Security Bulletins
|
||||||
| Tue, 13 Jul 2010 08:00:00 GMT MS10-045 - Important: Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution (978212) | ||||||
| Bulletin Severity Rating:Important - This security update resolves a privately reported vulnerability. The vulnerability could allow remote code execution if a user opened an attachment in a specially crafted e-mail message using an affected version of Microsoft Office Outlook. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||||
| Tue, 13 Jul 2010 08:00:00 GMT MS10-044 - Critical: Vulnerabilities in Microsoft Office Access ActiveX Controls Could Allow Remote Code Execution (982335) | ||||||
| Bulletin Severity Rating:Critical - This security update resolves two privately reported vulnerabilities in Microsoft Office Access ActiveX Controls. The vulnerabilities could allow remote code execution if a user opened a specially crafted Office file or viewed a Web page that instantiated Access ActiveX controls. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. | ||||||
| Tue, 13 Jul 2010 08:00:00 GMT MS10-043 - Critical: Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276) | ||||||
| Bulletin Severity Rating:Critical - This security update resolves a publicly disclosed vulnerability in the Canonical Display Driver (cdd.dll). Although it is possible that the vulnerability could allow code execution, successful code execution is unlikely due to memory randomization. In most scenarios, it is much more likely that an attacker who successfully exploited this vulnerability could cause the affected system to stop responding and automatically restart. | ||||||
| Tue, 13 Jul 2010 08:00:00 GMT MS10-042 - Critical: Vulnerability in Help and Support Center Could Allow Remote Code Execution (2229593) | ||||||
| Bulletin Severity Rating:Critical - This security update resolves a publicly disclosed vulnerability in the Windows Help and Support Center feature that is delivered with supported editions of Windows XP and Windows Server 2003. This vulnerability could allow remote code execution if a user views a specially crafted Web page using a Web browser or clicks a specially crafted link in an e-mail message. The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful, a user must click a link listed within an e-mail message. | ||||||
| Tue, 08 Jun 2010 08:00:00 GMT MS10-041 - Important: Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343) | ||||||
| Bulletin Severity Rating:Important - This security update resolves a publicly disclosed vulnerability in Microsoft .NET Framework. The vulnerability could allow data tampering of signed XML content without being detected. In custom applications, the security impact depends on how the signed content is used in the specific application. Scenarios in which signed XML messages are transmitted over a secure channel (such as SSL) are not affected by this vulnerability. |
![[logo]](http://www.microsoft.com/library/toolbar/3.0/images/banners/TechNetB_masthead_ltr.gif "Microsoft Security Bulletins")
|
||||||
| SB10-207: Vulnerability Summary for the Week of July 19, 2010 | ||||||
| Vulnerability Summary for the Week of July 19, 2010 | ||||||
| SB10-200: Vulnerability Summary for the Week of July 12, 2010 | ||||||
| Vulnerability Summary for the Week of July 12, 2010 | ||||||
| TA10-194B: Oracle Updates for Multiple Vulnerabilities | ||||||
| Oracle Updates for Multiple Vulnerabilities | ||||||
| TA10-194A: Microsoft Updates for Multiple Vulnerabilities | ||||||
| Microsoft Updates for Multiple Vulnerabilities | ||||||
| SB10-193: Vulnerability Summary for the Week of July 5, 2010 | ||||||
| Vulnerability Summary for the Week of July 5, 2010 |
|
||||||
| 2010-07-29 Vuln: Wireshark 0.8.20 through 1.2.8 Multiple Vulnerabilities | ||||||
| Wireshark 0.8.20 through 1.2.8 Multiple Vulnerabilities | ||||||
| 2010-07-29 Vuln: PHP Traverser 'mp3_id.php' Remote File Include Vulnerability | ||||||
| PHP Traverser 'mp3_id.php' Remote File Include Vulnerability | ||||||
| 2010-07-29 Vuln: Serenity Audio Player '.m3u' File Buffer Overflow Vulnerability | ||||||
| Serenity Audio Player '.m3u' File Buffer Overflow Vulnerability | ||||||
| 2010-07-29 Vuln: Mundi Mail Multiple Remote Command Execution Vulnerabilities | ||||||
| Mundi Mail Multiple Remote Command Execution Vulnerabilities | ||||||
| Bugtraq: [SECURITY] [DSA 2077-1] New openldap packages fix potential code execution | ||||||
