SANS @RISK

Syndicate content SANS RSS Feed
All Updates From Vol: 9 - Issue: 31
URL: http://www.sans.org/newsletters/risk/display.php
Updated: 1 day 5 hours ago

(1) HIGH: QuickTime Player Streaming Debug Error Logging Buffer Overflow

Fri, 2010-07-30 08:10

Category: Widely Deployed Software

Affected:

  • QuickTime 7.6.6 (1671) for Windows

Categories: Security Alerts

(2) HIGH: Mozilla Firefox Plugin Parameter Reference Remote Code Execution Vulnerability

Fri, 2010-07-30 08:10

Category: Widely Deployed Software

Affected:

  • Mozilla Firefox prior to Firefox 3.6.8

Categories: Security Alerts

(3) HIGH: Google Chrome Multiple Vulnerabilities

Fri, 2010-07-30 08:10

Category: Widely Deployed Software

Affected:

  • Google Chrome prior to 5.0.375.125

Categories: Security Alerts

10.31.15 HP OpenView Network Node Manager Unspecified Code Execution Issue

Fri, 2010-07-30 08:10

CVEs: CVE: CVE-2010-2703, CVE-2010-2704

Platform: Cross Platform

Categories: Security Alerts

10.31.16 mlmmj (Mailing List Managing Made Joyful) Directory Traversal

Fri, 2010-07-30 08:10

CVEs: CVE: CVE-2009-4896

Platform: Cross Platform

Categories: Security Alerts

10.31.17 Mozilla Firefox and SeaMonkey Plugin Parameters Buffer Overflow

Fri, 2010-07-30 08:10

CVEs: CVE: CVE-2010-1214

Platform: Cross Platform

Categories: Security Alerts

10.31.18 RSA Federated Identity Manager URI Redirection Issue

Fri, 2010-07-30 08:10

CVEs: CVE: Not Available

Platform: Cross Platform

Categories: Security Alerts

10.31.19 MapServer Buffer Overflow and Unspecified Security Vulnerabilities

Fri, 2010-07-30 08:10

CVEs: CVE: Not Available

Platform: Cross Platform

Categories: Security Alerts

10.31.20 Mozilla Foundation Security Advisory (MFSA 2010 34 - MFSA 2010 48)

Fri, 2010-07-30 08:10

CVEs: CVE: CVE-2010-0654, CVE-2010-1205, CVE-2010-1207,CVE-2010-1210, CVE-2010-1211, CVE-2010-1212, CVE-2010-1213,CVE-2010-1215, CVE-2010-2751, CVE-2010-2752, CVE-2010-2753,CVE-2010-2754

Platform: Cross Platform

Categories: Security Alerts

10.31.21 Qt "QTextEngine::LayoutData::reallocate()" Memory Corruption Issue

Fri, 2010-07-30 08:10

CVEs: CVE: Not Available

Platform: Cross Platform

Categories: Security Alerts

10.31.22 Pidgin "X-Status" Message Denial of Service Issue

Fri, 2010-07-30 08:10

CVEs: CVE: CVE-2010-2528

Platform: Cross Platform

Categories: Security Alerts

10.31.23 Apple Safari Personal Address Book AutoFill Information Disclosure Weakness

Fri, 2010-07-30 08:10

CVEs: CVE: Not Available

Platform: Cross Platform

Categories: Security Alerts

10.31.24 EllisLab CodeIgniter "Upload.php" Arbitrary File Upload Issue

Fri, 2010-07-30 08:10

CVEs: CVE: Not Available

Platform: Cross Platform

Categories: Security Alerts

10.31.25 Git "gitdir" Remote Buffer Overflow

Fri, 2010-07-30 08:10

CVEs: CVE: Not Available

Platform: Cross Platform

Categories: Security Alerts

10.31.26 BRLTTY Runtime Library Search Path Local Privilege Escalation Issue

Fri, 2010-07-30 08:10

CVEs: CVE: CVE-2008-3279

Platform: Cross Platform

Categories: Security Alerts

10.31.27 Corel WordPerfect Office X5 ".wpd" File Processing Remote Buffer Overflow Issue

Fri, 2010-07-30 08:10

CVEs: CVE: Not Available

Platform: Cross Platform

Categories: Security Alerts

10.31.28 NuralStorm Webmail Multiple Security Issues

Fri, 2010-07-30 08:10

CVEs: CVE: Not Available

Platform: Cross Platform

Categories: Security Alerts

10.31.29 HP Insight Orchestration Unspecified Security Bypass Issue

Fri, 2010-07-30 08:10

CVEs: CVE: CVE-2010-1965

Platform: Cross Platform

Categories: Security Alerts

10.31.30 t-prot "--max-lines" Option Denial of Service

Fri, 2010-07-30 08:10

CVEs: CVE: CVE-2009-4404

Platform: Cross Platform

Categories: Security Alerts

10.31.31 XWork "ParameterInterceptor" Class OGNL Security Bypass

Fri, 2010-07-30 08:10

CVEs: CVE: CVE-2010-1870

Platform: Cross Platform

Categories: Security Alerts