Subscribe: SecurePurdue - Handler's Log
http://www.purdue.edu/securepurdue/news/securePurdueRSS_6.xml
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
cirt summary  new  security  steam cirt  summary trends  summary  system  trends  user  vulnerabilities  vulnerability  windows 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: SecurePurdue - Handler's Log

SecurePurdue - Handler's Log



Collaborating to create the university of the future through IT. Service quality, powerful partnerships, and a great place to work.



Published: Wed, 25 Aug 2010 09:28:24 -0400

 



Critical Java Zero Day Exploit

Tue, 28 Aug 2012 01:00:00 -0400

A new vulnerability has been discovered that affects all versions of Java 7 (1.7) and active attacks have been confirmed.



OSX Flashback Trojan - Detecting and Removing

Tue, 10 Apr 2012 16:00:00 -0400

Detecting and removing the Flashback Trojan from your Mac



Phishing Email - allegedly from Purdue help desk blocked

Wed, 28 Mar 2012 01:00:00 -0400

Phishing attempt allegedly from Purdue help-desk blocked.



11-9-2011 Microsoft Windows win32k.sys TrueType Font Parsing Vulnerability

Fri, 04 Nov 2011 03:30:00 -0400

A TrueType Font Parsing vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.



Multiple Vulnerabilities in Adobe ColdFusion

Wed, 15 Jun 2011 15:00:00 -0400

Multiple vulnerabilities have been reported in Adobe ColdFusion, which can be exploited by malicious people to conduct cross-site request forgery attacks, cause a DoS (Denial of Service), and compromise a vulnerable system.



Bug in Blackberry causes Vulnerability

Thu, 17 Mar 2011 01:00:00 -0400

Bug in BlackBerry Browser exposes vulnerability.



Vulnerability in MHTML Could Allow Information Disclosure

Mon, 31 Jan 2011 15:00:00 -0500

There is a reported vulnerability in Windows that could allow for information disclosure via malicious scripts in MHTML pages.



Firesheep will steal your passwords!

Wed, 27 Oct 2010 01:00:00 -0400

A new firefox add-on will allow novice computer users to steal your Facebook, Twitter and other login information when using open Wi-Fi spots.



MPlayer FLIC Processing Multiple Array Indexing Vulnerabilities

Fri, 01 Oct 2010 01:00:00 -0400

MPlayer FLIC Processing Multiple Array Indexing Vulnerabilities



Security News and Info for 9/03/2010

Fri, 03 Sep 2010 01:00:00 -0400

Security News and Info for 9/03/2010



Security News for 9/02/2010

Fri, 03 Sep 2010 01:00:00 -0400

Security News and Info



Security Issues for 9/01/2010

Thu, 02 Sep 2010 01:00:00 -0400

Latest Security Issuses for a wired world



Toy Story 3 Facebook Scam

Tue, 03 Aug 2010 01:00:00 -0400

When clicking on a message that appears to come from one of your friends, if it insists that you click "Like" before viewing the page, it will send a rude hidden message to all of your facebook friends.



KOOBFACE bot via fake YouTube pages

Tue, 03 Aug 2010 01:00:00 -0400

Fake YouTube pages are being used by the Koobface Bot to insert JavaScript Code.



iPhone JailBreak Trojan

Tue, 03 Aug 2010 01:00:00 -0400

An email campaign is targeting iPhone users who might want to jailbreak their phones has been reported by BitDefender.



Apple iOS Security Bypass and PDF Processing Vulnerability

Tue, 03 Aug 2010 01:00:00 -0400

Two vulnerabilities have been reported in Apple iOS, version 4.0.1 which may be exploited to compromise a user's system.



Apple Mac OS X Vulnerability

Tue, 03 Aug 2010 01:00:00 -0400

A vulnerability in Apple Mac OS X due to the "webdav_mount()" function of the WebDAV kernel extension can be exploited by malicious, local users to cause a DoS (Denial of Service).



Quicktime Player Allows Movies To Trigger Malware Downloads

Mon, 02 Aug 2010 01:00:00 -0400

Trend Micro is reporting that Quicktime Player can be used by maliscious people to deploy malware to users' systems using specially crafted movie files. When a user plays one of the files, their system is redirected to download a malware payload.



