You are here

Home » Office of the Chief Information Officer » JC3 Medium Impact Assessment Bulletins

JC3 Medium Impact Assessment Bulletins

February 5, 2013
V-084: RSA Archer eGRC Permits Cross-Site Scripting, Cross-Domain Access, Clickjacking, and File Upload Attacks

Several vulnerabilities were reported in RSA Archer eGRC.

January 29, 2013
V-079: ISC BIND AAAA Record Lookup Handling Assertion Failure Vulnerability

ISC has learned of the potential for an error condition to occur in BIND 9

January 28, 2013
V-078: WordPress Bugs Permit Cross-Site Scripting and Port Scanning Attacks

WordPress 3.5.1 Maintenance and Security Release

January 24, 2013
V-076: Cisco Wireless LAN Controller Bugs Let Remote Users Deny Service and Remote Authenticated Users Modify the Configuration and Execute Arbitrary Code

A remote authenticated user can execute arbitrary code on the target system. A remote authenticated user can modify the configuration on the target system. A remote user can cause denial of service conditions.

January 23, 2013
V-075: EMC AlphaStor Command Injection and Format String Flaws Let Remote Users Execute Arbitrary Code

Two vulnerabilities were reported in EMC AlphaStor.

January 22, 2013
V-074: IBM Informix Genero libpng Integer Overflow Vulnerability

A vulnerability has been reported in libpng.

January 21, 2013
V-073: IBM Tivoli Federated Identity Manager Signature Verification Flaw Lets Remote Users Modify Attributes

A vulnerability was reported in IBM Tivoli Federated Identity Manager.

January 17, 2013
V-071: Cisco ASA 1000V Cloud Firewall H.323 Inspection Bug Lets Remote Users Deny Service

A vulnerability has been reported in Cisco ASA 1000V Cloud Firewall

January 16, 2013
V-070: Apache CouchDB Multiple Vulnerabilities

Multiple vulnerabilities have been reported in Apache CouchDB

January 14, 2013
V-068: Citrix CloudPlatform Logs Potentially Sensitive Information in the Log File

A vulnerability was reported in Citrix CloudPlatform.