Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

Unauthorized Access Vulnerability in Cisco Unified SIP Phone 3905 [1] (CERT-EU Security Advisory 2014-014)

A vulnerability in the Cisco Unified SIP Phone 3905 could allow an unauthenticated, remote attacker to gain root-level access to an affected device.
Auteur: Cert EU

Man-in-the-Middle Attack Against Email Synchronization (CERT-EU Security Advisory 2014-013)

The attack consists in spoofing a SSID of a WiFi network to which devices try to connect (most devices actively advertise SSIDs of all networks known to them). Once a device connects to such network and tries to synchronize e-mails, a malicious...
Auteur: Cert EU

Security updates available for Adobe Flash Player (CERT-EU Security Advisory 2014-012)

Adobe has released security updates for Adobe Flash Player 12.0.0.43 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.335 and earlier versions for Linux. These updates address a critical vulnerability that could...
Auteur: Cert EU

Security update available for Adobe Shockwave Player (CERT-EU Security Advisory 2014-011)

Adobe has released a security update for Adobe Shockwave Player 12.0.7.148 and earlier versions on the Windows and Macintosh operating systems. This update addresses critical vulnerabilities that could potentially allow an attacker to remotely...
Auteur: Cert EU

Microsoft Security Updates (CERT-EU Security Advisory 2014-009)

Microsoft has published on a number of new security updates. This advisory is intended to help you plan for the deployment of these security updates more effectively.
Auteur: Cert EU

Critical Vulnerability in MediaWiki Platform (CERT-EU Security Advisory 2014-010)

Researchers have discovered a critical vulnerability in the popular MediaWiki Web platform, which is used to run Wikipedia and tens of thousands of other wiki sites around the world. This vulnerability allows an attacker to perform remote code...
Auteur: Cert EU

Denial of Service on Bind BIND nameservers (CERT-EU Security Advisory 2014-007)

Because of a defect in handling queries for NSEC3-signed zones, BIND can crash with an "INSIST" failure in name.c when processing queries possessing certain properties. By exploiting this defect an attacker deliberately constructing a query with...
Auteur: Cert EU

VMware multiple vulnerabilities (CERT-EU Security Advisory 2014-006)

VMware Workstation, Player, Fusion, ESXi, ESX and vCloud Director address several security issues: VMware ESXi and ESX NFC NULL pointer dereference (CVE-2014-1207).
Auteur: Cert EU

Multiple Bugfixes in PHP (CERT-EU Security Advisory 2014-005)

The PHP development team announces the immediate availability of PHP 5.5.8. About 15 bugs were fixed. The PHP development team announces the immediate availability of PHP 5.4.20. About 30 bugs were fixed.
Auteur: Cert EU

Multiple Vulnerabilities in Cisco Secure Access Control System (CERT-EU Security Advisory 2014-004)

Cisco Secure Access Control System (ACS) is affected by the following vulnerabilities: -Cisco Secure ACS RMI Privilege Escalation Vulernability -Cisco Secure ACS RMI Unauthenticated User Access Vulnerability -Cisco Secure ACS Operating System...
Auteur: Cert EU

Oracle Critical Patch Update Advisory of January 2014 (CERT-EU Security Advisory 2014-003)

Oracle Critical Patch Update Advisory of January 2014 contains 144 new security fixes across the product families.
Auteur: Cert EU

Multiple Microsoft vulnerabilities (CERT-EU Security Advisory 2014-002)

The vulnerabilities could allow remote code execution if a specially crafted file is opened in an affected version of Microsoft Word or other affected Microsoft Office software. An attacker who successfully exploited the vulnerabilities could...
Auteur: Cert EU

Multiple Adobe vulnerabilities (CERT-EU Security Advisory 2014-001)

Adobe has released security updates for Adobe Reader and Acrobat XI (11.0.05) and earlier versions for Windows and Macintosh.
Auteur: Cert EU

Cisco ASA Denial of service (CERT-EU Security Advisory 2013-0100)

A vulnerability in the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected system to become unresponsive to management session requests via SSH, Telnet, HTTP, and HTTPS.
Auteur: Cert EU

WMware ESX multiple vulnerabilities (CERT-EU Security Advisory 2013-0099)

VMware has updated several third party libraries in ESX that address multiple security vulnerabilities.
Auteur: Cert EU

Microsoft December 2013 patches (CERT-EU Security Advisory 2013-0098)

Microsoft has released December 2013 patches.
Auteur: Cert EU

VMware Products Increased privileges - Existing account [1] (CERT-EU Security Advisory 2013-0097)

VMware Workstation, Fusion, ESXi and ESX patches address a vulnerability in the LGTOSYNC.SYS driver which could result in a privilege escalation on older Windows-based Guest Operating Systems.
Auteur: Cert EU

Cisco ASA Malformed DNS Reply Denial of Service Vulnerability [1] (CERT-EU Security Advisory 2013-0096)

A vulnerability in the DNS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause the reload of an affected system.
Auteur: Cert EU

JBoss Enterprice Aplication Platform update [1] (CERT-EU Security Advisory 2013-095)

An update for Red Hat JBoss Enterprise Application Platform 6.2.0, which fixes two security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal.
Auteur: Cert EU

Microsoft Advance Security Updates (CERT-EU Security Advisory 2013-094)

Microsoft has published an advanced for a number of new security updates which will be released on December 13, 2013.
Auteur: Cert EU

Microsoft Windows local privilege escalation zero-day bypassing Adobe Reader sandbox in the wild (CERT-EU Security Advisory 2013-093)

A new Windows local privilege escalation vulnerability has been identified in the wild [1].
Auteur: Cert EU

Security updates available for Adobe Flash Player (CERT-EU Security Advisory 2013-092)

Adobe has released security updates for Adobe Flash Player 11.9.900.117 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.310 and earlier versions for Linux.
Auteur: Cert EU

Hotfix available for ColdFusion (CERT-EU Security Advisory 2013-091)

Adobe has released a security hotfix for ColdFusion versions 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and Linux.
Auteur: Cert EU

Microsoft Security Updates (CERT-EU Security Advisory 2013-090)

Microsoft has published on a number of new security updates which has been released on November 13, 2013.
Auteur: Cert EU

Microsoft Security Advisory [1] (CERT-EU Security Advisory 2013-0089)

Microsoft is investigating private reports of a vulnerability in the Microsoft Graphics component that affects Microsoft Windows, Microsoft Office, and Microsoft Lync.
Auteur: Cert EU
First45678910111213Last

Événements SSI