Wireshark Vulnerabilities

Fri, 30 Jul 2010 01:00:00 -0400

There were multiple vulnerabilities reported in Wireshark with an available update.



Cisco Multiple Products TLS Session Renegotiation Plaintext Injection

Thu, 29 Jul 2010 01:00:00 -0400

Cisco has acknowledged a vulnerability in multiple Cisco products



APPLE-SA-2010-07-28-1 Safari 5.0.1 and Safari 4.1.1

Thu, 29 Jul 2010 01:00:00 -0400

Apple released this advisory addressing vulnerabilities (15 unique CVEs) in the Safari browser for Windows and Mac platforms.



Security Issues 7-27-2010

Tue, 27 Jul 2010 01:00:00 -0400

Security Issues 7-27-2010



Plug-in Security Checker

Tue, 20 Jul 2010 01:00:00 -0400

Ever wonder if all your browser plug-ins are up-to-date and secure? Well Windows users now can check IE, Firefox and Chrome simply by going to a website and running a scan.



Windows Shortcut Parsing Vulnerability

Mon, 19 Jul 2010 01:00:00 -0400

A vulnerability in Windows versions including XP, Vista, 7, Server 2003 and Server 2008 which can be utilized by maliscious parties to compromise a user's system using specially crafted shortcuts (.lnk and .pif files).



Security Issues 7-2-2010

Fri, 02 Jul 2010 01:00:00 -0400

Security Issues 7-2-2010



Security Issues 7/1

Thu, 01 Jul 2010 01:00:00 -0400

Opera browser users will want to upgrade to the latest patch level 10.60.



Adobe Updates and PCI Expectancies

Wed, 30 Jun 2010 01:00:00 -0400

Adobe has released update 9.3.3 for Acrobat and Reader. Users are suggested to upgrade as soon as possible to patch vulnerabilities that could allow for denial-of-service.



Security Issues 6-29-2010

Tue, 29 Jun 2010 01:00:00 -0400

Security Issues 6-29-2010



Mozilla Thunderbird Multiple Vulnerabilities

Mon, 28 Jun 2010 01:00:00 -0400

Per Secunia, some vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to compromise a user's system.



Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Mon, 28 Jun 2010 01:00:00 -0400

Per Secunia, Apple has issued security updates for Mac OS X, which fixes multiple vulnerabilities.



Security Issues 6/16

Wed, 16 Jun 2010 01:00:00 -0400

Microsoft Windows XP & 2003 Help and Support Center has been found to be vulnerable to a recent attack. Users who visit a compromised site can be affected by malicious malware being downloaded to the hosts machine.



End of Windows 2000 & XP SP 2 Support

Tue, 15 Jun 2010 01:00:00 -0400

The end is finally here for support on Windows 2000 & XP SP 2. Microsoft plans on expire support on July 13th.



Adobe AIR Multiple Vulnerabilities

Fri, 11 Jun 2010 01:00:00 -0400

Vulnerabilities have been reported in Adobe AIR. Malicious individuals can exploit these vulnerabilities to conduct cross-site scripting attacks or compromise a user's system. The vulnerabilities are reported in Adobe AIR versions 1.5.3.9130 and prior.



Description of the Microsoft Office 2008 for Mac 12.2.5 Update

Fri, 11 Jun 2010 01:00:00 -0400

Security Updates have been released for OpenOffice and MS Office 2008 for Mac.



Microsoft Cumulative Security Update for Internet Explorer

Thu, 10 Jun 2010 01:00:00 -0400

While Microsoft recently patched the Vulnerability in Internet Explore which could allow for information disclosure, they have expressed concern now that the patch is public that malicious people could be reversed engineered the flaw more easily -- and that additional public exploits may begin. Therefore, the most recent round of Windows updates has become very important to circumvent this and should be applied as soon as possible.



Microsoft Windows Help and Support Center URL Processing Vulnerability

Thu, 10 Jun 2010 01:00:00 -0400

A vulnerability has been discovered in Microsoft Windows. From Secunia as sited below: "The vulnerability is caused due to an error when processing escaped URLs through Microsoft Windows Help and Support Center (helpctr.exe). This can be exploited to bypass restrictions normally imposed by the "-FromHCP" command-line argument and pass arbitrary parameters to local help documents.



