1. Vulnerability
in Adobe Digital Editions (APSB14-25)
[24/10/2014] Vulnerability was identified in the Adobe Digital Editions.
An attacker could bypass security restriction and obtain sensitive information.
This vulnerability affects version 4.0.98786 and earlier of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:helpx.adobe.com/security/products/Digital-Editions/apsb14-25.html
2. Vulnerabilities in IBM Products (T1021361, 1682767,
1686246, 1686516)
[24/10/2014] Vulnerabilities were identified in the IBM SDN for Virtual
Environments, IBM WebSphere Application Server, IBM WebSphere Application Server
Hypervisor Edition, IBM PureApplication System and IBM IMS Enterprise Suite SOAP
Gateway. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise a vulnerable system. These vulnerabilities
affect multiple versions of mentioned products. Security patches are available
to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=isg3T1021361
URL:www.ibm.com/support/docview.wss?uid=swg21682767
URL:www.ibm.com/support/docview.wss?uid=swg21686246
URL:www.ibm.com/support/docview.wss?uid=swg21686516
3. Vulnerability in Novell Filr (5194316,
5194317)
[24/10/2014]
Vulnerability was identified in the Novell Filr.
An attacker could bypass security restrictions and obtain sensitive information.
This vulnerability affects multiple versions of mentioned product. Security
patches are available to resolve this
vulnerability.
URL:download.novell.com/Download?buildid=_N6A9M3Jvig~
URL:download.novell.com/Download?buildid=3wpN2nVj2D8~
4. Vulnerability in VMware vSphere Data Protection
(VMSA-2014-0011)
[24/10/2014] Vulnerability was identified in the VMware vSphere Data
Protection. An attacker could bypass security restrictions and obtain sensitive
information. This vulnerability affects version 5.5 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:www.vmware.com/security/advisories/VMSA-2014-0011.html
5. Vulnerability in NAT-PMP devices
(VU#184540)
[24/10/2014] Vulnerability was identified in multiple NAT-PMP devices. An
attacker could bypass security restrictions and obtain sensitive information.
This vulnerability affects multiple versions of the mentioned
products.
URL:www.kb.cert.org/vuls/id/184540
6. Vulnerability in Linux
Kernel
[24/10/2014]
Vulnerability was identified in the Linux
Kernel. An attacker could bypass security restrictions and cause a denial of
service condition. The affected version was not specified. Security patches are
available to resolve this
vulnerability.
URL:git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d974baa398f34393db76be45f7d4d04fbdbb4a0a
URL:xforce.iss.net/xforce/xfdb/97715
7. Vulnerability in Smarty
[24/10/2014] Vulnerability was identified in the Smarty. An attacker could
bypass security restrictions and execute arbitrary code. This vulnerability
affects versions prior to 3.1.21 of the mentioned product. Security patches are
available to resolve this
vulnerability.
URL:www.smarty.net/
URL:xforce.iss.net/xforce/xfdb/97725
8. Security Updates in Oracle Linux (ELSA-2014-1636,
ELSA-2014-1654, ELSA-2014-1676)
[24/10/2014] Oracle has
released security update packages for fixing the vulnerabilities identified in
the java-1.8.0-openjdk, rsyslog7 and wireshark packages for Oracle Linux 6 and
7. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise a user's
system.
URL:linux.oracle.com/errata/ELSA-2014-1636
URL:linux.oracle.com/errata/ELSA-2014-1654
URL:linux.oracle.com/errata/ELSA-2014-1676
9. Security Updates in FreeBSD (FreeBSD-SA-14:20.rtsold,
FreeBSD-SA-14:21.routed, FreeBSD-SA-14:22.namei,
FreeBSD-SA-14:23.openssl)
[24/10/2014] FreeBSD
has released security update packages for fixing the vulnerabilities identified
in the rtsold, routed, kernel and openssl packages for multiple versions of
FreeBSD. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:www.freebsd.org/security/advisories/FreeBSD-SA-14:20.rtsold.asc
URL:www.freebsd.org/security/advisories/FreeBSD-SA-14:21.routed.asc
URL:www.freebsd.org/security/advisories/FreeBSD-SA-14:22.namei.asc
URL:www.freebsd.org/security/advisories/FreeBSD-SA-14:23.openssl.asc
10.
Security Updates in Mandriva
(MDVSA-2014:202, MDVSA-2014:203, MDVSA-2014:204)
[24/10/2014] Mandriva has released security update packages for fixing the
vulnerabilities identified in the php, openssl and libxml2 packages for version
MBS1 of Mandriva GNU/Linux. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, execute arbitrary code,
cause a denial of service condition and crash the
system.
URL:www.mandriva.com/en/support/security/advisories/mbs1/MDVSA-2014%3A202/
URL:www.mandriva.com/en/support/security/advisories/mbs1/MDVSA-2014%3A203/
URL:www.mandriva.com/en/support/security/advisories/mbs1/MDVSA-2014%3A204/
11.
Security Updates in Ubuntu GNU/Linux
(USN-2388-1, USN-2388-2)
[24/10/2014] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the openjdk-7 packages for versions 14.04 LTS and 14.10 of Ubuntu GNU/Linux. Due
to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2388-1/
URL:www.ubuntu.com/usn/usn-2388-2/
12.
Vulnerability in Adobe Digital Editions
(APSB14-25)
[23/10/2014] Vulnerability was identified in the Adobe Digital Editions.
An attacker could bypass security restriction and obtain sensitive information.
This vulnerability affects versions prior to 4.0.1 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:helpx.adobe.com/security/products/Digital-Editions/apsb14-25.html
13.
Vulnerabilities in IBM Products
(T1021361, 1682767, 1686246, 1686516)
[23/10/2014] Vulnerabilities were identified in the IBM SDN for Virtual
Environments, IBM WebSphere Application Server, IBM WebSphere Application Server
Hypervisor Edition, IBM PureApplication System and IBM IMS Enterprise Suite SOAP
Gateway. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise a vulnerable system. These vulnerabilities
affect multiple versions of mentioned products. Security patches are available
to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=isg3T1021361
URL:www.ibm.com/support/docview.wss?uid=swg21682767
URL:www.ibm.com/support/docview.wss?uid=swg21686246
URL:www.ibm.com/support/docview.wss?uid=swg21686516
14.
Vulnerability in Novell Filr (5194316,
5194317)
[23/10/2014]
Vulnerability was identified in the Novell Filr.
An attacker could bypass security restrictions and obtain sensitive information.
This vulnerability affects multiple versions of mentioned product. Security
patches are available to resolve this
vulnerability.
URL:download.novell.com/Download?buildid=_N6A9M3Jvig~
URL:download.novell.com/Download?buildid=3wpN2nVj2D8~
15.
Vulnerability in VMware vSphere Data
Protection (VMSA-2014-0011)
[23/10/2014] Vulnerability was identified in the VMware vSphere Data
Protection. An attacker could bypass security restrictions and obtain sensitive
information. This vulnerability affects version 5.5 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:www.vmware.com/security/advisories/VMSA-2014-0011.html
16.
Vulnerability in NAT-PMP devices
(VU#184540)
[23/10/2014] Vulnerability was identified in multiple NAT-PMP devices. An
attacker could bypass security restrictions and obtain sensitive information.
This vulnerability affects multiple versions of the mentioned
products.
URL:www.kb.cert.org/vuls/id/184540
17.
Vulnerability in Linux
Kernel
[23/10/2014]
Vulnerability was identified in the Linux
Kernel. An attacker could bypass security restrictions and cause a denial of
service condition. The affected version was not specified. Security patches are
available to resolve this
vulnerability.
URL:git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d974baa398f34393db76be45f7d4d04fbdbb4a0a
URL:xforce.iss.net/xforce/xfdb/97715
18.
Vulnerability in
Smarty
[23/10/2014]
Vulnerability was identified in the Smarty. An
attacker could bypass security restrictions and execute arbitrary code. This
vulnerability affects versions prior to 3.1.21 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:www.smarty.net/
URL:xforce.iss.net/xforce/xfdb/97725
19.
Security Updates in Oracle Linux
(ELSA-2014-1636, ELSA-2014-1654, ELSA-2014-1676)
[23/10/2014] Oracle has released security update packages for fixing the
vulnerabilities identified in the java-1.8.0-openjdk, rsyslog7 and wireshark
packages for Oracle Linux 6 and 7. Due to multiple errors, an attacker could
bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise a user's
system.
URL:linux.oracle.com/errata/ELSA-2014-1636
URL:linux.oracle.com/errata/ELSA-2014-1654
URL:linux.oracle.com/errata/ELSA-2014-1676
20.
Security Updates in FreeBSD
(FreeBSD-SA-14:20.rtsold, FreeBSD-SA-14:21.routed, FreeBSD-SA-14:22.namei,
FreeBSD-SA-14:23.openssl)
[23/10/2014] FreeBSD
has released security update packages for fixing the vulnerabilities identified
in the rtsold, routed, kernel and openssl packages for multiple versions of
FreeBSD. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:www.freebsd.org/security/advisories/FreeBSD-SA-14:20.rtsold.asc
URL:www.freebsd.org/security/advisories/FreeBSD-SA-14:21.routed.asc
URL:www.freebsd.org/security/advisories/FreeBSD-SA-14:22.namei.asc
URL:www.freebsd.org/security/advisories/FreeBSD-SA-14:23.openssl.asc
21.
Security Updates in Mandriva
(MDVSA-2014:202, MDVSA-2014:203, MDVSA-2014:204)
[23/10/2014] Mandriva has released security update packages for fixing the
vulnerabilities identified in the php, openssl and libxml2 packages for version
MBS1 of Mandriva GNU/Linux. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, execute arbitrary code,
cause a denial of service condition and crash the
system.
URL:www.mandriva.com/en/support/security/advisories/mbs1/MDVSA-2014%3A202/
URL:www.mandriva.com/en/support/security/advisories/mbs1/MDVSA-2014%3A203/
22.
Security Updates in Ubuntu GNU/Linux
(USN-2388-1, USN-2388-2)
[23/10/2014] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the openjdk-7 packages for versions 14.04 LTS and 14.10 of Ubuntu GNU/Linux. Due
to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2388-1/
URL:www.ubuntu.com/usn/usn-2388-2/
23.
