Sercer – Find news the fast way – server

A vulnerability exists in code responsible for parsing TrueType fonts in Microsoft Windows’ win32k.sys kernel module.

Samba could allow a remote attacker to execute arbitrary code on the system, caused by an error within the Network Data Representation (NDR) marshalling functionality. An attacker could exploit this vulnerability using a specially-crafted RPC call to e…

The Java Runtime Environment (JRE) versions 7 update 2 and previous as well as version 6 update 30 and previous contain a vulnerability that can be exploited for sandbox evasion and remote code execution in the context of the current user.  The vu…

A privately disclosed vulnerability in the widely deployed Microsoft Common Controls ActiveX control (MSCOMCTL.OCX) can be exploited for remote code execution.

The sandbox feature of Adobe Flash Player for Chrome has two vulnerabilities which could result in privilege escalation.

A vulnerability exists in the Microsoft Remote Desktop protocol (RDP) that allows for exploitation of the RDP/Terminal  Server service to achieve remote code execution.

Adobe Flash Player version  10.3.181.36  and earlier are vulnerable to a buffer overflow which can be exploited to gain remote code execution in the context of the browser.

A remote code execution vulnerability exists in the Windows multimedia library (winmm.dll) in the code responsible for handling of MIDI files.

Microsoft’s ASP.NET is vulnerable to a denial of service, caused by insufficient randomization of hash data structures by the CaseInsensitiveHashProvider.getHashCode() function.

Multiple products are vulnerable to a buffer overflow, caused by improper bounds checking by the encrypt_keyid() function of telnetd.

Adobe Acrobat and Reader could allow a remote attacker to execute arbitrary code on the system, caused by a vulnerability when handling U3D data.

 There is a vulnerability in a Microsoft Windows component, the Win32k TrueType font parsing engine that could allow elevation of privilege.  This vulnerability is related to the Duqu malware.

A recently released tool by THC exploits the fact that establishing SSL/TLS connections can require substantially more resources on the server than on the client.

There is a vulnerability in a Java applet used in the Microsoft Forefront Unified Access Gateway (UAG) that can allow remote code execution. 

Fraudulent certificates signed by the compromised Diginotar certificates may be trusted by clients who have not yet revoked the compromised certificates.

The BENCHMARK() function may be used in a SQL Injection attack to cause a denial of service.

The Adobe Reader X sandbox has a vulnerability which allows code running in the sandbox to bypass certain sandbox restrictions which could result in privilege escalation.

Apache HTTP Server is vulnerable to a denial of service, caused by an error in the ByteRange filter when processing malicious requests.

RealNetworks RealPlayer has a vulnerability that allows a remote attacker to execute arbitrary programs in an affected system. The vulnerability is due to lack of input sanitation in one of the HTML files included in the installation of RealPlayer.

The DNS Server service in Microsoft Windows 2008 and 2008 R2 has a remote code execution vulnerability.