Apple Safari Multiple Vulnerabilities

Wed, 09 Jun 2010 01:00:00 -0400

Per Secunia: "Some vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, conduct spoofing or cross-site scripting attacks, and potentially compromise a user's system."



FYI: Browser Plugin Check Site (Neat!)

Wed, 19 May 2010 01:00:00 -0400

Browser Plugin Check Site (works with Firefox 3.6+, Opera 10.5,Safari 4, Chrome 4, or IE 8)



Windows SMB Remote Exploit

Fri, 13 Nov 2009 01:00:00 -0500

Vulnerability has been discovered in Microsoft Windows 7 & Sever 2008. This is a 0-day vulnerability that can be exploited from remote by a malicious user.



Goodbye to Thawte, Huge Patch Tuesday, and More Adobe Vulnerabilities

Fri, 09 Oct 2009 01:00:00 -0400

Thawte email services will be discontinued as of November 16th, 2009. Current customers will receive a free year of VeriSign service. Microsoft has posted that this months patch Tuesday will be its largest ever. Adobe has posted vulnerabilities found in Reader and Acrobat.



Hotmail Passwords Posted, New OpenSSH Version Released & Samba Vulnerabilities Fixed

Tue, 06 Oct 2009 01:00:00 -0400

Hotmail, Live, and MSN users are advised to change their passwords after it was found that usernames and passwords for 10,000 users were posted online.



Microsoft IIS FTP Vulnerability

Tue, 01 Sep 2009 01:00:00 -0400

Vulnerability has been found in Microsoft Internet Information Services FTP server that can allow a remote attacker to potentially execute arbitrary code. IIS FTP servers that allow anonymous users write access can potentially be affected due to a boundary error when the server processes NLST commands.



Linux 2.4 and 2.6 kernel vulnerability

Mon, 17 Aug 2009 01:00:00 -0400

A recently discovered vulnerability in the Linux 2.4 and 2.6 kernels can allow an attacker with local user privileges to gain root access using a widely distributed exploit for a NULL pointer reference caused by incorrect proto_ops initializations. As of August 17th, the issue is still unpatched and the vulnerability affects basically all distributions of Linux running on the 2.4 or 2.6 kernels.



Mac and Windows Updates

Fri, 14 Aug 2009 01:00:00 -0400

This week saw a surge of new security updates for both Mac and Windows computers, partially due to Patch Tuesday.



Vulnerabilities in Mozilla Products

Wed, 05 Aug 2009 01:00:00 -0400

Mozilla Firefox, Thunderbird and SeaMonkey have been found to be vulnerable to an issue in which domain name certificates are dealt with between client browsers and CA servers. The issue is currently unpatched for all products except for users of Firefox 3.5. It is suggested to not browse untrusted sites or open emails from untrusted sources.



Squid 3.x Multiple Denial of Service Vulnerabilities

Wed, 29 Jul 2009 01:00:00 -0400

Multiple vulnerabilities exist in Squid 3.x that can allow a malicious remote user to cause a denial of service (DoS) attack.



July 14 Unpatched Firefox Vulnerability

Tue, 14 Jul 2009 01:00:00 -0400

A new vulnerability has been discovered in the latest version of Mozilla Firefox that can cause memory corruption and may be exploited by malicious people to compromise a user's system.



Vulnerability updates: MS Office, Tomcat, and Internet Explorer

Mon, 13 Jul 2009 01:00:00 -0400

Vulnerability updates: MS Office, Tomcat, and Internet Explorer



Shockwave Vulnerability and Tbird update

Wed, 24 Jun 2009 01:00:00 -0400

A new vulnerability has been discovered in Adobe Shockwave player which could allow for arbitrary code execution on a machine which attempts to play a specially crafted malicious Shockwave player 10 content. Also, a new round of Thunderbird updates have been released addressing a number of security issues.



Adobe Updates

Thu, 11 Jun 2009 01:00:00 -0400

Critical vulnerabilities are found in Adobe Reader/Acrobat 9.1.1 and earlier.