Vulnerabilities in HP Products
(c04476799, c04479492)
[22/10/2014] Vulnerabilities were identified in the HP System Management
Homepage and HP Operation Agent Virtual Appliance. An attacker could bypass
security restrictions, execute arbitrary code, perform cross-site request
forgery attacks, gain elevated privileges and compromise a vulnerable system.
These vulnerabilities affect multiple versions of mentioned products. Security
patches are available to resolve these
vulnerabilities.
URL:h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04476799
URL:h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04479492
24.
Vulnerabilities in IBM Products (1679979,
1684652, 1685121, 1685122, 1687099, 1687344)
[22/10/2014] Vulnerabilities were identified in the IBM Business Process
Manager, IBM WebSphere Lombardi Edition, IBM WebSphere Portal, IBM Rational
Performance Tester, IBM Rational Service Tester, IBM WebSphere DataPower SOA
Appliances and IBM FileNet Business Process Manager. An attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, perform cross-site scripting attacks, cause a denial of
service condition and compromise a vulnerable system. These vulnerabilities
affect multiple versions of mentioned products. Security patches are available
to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21679979
URL:www.ibm.com/support/docview.wss?uid=swg21684652
URL:www.ibm.com/support/docview.wss?uid=swg21685121
URL:www.ibm.com/support/docview.wss?uid=swg21685122
URL:www.ibm.com/support/docview.wss?uid=swg21687099
URL:www.ibm.com/support/docview.wss?uid=swg21687344
25.
Vulnerabilities in Huawei Products
(Huawei-SA-20141022-DLLHijacking, 97681, 97682)
[22/10/2014] Vulnerabilities were identified in the Huawei USB Modem
products and Huawei Mobile Partner. An attacker could bypass security
restrictions, gain elevated privileges, execute arbitrary code and compromise a
vulnerable system. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities in Huawei USB Modem
products.
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-376152.htm
URL:xforce.iss.net/xforce/xfdb/97681
URL:xforce.iss.net/xforce/xfdb/97682
26.
Vulnerabilities in Hitachi Products
(HS14-021)
[22/10/2014]
Vulnerabilities were identified in multiple
Hitachi Cosminexus products. An attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, cause a denial of
service condition, execute arbitrary code and compromise a vulnerable system.
These vulnerabilities affect multiple versions of the mentioned products.
Security patches are available to resolve these
vulnerabilities.
URL:www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-021/index.html
27.
Vulnerability in Rejetto HTTP File Server
(VU#251276)
[22/10/2014] Vulnerability was identified in the Rejetto HTTP File Server.
An attacker could bypass security restrictions and execute arbitrary code. This
vulnerability affects versions 2.3, 2.3a and 2.3b of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:www.kb.cert.org/vuls/id/251276
28.
Security Updates in Oracle Linux
(ELSA-2014-1671)
[22/10/2014] Oracle has
released security update packages for fixing the vulnerability identified in the
rsyslog5 and rsyslog packages for Oracle Linux 5. An attacker could bypass
security restrictions, execute arbitrary code, cause a denial of service
condition and compromise a vulnerable
system.
URL:linux.oracle.com/errata/ELSA-2014-1671.html
29.
Security Updates in Mandriva
(MDVSA-2014:196, MDVSA-2014:197, MDVSA-2014:198, MDVSA-2014:199, MDVSA-2014:200,
MDVSA-2014:201)
[22/10/2014] Mandriva
has released security update packages for fixing the vulnerabilities identified
in the rsyslog, python, mediawiki, perl, bugzilla and kernel packages for
version MBS1 of Mandriva GNU/Linux. Due to multiple errors, an attacker could
bypass security restrictions, obtain sensitive information, execute arbitrary
code, cause a denial of service condition and crash the
system.
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A196/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A197/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A198/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A199/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A200/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A201/
30.
Security Updates in Red Hat Enterprise
Linux (RHSA-2014:1633-1, RHSA-2014:1634-1, RHSA-2014:1636-1, RHSA-2014:1676-1,
RHSA-2014:1677-1)
[22/10/2014] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the java-1.6.0-openjdk, java-1.7.0-openjdk, java-1.8.0-openjdk and wireshark
packages for Red Hat Enterprise Linux 5, 6 and 7. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise a vulnerable
system.
URL:rhn.redhat.com/errata/RHSA-2014-1633.html
URL:rhn.redhat.com/errata/RHSA-2014-1634.html
URL:rhn.redhat.com/errata/RHSA-2014-1636.html
URL:rhn.redhat.com/errata/RHSA-2014-1676.html
URL:rhn.redhat.com/errata/RHSA-2014-1677.html
31.
Security Updates in Slackware
(SSA:2014-293-01)
[22/10/2014] Slackware
has released security update packages for fixing the vulnerability identified in
the openssh package for multiple versions of Slackware Linux. An attacker could
bypass security restrictions and execute arbitrary
code.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.521613
32.
Vulnerabilities in Apple Products
(HT6541, HT6542)
[21/10/2014] Vulnerabilities were identified in the Apple iOS and Apple
TV. An attacker could bypass security restrictions, obtain sensitive information
and execute arbitrary code. These vulnerabilities affect version prior to 8.1 of
Apple iOS and version prior to 7.0.1 of Apple TV. Security patches are available
to resolve these
vulnerabilities.
URL:support.apple.com/kb/HT6541
URL:support.apple.com/kb/HT6542
URL:www.us-cert.gov/ncas/current-activity/2014/10/20/Apple-Releases-Security-Updates-iOS-and-Apple-TV
33.
Vulnerability in BlackBerry Products
(KB36397)
[21/10/2014]
Vulnerability was identified in multiple
BlackBerry products running SSLv3 encryption protocol. An attacker could bypass
security restrictions and obtain sensitive information. This vulnerability
affect multiple versions of the mentioned
products.
URL:www.blackberry.com/btsc/kb36397
34.
Vulnerabilities in HP Products
(c04472444, c04475347)
[21/10/2014] Vulnerabilities were identified in the HP Operations Agent
and HP Enterprise Maps. An attacker could bypass security restrictions, execute
arbitrary code and compromise a vulnerable system. These vulnerabilities affect
multiple versions of mentioned products. Security patches are available to
resolve these
vulnerabilities.
URL:h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04472444
URL:h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04475347
35.
Vulnerabilities in IBM Products (1680387,
1683438, 1685312, 1686126, 1686210, 1686339, 1686479,
7043086)
[21/10/2014]
Vulnerabilities were identified in the IBM
Enterprise Common Collector, IBM Rational SAP Connector, IBM Tivoli Composite
Application Manager for Transactions, IBM Tivoli Provisioning Manager, IBM
WebSphere MQ Telemetry Component, IBM WebSphere MQ and IBM Security Virtual
Server Protection for VMware (VSP). An attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, perform cross-site scripting attacks, cause a denial of service
condition and compromise a vulnerable system. These vulnerabilities affect
multiple versions of mentioned products. Security patches are available to
resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21680387
URL:www.ibm.com/support/docview.wss?uid=swg21683438
URL:www.ibm.com/support/docview.wss?uid=swg21685312
URL:www.ibm.com/support/docview.wss?uid=swg21686126
URL:www.ibm.com/support/docview.wss?uid=swg21686210
URL:www.ibm.com/support/docview.wss?uid=swg21686339
URL:www.ibm.com/support/docview.wss?uid=swg21686479
URL:www.ibm.com/support/docview.wss?uid=swg27043086
36.
Vulnerabilities in Avant
Browser
[21/10/2014]
Vulnerabilities were identified in Avant
Browser. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code and compromise a vulnerable system. These
vulnerabilities affect versions prior to 2015 build 5 of the mentioned product.
Security patches are available to resolve these
vulnerabilities.
URL:www.avantbrowser.com/new.aspx
37.
Vulnerability in Libxml2
(97656)
[21/10/2014]
Vulnerability was identified in the Libxml2. An
attacker could bypass security restrictions, cause a denial of service condition
and crash the system. This vulnerability affects version 2.9.1 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/97656
38.
Security Updates in Oracle Products
(ELSA-2014-1552, ELSA-2014-1652, ELSA-2014-1653)
[21/10/2014] Oracle has released security update packages for fixing the
vulnerabilities identified in the OpenSSL package for Oracle Solaris 11.2, the
openssh and openssl packages for Oracle Linux 5 and 6. An attacker could bypass
security restrictions, obtain sensitive information, execute arbitrary code,
gain elevated privileges, execute arbitrary code and cause a denial of service
condition.
URL:blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6
URL:linux.oracle.com/errata/ELSA-2014-1552.html
URL:linux.oracle.com/errata/ELSA-2014-1652.html
URL:linux.oracle.com/errata/ELSA-2014-1653.html
39.
Security Updates in Debian
(DSA-3054-1)
[21/10/2014] Debian has
released security update packages for fixing the vulnerabilities identified in
the mysql-5.5 package for multiple versions of Debian GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:www.debian.org/security/2014/dsa-3054
40.
Security Updates in Red Hat Enterprise
Linux (RHSA-2014:1669-1, RHSA-2014:1670-1,
RHSA-2014:1671-1)
[21/10/2014] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the qemu-kvm, qemu-kvm-rhev, rsyslog5 and rsyslog packages for Red Hat
Enterprise Linux 5, 6 and 7. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and compromise a
vulnerable
system.
URL:rhn.redhat.com/errata/RHSA-2014-1669.html
URL:rhn.redhat.com/errata/RHSA-2014-1670.html
URL:rhn.redhat.com/errata/RHSA-2014-1671.html
41.
Information Updates on Microsoft Security
Advisory (2949927)
[20/10/2014] Microsoft
has updated information on the advisory for the Microsoft Windows. KB2949927
removed Download Center links for Microsoft security update 2949927. Microsoft
recommends that customers experiencing issues uninstall this update. Microsoft
is investigating behavior associated with this update, and will update the
advisory when more information becomes
available.
URL:technet.microsoft.com/en-US/library/security/2949927
42.
Vulnerabilities in Apple OS X Products
(HT6527, HT6529, HT6531, HT6535, HT6536, HT6537)
[20/10/2014] Vulnerabilities were identified in the Apple OS X Server,
Apple OS X Mountain Lion, Apple OS X Mavericks, Apple OS X Yosemite and Apple
iTunes. An attacker could bypass security restrictions and execute arbitrary
code. These vulnerabilities affect multiple versions of the mentioned products.
