You are here

JC3 Medium Impact Assessment Bulletins

RSS
August 12, 2013
V-216: Drupal Monster Menus Module Security Bypass and Script Insertion Vulnerabilities

The vulnerabilities can be exploited by malicious users to bypass certain security restrictions and conduct script insertion attacks

August 7, 2013
V-213: PuTTY SSH Handshake Integer Overflow Vulnerabilities

The vulnerabilities can be exploited by malicious people to potentially compromise a user's system.

August 6, 2013
V-212: Samba smbd CPU Processing Loop Lets Remote Users Deny Service

A vulnerability was reported in Samba

August 3, 2013
V-210: HP LaserJet Pro Printer Bug Lets Remote Users Access Data

A potential security vulnerability has been identified with certain HP LaserJet Pro printers. The vulnerability could be exploited remotely to gain unauthorized access to data.

July 19, 2013
V-201: Cisco Intrusion Prevention System SSP Fragmented Traffic Denial of Service Vulnerability

A vulnerability in the implementation of the code that processes fragmented traffic could allow an unauthenticated, remote attacker to cause the Analysis Engine process to become unresponsive or cause the affected system to reload.

July 12, 2013
V-198: Red Hat Enterprise MRG Messaging Qpid Python Certificate Validation Flaw Lets Remote Users Conduct Man-in-the-Middle Attacks

A remote user can conduct a man-in-the-middle attack to access potentially sensitive information

July 9, 2013
V-195: RSA Authentication Manager Lets Local Users View the Administrative Account Password

A vulnerability was reported in RSA Authentication Manager.

July 5, 2013
V-193: Barracuda SSL VPN Input Validation Hole Permits Cross-Site Scripting Attacks

Several scripts do not properly filter HTML code from user-supplied input before displaying the input via several parameters

July 4, 2013
V-192: Symantec Security Information Manager Input Validation Flaws Permit Cross-Site Scripting, SQL Injection, and Information Disclosure Attacks

Symantec was notified of multiple security issues impacting the SSIM management console