IIS 6.0, ntpd, and new netbooks coming preloaded with malware

Thu, 21 May 2009 01:00:00 -0400

New vulnerabilities have been reported for IIS 6.0 users who have WebDAV enabled. The vulnerability allows escalation of privileges if a specially crafted HTTP GET request is made to the vulnerable server.



Firefox, Thunderbird, and Seamonkey Vulns

Wed, 22 Apr 2009 01:00:00 -0400

New as of today (April 22nd, 09) there are a fresh batch of vulnerabilities that have been discovered in Mozilla products Firefox, Thunderbird, and Seamonkey.



MS and Oracle Patches

Thu, 16 Apr 2009 01:00:00 -0400

On Tuesday, Microsoft and Oracle released critical patches that affect multiple products.



SAP/Java/VMware

Tue, 14 Apr 2009 01:00:00 -0400

Critical updates for SAP, Java and VMware are now available.



Highly Critical Vulnerability in MS Powerpoint

Fri, 03 Apr 2009 01:00:00 -0400

A newly released vulnerability in MS PowerPoint versions 2000 through 2004 for Mac and PC could allow a maliciously crafted PowerPoint file to compromise a user's system and run arbitrary code with permissions of the user.



Import notice for Mac users connected to Active Directory

Mon, 30 Mar 2009 01:00:00 -0400

The security department has recently seen some cases where Active Directory accounts have been locked out due to excessive failed login attempts when a Mac that is synced to Active Directory is also listening for inbound SSH connections.



Critical Adobe Reader/Acrobat Vulnerability

Tue, 24 Feb 2009 01:00:00 -0500

Unpatched Vulnerability in Adobe Reader and Acrobat may allow attacker to take control of users system via specially crafted document. Affected versions include Adobe Reader/Acrobat 9 and earlier.



Firefox/Thunderbird/IE 7 issues

Wed, 17 Dec 2008 01:00:00 -0500

An out of band patch is being released by Microsoft today for the infamous IE 7 0-day vulnerability discovered last week.



Critical MS Word and Excel Patches released Tuesday

Wed, 10 Dec 2008 01:00:00 -0500

Both MS Word and Excel had some major vulnerabilities that were patched in the most recent patch release from Microsoft. Versions affected go all the way back to MS Office 2000.



Fraudulent CNN emails contain links to Trojan

Fri, 08 Aug 2008 01:00:00 -0400

Malicious emails purporting to contain personalized news links from CNN are being reported by campus users as well as across the Internet. These unsolicited emails contain links to supposed videos of recent or false news stories. Additionally, the emails use graphics from legitimate CNN pages to further make the messages appear genuine. When clicked, the links take the user to a fraudulent copy of the CNN video player site which is hosted on a malicious site. Instead of playing a video, the site prompts the user to download a Flash player update. This executable is a Trojan and contains code designed to compromise a user's computer.



Java updates galore

Wed, 09 Jul 2008 01:00:00 -0400

Java updates galore



STEAM-CIRT Summary & Trends for April 2008

Thu, 15 May 2008 01:00:00 -0400

Monthly Summary and Trends



STEAM-CIRT Summary & Trends for March 2008

Wed, 30 Apr 2008 01:00:00 -0400

Monthly Summary and Trends



New Phishing Exploit Doesn't Ask for Credentials

Tue, 29 Apr 2008 01:00:00 -0400

Over the past few days, there has been a new type of phishing e-mail spotted. This new phishing method no longer asks for credentials and other personal information. The new tactic is to pose as a company and ask for the end user to "renew" their digital certificate. A link is presented in the e-mail, which when clicked on will download a keylogging Trojan onto the computer. The Trojan is then used to steal information and/or credentials from the victim's computer. Currently the most commonly used companies to pose as include Comerica Bank and Colonial Bank.



Archive Format Vulnerabilities

Thu, 20 Mar 2008 01:00:00 -0400

Programs that handle archive formats ACE, ARJ, BZ2, CAB, GZ, LHA, RAR, TAR, ZIP and ZOO could potentially be affected by newly discovered vulnerabilities. Various types of programs that could be affected include: anti-virus, firewalls (software-based), encryption products (VPN, PGP), backup software, office programs, operating systems and libraries.



