EssenVision Software - Threat Center

Source

Microsoft Windows Media Could Allow Remote Code Execution A remote code execution vulnerability exists in the Windows multimedia library (winmm.dll) in the code responsible for handling of MIDI files. Tue, 10 Jan 2012 00:00:00 -0500
Microsoft Vulnerability in ASP.NET Could Allow Denial of Service Microsoft's ASP.NET is vulnerable to a denial of service, caused by insufficient randomization of hash data structures by the CaseInsensitiveHashProvider.getHashCode() function. Wed, 04 Jan 2012 00:00:00 -0500
Multiple products telnetd buffer overflow Multiple products are vulnerable to a buffer overflow, caused by improper bounds checking by the encrypt_keyid() function of telnetd. Wed, 04 Jan 2012 00:00:00 -0500
Adobe Acrobat and Reader U3D code execution Adobe Acrobat and Reader could allow a remote attacker to execute arbitrary code on the system, caused by a vulnerability when handling U3D data. Thu, 08 Dec 2011 00:00:00 -0500
Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege There is a vulnerability in a Microsoft Windows component, the Win32k TrueType font parsing engine that could allow elevation of privilege. This vulnerability is related to the Duqu malware. Wed, 09 Nov 2011 00:00:00 -0500
Transport Layer Security (TLS) protocol SSL negotiation handshake denial of service A recently released tool by THC exploits the fact that establishing SSL/TLS connections can require substantially more resources on the server than on the client. Wed, 09 Nov 2011 00:00:00 -0500

Microsoft Windows Media Could Allow Remote Code Execution

A remote code execution vulnerability exists in the Windows multimedia library (winmm.dll) in the code responsible for handling of MIDI files.
Tue, 10 Jan 2012 00:00:00 -0500

Microsoft Vulnerability in ASP.NET Could Allow Denial of Service

Microsoft's ASP.NET is vulnerable to a denial of service, caused by insufficient randomization of hash data structures by the CaseInsensitiveHashProvider.getHashCode() function.
Wed, 04 Jan 2012 00:00:00 -0500

Multiple products telnetd buffer overflow

Multiple products are vulnerable to a buffer overflow, caused by improper bounds checking by the encrypt_keyid() function of telnetd.
Wed, 04 Jan 2012 00:00:00 -0500

Adobe Acrobat and Reader U3D code execution

Adobe Acrobat and Reader could allow a remote attacker to execute arbitrary code on the system, caused by a vulnerability when handling U3D data.
Thu, 08 Dec 2011 00:00:00 -0500

Vulnerability in TrueType Font Parsing Could Allow Elevation of Privilege

There is a vulnerability in a Microsoft Windows component, the Win32k TrueType font parsing engine that could allow elevation of privilege. This vulnerability is related to the Duqu malware.
Wed, 09 Nov 2011 00:00:00 -0500

Transport Layer Security (TLS) protocol SSL negotiation handshake denial of service

A recently released tool by THC exploits the fact that establishing SSL/TLS connections can require substantially more resources on the server than on the client.
Wed, 09 Nov 2011 00:00:00 -0500