You are here

JC3 Medium Impact Assessment Bulletins

November 6, 2012
V-017: Apache Tomcat Security Bypass and Denial of Service Vulnerabilities

Two vulnerabilities were reported in Apache Tomcat

October 23, 2012
V-008: Debian Security Advisory

Debian update for bind9

October 22, 2012
V-007: McAfee Firewall Enterprise ISC BIND Record Handling Lockup Vulnerability

McAfee has acknowledged a vulnerability in McAfee Firewall Enterprise, which can be exploited by malicious people to cause a DoS (Denial of Service).

October 18, 2012
V-005: ModSecurity Multipart Message Parsing Security Bypass Vulnerability

SEC Consult has reported a vulnerability in ModSecurity, which can be exploited by malicious people to bypass certain security restrictions.

October 11, 2012
U-279: Cisco Firewall Services Module Bugs Let Remote Users Execute Arbitrary Code and Deny Service

Several vulnerabilities were reported in Cisco Firewall Services Module.

October 8, 2012
U-276: VMware vCenter Operations Cross-Site Scripting Vulnerability

A vulnerability has been reported in VMware vCenter Operations, which can be exploited by malicious people to conduct cross-site scripting attacks.

October 5, 2012
U-275: HP IBRIX X9000 Storage Discloses Information to Remote Users

A potential security vulnerability has been identified with HP IBRIX X9000 Storage. The vulnerability could be remotely exploited to allow disclosure of information.

October 2, 2012
U-272: IBM WebSphere Commerce User Information Disclosure Vulnerability

A vulnerability in WebSphere Commerce could allow disclosure of user personal data.

October 1, 2012
U-271: Google Android Dialer TEL URL Handling Flaw Lets Remote Users Deny Service

A vulnerability was reported in Google Android