New Buffer Overflow Vulnerability in CUPS CGI

Thu, 20 Mar 2008 01:00:00 -0400

CUPS (Common UNIX Printing System), which provides a standard printer interface for various Unix based operating systems, has a new vulnerability. An unspecified error within the CUPS CGI backend, if exploited by an attacker, could cause a heap-based buffer overflow by sending a specially crafted IPP request.



STEAM-CIRT Summary & Trends for February 2008

Wed, 12 Mar 2008 01:00:00 -0400

Monthly Summary and Trends February 2008



STEAM-CIRT Summary & Trends for January 2008

Wed, 12 Mar 2008 01:00:00 -0400

Monthly Summary and Trends



STEAM-CIRT Summary & Trends for December 2007

Wed, 12 Mar 2008 01:00:00 -0400

Monthly Summary and Trends



Symantec Backup Exec calendar control vulnerabilities discovered

Fri, 29 Feb 2008 01:00:00 -0500

"Secunia Research has discovered some vulnerabilities in Symantec Backup Exec for Windows Servers, which can be exploited by malicious people to overwrite arbitrary files or compromise a vulnerable system."



New unpatched vulnerability in VMware products found

Fri, 29 Feb 2008 01:00:00 -0500

A new unpatched vulnerability has been found in several VMware products that would allow a user (or malicious individual) to "break out" of the guest OS/VM and read/write to the host file system.



Beware Fraudulent Microsoft Security Updates

Wed, 06 Feb 2008 01:00:00 -0500

Purdue University cautions users to be skeptical of email messages claiming to be from Microsoft and requesting that users download a critical update. These emails appear to be fraudulent and users should NOT follow the links in the email. Users are requested to ignore the email and delete it.



Phishing reminder and a new UPnP attack vector

Wed, 16 Jan 2008 01:00:00 -0500

Phishing reminder and a new UPnP attack vector



More Phishing, Quicktime, and remote controlled Trains

Mon, 14 Jan 2008 01:00:00 -0500

You've probably all seen the notifications that there is a current Phishing attack targeting Purdue accounts. Over the weekend we saw some minor modifications to the message which mostly just includes changes to the address it seemed to be coming from.



RealPlayer Unspecified Buffer Overflow Vulnerability

Thu, 03 Jan 2008 01:00:00 -0500

A recently found unpatched flaw in RealPlayer 11 may lead to execution of arbitrary code.



Storm Worm Changes Its Campaign In Time For The Holidays

Thu, 03 Jan 2008 01:00:00 -0500

Arbornetworks.com is reporting about active Storm Worm domains that are currently being used with the latest round of Storm Worm emails attempting to take advantage of the holidays.



STEAM-CIRT Summary & Trends for November 2007

Thu, 20 Dec 2007 01:00:00 -0500

November 2007 Summary and Trends



Adobe Flash Player update fixes multiple vulnerabilities

Thu, 20 Dec 2007 01:00:00 -0500

Adobe Flash Player update fixes multiple vulnerabilities



WordPress Charset SQL Injection Vulnerability

Fri, 14 Dec 2007 01:00:00 -0500

Details are emerging about a new vulnerability in WordPress. An unpatched flaw in WordPress may lead to SQL injection.



Samba send_mailslot() Buffer Overflow Vulnerability

Fri, 14 Dec 2007 01:00:00 -0500

Details are emerging about a moderately critical vulnerability in Samba. A flaw in Samba may lead to a buffer overflow resulting in execution of arbitrary code.



Apple Quicktime RTSP buffer overflow vulnerability

Mon, 03 Dec 2007 01:00:00 -0500

Details are emerging about a critical exploit vulnerability in Apple's Quicktime product. An unpatched flaw in the RTSP (real-time streaming protocol) may allow remote attackers to compromise a system.



STEAM-CIRT Summary & Trends for October 2007

Mon, 19 Nov 2007 01:00:00 -0500

October 2007 Summary and Trends



STEAM-CIRT Summary & Trends for September 2007

Fri, 26 Oct 2007 01:00:00 -0400

STEAM-CIRT Summary & Trends for September 2007



Multiple Vulnerabilities in Firefox Prompts Mozilla to Provide Version Update

Fri, 19 Oct 2007 01:00:00 -0400

A variety of vulnerabilities in the popular web browser Firefox have been reported. When exploited, these vulnerabilities can lead to: disclosure of sensitive information, phishing attacks, data manipulation, and/or system compromise.



