You are here

JC3 High Impact Assessment Bulletins

June 28, 2013
V-188: Apache XML Security XPointer Expressions Processing Buffer Overflow Vulnerability

The vulnerability addresses the possibility of a heap overflow condition

June 27, 2013
V-187: Mozilla Firefox Multiple Vulnerabilities

These vulnerabilities can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system.

June 19, 2013
V-181: Oracle Java SE Critical Patch Update Advisory - June 2013

Multiple vulnerabilities were reported in Oracle Java.

June 14, 2013
V-178: IBM Data Studio Web Console Java Multiple Vulnerabilities

IBM Data Studio Web Console uses the IBM Java Runtime Environment (JRE) and might be affected by vulnerabilities in the IBM JRE

June 11, 2013
V-175: Microsoft Security Bulletin Advance Notification for June 2013

Microsoft Security Bulletin Advance Notification for June 2013. Microsoft has posted 1 Critical Bulletin and 4 Important Bulletins. Bulletins with the Maximum Severity Rating and Vulnerability Impact of "Critical" June allow remote execution of code. Microsoft will host a webcast to address customer questions on the security bulletins on June 12, 2013, at 11:00 AM Pacific Time (US & Canada).

June 7, 2013
V-173: Plesk 0-Day Vulnerability

The vulnerability is caused due to PHP misconfiguration in the affected application

June 6, 2013
V-172: ISC BIND RUNTIME_CHECK Error Lets Remote Users Deny Service Against Recursive Resolvers

A defect exists which allows an attacker to crash a BIND 9 recursive resolver with a RUNTIME_CHECK error in resolver.c

May 29, 2013
V-166: HP-UX Directory Server Discloses Passwords to Remote Authenticated and Local Users

Two vulnerabilities were reported in HP-UX Directory Server.

May 27, 2013
V-164: Apple QuickTime Multiple Flaws Let Remote Users Execute Arbitrary Code

Apple QuickTime Multiple Vulnerabilities

May 23, 2013
V-162: Apache Struts "ParameterInterceptor" Security Bypass Vulnerability

A vulnerability has been reported in Apache Struts, which can be exploited by malicious people to bypass certain security restrictions.