Bifrost Server is prone to a buffer overflow vulnerability which can be exploited remotely by sending a specially crafted packet to port TCP/81.

Adobe ColdFusion is vulnerable to a remote authentication-bypass, allowing the attacker to upload an agent and execute it. The agent may have SYSTEM privileges if ColdFusion is installed as a service in Windows.

This module exploits a Windows kernel vulnerability calling to "NtGdiScaleViewportExtEx" function by using crafted parameters.



This update adds support for all 32 bit Windows versions.

Microsoft Access contains a vulnerability in the way it handles compiled queries that are stored in .aacdb files. It mistakenly interprets certain fields in the file as pointers and produce memory corruption.

This update modifies the application version displayed in Quick Information.

This update provides a better documentation for this module.

Music Animation Machine MIDI Player contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in MAM Player when handling misleading MIDI files. This situation leads to a buffer overflow and allows an attacker to overwrite an SEH Pointer and get control of execution. This vulnerability can be exploited via a specially crafted .mamx file.

FreeFTPd is prone to a buffer overflow when handling an overly long PASS command.

This module exploits a vulnerability in Mozilla Firefox when serializing XML to a DOM object. A certain method used during this process is likely to create a dangling pointer. Remote attackers can take advantage of this memory and use it to execute arbitrary code.

The vulnerability is caused due to an error when handling theme and screensaver files.