Security patches are available to resolve these
vulnerabilities.
URL:support.apple.com/kb/HT6527
URL:support.apple.com/kb/HT6529
URL:support.apple.com/kb/HT6531
URL:support.apple.com/kb/HT6535
URL:support.apple.com/kb/HT6536
URL:support.apple.com/kb/HT6537
URL:www.us-cert.gov/ncas/current-activity/2014/10/17/Apple-Releases-Security-Update-2014-005
URL:xforce.iss.net/xforce/xfdb/97631
URL:xforce.iss.net/xforce/xfdb/97646
43.
Vulnerability in BlackBerry 10
smartphones (BSRT-2014-008)
[20/10/2014] Vulnerability was identified in the BlackBerry 10
smartphones. An attacker could bypass security restrictions, execute arbitrary
code, obtain sensitive information, cause a denial of service condition and
compromise a vulnerable system. This vulnerability affect multiple firmware
versions of the mentioned product. Security patches are available to resolve
this
vulnerability.
URL:www.blackberry.com/btsc/kb36360
44.
Vulnerabilities in IBM Products (1685571,
1685574, 1685735, 1686131)
[20/10/2014] Vulnerabilities were identified in the IBM Content Navigator,
IBM Content Manager, IBM FileNet Content Manager, IBM Content Foundation, IBM
Content Manager OnDemand, IBM Algo One - Algo Risk Application and IBM Workload
Deployer. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, perform
cross-site scripting attacks, cause a denial of service condition and compromise
a vulnerable system. These vulnerabilities affect multiple versions of mentioned
products. Security patches are available to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21685571
URL:www.ibm.com/support/docview.wss?uid=swg21685574
URL:www.ibm.com/support/docview.wss?uid=swg21685735
URL:www.ibm.com/support/docview.wss?uid=swg21686131
45.
Vulnerabilities in Novell GroupWise
(5190530, 5190531, 5190532, 5190550, 5190551)
[20/10/2014] Vulnerabilities were identified in the Novell GroupWise. An
attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code, cause a denial of service condition and crash the
system. These vulnerabilities affect multiple versions of the mentioned product.
Security patches are available to resolve these
vulnerabilities.
URL:download.novell.com/Download?buildid=dto6obSiSuM~
URL:download.novell.com/Download?buildid=m2NNE-BWQ58~
URL:download.novell.com/Download?buildid=MnyxLK-LI-E~
URL:download.novell.com/Download?buildid=NB35noeHLaY~
URL:download.novell.com/Download?buildid=PJTVAWcyTDs~
46.
Vulnerabilities in
PHP
[20/10/2014] Vulnerabilities were identified in the PHP. An
attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code, cause a denial of service condition and crash the
system. These vulnerabilities affect multiple versions of the mentioned product.
Security patches are available to resolve these
vulnerabilities.
URL:php.net/ChangeLog-5.php#5.4.34
URL:php.net/ChangeLog-5.php#5.5.18
URL:php.net/ChangeLog-5.php#5.6.2
URL:bugs.php.net/68027
URL:bugs.php.net/68044
URL:bugs.php.net/68113
47.
Vulnerability in Drupal
(SA-CORE-2014-005)
[20/10/2014] Vulnerability was identified in the Drupal. An attacker could
bypass security restrictions, execute arbitrary code and perform code injection
attacks. This vulnerability affects multiple versions of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:www.drupal.org/SA-CORE-2014-005
URL:www.us-cert.gov/ncas/current-activity/2014/10/17/Drupal-Releases-Security-Advisory
48.
Security Updates in Oracle Products
(ELSA-2014-1388, ELSA-2014-1389, ELSA-2014-1391, ELSA-2014-1507, ELSA-2014-1633,
ELSA-2014-1634, ELSA-2014-1635, ELSA-2014-1647)
[20/10/2014] Oracle has released security update packages for fixing the
vulnerabilities identified in the cups, krb5, glibc, trousers,
java-1.7.0-openjdk, java-1.6.0-openjdk, firefox and thunderbird packages for
Oracle Linux 5, 6 and 7. An attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code, gain elevated privileges, execute
arbitrary code and cause a denial of service condition. These vulnerabilities
affect multiple versions of the mentioned
products.
URL:linux.oracle.com/errata/ELSA-2014-1388.html
URL:linux.oracle.com/errata/ELSA-2014-1389.html
URL:linux.oracle.com/errata/ELSA-2014-1391.html
URL:linux.oracle.com/errata/ELSA-2014-1507.html
URL:linux.oracle.com/errata/ELSA-2014-1633.html
URL:linux.oracle.com/errata/ELSA-2014-1634.html
URL:linux.oracle.com/errata/ELSA-2014-1635.html
URL:linux.oracle.com/errata/ELSA-2014-1647.html
49.
Security Updates in Debian
(DSA-3050-1)
[20/10/2014] Debian has
released security update packages for fixing the vulnerabilities identified in
the iceweasel package for multiple versions of Debian GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, execute arbitrary code,
cause a denial of service condition and crash the
system.
URL:www.debian.org/security/2014/dsa-3050
50.
Security Updates in Red Hat Enterprise
Linux (RHSA-2014:1654-1, RHSA-2014:1658-1)
[20/10/2014] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the rsyslog7 and java-1.6.0-sun packages for Red Hat Enterprise Linux 5, 6
and 7. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise a vulnerable
system.
URL:rhn.redhat.com/errata/RHSA-2014-1654.html
URL:rhn.redhat.com/errata/RHSA-2014-1658.html
Sunday, October 26, 2014
Tuesday, October 21, 2014
IT Security Alerts Weekly Digest (12 Oct ~ 18 Oct 2014)
1. Information
Updates on Microsoft Security Advisory (3009008)
[17/10/2014] Microsoft has updated information on the Advisories for the SSL 3.0 protocol in Microsoft Windows. KB3009008 was revised to include a workaround of disabling the SSL 3.0 protocol in Windows.
URL:technet.microsoft.com/library/security/3009008
2. Vulnerability in NetIQ Access Manager (5193750)
[17/10/2014] Vulnerability was identified in the NetIQ Access Manager. An attacker could bypass security restrictions and obtain sensitive information. This vulnerability affects multiple versions of the mentioned product. Security patches are available to resolve this vulnerability.
URL:download.novell.com/Download?buildid=GQCffFuR3Yc~
3. Vulnerability in Foxit PDF SDK (97612)
[17/10/2014] Vulnerability was identified in the Foxit PDF SDK ActiveX control. An attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and crash the system. This vulnerability affects multiple versions of the mentioned product. Security patches are available to resolve this vulnerability.
URL:xforce.iss.net/xforce/xfdb/97612
4. Vulnerability in SAP Netweaver (97610)
[17/10/2014] Vulnerability was identified in the SAP Netweaver. An attacker could bypass security restrictions, cause a denial of service condition and crash the system. This vulnerability affects versions 7.01 and 7.20 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:xforce.iss.net/xforce/xfdb/97610
5. Security Updates in Oracle Solaris
[17/10/2014] Oracle has released security update packages for fixing the vulnerabilities identified in the Xscreensaver, OpenSSL, Apache HTTP Server and WAN Boot packages for Oracle Solaris 10 and 11.2. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial of service condition and crash the system.
URL:blogs.oracle.com/sunsecurity/entry/cve_2003_1294_symlink_attack
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_3511_cryptographic_vulnerability
URL:blogs.oracle.com/sunsecurity/entry/multiple_denial_of_service_dos5
URL:blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wan_boot
6. Security Updates in Debian (DSA-3051-1, DSA-3052-1, DSA-3053-1)
[17/10/2014] Debian has released security update packages for fixing the vulnerabilities identified in the drupal7, wpa and openssl packages for multiple versions of Debian GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, perform SQL injection attacks, cause a denial of service condition and crash the system.
URL:www.debian.org/security/2014/dsa-3051
URL:www.debian.org/security/2014/dsa-3052
URL:www.debian.org/security/2014/dsa-3053
7. Security Updates in Red Hat Enterprise Linux (RHSA-2014:1635-1, RHSA-2014:1647-1, RHSA-2014:1652-1, RHSA-2014:1653-1, RHSA-2014:1654-1, RHSA-2014:1655-1, RHSA-2014:1657-1)
[17/10/2014] Red Hat has released security update packages for fixing the vulnerabilities identified in the firefox, thunderbird, openssl, rsyslog7, libxml2 and java-1.7.0-oracle packages for Red Hat Enterprise Linux 5, 6 and 7. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise a vulnerable system.
URL:rhn.redhat.com/errata/RHSA-2014-1635.html
URL:rhn.redhat.com/errata/RHSA-2014-1647.html
URL:rhn.redhat.com/errata/RHSA-2014-1652.html
URL:rhn.redhat.com/errata/RHSA-2014-1653.html
URL:rhn.redhat.com/errata/RHSA-2014-1654.html
URL:rhn.redhat.com/errata/RHSA-2014-1655.html
URL:rhn.redhat.com/errata/RHSA-2014-1657.html
8. Security Updates in Ubuntu GNU/Linux (USN-2385-1, USN-2386-1)
[17/10/2014] Ubuntu has released security update packages for fixing the vulnerabilities identified in the openssl and openjdk-6 packages for versions 10.04 LTS, 12.04 LTS and 14.04 LTS of Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial of service condition and crash the system.
