Latest News (Buffer) RSS

Sharing folders vulnerable to buffer overflow

Even though the recent webcam vulnerability in MSN/Windows Live Messenger was only just addressed, another exploitable bug has already surfaced. This time it's a buffer overflow error that affects the Sharing folders feature in Windows... More...

Microsoft Researchers Target Worms, Buffer Overruns

Microsoft researchers showed off some forward-looking technologies this week, including new ways to protect systems against Internet worms, prevent hacker attacks, and measure available bandwidth on home networks. At its fifth annual TechFest, Microsoft Research... More...

RealPlayer Zipped Skin File Buffer Overflow

eEye Digital Security has discovered a vulnerability in RealPlayer that allows a remote attacker to reliably overwrite the stack with arbitrary data and execute arbitrary code in the context of the user under which the... More...

Microsoft Word Document Parsing Buffer Overflow

HexView has discovered a vulnerability in Microsoft Word, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. The vulnerability is caused due to an... More...

MS04-028: Buffer Overrun in JPEG Processing (GDI+)

Thanks to xStainDx for the heads up. Microsoft recommends that customers apply the update immediately. This update resolves a newly-discovered, privately reported vulnerability. A buffer overrun vulnerability exists in... More...

Intel follows AMD in buffer flow protection scheme

WE REPORTED LAST MONTH that AMD has a cunning plan to work with Microsoft on 64-bit security. And, at the time, we also reported that Intel had no plans to implement this stuff itself. The... More...

Buffer Overrun in Microsoft FrontPage Server Extensions

Overview A security issue has been identified that could allow an attacker to cause a computer running Microsoft® Frontpage Server Extensions to become temporarily unresponsive. Microsoft Frontpage Server Extensions are enabled by default on... More...

Buffer Overrun in the Workstation Service

A security vulnerability exists in the Workstation service that could allow remote code execution on an affected system. This vulnerability results because of an unchecked buffer in the Workstation service. If exploited, an attacker could... More...

MS03-039 Buffer Overrun In RPCSS Service

Remote Procedure Call (RPC) is a protocol used by the Windows operating system. RPC provides an inter-process communication mechanism that allows a program running on one computer to seamlessly access services on another computer. The... More...

MSN Messenger 6.0 Buffer Overflow Vulnerability

dwergs from Mess with MSN Messenger points out another reason why you should upgrade to the latest 0602 build of MSN Messenger 6. A certain Bahaa Naamneh reported a bug in MSN Messenger 6.0.0501 and... More...

Buffer Overrun in Windows Could Lead to Data Corruption

An identified security issue in Microsoft Windows could allow an attacker to compromise a Microsoft Windows-based system and then take a variety of actions. For example, an attacker could execute code on the system. By... More...

Buffer Overrun In HTML Converter Could Allow Code Execution

Windows XP Security Patch: Buffer Overrun

Quick Info File Name: Q811493_WXP_SP2_x86_ENU.exe - Download Size: 3241 KB - Date Published: 5/28/2003 - Version: 811493 A security issue has been identified that could allow an attacker to compromise a... More...

Revised: MS03-007: Unchecked Buffer (WebDav Protocol)

Reason for Revision: Microsoft originally released this security bulletin on March 17, 2003. At that time, Microsoft was aware of a publicly available exploit that was being used to attack Windows 2000 Servers running... More...

MS03-013 - Buffer Overrun in Kernel Message Handling

There is a flaw in the way the kernel passes error messages to a debugger. A vulnerability results because an attacker could write a program to exploit this flaw and run code of their choice.... More...

Seti@home is prey to buffer overflow

TIME TO GET THE BANDAGES in place for Seti@Home users. It seems that all versions of the client software are at risk from a buffer overflow hack. There are new versions of the software up... More...

Windows 2000: Unchecked buffer in Windows component

Quick Info File Name: MaxClientBufferSize.inf - Download Size: 1 KB - Date Published: 3/17/2003 - Version: 815021 Overview A security issue has been identified that could allow an attacker to... More...

MS02-063: Unchecked Buffer in PPTP Implementation Could Enable Denial of Service Attacks (Q329834)

Software: Windows 2000, Windows XP Impact: Denial of Service Max Risk: Critical Windows 2000 and Windows XP natively support Point-to-Point Tunneling Protocol (PPTP), a Virtual Private Networking technology that is... More...

MS02-053: Buffer Overrun in SmartHTML Interpreter Could Allow Code Execution (Q324096)

The SmartHTML Interpreter (shtml.dll) is part of the FrontPage Server Extensions (FPSE), and provides support for web forms and other FrontPage-based dynamic content. The interpreter contains a flaw that could be exposed when processing a... More...

MS02-041: Unchecked Buffer in Content Management Server Could Enable Server Compromise

Thanks Andrew Hodes for the email. Microsoft Content Management Server (MCMS) 2001 is a .Net Enterprise Server product that simplifies developing and managing e-business web sites. Microsoft has learned of three security vulnerabilities affecting it:... More...

MS02-40: Unchecked Buffer in MDAC Function

Thanks xStainDx and WishX for this. The Microsoft Data Access Components (MDAC) provide a number of supporting technologies for accessing and using databases. Included among these functions is the underlying support for the T-SQL OpenRowSet... More...

MS02-039: Buffer Overruns in SQL Server 2000

SQL Server 2000 introduces the ability to host multiple instances of SQL Server on a single physical machine. Each instance operates for all intents and purposes as though it was a separate server. However, the... More...

MS02-037: Response to SMTP Client EHLO Command Results in Buffer Overrun

The Internet Mail Connector (IMC) enables Microsoft Exchange Server to communicate with other mail servers via SMTP. When the IMC receives an SMTP extended Hello (EHLO) protocol command from a connecting SMTP server, it responds... More...

MS02-033: Unchecked Buffer in Profile Service Issue

Title: Unchecked Buffer in Profile Service Could Allow Code Execution in Commerce Server (Q322273) Date: June 26, 2002 Software: Microsoft Commerce Server 2000, Commerce Server 2002 Impact: Four vulnerabilities, each of which could run... More...

MS02-026: Unchecked Buffer in ASP.NET Worker Process

Title: Unchecked Buffer in ASP.NET Worker Process (Q322289) Date: 06 June 2002 Software: .NET Framework Impact: Denial of service, potentially run code of attacker's choice Max Risk: Moderate Bulletin: MS02-026 Microsoft encourages customers to... More...

MS02-022: Unchecked Buffer in MSN Chat Control Can Lead to Code Execution

Thanks Andrew, Jimmy Daniels & lawtai. Who is Affected: All customers using the Microsoft® MSN Chat control, which is available for direct download and ships with MSN Messenger and Exchange Instant Messenger.... More...

MS02-019: Unchecked Buffer in IE and Office for Mac...

This is a cumulative patch that, when applied, eliminates all previously released security vulnerabilities affecting IE 5.1 for Macintosh, and Office v. X for Macintosh. In addition, it eliminates two newly discovered vulnerabilities. The first... More...

Neowin

Where unprofessional journalism looks better.