1. Vulnerability
in Adobe Digital Editions (APSB14-25)
[24/10/2014] Vulnerability was identified in the Adobe Digital Editions.
An attacker could bypass security restriction and obtain sensitive information.
This vulnerability affects version 4.0.98786 and earlier of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:helpx.adobe.com/security/products/Digital-Editions/apsb14-25.html
2. Vulnerabilities in IBM Products (T1021361, 1682767,
1686246, 1686516)
[24/10/2014] Vulnerabilities were identified in the IBM SDN for Virtual
Environments, IBM WebSphere Application Server, IBM WebSphere Application Server
Hypervisor Edition, IBM PureApplication System and IBM IMS Enterprise Suite SOAP
Gateway. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise a vulnerable system. These vulnerabilities
affect multiple versions of mentioned products. Security patches are available
to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=isg3T1021361
URL:www.ibm.com/support/docview.wss?uid=swg21682767
URL:www.ibm.com/support/docview.wss?uid=swg21686246
URL:www.ibm.com/support/docview.wss?uid=swg21686516
3. Vulnerability in Novell Filr (5194316,
5194317)
[24/10/2014]
Vulnerability was identified in the Novell Filr.
An attacker could bypass security restrictions and obtain sensitive information.
This vulnerability affects multiple versions of mentioned product. Security
patches are available to resolve this
vulnerability.
URL:download.novell.com/Download?buildid=_N6A9M3Jvig~
URL:download.novell.com/Download?buildid=3wpN2nVj2D8~
4. Vulnerability in VMware vSphere Data Protection
(VMSA-2014-0011)
[24/10/2014] Vulnerability was identified in the VMware vSphere Data
Protection. An attacker could bypass security restrictions and obtain sensitive
information. This vulnerability affects version 5.5 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:www.vmware.com/security/advisories/VMSA-2014-0011.html
5. Vulnerability in NAT-PMP devices
(VU#184540)
[24/10/2014] Vulnerability was identified in multiple NAT-PMP devices. An
attacker could bypass security restrictions and obtain sensitive information.
This vulnerability affects multiple versions of the mentioned
products.
URL:www.kb.cert.org/vuls/id/184540
6. Vulnerability in Linux
Kernel
[24/10/2014]
Vulnerability was identified in the Linux
Kernel. An attacker could bypass security restrictions and cause a denial of
service condition. The affected version was not specified. Security patches are
available to resolve this
vulnerability.
URL:git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d974baa398f34393db76be45f7d4d04fbdbb4a0a
URL:xforce.iss.net/xforce/xfdb/97715
7. Vulnerability in Smarty
[24/10/2014] Vulnerability was identified in the Smarty. An attacker could
bypass security restrictions and execute arbitrary code. This vulnerability
affects versions prior to 3.1.21 of the mentioned product. Security patches are
available to resolve this
vulnerability.
URL:www.smarty.net/
URL:xforce.iss.net/xforce/xfdb/97725
8. Security Updates in Oracle Linux (ELSA-2014-1636,
ELSA-2014-1654, ELSA-2014-1676)
[24/10/2014] Oracle has
released security update packages for fixing the vulnerabilities identified in
the java-1.8.0-openjdk, rsyslog7 and wireshark packages for Oracle Linux 6 and
7. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise a user's
system.
URL:linux.oracle.com/errata/ELSA-2014-1636
URL:linux.oracle.com/errata/ELSA-2014-1654
URL:linux.oracle.com/errata/ELSA-2014-1676
9. Security Updates in FreeBSD (FreeBSD-SA-14:20.rtsold,
FreeBSD-SA-14:21.routed, FreeBSD-SA-14:22.namei,
FreeBSD-SA-14:23.openssl)
[24/10/2014] FreeBSD
has released security update packages for fixing the vulnerabilities identified
in the rtsold, routed, kernel and openssl packages for multiple versions of
FreeBSD. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:www.freebsd.org/security/advisories/FreeBSD-SA-14:20.rtsold.asc
URL:www.freebsd.org/security/advisories/FreeBSD-SA-14:21.routed.asc
URL:www.freebsd.org/security/advisories/FreeBSD-SA-14:22.namei.asc
URL:www.freebsd.org/security/advisories/FreeBSD-SA-14:23.openssl.asc
10.
