Category Archives: Checkpoint

Checkpoint

Microsoft Internet Explorer Memory Corruption (MS16-084: CVE-2016-3240; CVE-2016-3240)

A memory corruption vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an error while handling certain objects when processing HTML and script code. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could cause memory corruption in a way that would allow attackers to execute code on the target system.

Microsoft Internet Explorer Memory Corruption (MS16-084: CVE-2016-3241; CVE-2016-3241)

A memory corruption vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to an error while handling certain objects when processing HTML and script code. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could cause memory corruption in a way that would allow attackers to execute code on the target system.

Internet Explorer Malformed IFRAME Buffer Overflow (MS04-040: CVE-2004-1050; CVE-2004-1050)

Internet Explorer (IE) is a popular web browser developed by Microsoft corporation. A buffer overflow vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is in the way Microsoft Internet Explorer parses certain parameters of an IFRAME tag. An attacker can exploit this vulnerability to create a denial of service condition or to execute arbitrary code in the context of the currently logged in user. Successful exploitation of this vulnerability may allow execution of arbitrary code on a vulnerable system.

Symantec ZIP Decompression Memory Access Violation (CVE-2016-3646)

Multiple vulnerabilities exist in the Decomposer component of Symantec Antivirus Engine. These vulnerabilities are due to incorrect or missing bounds checks. A remote, unauthenticated attacker could exploit these vulnerabilities by sending a maliciously crafted file to a user running this engine. Successful exploitation could result in arbitrary code execution in the context of SYSTEM.