You are here

JC3 Medium Impact Assessment Bulletins

RSS
September 9, 2013
V-237: TYPO3 Security Bypass Vulnerabilities

TYPO3 comes with the possibility to restrict editors to certain file actions (copy, delete, move etc.) and to restrict these actions to be performed in certain locations

September 4, 2013
V-234: EMC RSA Archer GRC Open Redirection Weakness and Security Bypass Security Issue

This fixes multiple vulnerabilities, which can be exploited to bypass certain security restrictions and to conduct spoofing attacks

September 3, 2013
V-233: Red Hat update for JBoss Fuse

This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS.

August 28, 2013
V-229: IBM Lotus iNotes Input Validation Flaws Permit Cross-Site Scripting Attacks

IBM Lotus iNotes 8.5.x contains four cross-site scripting vulnerabilities

August 27, 2013
V-228: RealPlayer Buffer Overflow and Memory Corruption Error Let Remote Users Execute Arbitrary Code

A remote user can cause arbitrary code to be executed on the target user's system

August 26, 2013
V-227: VMware Workstation and Player vmware-mount Command Flaw Lets Local Users Gain Root Privileges

VMware Workstation and Player contain a vulnerability in the handling of the vmware-mount command

August 21, 2013
V-223: RSA Authentication Agent for PAM Allows Remote Users to Make Unlimited Login Attempts

A remote user can make unlimited login attempts

August 20, 2013
V-222: SUSE update for Filezilla

This vulnerability can be exploited by malicious people to potentially compromise a user's system

August 19, 2013
V-221: WordPress A Forms Plugin Cross-Site Request Forgery and Form Field Script Insertion Vulnerabilities

This vulnerability can be exploited to conduct cross-site request forgery and script insertion attacks

August 14, 2013
V-217: Microsoft Windows NAT Driver ICMP Packet Handling Denial of Service Vulnerability

This security update resolves a vulnerability in the Windows NAT Driver in Microsoft Windows