Security Updates in Mandriva
(MDVSA-2014:202, MDVSA-2014:203, MDVSA-2014:204)
[24/10/2014] Mandriva has released security update packages for fixing the
vulnerabilities identified in the php, openssl and libxml2 packages for version
MBS1 of Mandriva GNU/Linux. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, execute arbitrary code,
cause a denial of service condition and crash the
system.
URL:www.mandriva.com/en/support/security/advisories/mbs1/MDVSA-2014%3A202/
URL:www.mandriva.com/en/support/security/advisories/mbs1/MDVSA-2014%3A203/
URL:www.mandriva.com/en/support/security/advisories/mbs1/MDVSA-2014%3A204/
11.
Security Updates in Ubuntu GNU/Linux
(USN-2388-1, USN-2388-2)
[24/10/2014] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the openjdk-7 packages for versions 14.04 LTS and 14.10 of Ubuntu GNU/Linux. Due
to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2388-1/
URL:www.ubuntu.com/usn/usn-2388-2/
12.
Vulnerability in Adobe Digital Editions
(APSB14-25)
[23/10/2014] Vulnerability was identified in the Adobe Digital Editions.
An attacker could bypass security restriction and obtain sensitive information.
This vulnerability affects versions prior to 4.0.1 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:helpx.adobe.com/security/products/Digital-Editions/apsb14-25.html
13.
Vulnerabilities in IBM Products
(T1021361, 1682767, 1686246, 1686516)
[23/10/2014] Vulnerabilities were identified in the IBM SDN for Virtual
Environments, IBM WebSphere Application Server, IBM WebSphere Application Server
Hypervisor Edition, IBM PureApplication System and IBM IMS Enterprise Suite SOAP
Gateway. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise a vulnerable system. These vulnerabilities
affect multiple versions of mentioned products. Security patches are available
to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=isg3T1021361
URL:www.ibm.com/support/docview.wss?uid=swg21682767
URL:www.ibm.com/support/docview.wss?uid=swg21686246
URL:www.ibm.com/support/docview.wss?uid=swg21686516
14.
Vulnerability in Novell Filr (5194316,
5194317)
[23/10/2014]
Vulnerability was identified in the Novell Filr.
An attacker could bypass security restrictions and obtain sensitive information.
This vulnerability affects multiple versions of mentioned product. Security
patches are available to resolve this
vulnerability.
URL:download.novell.com/Download?buildid=_N6A9M3Jvig~
URL:download.novell.com/Download?buildid=3wpN2nVj2D8~
15.
Vulnerability in VMware vSphere Data
Protection (VMSA-2014-0011)
[23/10/2014] Vulnerability was identified in the VMware vSphere Data
Protection. An attacker could bypass security restrictions and obtain sensitive
information. This vulnerability affects version 5.5 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:www.vmware.com/security/advisories/VMSA-2014-0011.html
16.
Vulnerability in NAT-PMP devices
(VU#184540)
[23/10/2014] Vulnerability was identified in multiple NAT-PMP devices. An
attacker could bypass security restrictions and obtain sensitive information.
This vulnerability affects multiple versions of the mentioned
products.
URL:www.kb.cert.org/vuls/id/184540
17.
Vulnerability in Linux
Kernel
[23/10/2014]
Vulnerability was identified in the Linux
Kernel. An attacker could bypass security restrictions and cause a denial of
service condition. The affected version was not specified. Security patches are
available to resolve this
vulnerability.
URL:git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d974baa398f34393db76be45f7d4d04fbdbb4a0a
URL:xforce.iss.net/xforce/xfdb/97715
18.
Vulnerability in
Smarty
[23/10/2014]
Vulnerability was identified in the Smarty. An
attacker could bypass security restrictions and execute arbitrary code. This
vulnerability affects versions prior to 3.1.21 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:www.smarty.net/
URL:xforce.iss.net/xforce/xfdb/97725
19.
Security Updates in Oracle Linux
(ELSA-2014-1636, ELSA-2014-1654, ELSA-2014-1676)
[23/10/2014] Oracle has released security update packages for fixing the
vulnerabilities identified in the java-1.8.0-openjdk, rsyslog7 and wireshark
packages for Oracle Linux 6 and 7. Due to multiple errors, an attacker could
bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise a user's
system.
URL:linux.oracle.com/errata/ELSA-2014-1636
URL:linux.oracle.com/errata/ELSA-2014-1654
URL:linux.oracle.com/errata/ELSA-2014-1676
20.
