http://www.iss.net en 2007 IBM Internet Security Systems. All rights reserved worldwide. http://www.iss.net/threats/442.html A remote code execution vulnerability exists in the Windows multimedia library (winmm.dll) in the code responsible for handling of MIDI files. Tue, 10 Jan 2012 00:00:00 -0500 http://www.iss.net/threats/440.html Microsoft's ASP.NET is vulnerable to a denial of service, caused by insufficient randomization of hash data structures by the CaseInsensitiveHashProvider.getHashCode() function. Wed, 04 Jan 2012 00:00:00 -0500 http://www.iss.net/threats/441.html Multiple products are vulnerable to a buffer overflow, caused by improper bounds checking by the encrypt_keyid() function of telnetd. Wed, 04 Jan 2012 00:00:00 -0500 http://www.iss.net/threats/439.html Adobe Acrobat and Reader could allow a remote attacker to execute arbitrary code on the system, caused by a vulnerability when handling U3D data. Thu, 08 Dec 2011 00:00:00 -0500 http://www.iss.net/threats/438.html  There is a vulnerability in a Microsoft Windows component, the Win32k TrueType font parsing engine that could allow elevation of privilege.  This vulnerability is related to the Duqu malware. Wed, 09 Nov 2011 00:00:00 -0500 http://www.iss.net/threats/437.html A recently released tool by THC exploits the fact that establishing SSL/TLS connections can require substantially more resources on the server than on the client. Wed, 09 Nov 2011 00:00:00 -0500