SANS @RISK
(1) MEDIUM: Mozilla Firefox Multiple Security Vulnerabilities
Category: Widely Deployed Software
Affected:
- Mozilla Firefox prior to 10.0
- Mozilla Firefox 3.6.x prior to 3.6.26
(2) MEDIUM: Symantec PCAnywhere Buffer Overflow
Category: Widely Deployed Software
Affected:
- Symantec pcAnywhere 12.0.x and 12.1.x prior to 12.5.3
12.5.6 EMC NetWorker Unspecified Buffer Overflow
CVEs: CVE: CVE-2012-0395
Platform: Cross Platform
12.5.7 Limit My Call Remote Unauthorized Access
CVEs: CVE: CVE-2011-4703
Platform: Cross Platform
12.5.8 Wireshark Buffer Underflow and Denial of Service Vulnerabilities
CVEs: CVE: CVE-2012-0068,CVE-2012-0067,CVE-2012-0066
Platform: Cross Platform
12.5.9 Samba Memory Leak Local Denial Of Service
CVEs: CVE: CVE-2012-0817
Platform: Cross Platform
12.5.11 FFmpeg Multiple Remote Vulnerabilities
CVEs: CVE:CVE-2011-3952,CVE-2011-3951,CVE-2011-3950,CVE-2011-3949,CVE-2011-3947,CVE-2011-3946,CVE-2011-3945,CVE-2011-3944,CVE-2011-3941,CVE-2011-3940,CVE-2011-3937,CVE-2011-3936,CVE-2011-3935,CVE-2011-3934,CVE-2011-3929
Platform: Cross Platform
12.5.12 HP Network Automation Remote Unauthorized Access
CVEs: CVE: CVE-2011-4790
Platform: Cross Platform
12.5.13 RESTEasy JaxB XML Entity References Information Disclosure
CVEs: CVE: CVE-2012-0818
Platform: Cross Platform
12.5.14 Mozilla Firefox/SeaMonkey/Thunderbird Multiple Vulnerabilities
CVEs: CVE:CVE-2012-0445,CVE-2012-0447,CVE-2011-3659,CVE-2012-0442,CVE-2012-0443,CVE-2012-0444,CVE-2012-0449,CVE-2012-0446
Platform: Cross Platform
2012-0809 Todd Miller Sudo "Sudo_Debug()" Path Resolution Local Privilege Escalation
CVEs: CVE: CVE
Platform: Cross Platform
12.5.24 Syneto Unified Threat Management Cross-Site Request Forgery
CVEs: CVE: Not Available
Platform: Hardware
12.5.25 Fortigate UTM WAF Appliance Cross-Site Scripting and HTML Injection Vulnerabilities
CVEs: CVE: Not Available
Platform: Hardware
12.5.4 Debian Openssh Server Forced Command Handling Information Disclosure
CVEs: CVE: CVE-2012-0814
Platform: Linux
12.5.5 Wicd "wicd/configmanager.py" Local Information Disclosure
CVEs: CVE: CVE-2012-0813
Platform: Linux
12.5.23 D-Link DIR-601 TFTP Server Directory Traversal
CVEs: CVE: CVE-2011-4821
Platform: Network Device
12.5.1 Trend Micro DataArmor and DriveArmor Pre-boot Local Privilege Escalation
CVEs: CVE: Not Available
Platform: Third Party Windows Apps
12.5.2 RSA enVision Environmental Variable Information Disclosure
CVEs: CVE: CVE-2011-4143
Platform: Third Party Windows Apps
12.5.3 PDF-XChange pdfSaver ActiveX Multiple Buffer Overflow Vulnerabilities
CVEs: CVE: Not Available
Platform: Third Party Windows Apps
12.5.18 Apache HTTP Server mod_log_config Denial Of Service
CVEs: CVE: CVE-2012-0021
Platform: Web Application