-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02757867
Version: 1
HPSBMA02647 SSRT100383 rev.1 - HP Discovery & Dependency Mapping Inventory
(DDMI) Running on Windows, Insecure SNMP Configuration
NOTICE: The information in this Security B
Release Date: 2011-03-22
Application: Apple OS X kernel (XNU)
Versions: All versions <= xnu-1504.7.4
Severity: Medium
Author: Dan Rosenberg
Vendor Status: Patch Released [2]
CVE Candidate: CVE-2011-0180
Reference: http://www.vsecurity.com/resources/advisory/2011032
ZDI-11-109: (Pwn2Own) Apple Safari OfficeArtBlip Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-109
March 22, 2011
-- CVE ID:
CVE-2011-1417
-- CVSS:
9.7, (AV:N/AC:L/Au:N/C:C/I:C/A:P)
-- Affected Vendors:
Apple
-- Affected Products:
Apple Safari
ZDI-11-108: Mac OS X Compact Font Format Decoder Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-108
March 22, 2011
-- CVE ID:
CVE-2011-0176
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
Apple Preview
-- Ti
Apple Mac OS X Image RAW Multiple Buffer Overflows
22/03/2011
Paul Harrington of NGS Secure has discovered a High risk vulnerability in Mac
OS X Image RAW. Multiple buffer overflow issues existed in Image RAW's handling
of Canon RAW images. Viewing a maliciously crafted Canon RAW image may resu
===
Summary
===
Name: Immunity Debugger Buffer Overflow
Release Date: 22 March 2011
Reference: NGS00016
Discoverer: Paul Harrington
Vendor: Immunity Inc
Vendor Reference: Support #3171
Systems Affected: Windows
Risk: Low
Status: Fixed
TimeLine
Discovered: 28 October 2010
===
CMS Balitbang v.3.3 Arbitary file upload vulnerability
===
Software: CMS Balitbang
Vendor: www.kajianwebsite.org
Vuln Type: Arbitary file upload
Downloa
===
Summary
===
Name: Cisco IPSec VPN Implementation Group Name Enumeration
Release Date: 22 March 2011
Reference: NGS00014
Discoverer: Gavin Jones
Vendor: Cisco
Vendor Reference: CSCei51783, CSCtj96108
Systems Affected: ASA 5500 Series Adaptive Security Appliances -Cisco PIX 500
Series Se
iDefense Security Advisory 03.21.11
http://labs.idefense.com/intelligence/vulnerabilities/
Mar 21, 2011
I. BACKGROUND
The OfficeImport framework is an API used by Apple's mobile devices,
including the iPod Touch, iPhone, and iPad. The framework is used to
parse and display Microsoft Office file f
ZDI-11-107: Libtiff ThunderCode Decoder THUNDER_2BITDELTAS Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-107
March 21, 2011
-- CVE ID:
CVE-2011-1167
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Libtiff
-- Affected Products:
Libtiff l
Apple Mac OS X ImageIO Integer Overflow
22/03/2011
Dominic Chell of NGS Secure has discovered a High risk vulnerability in Mac OS
X ImageIO. An integer overflow issue exists in ImageIO's handling of
JPEG-encoded TIFF images. Viewing a maliciously crafted TIFF image may result
in an unexpected
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2197-1 secur...@debian.org
http://www.debian.org/security/Florian Weimer
March 21, 2011
> At what point in time did you try contacting any of the vendors for
> these issues?
the vendors of the affected softwares have not been contacted.
> How do you propose a manufacturer fix an issue?
in the security field a public vulnerability is a dead vulnerability,
anyone who has found and r
On 3/21/2011 12:16 PM, Luigi Auriemma wrote:
> The following are almost all the vulnerabilities I found for a quick
> experiment some months ago in certain well known server-side SCADA
> softwares still vulnerable in this moment.
At what point in time did you try contacting any of the vendors for
14 matches
Mail list logo