Security Updates in FreeBSD
(FreeBSD-SA-14:20.rtsold, FreeBSD-SA-14:21.routed, FreeBSD-SA-14:22.namei,
FreeBSD-SA-14:23.openssl)
[23/10/2014] FreeBSD
has released security update packages for fixing the vulnerabilities identified
in the rtsold, routed, kernel and openssl packages for multiple versions of
FreeBSD. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:www.freebsd.org/security/advisories/FreeBSD-SA-14:20.rtsold.asc
URL:www.freebsd.org/security/advisories/FreeBSD-SA-14:21.routed.asc
URL:www.freebsd.org/security/advisories/FreeBSD-SA-14:22.namei.asc
URL:www.freebsd.org/security/advisories/FreeBSD-SA-14:23.openssl.asc
21.
Security Updates in Mandriva
(MDVSA-2014:202, MDVSA-2014:203, MDVSA-2014:204)
[23/10/2014] Mandriva has released security update packages for fixing the
vulnerabilities identified in the php, openssl and libxml2 packages for version
MBS1 of Mandriva GNU/Linux. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, execute arbitrary code,
cause a denial of service condition and crash the
system.
URL:www.mandriva.com/en/support/security/advisories/mbs1/MDVSA-2014%3A202/
URL:www.mandriva.com/en/support/security/advisories/mbs1/MDVSA-2014%3A203/
22.
Security Updates in Ubuntu GNU/Linux
(USN-2388-1, USN-2388-2)
[23/10/2014] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the openjdk-7 packages for versions 14.04 LTS and 14.10 of Ubuntu GNU/Linux. Due
to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2388-1/
URL:www.ubuntu.com/usn/usn-2388-2/
23.
Vulnerabilities in HP Products
(c04476799, c04479492)
[22/10/2014] Vulnerabilities were identified in the HP System Management
Homepage and HP Operation Agent Virtual Appliance. An attacker could bypass
security restrictions, execute arbitrary code, perform cross-site request
forgery attacks, gain elevated privileges and compromise a vulnerable system.
These vulnerabilities affect multiple versions of mentioned products. Security
patches are available to resolve these
vulnerabilities.
URL:h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04476799
URL:h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04479492
24.
Vulnerabilities in IBM Products (1679979,
1684652, 1685121, 1685122, 1687099, 1687344)
[22/10/2014] Vulnerabilities were identified in the IBM Business Process
Manager, IBM WebSphere Lombardi Edition, IBM WebSphere Portal, IBM Rational
Performance Tester, IBM Rational Service Tester, IBM WebSphere DataPower SOA
Appliances and IBM FileNet Business Process Manager. An attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, perform cross-site scripting attacks, cause a denial of
service condition and compromise a vulnerable system. These vulnerabilities
affect multiple versions of mentioned products. Security patches are available
to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21679979
URL:www.ibm.com/support/docview.wss?uid=swg21684652
URL:www.ibm.com/support/docview.wss?uid=swg21685121
URL:www.ibm.com/support/docview.wss?uid=swg21685122
URL:www.ibm.com/support/docview.wss?uid=swg21687099
URL:www.ibm.com/support/docview.wss?uid=swg21687344
25.
Vulnerabilities in Huawei Products
(Huawei-SA-20141022-DLLHijacking, 97681, 97682)
[22/10/2014] Vulnerabilities were identified in the Huawei USB Modem
products and Huawei Mobile Partner. An attacker could bypass security
restrictions, gain elevated privileges, execute arbitrary code and compromise a
vulnerable system. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities in Huawei USB Modem
products.
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-376152.htm
URL:xforce.iss.net/xforce/xfdb/97681
URL:xforce.iss.net/xforce/xfdb/97682
26.
Vulnerabilities in Hitachi Products
(HS14-021)
[22/10/2014]
Vulnerabilities were identified in multiple
Hitachi Cosminexus products. An attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, cause a denial of
service condition, execute arbitrary code and compromise a vulnerable system.
These vulnerabilities affect multiple versions of the mentioned products.
Security patches are available to resolve these
vulnerabilities.
URL:www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS14-021/index.html
27.
Vulnerability in Rejetto HTTP File Server
(VU#251276)
[22/10/2014] Vulnerability was identified in the Rejetto HTTP File Server.
An attacker could bypass security restrictions and execute arbitrary code. This
vulnerability affects versions 2.3, 2.3a and 2.3b of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:www.kb.cert.org/vuls/id/251276
28.
