On 3/21/2011 12:16 PM, Luigi Auriemma wrote:
The following are almost all the vulnerabilities I found for a quick
experiment some months ago in certain well known server-side SCADA
softwares still vulnerable in this moment.
At what point in time did you try contacting any of the vendors for
At what point in time did you try contacting any of the vendors for
these issues?
the vendors of the affected softwares have not been contacted.
How do you propose a manufacturer fix an issue?
in the security field a public vulnerability is a dead vulnerability,
anyone who has found and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2197-1 secur...@debian.org
http://www.debian.org/security/Florian Weimer
March 21, 2011
Apple Mac OS X ImageIO Integer Overflow
22/03/2011
Dominic Chell of NGS Secure has discovered a High risk vulnerability in Mac OS
X ImageIO. An integer overflow issue exists in ImageIO's handling of
JPEG-encoded TIFF images. Viewing a maliciously crafted TIFF image may result
in an unexpected
ZDI-11-107: Libtiff ThunderCode Decoder THUNDER_2BITDELTAS Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-107
March 21, 2011
-- CVE ID:
CVE-2011-1167
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Libtiff
-- Affected Products:
Libtiff
iDefense Security Advisory 03.21.11
http://labs.idefense.com/intelligence/vulnerabilities/
Mar 21, 2011
I. BACKGROUND
The OfficeImport framework is an API used by Apple's mobile devices,
including the iPod Touch, iPhone, and iPad. The framework is used to
parse and display Microsoft Office file
===
Summary
===
Name: Cisco IPSec VPN Implementation Group Name Enumeration
Release Date: 22 March 2011
Reference: NGS00014
Discoverer: Gavin Jones
Vendor: Cisco
Vendor Reference: CSCei51783, CSCtj96108
Systems Affected: ASA 5500 Series Adaptive Security Appliances -Cisco PIX 500
Series
===
CMS Balitbang v.3.3 Arbitary file upload vulnerability
===
Software: CMS Balitbang
Vendor: www.kajianwebsite.org
Vuln Type: Arbitary file upload
===
Summary
===
Name: Immunity Debugger Buffer Overflow
Release Date: 22 March 2011
Reference: NGS00016
Discoverer: Paul Harrington
Vendor: Immunity Inc
Vendor Reference: Support #3171
Systems Affected: Windows
Risk: Low
Status: Fixed
TimeLine
Discovered: 28 October 2010
Apple Mac OS X Image RAW Multiple Buffer Overflows
22/03/2011
Paul Harrington of NGS Secure has discovered a High risk vulnerability in Mac
OS X Image RAW. Multiple buffer overflow issues existed in Image RAW's handling
of Canon RAW images. Viewing a maliciously crafted Canon RAW image may
ZDI-11-108: Mac OS X Compact Font Format Decoder Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-108
March 22, 2011
-- CVE ID:
CVE-2011-0176
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
Apple Preview
--
ZDI-11-109: (Pwn2Own) Apple Safari OfficeArtBlip Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-109
March 22, 2011
-- CVE ID:
CVE-2011-1417
-- CVSS:
9.7, (AV:N/AC:L/Au:N/C:C/I:C/A:P)
-- Affected Vendors:
Apple
-- Affected Products:
Apple
/resources/advisory/20110322-1/
-
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Product Description
- ---
- From [1]:
Beneath the appealing, easy-to-use interface of Mac OS X is a rock-solid,
UNIX-based foundation that is engineered for stability
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02757867
Version: 1
HPSBMA02647 SSRT100383 rev.1 - HP Discovery Dependency Mapping Inventory
(DDMI) Running on Windows, Insecure SNMP Configuration
NOTICE: The information in this Security
14 matches
Mail list logo
