Friday, March 27, 2009

Rule release for today - March 27th 2009

A couple of interesting vulnerabilities covered in todays release, first one is for Microsoft Windows:

Microsoft Windows GDI Buffer Overflow:
A programming error in the Microsoft Windows kernel may allow a remote attacker to execute code with system level privileges. This may be exploited when specially crafted EMF files are viewed using Microsoft Internet Explorer.

Second one concerns Mozilla Firefox:

Mozilla Firefox XSL Buffer Overflow:
A programming error in Mozilla Firefox may allow a remote attacker to execute code on a victim machine. The error is exposed when the application attempts to process an XML file that has a specially crafted XSLT transform.

As always, details are available here:

http://www.snort.org/vrt/advisories/vrt-rules-2009-03-27.html

No comments:

Post a Comment