Security Updates in Oracle Linux
(ELSA-2014-1671)
[22/10/2014] Oracle has
released security update packages for fixing the vulnerability identified in the
rsyslog5 and rsyslog packages for Oracle Linux 5. An attacker could bypass
security restrictions, execute arbitrary code, cause a denial of service
condition and compromise a vulnerable
system.
URL:linux.oracle.com/errata/ELSA-2014-1671.html
29.
Security Updates in Mandriva
(MDVSA-2014:196, MDVSA-2014:197, MDVSA-2014:198, MDVSA-2014:199, MDVSA-2014:200,
MDVSA-2014:201)
[22/10/2014] Mandriva
has released security update packages for fixing the vulnerabilities identified
in the rsyslog, python, mediawiki, perl, bugzilla and kernel packages for
version MBS1 of Mandriva GNU/Linux. Due to multiple errors, an attacker could
bypass security restrictions, obtain sensitive information, execute arbitrary
code, cause a denial of service condition and crash the
system.
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A196/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A197/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A198/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A199/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A200/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2014%3A201/
30.
Security Updates in Red Hat Enterprise
Linux (RHSA-2014:1633-1, RHSA-2014:1634-1, RHSA-2014:1636-1, RHSA-2014:1676-1,
RHSA-2014:1677-1)
[22/10/2014] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the java-1.6.0-openjdk, java-1.7.0-openjdk, java-1.8.0-openjdk and wireshark
packages for Red Hat Enterprise Linux 5, 6 and 7. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise a vulnerable
system.
URL:rhn.redhat.com/errata/RHSA-2014-1633.html
URL:rhn.redhat.com/errata/RHSA-2014-1634.html
URL:rhn.redhat.com/errata/RHSA-2014-1636.html
URL:rhn.redhat.com/errata/RHSA-2014-1676.html
URL:rhn.redhat.com/errata/RHSA-2014-1677.html
31.
Security Updates in Slackware
(SSA:2014-293-01)
[22/10/2014] Slackware
has released security update packages for fixing the vulnerability identified in
the openssh package for multiple versions of Slackware Linux. An attacker could
bypass security restrictions and execute arbitrary
code.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.521613
32.
Vulnerabilities in Apple Products
(HT6541, HT6542)
[21/10/2014] Vulnerabilities were identified in the Apple iOS and Apple
TV. An attacker could bypass security restrictions, obtain sensitive information
and execute arbitrary code. These vulnerabilities affect version prior to 8.1 of
Apple iOS and version prior to 7.0.1 of Apple TV. Security patches are available
to resolve these
vulnerabilities.
URL:support.apple.com/kb/HT6541
URL:support.apple.com/kb/HT6542
URL:www.us-cert.gov/ncas/current-activity/2014/10/20/Apple-Releases-Security-Updates-iOS-and-Apple-TV
33.
Vulnerability in BlackBerry Products
(KB36397)
[21/10/2014]
Vulnerability was identified in multiple
BlackBerry products running SSLv3 encryption protocol. An attacker could bypass
security restrictions and obtain sensitive information. This vulnerability
affect multiple versions of the mentioned
products.
URL:www.blackberry.com/btsc/kb36397
34.
Vulnerabilities in HP Products
(c04472444, c04475347)
[21/10/2014] Vulnerabilities were identified in the HP Operations Agent
and HP Enterprise Maps. An attacker could bypass security restrictions, execute
arbitrary code and compromise a vulnerable system. These vulnerabilities affect
multiple versions of mentioned products. Security patches are available to
resolve these
vulnerabilities.
URL:h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04472444
URL:h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04475347
35.
Vulnerabilities in IBM Products (1680387,
1683438, 1685312, 1686126, 1686210, 1686339, 1686479,
7043086)
[21/10/2014]
Vulnerabilities were identified in the IBM
Enterprise Common Collector, IBM Rational SAP Connector, IBM Tivoli Composite
Application Manager for Transactions, IBM Tivoli Provisioning Manager, IBM
WebSphere MQ Telemetry Component, IBM WebSphere MQ and IBM Security Virtual
Server Protection for VMware (VSP). An attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, perform cross-site scripting attacks, cause a denial of service
condition and compromise a vulnerable system. These vulnerabilities affect
multiple versions of mentioned products. Security patches are available to
resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21680387
URL:www.ibm.com/support/docview.wss?uid=swg21683438
URL:www.ibm.com/support/docview.wss?uid=swg21685312
URL:www.ibm.com/support/docview.wss?uid=swg21686126
URL:www.ibm.com/support/docview.wss?uid=swg21686210
URL:www.ibm.com/support/docview.wss?uid=swg21686339
URL:www.ibm.com/support/docview.wss?uid=swg21686479
URL:www.ibm.com/support/docview.wss?uid=swg27043086
36.
