Previous
Analysis Of The Winhlp32.exe Buffer Overrun
White Papers The buffer overrun in winhlp32.exe occurs when it attempts to read a cnt file with an overly long heading string. If the string is longer than 507 bytes the buffer overrun does not occur - winhlp32 just truncates the entry.
[January 1, 1970, 0:59]
Clip Gallery 5.0 Buffer Overrun Vulnerability Patch
Downloads The patch for the Microsoft Clip Gallery 5.0 addresses a vulnerability that could cause a buffer overrun in Clip Art Gallery. The buffer overrun could cause Clip Gallery 5.0 to stop responding, or it could allow the execution of arbitrary code on a...
[August 31, 2007, 11:35]
Visual FoxPro 8.0 GDI+ Design-Time Update
Downloads Visual FoxPro 8.0 design-time security update for buffer overrun vulnerability in JPEG Processing (GDI+). This security update resolves a newly-discovered, privately reported vulnerability.A buffer overrun vulnerability exists in the processing of...
[October 5, 2007, 8:57]
WebDAV Flaw Exposes Win2K Systems Running IIS 5.0
News Microsoft and administrators alike are learning in the worst possible way about a newly discovered buffer overrun vulnerability in the World Wide Web Distributed Authoring and Versioning (WebDAV) protocol that sets a standard (RFC 2518) for Web...
[March 19, 2003, 10:08]
Buffer Overflows For Beginners
White Papers So what is a buffer overrun and why should you care? Of these ten a large number can be attributed to buffer overrun vulnerabilities. A buffer overrun occurs when a program sets aside, say, 100 bytes of memory to hold some data, (this is the buffer...
[January 1, 1970, 0:59]
Exploiting Windows NT 4 Buffer Overruns - A Case Study: RASMAN.EXE
White Papers This document is for educational purposes only and explains what a buffer overrun is and shows how they can be exploited on the Windows NT 4 operating system using RASMAN.EXE as a case study. We will take a look at Windows NT processes, virtual...
[January 1, 1970, 0:59]
Commerce Server 2000 Q322273 Security Fix
Downloads Microsoft has released patches for Commerce Server 2002 and Commerce Server 2000 that include updates for the following security vulnerabilities: Profile Service Buffer Overrun; OWC Package Buffer Overrun; OWC Package Command Execution; New...
[August 28, 2007, 15:42]
Can OpenBSD Really Eliminate Buffer Over-runs?
News Tackling one of the most commonly reported causes of vulnerabilities, the OpenBSD project recently announced that a major effort has been put into place to eliminate buffer overrun vulnerabilities in its popular open source operating system.
[April 28, 2003, 7:54]
Implementing Or Upgrading SAP Solutions? - Don't Forget The Data: Addressing The Challenges And Risks Of Data Migration
White Papers According to recent research, more than 80 percent of software implementation projects fail or overrun their budgets and schedules. Of the projects that are overrun, half exceed timescales by 75 percent and two-thirds exceed the overall project...
[January 1, 1970, 0:59]
Windows NT4 Security Patch: Index Server Search Function Contains Unchecked Buffer
Downloads If an overly long value were provided for a particular search parameter, it would overrun the buffer. If the buffer were overrun with random data, it would cause Index Service to fail. If it were overrun with carefully selected data, code of the...
[September 5, 2007, 9:04]
Microsoft Patches 'critical' Holes
News The most serious of the flaws is what is known as a buffer overrun vulnerability, which could allow an attacker to use an unchecked buffer to run their own executable code. The first of these deals with another buffer overrun problem in Windows NT...
[July 10, 2003, 10:13]
Check Point Plugs VPN Security Hole
News Check Point said it discovered an ASN.1 issue in its VPN-1 products that left them vulnerable to a buffer overrun error that could be exploited while the system is setting up a secure VPN tunnel. To exploit a buffer-overrun vulnerability, an...
[July 29, 2004, 13:30]
VCard Security Hole Leaves Outlook Users Exposed
News If the buffer is overrun with random data it causes the application to crash. However, if it is overrun with specially designed code it could allow a third party to take control of a computer system. Computer security experts have issued warnings...
[February 26, 2001, 11:17]
Oracle Software Vulnerability Exposed
News The attack works by sending more information than the software expects, a process called a "buffer overrun". In a buffer overrun attack, the extra characters are written into the computer's memory. Researchers have found a security hole in Oracle's...
[July 6, 2001, 9:21]
Tackling Microsoft's August Patches: Part 2
News Microsoft Security Bulletin MS06-046, "Vulnerability in HTML Help Could Allow Remote Code Execution", addresses the Buffer Overrun in HTML Help Vulnerability (CVE-2006-3357). Microsoft Security Bulletin MS06-041, "Vulnerabilities in DNS Resolution...
[August 22, 2006, 13:10]
New Windows Flaw Similar To MSBlast Bug
News By using the flaws in tandem, a hacker could load unwanted programs onto computers through the buffer overrun flaws and then use the infected computers to launch a denial-of-service attack. An attacker who successfully exploited either of the...
[September 11, 2003, 10:57]
Microsoft Is Forced To Issue SSL Patch For IE
News Buffer Overrun in Gopher Protocol Handler (CAN-2002-0646) (Note: Details on this candidate hadn't been posted on the CVE list at the time of this writing.Buffer Overrun in Legacy Text Formatting ActiveX Control (CAN-2002-0647)XML File Reading via...
[September 9, 2002, 16:59]
Microsoft Aims To Increase Time Between Patches
News It was a buffer overrun and it scanned for other systems to infect. We want to change the rules so even when a hacker can exploit a buffer overrun he can’t do anything material with it," said Stathakopoulos.
[November 18, 2004, 11:35]
AMD Packs Security Into Chips
News AMD's Athlon 64 and Opteron security features will work with Windows XP Service Pack 2's Data Execution Prevention feature to prevent buffer overrun exploits, which is a common method used to attack computers.
[February 25, 2004, 15:05]
Microsoft Warns On Windows And Server Security
News The flaw could allow a buffer overrun, "which could be exploited by a Web page hosted on an attacker's site or sent to a user as an HTML mail", according to the security alert. The first problem creates an unchecked buffer overrun when certain...
[October 4, 2002, 8:33]
