RealNetworks RealPlayer contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. The vulnerability is due to invalid memory operations performed by the RealPlayer ActiveX control. An unauthenticated, remote attacker could exploit this vulnerability by convincing a user to visit a malicious website. If successful, the attacker could execute arbitrary code on the system with the privileges of the user. Functional code that demonstrates an exploit of this vulnerability is publicly available. RealNetworks has confirmed this vulnerability and released updated software.

Novell ZENworks Desktop Management contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability exists because the Trivial File Transfer Protocol (TFTP) server component that is used by the affected software fails to perform sufficient boundary checks on user-supplied input. An unauthenticated, remote attacker could exploit this vulnerability by submitting crafted packets to the TFTP server component. Processing such requests could result in a memory corruption error that could allow the attacker to execute arbitrary code on the targeted system. Novell has confirmed this vulnerability and released updated software.

Microsoft Internet Explorer contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a vulnerable system. The vulnerability is due to errors that may occur when Internet Explorer handles deleted or uninitialized objects. Exploitation could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system with the privileges of a targeted user. Functional code that demonstrates an exploit of this vulnerability is publicly available. Microsoft has confirmed this vulnerability in a security bulletin and released updated software.

Microsoft Internet Explorer versions 6, 7, 8, and 9 contain a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to improper handling of malformed web pages. An unauthenticated, remote attacker could exploit this vulnerability by convincing a user to view a malicious website. If successful, the attacker could execute arbitrary code on the system with the privileges of the user. Microsoft has confirmed this vulnerability in a security bulletin and has released updated software.

NetSupport Manager contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code. The vulnerability is due to insufficient sanitization of user-supplied input by the affected software. An unauthenticated, remote attacker could exploit this vulnerability by sending malicious requests to the affected software. If successful, the attacker could execute arbitrary code on the affected system. Proof-of-concept code that exploits this vulnerability is publicly available. NetSupport has not confirmed this vulnerability and updated software is not available.

Symantec pcAnywhere contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to improper input data validation during login and authentication procedures in the Symantec pcAnywhere application. An unauthenticated, remote attacker can exploit the vulnerability to run arbitrary code on the system, resulting in unauthorized access to the network and privilege escalation. Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available. Symantec has confirmed the vulnerability and released software updates.

Adobe Flash Player contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code. The vulnerability is due to a memory corruption error while processing an .mp4 media file. An unauthenticated, remote attacker could exploit the vulnerability by convincing a user to visit a malicious web page that hosts crafted .mp4 media files. When processed, the files could cause a memory corruption error that could allow the attacker to execute arbitrary code with the privileges of the user. Exploit code as part of the Metasploit framework is publicly available. Adobe has confirmed the vulnerability and released software updates.

Adobe Acrobat and Reader contain a memory corruption vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on a targeted system. The vulnerability is due to an unspecified memory corruption error in the affected software. An unauthenticated, remote attacker could exploit the vulnerability by convincing a user to view a website or open a file that is designed to pass malicious input to the affected software. When processed, the input could cause a memory corruption error in the software. The attacker could use the memory corruption to execute arbitrary code or cause a DoS condition on the system. Adobe has confirmed the vulnerability and released updated software.

Microsoft Report Viewer contains a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks against a targeted system. The vulnerability is due to improper validation of data source parameters. An unauthenticated remote attacker could exploit the vulnerability by convincing a user to click a link that is designed to inject script code in the user's browser. If successful, the attacker could spoof content or obtain sensitive information. Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available. Microsoft has confirmed this vulnerability in a security bulletin and has released updated software.

BaoFeng Storm versions prior to 3.9 contain a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on the targeted system. The vulnerability is due to insufficient sanitization of user input supplied to the nBeforeVideoDownload() method that is implemented in the mps.dll ActiveX control of the affected software. An unauthenticated, remote attacker could exploit this vulnerability by convincing a user to visit a malicious website designed to pass overly large input to the affected method. The processing of the input could result in a stack-based buffer overflow. The attacker could use this overflow to execute arbitrary code under the security context of the targeted user. Failed exploit attempts could lead to abnormal termination of the browser, causing a DoS condition. Reports suggest that additional arbitrary code execution vulnerabilities also exist in the product. They could exist in Config.dll and CreateChinagames() method in CGAgent.dll ActiveX controls. Exploits are currently being observed in the wild; exploits are most common in China, where the affected product is a frequently used media player. Proof-of-concept code that exploits this vulnerability is publicly available. Administrators are advised to implement an intrusion prevention system (IPS) or intrusion detection system (IDS) to help detect and prevent attacks that attempt to exploit this vulnerability. Administrators may consider setting the kill bit on the following CLSIDs: 6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB, BD103B2B-30FB-4F1E-8C17-D8F6AADBCC05, and 75108B29-202F-493C-86C5-1C182A485C4C. BaoFeng has confirmed this vulnerability and released updated software.

IBM Tivoli Directory Server contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. The vulnerability exists because the affected software does not perform sufficient boundary checks on user-supplied parameters when handling certain requests. An unauthenticated, remote attacker could exploit this vulnerability by submitting a malformed request to the affected server. If successful, the attacker could execute arbitrary code on the targeted server with the privileges of the affected application. Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available. IBM has confirmed this vulnerability and updates are available.

Microsoft Office SharePoint Server 2010 SP1 and prior and SharePoint Foundation 2010 contain a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to insufficient sanitization of parameters supplied via URL. An unauthenticated, remote attacker could exploit the vulnerability by convincing a user to view a malicious URL. If successful, the attacker could conduct cross-site scripting attacks and possibly access sensitive browser-based information. Microsoft confirmed the vulnerability in a security bulletin and released software updates.

Microsoft Windows contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to a buffer overflow error in the affected software while processing user-supplied input parameters. An unauthenticated, remote attacker could exploit the vulnerability by convincing a user to visit a malicious website. If successful, the attacker could execute arbitrary code on the system with kernel privileges. Proof-of-concept code that demonstrates an exploit of this vulnerability is publicly available. Microsoft has confirmed the vulnerability and released software updates.