You are here

JC3 Low Impact Assessment Bulletins

July 31, 2013
V-207: Wireshark Multiple Denial of Service Vulnerabilities

Successful exploitation of this vulnerability may allow execution of arbitrary code.

July 30, 2013
V-206: Apache HTTP Server mod_rewrite and "httpOnly" Cookie Disclosure Vulnerabilities

Two vulnerabilities have been reported in Apache HTTP Server

July 29, 2013
V-205: IBM Tivoli System Automation for Multiplatforms Java Multiple Vulnerabilities

The weakness and the vulnerabilities are caused due to a bundled vulnerable version of Java.

November 30, 2011
U-048: HP LaserJet Printers Unspecified Flaw Lets Remote Users Update Firmware with Arbitrary Code

A remote user can upgrade the printer's firmware with arbitrary code

November 25, 2011
U-045: Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny Service

Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny

July 1, 2011
T-659: Update support for RSA Authentication Manager

RSA posted SP4 Patch 4 of their Authentication Manager product 06/30/2011. There are a few pages of fixes in the README, but the most significant is that Authentication Manager can now be installed on Windows Server 2008 (both 32 and 64bit).

April 7, 2011
T-597: WordPress Multiple Security Vulnerabilities

Attackers can exploit these issues to perform unauthorized actions in the context of the logged-in user, crash the affected application and therefore deny service to legitimate users, or execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials or launch other attacks.

February 25, 2011
T-565: Vulnerability in Microsoft Malware Protection Engine Could Allow Elevation of PrivilegeVulnerability

Microsoft is releasing this security advisory to help ensure customers are aware that an update to the Microsoft Malware Protection Engine also addresses a security vulnerability reported to Microsoft.