URL:www.ubuntu.com/usn/usn-2385-1/
URL:www.ubuntu.com/usn/usn-2386-1/
9. Vulnerabilities in Cisco Products (cisco-sa-20141015-poodle, cisco-sa-20141015-mcu, cisco-sa-20141015-vcs)
[16/10/2014] Vulnerabilities were identified in the Cisco TelePresence MCU, Cisco TelePresence Video Communication Server, Cisco Expressway Software, Cisco Prime Optical and other Cisco products using a block cipher in Cipher Block Chaining (CBC) mode. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial of service condition and compromise a user's system. These vulnerabilities affect multiple versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-mcu
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-vcs
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3408
10. Vulnerabilities in HP Products (c04471532, c04475466)
[16/10/2014] Vulnerabilities were identified in the HP StoreAll Operating System and HP TippingPoint Next-Generation Firewall (NGFW). An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial of service condition and compromise a user's system. These vulnerabilities affect multiple versions of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04471532
URL:h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04475466
11. Vulnerabilities in IBM Products (T1021316, T1021317, S1004897, S1004903, S1004904, S1004905, S1004915, S1004917, 1682681, 1683744, 1683965, 1684444, 1685137, 1685332, 1686084, 1686230, 1686233, 1686238, 1686240)
[16/10/2014] Vulnerabilities were identified in the IBM General Parallel File System, IBM SAN Volume Controller, IBM Storwize, IBM Flex System, IBM Scale Out Network Attached Storage, IBM TSSC, IBM Real-time Compression Appliance, IBM WebSphere Message Broker, IBM Integration Bus, IBM Watson Explorer, IBM PureApplication System, IBM Tivoli Workload Scheduler, IBM Tivoli Monitoring, IBM SmartCloud Provisioning , IBM TRIRIGA Application Platform. An attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, perform cross-site scripting attacks, cause a denial of service condition and compromise a vulnerable system. These vulnerabilities affect multiple versions of mentioned products. Security patches are available to resolve these vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=isg3T1021316
URL:www.ibm.com/support/docview.wss?uid=isg3T1021317
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004897
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004903
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004904
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004905
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004915
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004917
URL:www.ibm.com/support/docview.wss?uid=swg21682681
URL:www.ibm.com/support/docview.wss?uid=swg21683744
URL:www.ibm.com/support/docview.wss?uid=swg21683965
URL:www.ibm.com/support/docview.wss?uid=swg21684444
URL:www.ibm.com/support/docview.wss?uid=swg21685137
URL:www.ibm.com/support/docview.wss?uid=swg21685332
URL:www.ibm.com/support/docview.wss?uid=swg21686084
URL:www.ibm.com/support/docview.wss?uid=swg21686230
URL:www.ibm.com/support/docview.wss?uid=swg21686233
URL:www.ibm.com/support/docview.wss?uid=swg21686238
URL:www.ibm.com/support/docview.wss?uid=swg21686240
12. Vulnerability in Juniper Junos (JSA10656)
[16/10/2014] Vulnerability was identified in the Juniper Junos devices with a block cipher in Cipher Block Chaining (CBC) mode. An attacker could bypass security restrictions and obtain sensitive information. This vulnerability affects multiple versions of the mentioned products.
URL:kb.juniper.net/InfoCenter/index?page=content&id=JSA10656
13. Vulnerabilities in Google Chrome
[16/10/2014] Vulnerabilities were identified in the Google Chrome for Windows, Mac and Linux. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code and compromise a vulnerable system. These vulnerabilities affect versions prior to 38.0.2125.104 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:googlechromereleases.blogspot.hk/2014/10/stable-channel-update_14.html
URL:www.hkcert.org/my_url/en/alert/14101601
14. Vulnerability in MIT Kerberos (97028)
[16/10/2014] Vulnerability was identified in the MIT Kerberos. An attacker could bypass security restrictions and obtain sensitive information. This vulnerability affects version 5 1.12.2 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:xforce.iss.net/xforce/xfdb/97028
15. Vulnerabilities in OpenSSL
[16/10/2014] Vulnerabilities were identified in the OpenSSL. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code and cause a denial of service condition. These vulnerabilities affect versions 0.9.8, 1.0.0 and 1.0.1 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:www.openssl.org/news/secadv_20141015.txt
URL:www.hkcert.org/my_url/en/alert/14101603
URL:xforce.iss.net/xforce/xfdb/97035
URL:xforce.iss.net/xforce/xfdb/97036
URL:xforce.iss.net/xforce/xfdb/97037
16. Vulnerability in vBulletin (97026)
[16/10/2014] Vulnerability was identified in the vBulletin. An attacker could bypass security restrictions, execute arbitrary code and perform cross-site scripting attacks. This vulnerability affects multiple versions of the mentioned product.
URL:xforce.iss.net/xforce/xfdb/97026
17. Security Updates in Debian (DSA-3049-1)
[16/10/2014] Debian has released security update packages for fixing the vulnerabilities identified in the wireshark packages for multiple versions of Debian GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, cause a denial of service condition and crash the system.
URL:www.debian.org/security/2014/dsa-3049
18. Security Updates in Red Hat Enterprise Linux (RHSA-2014:1397-1, RHSA-2014:1620-1, RHSA-2014:1626-1)
[16/10/2014] Red Hat has released security update packages for fixing the vulnerabilities identified in the rsyslog, java-1.7.0-openjdk and chromium-browser packages for Red Hat Enterprise Linux 6 and 7. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise a vulnerable system.
URL:rhn.redhat.com/errata/RHSA-2014-1397.html
URL:rhn.redhat.com/errata/RHSA-2014-1620.html
URL:rhn.redhat.com/errata/RHSA-2014-1626.html
19. Security Updates in Slackware (SSA:2014-288-01)
[16/10/2014] Slackware has released security update packages for fixing the vulnerability identified in the openssl package for multiple versions of Slackware Linux. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code and cause a denial of service condition.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.846452
20. Security Updates in Ubuntu GNU/Linux (USN-2373-1, USN-2384-1)
[16/10/2014] Ubuntu has released security update packages for fixing the vulnerabilities identified in the thunderbird and mysql-5.5 packages for versions 12.04 LTS and 14.04 LTS of Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial of service condition and compromise a vulnerable system.
URL:www.ubuntu.com/usn/usn-2373-1/
URL:www.ubuntu.com/usn/usn-2384-1/
21. Vulnerabilities in Microsoft Products (2987107, 2990942, 2993254, 2998579, 3000061, 3000414, 3000434, 3000869)
[15/10/2014] Vulnerabilities were identified in the Microsoft Internet Explorer, Microsoft .NET Framework, Microsoft Windows, Microsoft ASP.NET MVC and Microsoft Office. An attacker could bypass security restrictions, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise a vulnerable system. These vulnerabilities affect multiple versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:technet.microsoft.com/library/security/ms14-oct
URL:technet.microsoft.com/library/security/MS14-056
URL:technet.microsoft.com/library/security/MS14-057
URL:technet.microsoft.com/library/security/MS14-058
URL:technet.microsoft.com/library/security/MS14-059
URL:technet.microsoft.com/library/security/MS14-060
URL:technet.microsoft.com/library/security/MS14-061
URL:technet.microsoft.com/library/security/MS14-062
URL:technet.microsoft.com/library/security/MS14-063
URL:www.hkcert.org/my_url/en/alert/14101501
URL:www.hkcert.org/my_url/en/alert/14101502
URL:www.hkcert.org/my_url/en/alert/14101503
URL:www.hkcert.org/my_url/en/alert/14101504
URL:www.hkcert.org/my_url/en/alert/14101505
URL:www.hkcert.org/my_url/en/alert/14101506
URL:www.hkcert.org/my_url/en/alert/14101507
URL:www.hkcert.org/my_url/en/alert/14101508
URL:xforce.iss.net/xforce/xfdb/95550
URL:xforce.iss.net/xforce/xfdb/96742
URL:xforce.iss.net/xforce/xfdb/96771
URL:xforce.iss.net/xforce/xfdb/96773
URL:xforce.iss.net/xforce/xfdb/96995
URL:www.us-cert.gov/ncas/current-activity/2014/10/14/Microsoft-Releases-October-2014-Security-Bulletin
22. Vulnerability in Microsoft Windows (3009008)
[15/10/2014] Vulnerability was identified in the SSL 3.0 protocol in Microsoft Windows. An attacker could obtain sensitive information. This vulnerability affects multiple versions of the mentioned products.
URL:technet.microsoft.com/en-us/library/security/3009008
23. Information Updates on Microsoft Security Advisories (2871997, 2949927, 2977292)
[15/10/2014] Microsoft has updated information on the Advisories for Microsoft Windows. (a) KB2871997 was rereleased to announce the release of updates that provide additional protection for users' credentials when logging on to a remote host server. (b) KB2949927 announced the availability of SHA-2 Hashing Algorithm for Windows 7 and Windows Server 2008 R2. (c) KB2977292 announced the availability of an update for supported editions of Windows for Microsoft EAP Implementation that Enables the Use of TLS.
URL:technet.microsoft.com/en-us/library/security/2871997
URL:technet.microsoft.com/en-us/library/security/2949927
URL:technet.microsoft.com/en-us/library/security/2977292
24. Vulnerabilities in Adobe Products (APSB14-22, APSB14-23)
[15/10/2014] Vulnerabilities were identified in the Adobe Flash Player and Adobe ColdFusion. An attacker could bypass security restriction, execute arbitrary code and compromise a vulnerable system. These vulnerabilities affect multiple versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:helpx.adobe.com/security/products/flash-player/apsb14-22.html
URL:helpx.adobe.com/security/products/flash-player/apsb14-23.html
URL:technet.microsoft.com/en-us/library/security/2755801
URL:www.hkcert.org/my_url/en/alert/14101511
URL:www.hkcert.org/my_url/en/alert/14101509
URL:www.us-cert.gov/ncas/current-activity/2014/10/14/Adobe-Releases-Security-Updates-ColdFusion-and-Flash-Player
25. Vulnerabilities in Mozilla Products (MFSA 2014-74, MFSA 2014-75, MFSA 2014-76, MFSA 2014-77, MFSA 2014-78, MFSA 2014-79, MFSA 2014-80, MFSA 2014-81, MFSA 2014-82)
[15/10/2014] Vulnerabilities were identified in Mozilla Firefox, Firefox ESR and Thunderbird. An attacker could execute arbitrary code, obtain sensitive information, cause a denial of service condition and crash the application. These vulnerabilities affect multiple versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:www.mozilla.org/security/announce/2014/mfsa2014-74.html
URL:www.mozilla.org/security/announce/2014/mfsa2014-75.html
URL:www.mozilla.org/security/announce/2014/mfsa2014-76.html
URL:www.mozilla.org/security/announce/2014/mfsa2014-77.html
URL:www.mozilla.org/security/announce/2014/mfsa2014-78.html
URL:www.mozilla.org/security/announce/2014/mfsa2014-79.html
URL:www.mozilla.org/security/announce/2014/mfsa2014-80.html
URL:www.mozilla.org/security/announce/2014/mfsa2014-81.html
URL:www.mozilla.org/security/announce/2014/mfsa2014-82.html
URL:www.hkcert.org/my_url/en/alert/14101510
26. Vulnerability in Cisco Intrusion Prevention System
[15/10/2014] Vulnerability was identified in the Cisco Intrusion Prevention System (IPS). An attacker could bypass security restrictions, cause a denial of service condition and crash the application. This vulnerability affects multiple firmware versions of the mentioned product. Security patches are available to resolve this vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3406
27. Vulnerability in TigerVNC (96947)
[15/10/2014] Vulnerability was identified in the TigerVNC. An attacker could bypass security restrictions, cause a denial of service condition and crash the system. This vulnerability affects multiple versions of the mentioned product.