Vulnerabilities in Avant
Browser
[21/10/2014]
Vulnerabilities were identified in Avant
Browser. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code and compromise a vulnerable system. These
vulnerabilities affect versions prior to 2015 build 5 of the mentioned product.
Security patches are available to resolve these
vulnerabilities.
URL:www.avantbrowser.com/new.aspx
37.
Vulnerability in Libxml2
(97656)
[21/10/2014]
Vulnerability was identified in the Libxml2. An
attacker could bypass security restrictions, cause a denial of service condition
and crash the system. This vulnerability affects version 2.9.1 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:xforce.iss.net/xforce/xfdb/97656
38.
Security Updates in Oracle Products
(ELSA-2014-1552, ELSA-2014-1652, ELSA-2014-1653)
[21/10/2014] Oracle has released security update packages for fixing the
vulnerabilities identified in the OpenSSL package for Oracle Solaris 11.2, the
openssh and openssl packages for Oracle Linux 5 and 6. An attacker could bypass
security restrictions, obtain sensitive information, execute arbitrary code,
gain elevated privileges, execute arbitrary code and cause a denial of service
condition.
URL:blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_openssl6
URL:linux.oracle.com/errata/ELSA-2014-1552.html
URL:linux.oracle.com/errata/ELSA-2014-1652.html
URL:linux.oracle.com/errata/ELSA-2014-1653.html
39.
Security Updates in Debian
(DSA-3054-1)
[21/10/2014] Debian has
released security update packages for fixing the vulnerabilities identified in
the mysql-5.5 package for multiple versions of Debian GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:www.debian.org/security/2014/dsa-3054
40.
Security Updates in Red Hat Enterprise
Linux (RHSA-2014:1669-1, RHSA-2014:1670-1,
RHSA-2014:1671-1)
[21/10/2014] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the qemu-kvm, qemu-kvm-rhev, rsyslog5 and rsyslog packages for Red Hat
Enterprise Linux 5, 6 and 7. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and compromise a
vulnerable
system.
URL:rhn.redhat.com/errata/RHSA-2014-1669.html
URL:rhn.redhat.com/errata/RHSA-2014-1670.html
URL:rhn.redhat.com/errata/RHSA-2014-1671.html
41.
Information Updates on Microsoft Security
Advisory (2949927)
[20/10/2014] Microsoft
has updated information on the advisory for the Microsoft Windows. KB2949927
removed Download Center links for Microsoft security update 2949927. Microsoft
recommends that customers experiencing issues uninstall this update. Microsoft
is investigating behavior associated with this update, and will update the
advisory when more information becomes
available.
URL:technet.microsoft.com/en-US/library/security/2949927
42.
Vulnerabilities in Apple OS X Products
(HT6527, HT6529, HT6531, HT6535, HT6536, HT6537)
[20/10/2014] Vulnerabilities were identified in the Apple OS X Server,
Apple OS X Mountain Lion, Apple OS X Mavericks, Apple OS X Yosemite and Apple
iTunes. An attacker could bypass security restrictions and execute arbitrary
code. These vulnerabilities affect multiple versions of the mentioned products.
Security patches are available to resolve these
vulnerabilities.
URL:support.apple.com/kb/HT6527
URL:support.apple.com/kb/HT6529
URL:support.apple.com/kb/HT6531
URL:support.apple.com/kb/HT6535
URL:support.apple.com/kb/HT6536
URL:support.apple.com/kb/HT6537
URL:www.us-cert.gov/ncas/current-activity/2014/10/17/Apple-Releases-Security-Update-2014-005
URL:xforce.iss.net/xforce/xfdb/97631
URL:xforce.iss.net/xforce/xfdb/97646
43.
Vulnerability in BlackBerry 10
smartphones (BSRT-2014-008)
[20/10/2014] Vulnerability was identified in the BlackBerry 10
smartphones. An attacker could bypass security restrictions, execute arbitrary
code, obtain sensitive information, cause a denial of service condition and
compromise a vulnerable system. This vulnerability affect multiple firmware
versions of the mentioned product. Security patches are available to resolve
this
vulnerability.
URL:www.blackberry.com/btsc/kb36360
44.
