Skip to main content

Security Bulletin

Filter by:

RISK: Medium Risk

Medium Risk

Juniper Junos IPv6 Over IPv4 Tunnel Security Policy Bypass Vulnerability

A vulnerability has been identified in Juniper Junos, which can be exploited by malicious people to bypass certain security restrictions.The vulnerability is caused due to an error when enforcing security policies on IPv6 over IPv4 tunnels. This can lead to certain security policies not being enforced...
Last Update Date: 18 Nov 2011 15:00 Release Date: 18 Nov 2011 4827 Views

RISK: High Risk

High Risk

Google Chrome V8 Memory Corruption Vulnerability

A vulnerability has been identified in Google Chrome, which can be exploited by malicious people to compromise a user's system.The vulnerability is caused due to an error in V8 (JavaScript engine) and can be exploited to cause an out of bounds write and...
Last Update Date: 18 Nov 2011 14:59 Release Date: 18 Nov 2011 4910 Views

RISK: High Risk

High Risk

ISC BIND Recursive Query Processing Denial of Service Vulnerability

A vulnerability has been identified in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error when processing recursive queries. NOTE: The vulnerability is currently being actively exploited.
Last Update Date: 17 Nov 2011 11:48 Release Date: 17 Nov 2011 5048 Views

RISK: Medium Risk

Medium Risk

FreeType CID-keyed Font Parsing Vulnerabilities

Multiple vulnerabilities have been identified in FreeType, which can be exploited by malicious people to compromise an application using the library.  The vulnerabilities are caused due to errors in src/cid/cidload.c when parsing CID-keyed Type 1 fonts. This can be...
Last Update Date: 16 Nov 2011 10:22 Release Date: 16 Nov 2011 4753 Views

RISK: Medium Risk

Medium Risk

Joomla! Security Bypass and Cross-Site Scripting Vulnerability

Two vulnerability have been identified in Joomla!, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML...
Last Update Date: 15 Nov 2011 12:26 Release Date: 15 Nov 2011 4933 Views

RISK: High Risk

High Risk

Google Chrome Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. The application bundles a vulnerable version of the Adobe Flash player.For details, please refer to HKCERT security bulletin...
Last Update Date: 15 Nov 2011 12:22 Release Date: 15 Nov 2011 4732 Views

RISK: High Risk

High Risk

Adobe Flash Player Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Adobe Flash Player, which can be exploited by attackers to take control of the affected system. 
Last Update Date: 14 Nov 2011 Release Date: 11 Nov 2011 5039 Views

RISK: High Risk

High Risk

Apple iOS Multiple Vulnerabilities

Multiple Vulnerabilities have been identified in Apple iOS, which can be exploited by malicious people to obtain sensitive information and execute arbitrary code on the affected system. A remote user can create a specially crafted FreeType font that, when loaded by the target user, will execute...
Last Update Date: 14 Nov 2011 Release Date: 11 Nov 2011 4900 Views

RISK: Medium Risk

Medium Risk

ProFTPD Response Pool Use-After-Free Vulnerability

A vulnerability has been identified in ProFTPD, which can be exploited by malicious people to compromise a vulnerable system.The vulnerability is caused due to a use-after-free error when handling response pool allocation lists and can be exploited to corrupt memory.Successful exploitation...
Last Update Date: 14 Nov 2011 Release Date: 11 Nov 2011 4936 Views

RISK: High Risk

High Risk

Apple Mac OS X Java Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Java for Apple Mac OS X, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data...
Last Update Date: 10 Nov 2011 11:25 Release Date: 10 Nov 2011 4645 Views