STEAM-CIRT Summary & Trends for August 2007

Fri, 21 Sep 2007 01:00:00 -0400

August 2007 Summary and Trends



Firefox "-chrome" Parameter Vulnerability

Wed, 19 Sep 2007 01:00:00 -0400

A vulnerability affecting Firefox versions previous to 2.0.0.7 is caused by the "-chrome" parameter allowing remote attackers to run code with the current user's privileges. When exploited, the remote attacker can install malware, steal data, or simply corrupt the user's system.



Subversion overwrites arbitrary files

Thu, 30 Aug 2007 01:00:00 -0400

For our campus users of Subversion and TortoiseSVN version control systems it is time to update. Versions prior to the recently released 1.4.5 version have a bug that allows a directory-traversal attack on a windows system using the "..\" syntax. This would allow a client user with write access to overwrite arbitrary system files for which he has write access privileges.



Media Player Classic .FLI File Processing Buffer Overflow Vulnerability

Wed, 29 Aug 2007 01:00:00 -0400

A highly critical vulnerability has been discovered in the open source media player Media Player Classic (MPC), which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error processing .FLI files (an old animation compression format).



New Storm Worm Variant

Thu, 23 Aug 2007 01:00:00 -0400

The newest method that is being highly utilized to trick people into becoming storm worm infected is by sending out e-mails regarding various "club" memberships.



STEAM-CIRT Summary & Trends for July 2007

Wed, 22 Aug 2007 01:00:00 -0400

July 2007 Summary and Trends



STEAM-CIRT Summary & Trends for February 2007

Wed, 22 Aug 2007 01:00:00 -0400

February 2007 Summary and Trends



STEAM-CIRT Summary & Trends for March 2007

Wed, 22 Aug 2007 01:00:00 -0400

March 2007 Summary and Trends



STEAM-CIRT Summary & Trends for April 2007

Wed, 22 Aug 2007 01:00:00 -0400

April 2007 Summary and Trends



STEAM-CIRT Summary & Trends for May 2007

Wed, 22 Aug 2007 01:00:00 -0400

May 2007 Summary and Trends



STEAM-CIRT Summary & Trends for June 2007

Wed, 22 Aug 2007 01:00:00 -0400

June 2007 Summary and Trends



Highly critical vulnerability found in component of Microsoft’s DirectX Media SDK

Wed, 15 Aug 2007 01:00:00 -0400

A highly critical vulnerability has been found in the Live Picture Corporation DirectTransform FlashPix ActiveX control included in the Microsoft DirectX Media SDK, which can be exploited by malicious people to compromise a vulnerable system.



Firefox Used as an Attack Vector via URI Filtering Vulnerability

Mon, 30 Jul 2007 01:00:00 -0400

Exploitation is as simple as using Firefox to visit a malicious website with a specially crafted URI (such as "mailto") containing a "%" character and ends with a specific extension, such as ".bat" or ".cmd".



Java Runtime Environment Vulnerabilities Lead to Remote Compromise

Tue, 17 Jul 2007 01:00:00 -0400

Sun Java Runtime Environment (JRE) has a buffer overflow vulnerability in its image parsing code which could allow an untrusted applet or application to escalate its privileges. If this happens, the applet or application could provide itself permissions to read and write local files or execute local applications which are available to the user who is running the untrusted applet or application. All systems running Windows, Linux variants, and Solaris are considered vulnerable.



Mozilla Firefox "OnKeyDown" Event Focus Vulnerability

Thu, 05 Jul 2007 01:00:00 -0400

A new Firefox vulnerability is caused by a design flaw within the focus handling method of form fields.



Xvid Library version 1.1.2 Vulnerability

Fri, 29 Jun 2007 01:00:00 -0400

The Xvid library version 1.1.2 has a newly discovered vulnerability in the get_intra_block, get_inter_h263, and get_inter_block_mpeg functions. This vulnerability could allow a remote attacker to execute arbitrary code on the victim's computer.