| [SECURITY] [DSA 2077-1] New openldap packages fix potential code execution |
![[logo]](http://www.securityfocus.com/rss/SFLogo_v1.gif "SecurityFocus")
|
||||||
| Thu, 29 Jul 2010 22:45:49 GMT McAfee 2Q profit rises (AP) | ||||||
| AP - Computer-security software maker McAfee Inc. said Thursday that its second-quarter profit rose 38 percent, helped by growth in its corporate and consumer businesses. | ||||||
| Thu, 29 Jul 2010 12:30:12 GMT Verizon: Data Breaches Often Caused by Configuration Errors (PC World) | ||||||
| PC World - Hackers appear to be increasingly counting on configuration problems and programming errors rather than software vulnerabilities in order to steal information from computer systems, according to a new study from Verizon. | ||||||
| Thu, 29 Jul 2010 06:51:25 GMT Internet upgraded to foil cyber crooks (AFP) | ||||||
|
||||||
| Thu, 29 Jul 2010 02:37:03 GMT Bunker-busting ATM attacks show security holes (AP) | ||||||
|
||||||
| Wed, 28 Jul 2010 19:30:14 GMT DHS Exec Takes Hard Questions on Cybersecurity (PC World) | ||||||
| PC World - The U.S. Department of Homeland Security sent its highest-ranking official ever to speak at the Black Hat conference this week, and its Deputy Secretary Jane Holl Lute ended up fielding a few tough questions from skeptical computer security professionals in attendance. |
![[logo]](http://l.yimg.com/a/i/us/nws/th/main_142c.gif "Yahoo! News")
|
||||||
| Thu, 09 Nov 2006 07:00:00 PST Cisco IPSec VPN Implementation Group Name Enumeration Vulnerability | ||||||
| This Cisco Security Notice is being released in response to the Cisco VPN Concentrator Group Name Enumeration Vulnerability advisory published on June 20, 2005 by NTA Monitor at http://www.nta-monitor.com/news/vpn-flaws/cisco/VPN-Concentrator/index.htm. |
||||||
| Fri, 21 Apr 2006 13:40:00 PST Crafted DNS Packet Can Cause Denial Of Service | ||||||
| Thu, 26 Jan 2006 14:30:00 PST Cisco IPsec VPN Implementation Group Password Usage Vulnerability | ||||||
| Mon, 07 Nov 2005 10:00:00 PST Response to BugTraq - Cisco Clean Access Agent (Perfigo) Bypass | ||||||
| This document is provided to simplify access to Cisco responses to possible product security vulnerability issues posted in public forums for Cisco customers. This does not imply that Cisco perceives each of these issues as an actual product security vulnerability. This notice is provided on an "as is" basis and does not imply any kind of guarantee or warranty. Your use of the information on the page or materials linked from this page are at your own risk. Cisco reserves the right to change or update this page without notice at any time. |
||||||
| Thu, 08 Sep 2005 07:00:00 PST CSS SSL Authentication Bypass | ||||||
| The Cisco CSS 11500 Series Content Services Switches (CSS) running Secure Socket Layer (SSL) has a vulnerability that may allow a user to bypass SSL authentication and access protected content. Cisco has made free software available to address this vulnerability. |
![[logo]](http://newsroom.cisco.com/images/mobile_newsAtCisco.png "News@Cisco")
|
||||||
| Thu, 29 Jul 2010 05:00:00 PST CDS Internet Streamer: Web Server Directory Traversal Vulnerability | ||||||
| The Cisco Internet Streamer application, part of the Cisco Content Delivery System, contains a directory traversal vulnerability on its web server component that allows for arbitrary file access. By exploiting this vulnerability, an attacker may be able to read arbitrary files on the device, outside of the web server document directory, by using a specially crafted URL. |
||||||
| Thu, 22 Jul 2010 09:00:00 PST Transport Layer Security Renegotiation Vulnerability | ||||||
| An industry-wide vulnerability exists in the Transport Layer Security (TLS) protocol that could impact any Cisco product that uses any version of TLS and SSL. The vulnerability exists in how the protocol handles session renegotiation and exposes users to a potential man-in-the-middle attack. |
||||||
| Tue, 13 Jul 2010 05:00:00 PST Cisco Secure Desktop ActiveX Control Code Execution Vulnerability | ||||||
| Updated workarounds. |
||||||
| Wed, 07 Jul 2010 07:00:00 PST Hard-Coded SNMP Community Names in Cisco Industrial Ethernet 3000 Series Switches Vulnerability | ||||||
| Wed, 09 Jun 2010 07:00:00 PST Vulnerabilities in Cisco Unified Contact Center Express | ||||||
powered by zFeeder
Top «