URL:xforce.iss.net/xforce/xfdb/96947
28. Vulnerabilities in Python
[15/10/2014] Vulnerabilities were identified in the Python. An attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and compromise a user's system.. These vulnerabilities affect versions 2.7, 3.3 and 3.4 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:hg.python.org/cpython/raw-file/v3.3.6/Misc/NEWS
URL:www.hkcert.org/my_url/en/alert/14101401
29. Vulnerabilities in Oracle Products
[15/10/2014] Vulnerabilities were identified in the Oracle Database, Oracle Fusion Applications and Middleware, Oracle Hyperion, Oracle E-Business Suite, Oracle Supply Chain Product Suite, Oracle PeopleSoft Enterprise, Oracle Siebel, Oracle Communications Applications, Oracle Retail Industry Suite, Oracle Java SE, Oracle and Sun Systems Products Suite, Oracle Solaris and Virtualization Products and Oracle MySQL Product Suite. An attacker could obtain sensitive information, execute arbitrary code, gain elevated privileges and cause a denial of service condition. These vulnerabilities affect multiple versions of the mentioned products.
URL:www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
URL:blogs.oracle.com/sunsecurity/entry/cve_2003_1294_symlink_attack
URL:blogs.oracle.com/sunsecurity/entry/cve_2009_2409_cryptographic_issues
URL:blogs.oracle.com/sunsecurity/entry/cve_2012_6151_resource_management
URL:blogs.oracle.com/sunsecurity/entry/cve_2013_4396_use_after
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_3508_information_disclosure
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_3511_cryptographic_vulnerability
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_3517_information_disclosure
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_3613_cookie_leak
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_3618_buffer_errors
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_3621_information_disclosure
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_5461_buffer_errors
URL:blogs.oracle.com/sunsecurity/entry/multiple_denial_of_service_dos5
URL:blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wan_boot
URL:www.us-cert.gov/ncas/current-activity/2014/10/14/Oracle-Releases-October-2014-Security-Advisory
30. Security Updates in SUSE (SUSE-SU-2014:1294-1)
[15/10/2014] SUSE has released security update packages for fixing the vulnerabilities identified in the rsyslog package for SUSE Linux Enterprise Server 11. Due to multiple errors, an attacker could bypass security restrictions, cause a denial of service condition and crash the system.
URL:lists.opensuse.org/opensuse-security-announce/2014-10/msg00005.html
31. Security Updates in Red Hat Enterprise Linux (RHSA-2014:1388-2, RHSA-2014:1389-2, RHSA-2014:1390-2, RHSA-2014:1391-2, RHSA-2014:1392-2, RHSA-2014:1436-2, RHSA-2014:1507-2, RHSA-2014:1552-2)
[15/10/2014] Red Hat has released security update packages for fixing the vulnerabilities identified in the cups, krb5, luci, glibc, kernel, X11 client libraries, trousers and openssh packages for Red Hat Enterprise Linux 6. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise a vulnerable system.
URL:rhn.redhat.com/errata/RHSA-2014-1388.html
URL:rhn.redhat.com/errata/RHSA-2014-1389.html
URL:rhn.redhat.com/errata/RHSA-2014-1390.html
URL:rhn.redhat.com/errata/RHSA-2014-1391.html
URL:rhn.redhat.com/errata/RHSA-2014-1392.html
URL:rhn.redhat.com/errata/RHSA-2014-1436.html
URL:rhn.redhat.com/errata/RHSA-2014-1507.html
URL:rhn.redhat.com/errata/RHSA-2014-1552.html
32. Security Updates in Ubuntu GNU/Linux (USN-2345-1, USN-2372-1, USN-2382-1, USN-2383-1)
[15/10/2014] Ubuntu has released security update packages for fixing the vulnerabilities identified in the oxide-qt, firefox, requests, wpa and wpasupplicant packages for versions 10.04 LTS, 12.04 LTS and 14.04 LTS of Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and compromise a vulnerable system.
URL:www.ubuntu.com/usn/usn-2345-1/
URL:www.ubuntu.com/usn/usn-2372-1/
URL:www.ubuntu.com/usn/usn-2382-1/
URL:www.ubuntu.com/usn/usn-2383-1/
33. Vulnerability in Cisco Email Security Appliance
[14/10/2014] Vulnerability was identified in the Cisco Email Security Appliance (ESA). An attacker could bypass security restrictions. This vulnerability affects multiple firmware versions of the mentioned product. Security patches are available to resolve this vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3381
34. Vulnerabilities in IBM Products (S1004879, S1004898, S1004929, S1004930, S1004931, S1004932, 1680795, 1684704, 1684716, 1684769, 1684838, 1684903, 1685178, 1685733, 1686142, 1686194, MIGR-5096315)
[14/10/2014] Vulnerabilities were identified in the IBM DS8000 HMC, IBM System Storage Storwize V7000 Unified, IBM FlashSystem 840 and V840, IBM Business Process Manager, IBM WebSphere Lombardi Edition, IBM Rational Application Developer, IBM Security Network Protection, IBM WebSphere Business Events, IBM WebSphere ILOG JRules, IBM WebSphere Operational Decision Management, IBM Operational Decision Manager, IBM Security Access Manager for Mobile and Web, IBM Content Manager Enterprise Edition, IBM Tivoli Application Dependency Discovery Manager and IBM Flex System Manager. An attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, perform cross-site scripting attacks, cause a denial of service condition and compromise a vulnerable system. These vulnerabilities affect multiple versions of mentioned products. Security patches are available to resolve these vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004879
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004898
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004929
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004930
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004931
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004932
URL:www.ibm.com/support/docview.wss?uid=swg21680795
URL:www.ibm.com/support/docview.wss?uid=swg21684704
URL:www.ibm.com/support/docview.wss?uid=swg21684716
URL:www.ibm.com/support/docview.wss?uid=swg21684769
URL:www.ibm.com/support/docview.wss?uid=swg21684838
URL:www.ibm.com/support/docview.wss?uid=swg21684903
URL:www.ibm.com/support/docview.wss?uid=swg21685178
URL:www.ibm.com/support/docview.wss?uid=swg21685733
URL:www.ibm.com/support/docview.wss?uid=swg21686142
URL:www.ibm.com/support/docview.wss?uid=swg21686194
URL:www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315
35. Vulnerabilities in Bugzilla
[14/10/2014] Vulnerabilities were identified in the Bugzilla. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code and perform cross-site scripting attacks. These vulnerabilities affect multiple versions of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:www.bugzilla.org/security/4.0.14/
URL:www.hkcert.org/my_url/en/alert/14101302
36. Vulnerability in Joomla!
[14/10/2014] Vulnerability was identified in the Joomla!. An attacker could bypass security restrictions, cause a denial of service condition and crash the system. This vulnerability affects multiple versions of the mentioned product. Security patches are available to resolve this vulnerability.
URL:developer.joomla.org/security/596-20140904-core-denial-of-service.html
URL:www.hkcert.org/my_url/en/alert/14101301
37. Vulnerabilities in NeuroML (96942, 96943)
[14/10/2014] Vulnerabilities were identified in the NeuroML. An attacker could bypass security restrictions, obtain sensitive information and execute arbitrary code. These vulnerabilities affect versions prior to 2.0 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:xforce.iss.net/xforce/xfdb/96942
URL:xforce.iss.net/xforce/xfdb/96943
38. Vulnerabilities in Pale Moon
[14/10/2014] Vulnerabilities were identified in the Pale Moon. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code and compromise a user's system. These vulnerabilities affect versions prior to 25.0.0 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:www.palemoon.org/releasenotes.shtml
39. Security Updates in SUSE (SUSE-SU-2014:1287-1)
[14/10/2014] SUSE has released security update packages for fixing the vulnerabilities identified in the Containment-Studio package for SUSE Studio Onsite 1.3. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise a vulnerable system.
URL:lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html
40. Security Updates in Red Hat Enterprise Linux (RHSA-2014:1397-1)
[14/10/2014] Red Hat has released security update packages for fixing the vulnerability identified in the rsyslog package for Red Hat Enterprise Linux 7. An attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and crash the system.
URL:rhn.redhat.com/errata/RHSA-2014-1397.html
41. Vulnerabilities in HP Sprinter (c04454636)
[13/10/2014] Vulnerabilities were identified in the HP Sprinter. An attacker could bypass security restrictions and execute arbitrary code. These vulnerabilities affect multiple versions of mentioned products. Security patches are available to resolve these vulnerabilities.
