Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Oracle Solaris tcsd Denial of Service Vulnerability

A vulnerability has been identified in Oracle Solaris tcsd, which can be exploited by malicious people to cause a denial of service.
Last Update Date: 11 Jan 2013 09:48 Release Date: 11 Jan 2013 5172 Views

RISK: Medium Risk

Medium Risk

Microsoft Windows Includes Fraudulent Digital Certificates Vulnerability

A vulnerability was identified in Microsoft Windows. One fraudulent digital certificate issued by TURKTRUST Inc., which is a CA present in the Trusted Root Certification Authorities Store, could be used to spoof content, perform phishing attacks, or perform man-in-the-middle...
Last Update Date: 10 Jan 2013 Release Date: 4 Jan 2013 5817 Views

RISK: High Risk

High Risk

Asterisk Two Denial of Service Vulnerabilities

Two vulnerabilities have been identified in Asterisk, which can be exploited by malicious users and malicious people to cause a DoS (Denial of Service). An error when handling TCP sessions can be exploited to cause a stack overflow and crash the service. An error when handling...
Last Update Date: 10 Jan 2013 Release Date: 4 Jan 2013 5717 Views

RISK: Medium Risk

Medium Risk

VMware ESXi glibc Multiple Vulnerabilities

Multiple vulnerabilities have been identified in VMware ESXi, which can be exploited by malicious users to cause a DoS (Denial of Service), potentially gain escalated privileges or compromise a vulnerable system.
Last Update Date: 10 Jan 2013 Release Date: 24 Dec 2012 5034 Views

RISK: Medium Risk

Medium Risk

IBM Tivoli Remote Control / IBM Tivoli Endpoint Manager for Remote Control Java Multiple Vulnerabilities

Multiple vulnerabilities have been indentified in IBM Tivoli Remote Control and IBM Tivoli Endpoint Manager for Remote Control, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
Last Update Date: 10 Jan 2013 Release Date: 21 Dec 2012 5154 Views

RISK: Medium Risk

Medium Risk

IBM WebSphere Application Server for z/OS Arbitrary Command Execution Vulnerability

A vulnerability has been reported in IBM WebSphere Application Server for z/OS, which can be exploited by malicious people to compromise a vulnerable system.   The vulnerability is caused due to an unspecified error within the HTTP Server and can be exploited to execute arbitrary commands.
Last Update Date: 10 Jan 2013 Release Date: 21 Dec 2012 5000 Views

RISK: High Risk

High Risk

Microsoft Windows Kernel-Mode Drivers Multiple Font Parsing Vulnerabilities

OpenType Font Parsing Vulnerability A remote code execution vulnerability exists in the way that affected components handle a specially crafted OpenType font file. The vulnerability could allow remote code execution if a user opens a specially crafted OpenType font file. An attacker who successfully exploited this vulnerability could...
Last Update Date: 10 Jan 2013 Release Date: 12 Dec 2012 5597 Views

RISK: High Risk

High Risk

Blue Coat Products OpenSSL DER Format Data Processing Vulnerabilities

Multiple vulnerabilities have been identified in Blue Coat IntelligenceCenter and ProxySG, which can be exploited by malicious people to potentially compromise a vulnerable system.   The vulnerabilities exist in the bundled version of OpenSSL. The vulnerability is caused due to a type casting error in the "asn1_d2i_read_bio...
Last Update Date: 10 Jan 2013 Release Date: 12 Dec 2012 4880 Views

RISK: High Risk

High Risk

Mozilla Products Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Mozilla Firefox, Thunderbird and Seamonkey. Remoter attackers can exploit the vulnerabilities to conduct remote code execution, elevation of privilege, sensitive information disclosure or modification and spoofing.
Last Update Date: 10 Jan 2013 Release Date: 9 Jan 2013 5201 Views

RISK: High Risk

High Risk

Ruby on Rails Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Ruby on Rails. A remote user can generate unsafe queries, bypass authentication systems, inject SQL commands, inject and execute arbitrary code, and cause denial of service conditions. A remote user can supply a specially crafted data to exploit...
Last Update Date: 10 Jan 2013 10:42 Release Date: 10 Jan 2013 5199 Views