samedi 30 mai 2020    || Inscription
BanniereAlertes
 
 

Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Multiple vulnerabilities in Apache Tomcat (CERT-EU Security Advisory 2012-0003)

The Apache Tomcat security team disclosed two vulnerabilities in their product. Fixes are available. The vulnerabilities allow unauthorized disclosure of information and disruption of service.
Auteur: Cert EU

Multiple vulnerabilities in OpenSSL (CERT-EU Security Advisory 2012-0002)

The OpenSSL project disclosed various vulnerabilities in their product.
Auteur: Cert EU

Security updates available for Adobe Reader and Acrobat (CERT-EU Security Advisory 2012-0001).

These updates address critical vulnerabilities (CVE-2011-2462, CVE-2011-4369, CVE-2011-4370, CVE-2011-4371, CVE-2011-4372, CVE-2011-4373) in Adobe Reader X (10.1.1) and earlier versions for Windows and Macintosh, and Adobe Acrobat X (10.1.1) and...
Auteur: Cert EU

Multiple vulnerabilities on Mozilla Firefox / Thunderbird / SeaMonkey (CERT-EU Security Advisory 2011-0032)

Multiple vulnerabilities have been found in Mozilla Firefox / Thunderbird. A fix is available.
Auteur: Cert EU

Multiple vulnerabilities on JBoss Enterprise Portal Platform (CERT-EU Security Advisory 2011-0031)

Multiple vulnerabilities have been found in JBoss Enterprise Portal Platform. A patch is available.
Auteur: Cert EU

RSA SecurID Software Token DLL Loading Arbitrary Code Execution (CERT-EU Security Advisory 2011-0030)

RSA SecurID Software Token is prone to a vulnerability that lets attackers execute arbitrary code. This vulnerability may be exploited to load arbitrary libraries by tricking a user into opening a Software Token file located on a compromised or...
Auteur: Cert EU

Mozilla Firefox/Thunderbird/SeaMonkey information disclosure vulnerability (Security Advisory 2011-0028)

Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 are prone to an information disclosure vulnerability, exploitable by a remote attacker to obtain information from the browser history.[1] Updated versions are available.[3]
Auteur: Cert EU

Unspecified vulnerability in Adobe Flash Player 11.1.102.55 (Security Advisory 2011-0027)

Adobe Flash Player 11.1.102.55 on Windows and Mac OS X is prone to remote attacks by execution of arbitrary code via a crafted SWF file.
Auteur: Cert EU

JBoss Application Server Administrative Console Cross-Site Scripting (Security Advisory 2011-0025)

JBoss Application Server console is prone to a cross-site scripting vulnerability while handling DOM objects; fixes are available.
Auteur: Cert EU

JBoss AS Administration Cross Site Request Forgery Vulnerability (Security Advisory 2011-0024)

JBoss AS is prone to a cross-site request-forgery vulnerability; fixes are available.
Auteur: Cert EU

HP Printers and Digital Senders Remote Security Bypass Vulnerability (Security Advisory 2011-0023)

HP Printers and Digital Senders are prone to a security-bypass vulnerability leading to the installation of a malicious firmware
Auteur: Cert EU

Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability (CERT-EU Security Advisory 2011-0022)

Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability Apache HTTP Server is prone to a security-bypass vulnerability.
Auteur: Cert EU

Multiple Linux Kernel Vulnerabilities (CERT-EU Security Advisory 2011-0021)

Linux kernel is prone to multiple 'hardlink' stack-based buffer-overflow vulnerabilities and multiple integer-overflow vulnerabilities because of a failure to properly bounds check user-supplied input. Specifically, hardlink fails to properly...
Auteur: Cert EU

IBM Lotus Mobile Connect - Cross Site Scripting Vulnerability 9 (CERT-EU Security Advisory 2011-0020)

IBM Lotus Mobile Connect is prone to a cross-site scripting vulnerability. Fixes are available. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...
Auteur: Cert EU

Linux Kernel - Remote Denial of Service Vulnerability (CERT-EU Security Advisory 2011-0019)

The Linux kernel is prone to a remote denial-of-service vulnerability. Specifically, this issue occurs when using certain network drivers for handling VLAN 0 frames with the priority tag set. Attackers can remotely exploit this issue by sending...
Auteur: Cert EU

Linux Kernel - Remote Denial of Service Vulnerability (CERT-EU Security Advisory 2011-0018)

The Linux kernel is prone to a remote denial-of-service vulnerability. To exploit this issue, attackers can use readily available network utilities.
Auteur: Cert EU

Microsoft Windows Kernel Remote Code Execution Vulnerability (CERT-EU Security Advisory 2011-0017)

Microsoft Windows is prone to a remote code-execution vulnerability. A commercial exploit is available for CORE IMPACT; urgency raised.
Auteur: Cert EU

Oracle Java Remote Java Runtime Environment (CERT-EU Security Advisory 2011-0016)

Oracle Java SE is prone to a remote vulnerability in Java Runtime Environment. A commercial exploit is available through VUPEN Security; urgency raised.
Auteur: Cert EU

ISC BIND 9 Recursive Queries Remote DoS (CERT-EU Security Advisory 2011-0015)

ISC BIND is prone to a remote denial-of-service vulnerability
Auteur: Cert EU

Adobe Acrobat and Reader - Multiple Vulnarabilities (CERT-EU Security Advisory 2011-0014)

Critical vulnerabilities have been identified in Adobe Acrobat and Reader.
Auteur: Cert EU

Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability (CERT-EU Security Advisory 2011-0013)

Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability (CERT-EU Security Advisory 2011-0013)
Auteur: Cert EU

Adobe Flash Player - Multiple Vulnerabilities (CERT-EU Security Advisory 2011-0012)

Critical vulnerabilities have been identified in Adobe Flash Player 11.0.1.152 and earlier versions for Windows, Macintosh, Linux and Solaris, and Adobe Flash Player 11.0.1.153 and earlier versions for Android. [1]
Auteur: Cert EU

Mozilla Firefox and Thunderbird 'loadSubScript()' Security Bypass (CERT-EU Security Advisory 2011-0011)

Mozilla Firefox and Thunderbird are prone to a security-bypass vulnerability [1]. This issue occurs because installed add-ons fail to properly use 'XPCNativeWrappers' in the 'loadSubScript()' function.
Auteur: Cert EU

Mozilla Firefox and Thunderbird Shift-JIS Encoding HTML Injection Vulnerability (CERT-EU Security Advisory 2011-0010)

Mozilla Firefox and Thunderbird are prone to an HTML-injection vulnerability CVE-2011-3648(Candidate) Exploits are available. Fixes are available.
Auteur: Cert EU

Multiple vulnerabilities on Adobe Shockwave Player (CERT-EU Security Advisory 2011-0009)

Adobe Shockwave Player is prone to several memory corruption vulnerabilities [1] leading to arbitrary code execution.
Auteur: Cert EU
First11121314151617181920

Événements SSI