URL:h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04454636-1
URL:xforce.iss.net/xforce/xfdb/96923
42. Vulnerabilities in IBM Products (1682663, 1683429, 1684466, 1685242, 1685246, 1685350, 1686238, 1686240)
[13/10/2014] Vulnerabilities were identified in the IBM Sterling Connect:Direct, IBM Security Access Manager For Mobile, IBM Security Access Manager for Web, IBM Tivoli Storage Productivity Center and IBM TRIRIGA Application Platform. An attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, perform cross-site scripting attacks, cause a denial of service condition and compromise a vulnerable system. These vulnerabilities affect multiple versions of mentioned products. Security patches are available to resolve these vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21682663
URL:www.ibm.com/support/docview.wss?uid=swg21683429
URL:www.ibm.com/support/docview.wss?uid=swg21684466
URL:www.ibm.com/support/docview.wss?uid=swg21685242
URL:www.ibm.com/support/docview.wss?uid=swg21685246
URL:www.ibm.com/support/docview.wss?uid=swg21685350
URL:www.ibm.com/support/docview.wss?uid=swg21686238
URL:www.ibm.com/support/docview.wss?uid=swg21686240
URL:xforce.iss.net/xforce/xfdb/95630
URL:xforce.iss.net/xforce/xfdb/95631
43. Vulnerabilities in Huawei Products (Huawei-SA-20141010-01-VRP, Huawei-SA-20141011-01-E355)
[13/10/2014] Vulnerabilities were identified in Huawei Versatile Routing Platform (VRP) and Huawei 3G wireless routers. An attacker could bypass security restrictions, execute arbitrary code, perform cross-site scripting attacks, cause a denial of service condition and crash the system. These vulnerabilities affect multiple firmware versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-373182.htm
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-373306.htm
44. Vulnerabilities in SAP BusinessObjects (96933, 96934, 96935)
[13/10/2014] Vulnerabilities were identified in the SAP BusinessObjects. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code and perform cross-site scripting attacks. These vulnerabilities affect version 14.0.5 build 882 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:xforce.iss.net/xforce/xfdb/96933
URL:xforce.iss.net/xforce/xfdb/96934
URL:xforce.iss.net/xforce/xfdb/96935
45. Vulnerabilities in Jenkins (2014-10-01)
[13/10/2014] Vulnerabilities were identified in the Jenkins. An attacker could bypass security restrictions, execute arbitrary code, perform cross-site scripting attacks, cause a denial of service condition and compromise a vulnerable system. These vulnerabilities affect multiple versions of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
46. Vulnerability in Linux Kernel (96922)
[13/10/2014] Vulnerability was identified in the Linux Kernel. An attacker could bypass security restrictions, cause a denial of service condition and crash the system. The affected version was not specified. Security patches are available to resolve this vulnerability.
URL:xforce.iss.net/xforce/xfdb/96922
47. Security Updates in Gentoo Linux (GLSA 201410-02)
[13/10/2014] Gentoo has released security update packages for fixing the vulnerabilities identified in the Perl Locale-Maketext module packages for multiple versions of Gentoo Linux. Due to multiple errors, an attacker could bypass security restrictions, execute arbitrary code, gain elevated privileges, cause a denial of service condition and crash the system.
URL:www.gentoo.org/security/en/glsa/glsa-201410-02.xml
48. Security Updates in Red Hat Enterprise Linux (RHSA-2014:1371-1)
[13/10/2014] Red Hat has released security update packages for fixing the vulnerability identified in the nss packages for Red Hat Enterprise Linux 4, 5 and 6. An attacker could bypass security restrictions.
URL:rhn.redhat.com/errata/RHSA-2014-1371.html
Source(s) of above information:AdobeBugzillaCiscoDebianGentooGoogle Chrome ReleasesHKCERTHPHuaweiIBMIBM ISSJenkinsJoomla!JuniperMicrosoftMozillaNovellOpenSSLopenSUSEOraclePale MoonPython.orgRed HatSlackwareUbuntuUS-CERT
[17/10/2014] Microsoft has updated information on the Advisories for the SSL 3.0 protocol in Microsoft Windows. KB3009008 was revised to include a workaround of disabling the SSL 3.0 protocol in Windows.
URL:technet.microsoft.com/library/security/3009008
2. Vulnerability in NetIQ Access Manager (5193750)
[17/10/2014] Vulnerability was identified in the NetIQ Access Manager. An attacker could bypass security restrictions and obtain sensitive information. This vulnerability affects multiple versions of the mentioned product. Security patches are available to resolve this vulnerability.
URL:download.novell.com/Download?buildid=GQCffFuR3Yc~
3. Vulnerability in Foxit PDF SDK (97612)
[17/10/2014] Vulnerability was identified in the Foxit PDF SDK ActiveX control. An attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and crash the system. This vulnerability affects multiple versions of the mentioned product. Security patches are available to resolve this vulnerability.
URL:xforce.iss.net/xforce/xfdb/97612
4. Vulnerability in SAP Netweaver (97610)
[17/10/2014] Vulnerability was identified in the SAP Netweaver. An attacker could bypass security restrictions, cause a denial of service condition and crash the system. This vulnerability affects versions 7.01 and 7.20 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:xforce.iss.net/xforce/xfdb/97610
5. Security Updates in Oracle Solaris
[17/10/2014] Oracle has released security update packages for fixing the vulnerabilities identified in the Xscreensaver, OpenSSL, Apache HTTP Server and WAN Boot packages for Oracle Solaris 10 and 11.2. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial of service condition and crash the system.
URL:blogs.oracle.com/sunsecurity/entry/cve_2003_1294_symlink_attack
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_3511_cryptographic_vulnerability
URL:blogs.oracle.com/sunsecurity/entry/multiple_denial_of_service_dos5
URL:blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wan_boot
6. Security Updates in Debian (DSA-3051-1, DSA-3052-1, DSA-3053-1)
[17/10/2014] Debian has released security update packages for fixing the vulnerabilities identified in the drupal7, wpa and openssl packages for multiple versions of Debian GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, perform SQL injection attacks, cause a denial of service condition and crash the system.
URL:www.debian.org/security/2014/dsa-3051
URL:www.debian.org/security/2014/dsa-3052
URL:www.debian.org/security/2014/dsa-3053
7. Security Updates in Red Hat Enterprise Linux (RHSA-2014:1635-1, RHSA-2014:1647-1, RHSA-2014:1652-1, RHSA-2014:1653-1, RHSA-2014:1654-1, RHSA-2014:1655-1, RHSA-2014:1657-1)
[17/10/2014] Red Hat has released security update packages for fixing the vulnerabilities identified in the firefox, thunderbird, openssl, rsyslog7, libxml2 and java-1.7.0-oracle packages for Red Hat Enterprise Linux 5, 6 and 7. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise a vulnerable system.
URL:rhn.redhat.com/errata/RHSA-2014-1635.html
URL:rhn.redhat.com/errata/RHSA-2014-1647.html
URL:rhn.redhat.com/errata/RHSA-2014-1652.html
URL:rhn.redhat.com/errata/RHSA-2014-1653.html
URL:rhn.redhat.com/errata/RHSA-2014-1654.html
URL:rhn.redhat.com/errata/RHSA-2014-1655.html
URL:rhn.redhat.com/errata/RHSA-2014-1657.html
8. Security Updates in Ubuntu GNU/Linux (USN-2385-1, USN-2386-1)
[17/10/2014] Ubuntu has released security update packages for fixing the vulnerabilities identified in the openssl and openjdk-6 packages for versions 10.04 LTS, 12.04 LTS and 14.04 LTS of Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial of service condition and crash the system.
URL:www.ubuntu.com/usn/usn-2385-1/
URL:www.ubuntu.com/usn/usn-2386-1/
9. Vulnerabilities in Cisco Products (cisco-sa-20141015-poodle, cisco-sa-20141015-mcu, cisco-sa-20141015-vcs)
[16/10/2014] Vulnerabilities were identified in the Cisco TelePresence MCU, Cisco TelePresence Video Communication Server, Cisco Expressway Software, Cisco Prime Optical and other Cisco products using a block cipher in Cipher Block Chaining (CBC) mode. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial of service condition and compromise a user's system. These vulnerabilities affect multiple versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-poodle
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-mcu
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-vcs
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3408
10. Vulnerabilities in HP Products (c04471532, c04475466)
[16/10/2014] Vulnerabilities were identified in the HP StoreAll Operating System and HP TippingPoint Next-Generation Firewall (NGFW). An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial of service condition and compromise a user's system. These vulnerabilities affect multiple versions of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04471532
URL:h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04475466
11. Vulnerabilities in IBM Products (T1021316, T1021317, S1004897, S1004903, S1004904, S1004905, S1004915, S1004917, 1682681, 1683744, 1683965, 1684444, 1685137, 1685332, 1686084, 1686230, 1686233, 1686238, 1686240)
[16/10/2014] Vulnerabilities were identified in the IBM General Parallel File System, IBM SAN Volume Controller, IBM Storwize, IBM Flex System, IBM Scale Out Network Attached Storage, IBM TSSC, IBM Real-time Compression Appliance, IBM WebSphere Message Broker, IBM Integration Bus, IBM Watson Explorer, IBM PureApplication System, IBM Tivoli Workload Scheduler, IBM Tivoli Monitoring, IBM SmartCloud Provisioning , IBM TRIRIGA Application Platform. An attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, perform cross-site scripting attacks, cause a denial of service condition and compromise a vulnerable system. These vulnerabilities affect multiple versions of mentioned products. Security patches are available to resolve these vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=isg3T1021316
URL:www.ibm.com/support/docview.wss?uid=isg3T1021317
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004897
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004903
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004904
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004905
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004915
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004917
URL:www.ibm.com/support/docview.wss?uid=swg21682681
URL:www.ibm.com/support/docview.wss?uid=swg21683744
URL:www.ibm.com/support/docview.wss?uid=swg21683965
URL:www.ibm.com/support/docview.wss?uid=swg21684444
URL:www.ibm.com/support/docview.wss?uid=swg21685137
URL:www.ibm.com/support/docview.wss?uid=swg21685332
URL:www.ibm.com/support/docview.wss?uid=swg21686084
URL:www.ibm.com/support/docview.wss?uid=swg21686230
URL:www.ibm.com/support/docview.wss?uid=swg21686233
URL:www.ibm.com/support/docview.wss?uid=swg21686238
URL:www.ibm.com/support/docview.wss?uid=swg21686240
12. Vulnerability in Juniper Junos (JSA10656)
[16/10/2014] Vulnerability was identified in the Juniper Junos devices with a block cipher in Cipher Block Chaining (CBC) mode. An attacker could bypass security restrictions and obtain sensitive information. This vulnerability affects multiple versions of the mentioned products.
