Archive for the ‘SANS’ Category

11.51.19 Asterisk SIP "automon" NULL Pointer Dereference Denial Of Service

|
Comments Off

Posted in SANS on December 15th, 2011 by @RISK: The Consensus Security Alert

CVEs: CVE: Not Available

Platform: Cross Platform

Tags: , |

11.51.18 Foxit Reader Unspecified Memory Corruption

|
Comments Off

Posted in SANS on December 15th, 2011 by @RISK: The Consensus Security Alert

CVEs: CVE: Not Available

Platform: Cross Platform

Tags: , |

(4) MEDIUM: HP OpenView Network Node Manager Heap Buffer Overflow

|
Comments Off

Posted in SANS on December 15th, 2011 by @RISK: The Consensus Security Alert

Category: Widely Deployed Software

Affected:

    Tags: , |

    (3) MEDIUM: Apple QuickTime Font Table Signed Length Vulnerability

    |
    Comments Off

    Posted in SANS on December 15th, 2011 by @RISK: The Consensus Security Alert

    Category: Widely Deployed Software

    Affected:

    • Apple QuickTime Player prior to 7.7.1

    Tags: , |

    (2) HIGH: Microsoft Multiple Products Multiple Security Vulnerabilities

    |
    Comments Off

    Posted in SANS on December 15th, 2011 by @RISK: The Consensus Security Alert

    Category: Widely Deployed Software

    Affected:

    • Excel 2003 Service Pack 3
    • Office 2004 for Mac
    • Office 2007 Service Pack 1, 2, and 3
    • PowerPoint 2007 Service Pack 2
    • PowerPoint 2010
    • Publisher 2003 Service Pack 2 and 3
    • Windows 7 Server Pack 1
    • Windows Server 2003 Service Pack 2
    • Windows Server 2008 Service Pack 2
    • Windows Vista Service Pack 2
    • Windows XP Media Center Edition 2005 Service Pack 3
    • Windows XP Service Pack 2 and 3

    Tags: , |

    (1) HIGH: Adobe Reader Unspecified Vulnerability

    |
    Comments Off

    Posted in SANS on December 15th, 2011 by @RISK: The Consensus Security Alert

    Category: Widely Deployed Software

    Affected:

    • Adobe Reader X (10.1.1) and earlier
    • Adobe Reader 9.4.6 and earlier

    Tags: , |

    11.50.20 AlstraSoft EPay Enterprise "process.htm" SQL Injection

    |
    Comments Off

    Posted in SANS on December 13th, 2011 by @RISK: The Consensus Security Alert

    CVEs: CVE: Not Available

    Platform: Web Application - SQL Injection

    Tags: , |

    11.50.19 Meditate "username_input" Parameter SQL Injection

    |
    Comments Off

    Posted in SANS on December 13th, 2011 by @RISK: The Consensus Security Alert

    CVEs: CVE: Not Available

    Platform: Web Application - SQL Injection

    Tags: , |

    11.50.18 Hero "month" Parameter Cross-Site Scripting

    |
    Comments Off

    Posted in SANS on December 13th, 2011 by @RISK: The Consensus Security Alert

    CVEs: CVE: Not Available

    Platform: Web Application - Cross Site Scripting

    Tags: , |

    11.50.17 Ariadne Multiple Cross-Site Scripting Vulnerabilities

    |
    Comments Off

    Posted in SANS on December 13th, 2011 by @RISK: The Consensus Security Alert

    CVEs: CVE: Not Available

    Platform: Web Application - Cross Site Scripting

    Tags: , |