You are here

Home » Office of the Chief Information Officer » JC3 Medium Impact Assessment Bulletins

JC3 Medium Impact Assessment Bulletins

September 10, 2012
U-254: Webmin Flaws Let Remote Authenticated Users Execute Arbitrary Code and View Arbitrary Files

Webmin Multiple Input Validation Vulnerabilities

September 6, 2012
U-252: Barracuda Web Filter Input Validation Flaws Permit Cross-Site Scripting Attacks

Barracuda Web Filter Authentification Module Multiple HTML Injection Vulnerabilities

September 5, 2012
U-251: Bugzilla LDAP Injection and Information Disclosure Vulnerabilities

Bugzilla is prone to an LDAP-injection vulnerability and an information-disclosure vulnerability

September 4, 2012
U-250: Wireshark DRDA Dissector Flaw Lets Remote Users Deny Service

Wireshark is prone to a denial-of-service vulnerability.

August 30, 2012
U-248: Symantec Messaging Gateway Multiple Flaws Let Remote Users Access and Modify the System

Several vulnerabilities were reported in Symantec Messaging Gateway.

August 28, 2012
U-246: Tigase XMPP Dialback Protection Bypass Vulnerability

A vulnerability has been reported in Tigase, which can be exploited by malicious people to bypass certain security restrictions.

August 27, 2012
U-244: McAfee Email Gateway Lets Remote Users Bypass Authentication and Conduct Cross-Site Scripting and Directory Traversal Attacks

Several vulnerabilities were reported in McAfee Email Gateway.

August 24, 2012
U-243: libvirt virTypedParameterArrayClear() Memory Access Error Lets Remote Users Deny Service

A vulnerability was reported in libvirt.

August 23, 2012
U-242: Linux Kernel Netlink SCM_CREDENTIALS Processing Flaw Lets Local Users Gain Elevated Privileges

A vulnerability was reported in the Linux Kernel.

August 21, 2012
U-240: Apple Remote Desktop Encryption Failure Lets Remote Users Obtain Potentially Sensitive Information

A remote user can monitor potentially sensitive information..