffer overflows, integer overflows, array index errors, and memory corruption, aka "Calendar Object Validation Vulnerability.") | | | | CVE-2008-3471 (Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via a BIFF file with a malformed record that triggers a user-influenced size calculation, aka "File Format Parsing Vulnerability.") |
Microsoft Host Integration Server buffer overflow
updated since 14.10.2008 | | Published: | | 15.10.2008 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 9362 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Buffer overflow in RPC-based service. |
| Microsoft Windows Internet Printing Service integer overflow | | Published: | | 15.10.2008 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 9365 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Integer overflow after authentication. |
| Microsoft Windows 2000 Message Queuing code execution | | Published: | | 15.10.2008 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 9368 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Code execution via RPC-based service. |
| Affected: | | MICROSOFT : Windows 2000 Server | | | | MICROSOFT : Windows 2000 Professional | | CVE: | | CVE-2008-3479 (Heap-based buffer overflow in the Microsoft Message Queuing (MSMQ) service (mqsvc.exe) in Microsoft Windows 2000 SP4 allows remote attackers to read memory contents and execute arbitrary code via a crafted RPC call, related to improper processing of parameters to string APIs, aka "Message Queuing Service Remote Code Execution Vulnerability.") |
| Microsoft Windows SMB buffer overflow | | Published: | | 15.10.2008 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 9366 | | Type: | | remote | | Level: | | 8/10 | | Description: | | Buffer overflow on SMB protocol parsing. |
| Microsoft Windows Virtual Address Descriptor manipulation privilege escalation | | Published: | | 15.10.2008 | | Source: | | MICROSOFT | | SecurityVulns ID: | | 9367 | | Type: | | local | | Level: | | 7/10 | | Description: | | Integer overflow leads to memory corruption. |
| Affected: | | MICROSOFT : Windows XP | | | | MICROSOFT : Windows 2003 Server | | | | MICROSOFT : Windows Vista | | | | MICROSOFT : Windows 2008 Server | | CVE: | | CVE-2008-4036 (Integer overflow in Memory Manager in Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows local users to gain privileges via a crafted application that triggers an erroneous decrement of a variable, related to validation of parameters for Virtual Address Descriptors (VADs) and a "memory allocation mapping error," aka "Virtual Address Descriptor Elevation of Privilege Vulnerability.") |
| Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) | | Published: | | 15.10.2008 | | Source: | | | | SecurityVulns ID: | | 9370 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. |
CA ARCserve Backup multiple security vulnerabilities
updated since 12.10.2008 | | Published: | | 15.10.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9352 | | Type: | | remote | | Level: | | 7/10 | | Description: | | Code execution, multiple DoS conditions. |
| Affected: | | CA : CA Server Protection Suite 2 | | | | CA : CA Business Protection Suite 2 | | | | CA : ARCserve Backup 11.1 | | | | CA : ARCserve Backup 11.5 | | | | CA : ARCserve Backup 12.0 | | CVE: | | CVE-2008-4400 (Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation.") | | | | CVE-2008-4399 (Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation.") | | | | CVE-2008-4398 (Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request.) | | | | CVE-2008-4397 (Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A.) |
Microsoft Windows AFD driver privilege escalation
updated since 15.10.2008 | | Published: | | 16.10.2008 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 9369 | | Type: | | local | | Level: | | 7/10 | | Description: | | Kernel memory access is possible. |
| Affected: | | MICROSOFT : Windows XP | | | | MICROSOFT : Windows 2003 Server | | CVE: | | CVE-2008-3464 (afd.sys in the Ancillary Function Driver (AFD) component in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP1 and SP2 does not properly validate input sent from user mode to the kernel, which allows local users to gain privileges via a crafted application, as demonstrated using crafted pointers and lengths that bypass intended ProbeForRead and ProbeForWrite restrictions, aka "AFD Kernel Overwrite Vulnerability.") |
|
|
|
|
|
|
|
|
