You are here

JC3 Medium Impact Assessment Bulletins

RSS
September 28, 2012
U-270:Trend Micro Control Manager Input Validation Flaw in Ad Hoc Query Module Lets Remote Users Inject SQL Commands

Trend Micro has been notified of a potential product vulnerability in Control Manager.

September 26, 2012
U-268: Oracle Database Authentication Protocol Discloses Session Key Information to Remote Users

A vulnerability was reported in Oracle Database.

September 20, 2012
U-264: Apple OS X Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges

Several vulnerabilities were reported in Apple OS X. A remote user can execute arbitrary code on the target system. A remote user can obtain a password hash in certain cases. A local user can obtain elevated privileges on the target system. A local user can obtain password keystrokes.

September 19, 2012
U-263: Trend Micro InterScan Messaging Security Flaws Permit Cross-Site Scripting and Cross-Site Request Forgery Attacks

A vulnerability was reported in Trend Micro InterScan Messaging Security.

September 17, 2012
U-261: Novell GroupWise Internet Agent "Content-Length" Integer Overflow Vulnerability

A vulnerability was reported in Novell GroupWise Internet Agent

September 12, 2012
U-257: Adobe ColdFusion Unspecified Bug Lets Remote Users Deny Service

Adobe ColdFusion is prone to a remote denial-of-service vulnerability.

September 11, 2012
U-255: Apache Wicket Input Validation Flaw Permits Cross-Site Scripting Attacks

A vulnerability was reported in Apache Wicket