URL:kb.juniper.net/InfoCenter/index?page=content&id=JSA10656
13. Vulnerabilities in Google Chrome
[16/10/2014] Vulnerabilities were identified in the Google Chrome for Windows, Mac and Linux. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code and compromise a vulnerable system. These vulnerabilities affect versions prior to 38.0.2125.104 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:googlechromereleases.blogspot.hk/2014/10/stable-channel-update_14.html
URL:www.hkcert.org/my_url/en/alert/14101601
14. Vulnerability in MIT Kerberos (97028)
[16/10/2014] Vulnerability was identified in the MIT Kerberos. An attacker could bypass security restrictions and obtain sensitive information. This vulnerability affects version 5 1.12.2 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:xforce.iss.net/xforce/xfdb/97028
15. Vulnerabilities in OpenSSL
[16/10/2014] Vulnerabilities were identified in the OpenSSL. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code and cause a denial of service condition. These vulnerabilities affect versions 0.9.8, 1.0.0 and 1.0.1 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:www.openssl.org/news/secadv_20141015.txt
URL:www.hkcert.org/my_url/en/alert/14101603
URL:xforce.iss.net/xforce/xfdb/97035
URL:xforce.iss.net/xforce/xfdb/97036
URL:xforce.iss.net/xforce/xfdb/97037
16. Vulnerability in vBulletin (97026)
[16/10/2014] Vulnerability was identified in the vBulletin. An attacker could bypass security restrictions, execute arbitrary code and perform cross-site scripting attacks. This vulnerability affects multiple versions of the mentioned product.
URL:xforce.iss.net/xforce/xfdb/97026
17. Security Updates in Debian (DSA-3049-1)
[16/10/2014] Debian has released security update packages for fixing the vulnerabilities identified in the wireshark packages for multiple versions of Debian GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, cause a denial of service condition and crash the system.
URL:www.debian.org/security/2014/dsa-3049
18. Security Updates in Red Hat Enterprise Linux (RHSA-2014:1397-1, RHSA-2014:1620-1, RHSA-2014:1626-1)
[16/10/2014] Red Hat has released security update packages for fixing the vulnerabilities identified in the rsyslog, java-1.7.0-openjdk and chromium-browser packages for Red Hat Enterprise Linux 6 and 7. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise a vulnerable system.
URL:rhn.redhat.com/errata/RHSA-2014-1397.html
URL:rhn.redhat.com/errata/RHSA-2014-1620.html
URL:rhn.redhat.com/errata/RHSA-2014-1626.html
19. Security Updates in Slackware (SSA:2014-288-01)
[16/10/2014] Slackware has released security update packages for fixing the vulnerability identified in the openssl package for multiple versions of Slackware Linux. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code and cause a denial of service condition.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.846452
20. Security Updates in Ubuntu GNU/Linux (USN-2373-1, USN-2384-1)
[16/10/2014] Ubuntu has released security update packages for fixing the vulnerabilities identified in the thunderbird and mysql-5.5 packages for versions 12.04 LTS and 14.04 LTS of Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial of service condition and compromise a vulnerable system.
URL:www.ubuntu.com/usn/usn-2373-1/
URL:www.ubuntu.com/usn/usn-2384-1/
21. Vulnerabilities in Microsoft Products (2987107, 2990942, 2993254, 2998579, 3000061, 3000414, 3000434, 3000869)
[15/10/2014] Vulnerabilities were identified in the Microsoft Internet Explorer, Microsoft .NET Framework, Microsoft Windows, Microsoft ASP.NET MVC and Microsoft Office. An attacker could bypass security restrictions, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise a vulnerable system. These vulnerabilities affect multiple versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:technet.microsoft.com/library/security/ms14-oct
URL:technet.microsoft.com/library/security/MS14-056
URL:technet.microsoft.com/library/security/MS14-057
URL:technet.microsoft.com/library/security/MS14-058
URL:technet.microsoft.com/library/security/MS14-059
URL:technet.microsoft.com/library/security/MS14-060
URL:technet.microsoft.com/library/security/MS14-061
URL:technet.microsoft.com/library/security/MS14-062
URL:technet.microsoft.com/library/security/MS14-063
URL:www.hkcert.org/my_url/en/alert/14101501
URL:www.hkcert.org/my_url/en/alert/14101502
URL:www.hkcert.org/my_url/en/alert/14101503
URL:www.hkcert.org/my_url/en/alert/14101504
URL:www.hkcert.org/my_url/en/alert/14101505
URL:www.hkcert.org/my_url/en/alert/14101506
URL:www.hkcert.org/my_url/en/alert/14101507
URL:www.hkcert.org/my_url/en/alert/14101508
URL:xforce.iss.net/xforce/xfdb/95550
URL:xforce.iss.net/xforce/xfdb/96742
URL:xforce.iss.net/xforce/xfdb/96771
URL:xforce.iss.net/xforce/xfdb/96773
URL:xforce.iss.net/xforce/xfdb/96995
URL:www.us-cert.gov/ncas/current-activity/2014/10/14/Microsoft-Releases-October-2014-Security-Bulletin
22. Vulnerability in Microsoft Windows (3009008)
[15/10/2014] Vulnerability was identified in the SSL 3.0 protocol in Microsoft Windows. An attacker could obtain sensitive information. This vulnerability affects multiple versions of the mentioned products.
URL:technet.microsoft.com/en-us/library/security/3009008
23. Information Updates on Microsoft Security Advisories (2871997, 2949927, 2977292)
[15/10/2014] Microsoft has updated information on the Advisories for Microsoft Windows. (a) KB2871997 was rereleased to announce the release of updates that provide additional protection for users' credentials when logging on to a remote host server. (b) KB2949927 announced the availability of SHA-2 Hashing Algorithm for Windows 7 and Windows Server 2008 R2. (c) KB2977292 announced the availability of an update for supported editions of Windows for Microsoft EAP Implementation that Enables the Use of TLS.
URL:technet.microsoft.com/en-us/library/security/2871997
URL:technet.microsoft.com/en-us/library/security/2949927
URL:technet.microsoft.com/en-us/library/security/2977292
24. Vulnerabilities in Adobe Products (APSB14-22, APSB14-23)
[15/10/2014] Vulnerabilities were identified in the Adobe Flash Player and Adobe ColdFusion. An attacker could bypass security restriction, execute arbitrary code and compromise a vulnerable system. These vulnerabilities affect multiple versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:helpx.adobe.com/security/products/flash-player/apsb14-22.html
URL:helpx.adobe.com/security/products/flash-player/apsb14-23.html
URL:technet.microsoft.com/en-us/library/security/2755801
URL:www.hkcert.org/my_url/en/alert/14101511
URL:www.hkcert.org/my_url/en/alert/14101509
URL:www.us-cert.gov/ncas/current-activity/2014/10/14/Adobe-Releases-Security-Updates-ColdFusion-and-Flash-Player
25. Vulnerabilities in Mozilla Products (MFSA 2014-74, MFSA 2014-75, MFSA 2014-76, MFSA 2014-77, MFSA 2014-78, MFSA 2014-79, MFSA 2014-80, MFSA 2014-81, MFSA 2014-82)
[15/10/2014] Vulnerabilities were identified in Mozilla Firefox, Firefox ESR and Thunderbird. An attacker could execute arbitrary code, obtain sensitive information, cause a denial of service condition and crash the application. These vulnerabilities affect multiple versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:www.mozilla.org/security/announce/2014/mfsa2014-74.html
URL:www.mozilla.org/security/announce/2014/mfsa2014-75.html
URL:www.mozilla.org/security/announce/2014/mfsa2014-76.html
URL:www.mozilla.org/security/announce/2014/mfsa2014-77.html
URL:www.mozilla.org/security/announce/2014/mfsa2014-78.html
URL:www.mozilla.org/security/announce/2014/mfsa2014-79.html
URL:www.mozilla.org/security/announce/2014/mfsa2014-80.html
URL:www.mozilla.org/security/announce/2014/mfsa2014-81.html
URL:www.mozilla.org/security/announce/2014/mfsa2014-82.html
URL:www.hkcert.org/my_url/en/alert/14101510
26. Vulnerability in Cisco Intrusion Prevention System
[15/10/2014] Vulnerability was identified in the Cisco Intrusion Prevention System (IPS). An attacker could bypass security restrictions, cause a denial of service condition and crash the application. This vulnerability affects multiple firmware versions of the mentioned product. Security patches are available to resolve this vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3406
27. Vulnerability in TigerVNC (96947)
[15/10/2014] Vulnerability was identified in the TigerVNC. An attacker could bypass security restrictions, cause a denial of service condition and crash the system. This vulnerability affects multiple versions of the mentioned product.
URL:xforce.iss.net/xforce/xfdb/96947
28. Vulnerabilities in Python
[15/10/2014] Vulnerabilities were identified in the Python. An attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and compromise a user's system.. These vulnerabilities affect versions 2.7, 3.3 and 3.4 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:hg.python.org/cpython/raw-file/v3.3.6/Misc/NEWS
URL:www.hkcert.org/my_url/en/alert/14101401
29. Vulnerabilities in Oracle Products
[15/10/2014] Vulnerabilities were identified in the Oracle Database, Oracle Fusion Applications and Middleware, Oracle Hyperion, Oracle E-Business Suite, Oracle Supply Chain Product Suite, Oracle PeopleSoft Enterprise, Oracle Siebel, Oracle Communications Applications, Oracle Retail Industry Suite, Oracle Java SE, Oracle and Sun Systems Products Suite, Oracle Solaris and Virtualization Products and Oracle MySQL Product Suite. An attacker could obtain sensitive information, execute arbitrary code, gain elevated privileges and cause a denial of service condition. These vulnerabilities affect multiple versions of the mentioned products.
URL:www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
URL:blogs.oracle.com/sunsecurity/entry/cve_2003_1294_symlink_attack
URL:blogs.oracle.com/sunsecurity/entry/cve_2009_2409_cryptographic_issues
URL:blogs.oracle.com/sunsecurity/entry/cve_2012_6151_resource_management
URL:blogs.oracle.com/sunsecurity/entry/cve_2013_4396_use_after
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_3508_information_disclosure
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_3511_cryptographic_vulnerability
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_3517_information_disclosure
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_3613_cookie_leak
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_3618_buffer_errors
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_3621_information_disclosure
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_5461_buffer_errors
URL:blogs.oracle.com/sunsecurity/entry/multiple_denial_of_service_dos5
URL:blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wan_boot
URL:www.us-cert.gov/ncas/current-activity/2014/10/14/Oracle-Releases-October-2014-Security-Advisory
30. Security Updates in SUSE (SUSE-SU-2014:1294-1)
[15/10/2014] SUSE has released security update packages for fixing the vulnerabilities identified in the rsyslog package for SUSE Linux Enterprise Server 11. Due to multiple errors, an attacker could bypass security restrictions, cause a denial of service condition and crash the system.