Vulnerabilities in IBM Products (1685571,
1685574, 1685735, 1686131)
[20/10/2014] Vulnerabilities were identified in the IBM Content Navigator,
IBM Content Manager, IBM FileNet Content Manager, IBM Content Foundation, IBM
Content Manager OnDemand, IBM Algo One - Algo Risk Application and IBM Workload
Deployer. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, perform
cross-site scripting attacks, cause a denial of service condition and compromise
a vulnerable system. These vulnerabilities affect multiple versions of mentioned
products. Security patches are available to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21685571
URL:www.ibm.com/support/docview.wss?uid=swg21685574
URL:www.ibm.com/support/docview.wss?uid=swg21685735
URL:www.ibm.com/support/docview.wss?uid=swg21686131
45.
Vulnerabilities in Novell GroupWise
(5190530, 5190531, 5190532, 5190550, 5190551)
[20/10/2014] Vulnerabilities were identified in the Novell GroupWise. An
attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code, cause a denial of service condition and crash the
system. These vulnerabilities affect multiple versions of the mentioned product.
Security patches are available to resolve these
vulnerabilities.
URL:download.novell.com/Download?buildid=dto6obSiSuM~
URL:download.novell.com/Download?buildid=m2NNE-BWQ58~
URL:download.novell.com/Download?buildid=MnyxLK-LI-E~
URL:download.novell.com/Download?buildid=NB35noeHLaY~
URL:download.novell.com/Download?buildid=PJTVAWcyTDs~
46.
Vulnerabilities in
PHP
[20/10/2014] Vulnerabilities were identified in the PHP. An
attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code, cause a denial of service condition and crash the
system. These vulnerabilities affect multiple versions of the mentioned product.
Security patches are available to resolve these
vulnerabilities.
URL:php.net/ChangeLog-5.php#5.4.34
URL:php.net/ChangeLog-5.php#5.5.18
URL:php.net/ChangeLog-5.php#5.6.2
URL:bugs.php.net/68027
URL:bugs.php.net/68044
URL:bugs.php.net/68113
47.
Vulnerability in Drupal
(SA-CORE-2014-005)
[20/10/2014] Vulnerability was identified in the Drupal. An attacker could
bypass security restrictions, execute arbitrary code and perform code injection
attacks. This vulnerability affects multiple versions of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:www.drupal.org/SA-CORE-2014-005
URL:www.us-cert.gov/ncas/current-activity/2014/10/17/Drupal-Releases-Security-Advisory
48.
Security Updates in Oracle Products
(ELSA-2014-1388, ELSA-2014-1389, ELSA-2014-1391, ELSA-2014-1507, ELSA-2014-1633,
ELSA-2014-1634, ELSA-2014-1635, ELSA-2014-1647)
[20/10/2014] Oracle has released security update packages for fixing the
vulnerabilities identified in the cups, krb5, glibc, trousers,
java-1.7.0-openjdk, java-1.6.0-openjdk, firefox and thunderbird packages for
Oracle Linux 5, 6 and 7. An attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code, gain elevated privileges, execute
arbitrary code and cause a denial of service condition. These vulnerabilities
affect multiple versions of the mentioned
products.
URL:linux.oracle.com/errata/ELSA-2014-1388.html
URL:linux.oracle.com/errata/ELSA-2014-1389.html
URL:linux.oracle.com/errata/ELSA-2014-1391.html
URL:linux.oracle.com/errata/ELSA-2014-1507.html
URL:linux.oracle.com/errata/ELSA-2014-1633.html
URL:linux.oracle.com/errata/ELSA-2014-1634.html
URL:linux.oracle.com/errata/ELSA-2014-1635.html
URL:linux.oracle.com/errata/ELSA-2014-1647.html
49.
Security Updates in Debian
(DSA-3050-1)
[20/10/2014] Debian has
released security update packages for fixing the vulnerabilities identified in
the iceweasel package for multiple versions of Debian GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, execute arbitrary code,
cause a denial of service condition and crash the
system.
URL:www.debian.org/security/2014/dsa-3050
50.
Security Updates in Red Hat Enterprise
Linux (RHSA-2014:1654-1, RHSA-2014:1658-1)
[20/10/2014] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the rsyslog7 and java-1.6.0-sun packages for Red Hat Enterprise Linux 5, 6
and 7. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise a vulnerable
system.
URL:rhn.redhat.com/errata/RHSA-2014-1654.html
URL:rhn.redhat.com/errata/RHSA-2014-1658.html
Thank you
ReplyDelete