SANS @RISK
(1) HIGH: IBM Lotus iNotes ActiveX Control Buffer Overflow Vulnerability
Category: Widely Deployed Software
Affected:
- IBM Lotus iNotes versions prior to 8.5
- IBM Lotus iNotes versions prior to 7.0.4
(2) HIGH: IBM Informix Multiple Buffer Overflow Vulnerabilities
Category: Widely Deployed Software
Affected:
- IBM Informix IDS 11.10.xC2
- IBM Informix IDS 11.10
- IBM Informix IDS 10.00.xC8
- IBM Informix IDS 10.00.xC7W1
- IBM Informix IDS 10.00.xC11
- IBM Informix IDS 10.0.xC4
- IBM Informix IDS 10.0
SANS 2009
(3) HIGH: Multiple Vendor "librpc.dll" Signedness Error Code Execution Vulnerability
Category: Widely Deployed Software
Affected:
- IBM Informix IDS 9.40 .UC3
- IBM Informix IDS 9.40 .UC2
- IBM Informix IDS 9.40 .UC1
- IBM Informix IDS 9.3
- IBM Informix IDS 9.40 xC7
- IBM Informix IDS 9.40 .xD8
- IBM Informix IDS 9.40 .UC5
- IBM Informix IDS 9.40 .TC5
- IBM Informix IDS 9.4
- IBM Informix IDS 7.31 .xD9
- IBM Informix IDS 7.31 .xD8
- IBM Informix IDS 7.3
- IBM Informix IDS 11.10.xC4
- IBM Informix IDS 11.10.xC2
- IBM Informix IDS 11.10
- IBM Informix IDS 10.00.xC8
- IBM Informix IDS 10.00.xC7W1
- IBM Informix IDS 10.00.xC11
- IBM Informix IDS 10.0.xC4
- IBM Informix IDS 10.0
- IBM Informix IDS 10.0
- EMC Legato Networker 7.3.2
- EMC Legato Networker 7.2.1
- EMC Legato Networker 7.2 build 172
- EMC Legato Networker 7.2
- EMC Legato Networker 7.1.3
- EMC Legato Networker 7.0
- EMC Legato Networker 6.0 x
(4) MODERATE: Microsoft Internet Explorer VBScript Windows Help Code Execution Vulnerability
Category: Widely Deployed Software
Affected:
- Microsoft Windows 2000 Service Pack 4
- Windows XP Service Pack 2, Windows XP Service Pack 3, and Windows XP
- Professional x64 Edition Service Pack 2
- Windows Server 2003 Service Pack 2, Windows Server 2003 with SP2 for
- Itanium-based Systems, and Windows Server 2003 x64 Edition Service Pack 2
(5) MODERATE: Modo 401 LXO Processing Integer Overflow Vulnerability
Category: Widely Deployed Software
Affected:
- Luxology Modo 401 - Windows
10.10.13 IBM AIX LDAP Login Local Denial of Service
CVEs: CVE: Not Available
Platform: Aix
10.10.14 WebKit Image Decoder Memory Allocation Remote Code Execution
CVEs: CVE: CVE-2010-0659
Platform: Cross Platform
10.10.15 EMC HomeBase Server Directory Traversal Remote Code Execution
CVEs: CVE: CVE-2010-0620
Platform: Cross Platform
10.10.16 MochaSoft FTPDisc "get" Request Remote Denial of Service
CVEs: CVE: Not Available
Platform: Cross Platform
10.10.17 cronie "crontab" Symbolic Link Local Privilege Escalation
CVEs: CVE: CVE-2010-0424
Platform: Cross Platform
10.10.18 Zhang Boyang FTP Server Remote Denial of Service
CVEs: CVE: Not Available
Platform: Cross Platform
10.10.19 Kojoney "urllib.urlopen()" Remote Denial of Service
CVEs: CVE: Not Available
Platform: Cross Platform
10.10.20 TIBCO Administrator
CVEs: CVE: CVE-2010-0683
Platform: Cross Platform
10.10.21 Weekly Archive by Node Type Module Weekly Summary Security Bypass
CVEs: CVE: Not Available
Platform: Cross Platform
10.10.22 Apple Safari Style Tag Remote Memory Corruption
CVEs: CVE: Not Available
Platform: Cross Platform
10.10.23 Symantec Altiris Deployment Solution "dbmanager.exe" Denial of Service
CVEs: CVE: Not Available
Platform: Cross Platform
10.10.24 VKPlayer ".mid" File Processing Buffer Overflow
CVEs: CVE: Not Available
Platform: Cross Platform
10.10.25 Asterisk CIDR Notation in Access Rule Remote Security Bypass
CVEs: CVE: Not Available
Platform: Cross Platform
10.10.26 XMail Insecure Temporary File Creation
CVEs: CVE: Not Available
Platform: Cross Platform