Kobi Pariente

Pesquisador deVeriSign iDefense Labs
#10602de 53,635
26.1CVSS total
Vulnerabilidades · 3
Alta
3
PT-2010-5203
9.3
2010-12-22
Microsoft · Windows · CVE-2010-3970
**Name of the Vulnerable Software and Affected Versions** Microsoft Windows versions prior to the fixed version **Description** A remote code execution issue exists in the way the Windows Shell graphics processor handles specially crafted thumbnail images. This allows attackers to execute arbitrary code via a crafted .MIC or Office document containing a thumbnail bitmap with a negative `biClrUsed` value. An attacker who successfully exploits this issue could run arbitrary code in the security context of the logged-on user, potentially installing programs, viewing, changing, or deleting data, or creating new accounts with full user rights. **Recommendations** For Microsoft Windows versions prior to the fixed version, update to the latest version to resolve the issue. As a temporary workaround, consider restricting access to thumbnail images from untrusted sources until a patch is available.
PT-2010-3945
7.5
2010-08-25
Iskaneya · Winny · CVE-2010-2360
**Name of the Vulnerable Software and Affected Versions** Winny versions 2.0b7.1 and earlier **Description** The issue is related to multiple buffer overflows that could allow remote attackers to execute arbitrary code. The exact vectors used for the exploitation are not specified. **Recommendations** For Winny versions 2.0b7.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this issue.
PT-2008-3812
9.3
2008-08-04
Apple · Coregraphics · CVE-2008-2322
Name of the Vulnerable Software and Affected Versions: Apple Mac OS X versions 10.4.11, 10.5.2, 10.5.4 Description: The issue allows remote attackers to execute arbitrary code or cause a denial of service, resulting in an application crash, via a PDF file with a long Type 1 font. This triggers a heap-based buffer overflow due to an integer overflow in CoreGraphics. Recommendations: For Apple Mac OS X version 10.4.11, update to a version that includes the fix for the integer overflow in CoreGraphics. For Apple Mac OS X version 10.5.2, update to a version that includes the fix for the integer overflow in CoreGraphics. For Apple Mac OS X version 10.5.4, update to a version that includes the fix for the integer overflow in CoreGraphics.