URL:lists.opensuse.org/opensuse-security-announce/2014-10/msg00005.html
31. Security Updates in Red Hat Enterprise Linux (RHSA-2014:1388-2, RHSA-2014:1389-2, RHSA-2014:1390-2, RHSA-2014:1391-2, RHSA-2014:1392-2, RHSA-2014:1436-2, RHSA-2014:1507-2, RHSA-2014:1552-2)
[15/10/2014] Red Hat has released security update packages for fixing the vulnerabilities identified in the cups, krb5, luci, glibc, kernel, X11 client libraries, trousers and openssh packages for Red Hat Enterprise Linux 6. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise a vulnerable system.
URL:rhn.redhat.com/errata/RHSA-2014-1388.html
URL:rhn.redhat.com/errata/RHSA-2014-1389.html
URL:rhn.redhat.com/errata/RHSA-2014-1390.html
URL:rhn.redhat.com/errata/RHSA-2014-1391.html
URL:rhn.redhat.com/errata/RHSA-2014-1392.html
URL:rhn.redhat.com/errata/RHSA-2014-1436.html
URL:rhn.redhat.com/errata/RHSA-2014-1507.html
URL:rhn.redhat.com/errata/RHSA-2014-1552.html
32. Security Updates in Ubuntu GNU/Linux (USN-2345-1, USN-2372-1, USN-2382-1, USN-2383-1)
[15/10/2014] Ubuntu has released security update packages for fixing the vulnerabilities identified in the oxide-qt, firefox, requests, wpa and wpasupplicant packages for versions 10.04 LTS, 12.04 LTS and 14.04 LTS of Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and compromise a vulnerable system.
URL:www.ubuntu.com/usn/usn-2345-1/
URL:www.ubuntu.com/usn/usn-2372-1/
URL:www.ubuntu.com/usn/usn-2382-1/
URL:www.ubuntu.com/usn/usn-2383-1/
33. Vulnerability in Cisco Email Security Appliance
[14/10/2014] Vulnerability was identified in the Cisco Email Security Appliance (ESA). An attacker could bypass security restrictions. This vulnerability affects multiple firmware versions of the mentioned product. Security patches are available to resolve this vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3381
34. Vulnerabilities in IBM Products (S1004879, S1004898, S1004929, S1004930, S1004931, S1004932, 1680795, 1684704, 1684716, 1684769, 1684838, 1684903, 1685178, 1685733, 1686142, 1686194, MIGR-5096315)
[14/10/2014] Vulnerabilities were identified in the IBM DS8000 HMC, IBM System Storage Storwize V7000 Unified, IBM FlashSystem 840 and V840, IBM Business Process Manager, IBM WebSphere Lombardi Edition, IBM Rational Application Developer, IBM Security Network Protection, IBM WebSphere Business Events, IBM WebSphere ILOG JRules, IBM WebSphere Operational Decision Management, IBM Operational Decision Manager, IBM Security Access Manager for Mobile and Web, IBM Content Manager Enterprise Edition, IBM Tivoli Application Dependency Discovery Manager and IBM Flex System Manager. An attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, perform cross-site scripting attacks, cause a denial of service condition and compromise a vulnerable system. These vulnerabilities affect multiple versions of mentioned products. Security patches are available to resolve these vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004879
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004898
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004929
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004930
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004931
URL:www.ibm.com/support/docview.wss?uid=ssg1S1004932
URL:www.ibm.com/support/docview.wss?uid=swg21680795
URL:www.ibm.com/support/docview.wss?uid=swg21684704
URL:www.ibm.com/support/docview.wss?uid=swg21684716
URL:www.ibm.com/support/docview.wss?uid=swg21684769
URL:www.ibm.com/support/docview.wss?uid=swg21684838
URL:www.ibm.com/support/docview.wss?uid=swg21684903
URL:www.ibm.com/support/docview.wss?uid=swg21685178
URL:www.ibm.com/support/docview.wss?uid=swg21685733
URL:www.ibm.com/support/docview.wss?uid=swg21686142
URL:www.ibm.com/support/docview.wss?uid=swg21686194
URL:www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096315
35. Vulnerabilities in Bugzilla
[14/10/2014] Vulnerabilities were identified in the Bugzilla. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code and perform cross-site scripting attacks. These vulnerabilities affect multiple versions of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:www.bugzilla.org/security/4.0.14/
URL:www.hkcert.org/my_url/en/alert/14101302
36. Vulnerability in Joomla!
[14/10/2014] Vulnerability was identified in the Joomla!. An attacker could bypass security restrictions, cause a denial of service condition and crash the system. This vulnerability affects multiple versions of the mentioned product. Security patches are available to resolve this vulnerability.
URL:developer.joomla.org/security/596-20140904-core-denial-of-service.html
URL:www.hkcert.org/my_url/en/alert/14101301
37. Vulnerabilities in NeuroML (96942, 96943)
[14/10/2014] Vulnerabilities were identified in the NeuroML. An attacker could bypass security restrictions, obtain sensitive information and execute arbitrary code. These vulnerabilities affect versions prior to 2.0 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:xforce.iss.net/xforce/xfdb/96942
URL:xforce.iss.net/xforce/xfdb/96943
38. Vulnerabilities in Pale Moon
[14/10/2014] Vulnerabilities were identified in the Pale Moon. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code and compromise a user's system. These vulnerabilities affect versions prior to 25.0.0 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:www.palemoon.org/releasenotes.shtml
39. Security Updates in SUSE (SUSE-SU-2014:1287-1)
[14/10/2014] SUSE has released security update packages for fixing the vulnerabilities identified in the Containment-Studio package for SUSE Studio Onsite 1.3. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise a vulnerable system.
URL:lists.opensuse.org/opensuse-security-announce/2014-10/msg00004.html
40. Security Updates in Red Hat Enterprise Linux (RHSA-2014:1397-1)
[14/10/2014] Red Hat has released security update packages for fixing the vulnerability identified in the rsyslog package for Red Hat Enterprise Linux 7. An attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and crash the system.
URL:rhn.redhat.com/errata/RHSA-2014-1397.html
41. Vulnerabilities in HP Sprinter (c04454636)
[13/10/2014] Vulnerabilities were identified in the HP Sprinter. An attacker could bypass security restrictions and execute arbitrary code. These vulnerabilities affect multiple versions of mentioned products. Security patches are available to resolve these vulnerabilities.
URL:h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c04454636-1
URL:xforce.iss.net/xforce/xfdb/96923
42. Vulnerabilities in IBM Products (1682663, 1683429, 1684466, 1685242, 1685246, 1685350, 1686238, 1686240)
[13/10/2014] Vulnerabilities were identified in the IBM Sterling Connect:Direct, IBM Security Access Manager For Mobile, IBM Security Access Manager for Web, IBM Tivoli Storage Productivity Center and IBM TRIRIGA Application Platform. An attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, perform cross-site scripting attacks, cause a denial of service condition and compromise a vulnerable system. These vulnerabilities affect multiple versions of mentioned products. Security patches are available to resolve these vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21682663
URL:www.ibm.com/support/docview.wss?uid=swg21683429
URL:www.ibm.com/support/docview.wss?uid=swg21684466
URL:www.ibm.com/support/docview.wss?uid=swg21685242
URL:www.ibm.com/support/docview.wss?uid=swg21685246
URL:www.ibm.com/support/docview.wss?uid=swg21685350
URL:www.ibm.com/support/docview.wss?uid=swg21686238
URL:www.ibm.com/support/docview.wss?uid=swg21686240
URL:xforce.iss.net/xforce/xfdb/95630
URL:xforce.iss.net/xforce/xfdb/95631
43. Vulnerabilities in Huawei Products (Huawei-SA-20141010-01-VRP, Huawei-SA-20141011-01-E355)
[13/10/2014] Vulnerabilities were identified in Huawei Versatile Routing Platform (VRP) and Huawei 3G wireless routers. An attacker could bypass security restrictions, execute arbitrary code, perform cross-site scripting attacks, cause a denial of service condition and crash the system. These vulnerabilities affect multiple firmware versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-373182.htm
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-373306.htm
44. Vulnerabilities in SAP BusinessObjects (96933, 96934, 96935)
[13/10/2014] Vulnerabilities were identified in the SAP BusinessObjects. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code and perform cross-site scripting attacks. These vulnerabilities affect version 14.0.5 build 882 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:xforce.iss.net/xforce/xfdb/96933
URL:xforce.iss.net/xforce/xfdb/96934
URL:xforce.iss.net/xforce/xfdb/96935
45. Vulnerabilities in Jenkins (2014-10-01)
[13/10/2014] Vulnerabilities were identified in the Jenkins. An attacker could bypass security restrictions, execute arbitrary code, perform cross-site scripting attacks, cause a denial of service condition and compromise a vulnerable system. These vulnerabilities affect multiple versions of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
46. Vulnerability in Linux Kernel (96922)
[13/10/2014] Vulnerability was identified in the Linux Kernel. An attacker could bypass security restrictions, cause a denial of service condition and crash the system. The affected version was not specified. Security patches are available to resolve this vulnerability.
URL:xforce.iss.net/xforce/xfdb/96922
47. Security Updates in Gentoo Linux (GLSA 201410-02)
[13/10/2014] Gentoo has released security update packages for fixing the vulnerabilities identified in the Perl Locale-Maketext module packages for multiple versions of Gentoo Linux. Due to multiple errors, an attacker could bypass security restrictions, execute arbitrary code, gain elevated privileges, cause a denial of service condition and crash the system.
URL:www.gentoo.org/security/en/glsa/glsa-201410-02.xml
48. Security Updates in Red Hat Enterprise Linux (RHSA-2014:1371-1)
[13/10/2014] Red Hat has released security update packages for fixing the vulnerability identified in the nss packages for Red Hat Enterprise Linux 4, 5 and 6. An attacker could bypass security restrictions.
URL:rhn.redhat.com/errata/RHSA-2014-1371.html
Source(s) of above information:AdobeBugzillaCiscoDebianGentooGoogle Chrome ReleasesHKCERTHPHuaweiIBMIBM ISSJenkinsJoomla!JuniperMicrosoftMozillaNovellOpenSSLopenSUSEOraclePale MoonPython.orgRed HatSlackwareUbuntuUS-CERT
Subscribe to:
Posts (Atom)