eEye Digital Security has discovered multiple vulnerabilities within CA ARCserve for Laptops & Desktops (L&D), an enterprise-level backup software suite designed for workstations. The vulnerabilities can be utilized by an attacker to execute arbitrary code on a remote system anonymously over TCP/1900.
2c3fbc7b2a14abfd5c6627658fb14d28b20b7c63ec81bf6bcd5dcc180cd1adfceEye Digital Security has discovered a heap overflow vulnerability in the way the Windows Graphical Device Interface (GDI) processes Windows metafiles. If an application attempts to display a malicious metafile in a particular way, a heap overflow will occur and result in the execution of arbitrary code, with the privileges of the user who ran the application.
3daffd833b5209c94b6713eeff0438cd5613f4e5ca5821836f028d845c4dc3e8eEye Security Advisory - eEye Digital Security has discovered a vulnerability in Windows SMB client's handling of SMB responses. An attacker who can cause an affected system to connect to the SMB service on a malicious host may exploit this vulnerability in order to execute code on the victim's machine.
fb5cde16136522ffabad3105abe6c68b80f0e9d341455fd15d9d4f83ad98b828eEye Security Advisory - eEye Digital Security has discovered a vulnerability in USER32.DLL's handling of Windows animated cursor (.ani) files that will allow a remote attacker to reliably overwrite the stack with arbitrary data and execute arbitrary code.
275e5b4949a24a8547c74682fdeec54126ea87b623d08487cd69e083d0ae8d7aeEye Security Advisory - eEye Digital Security has discovered a vulnerability in RealPlayer that allows a remote attacker to reliably overwrite the stack with arbitrary data and execute arbitrary code in the context of the user under which the player is running.
4228c29ddc8f4a770989a7a4523551435648a017959562fee57351d9d722789ceEye Security Advisory - eEye Digital Security has discovered a buffer overflow in DUNZIP32.DLL, a module that offers support for ZIP compressed folders in the Windows shell. An exploitable buffer overflow occurs when a user opens a ZIP folder that contains a long file name.
74498eeb938601ac386acca23e9c64ceb6dd02a5bcd6488628996a9f230da45bThe Visual Basic Design Time Environment library (VBE.DLL and VBE6.DLL), used by the Microsoft Office series and other Microsoft applications, contains an exploitable heap overflow vulnerability. If a malicious Office file such as .doc, .xls, etc. is opened, there is the ability for an attacker to execute arbitrary code. This buffer overflow bug also affects Internet Explorer, because some Office files are executed automatically by a helper-application when these files are received. Systems Affected: Microsoft Access 97/2000/2002, Excel 97/2000/2002, PowerPoint 97/2000/2002, Project 2000/2002, Publisher 2002, Visio 2000/2002, Word 97/98(J)/2000/2002, Works Suite 2001/2002/2003, Business Solutions Great Plains 7.5, Business Solutions Dynamics 6.0/7.0, Business Solutions eEnterprise 6.0/7.0, Business Solutions Solomon 4.5/5.0/5.5.
9e5f80b9bc14a6f7598d5bb35cf2dd5cd9f097f59982f22db987246519d4d267The Microsoft Word WordPerfect document converter included in Microsoft Word has a buffer overflow bug. If the WordPerfect document converter is installed, which by default it is in Office 2000, and a malicious .doc file is opened, there exists the ability for an attacker to execute arbitrary code.
01b4f751a89cd097f31a7c747ac7d0760d2324742380f9b6d7d7acc6daac7241
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed