Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries.
The host is installed with Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle malformed NCP request. Successful exploitation allow remote attackers to execute arbitrary code or cause a denial of service.
The host is installed with Adobe flash player 6 and is prone to remote code execution vulnerability. A flaw is present in application, which fails to handle specially crafted Flash content or web page. Successful exploitation could allow remote attackers to execute arbitrary code.
The host is installed with Symantec AntiVirus 10.0.x before 10.1 MR9 or Symantec Client Security 3.0.x before 3.1 MR9 and is prone to a denial of service vulnerability. A flaw is present in the applications, which fail to handle "specific events" that prevent the user from having read access to unspecified resources. Successful exploitation could allow attackers to crash the service.
The host is installed with 7-Technologies (7T) Interactive Graphical SCADA System (IGSS) before 9.0.0.11291 and is prone to untrusted search path vulnerability. A flaw is present in the application, which fails to properly handle a Trojan horse DLL. Successful exploitation allows local users to gain privileges.
The host is installed with XnView and is prone to untrusted search path vulnerability. A flaw is present in the application which is caused due to loading an executable file in an insecure manner. Successful exploitation allows remote attacker to execute arbitrary code on the system.
The host is installed with ImgBurn through 2.5.4.0 and is prone to an untrusted search path vulnerability. A flaw is present in the application, which fails to handle an issue in ImgBurn.exe. Successful exploitation could allow remote attackers to to execute arbitrary code and conduct DLL hijacking attacks.
The host is installed with CyberLink PowerProducer 5.5.3.2325 and is prone to multiple untrusted search path vulnerabilities. The flaws are present in the application, which fails to handle a Trojan horse (1) mfc71loc.dll or (2) mfc71enu.dll file in the current working directory. Successful exploitation could allow local users to gain privileges.
The host is installed with CyberLink StreamAuthor 4.0 build 3308 and is prone to multiple untrusted search path vulnerabilities. The flaws is present in the application, which a Trojan horse (1) mfc71loc.dll or (2) mfc71enu.dll file in the current working directory. Successful exploitation could allow attackers to gain privileges.
The host is installed with CyberLink LabelPrint 2.5.3602 and is prone to multiple untrusted search path vulnerabilities. The flaws are present in the application, which fails to a Trojan horse (1) mfc71loc.dll or (2) mfc71enu.dll file in the current working directory. Successful exploitation could allow attackers to gain privileges.