Security Bulletin

RISK: Medium Risk

Ruby on Rails Multiple Vulnerabilities

Two vulnerabilities have been discovered in Ruby on Rails, a Ruby framework for web application development.The blacklist provided by the attr_protected method could be bypassed with crafted requests, having an application-specific impact.In some applications, the +serialize+ helper...

Last Update Date: 14 Feb 2013 15:13 Release Date: 14 Feb 2013 6752 Views

RISK: Extremely High Risk

Adobe Flash Player Multiple Vulnerabilities

Multiple vulnerabilities have been identified in Adobe Flash Player, which can be exploited by malicious people to execute arbitrary code on the target system and take control of a vulnerable system. A remote malicious user can create a specially crafted Flash content that, when loaded by the...

Last Update Date: 8 Feb 2013 17:39 Release Date: 8 Feb 2013 8073 Views

RISK: Medium Risk

libssh Null Pointer Dereference Error Vulnerability

A vulnerability has been identified in libssh, which is vulnerable to a denial of service, caused by a NULL pointer dereference error when processing "Client: Diffie-Hellman Key Exchange Init" packet. A remote attacker could exploit this vulnerability to cause the application to...

Last Update Date: 7 Feb 2013 10:42 Release Date: 7 Feb 2013 7482 Views

RISK: Medium Risk

Opera TLS/DTLS CBC Mode Oracle Padding Vulnerability

A vulnerability has been identified in Opera. A remote user can recover plaintext in certain cases. For the details of the vulnerability, please refer to #2 in SA13020601.

Last Update Date: 7 Feb 2013 10:39 Release Date: 7 Feb 2013 7365 Views

RISK: Medium Risk

OpenSSL Multiple Vulnerabilities

Multiple vulnerabilities have been identified in OpenSSL. A remote user can cause denial of service conditions, and recover plaintext in certain cases. A remote user can send specially crafted data to a system using AES-NI for TLS 1.2 or TLS 1.1...

Last Update Date: 6 Feb 2013 10:44 Release Date: 6 Feb 2013 7489 Views

RISK: Medium Risk

Apple OS X Server Multiple Vulnerabilities

Multiple vulnerabilities have been identifed in Apple Mac OS X Server, which can be exploited by malicious people to cause arbitrary code execution and potentially compromise a vulnerable system.

Last Update Date: 5 Feb 2013 10:07 Release Date: 5 Feb 2013 7250 Views

RISK: High Risk

IBM Products Java Multiple Vulnerabilities

Multiple vulnerabilities have been identifed in various IBM products, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. The application bundles a vulnerable version of IBM...

Last Update Date: 5 Feb 2013 10:06 Release Date: 5 Feb 2013 7441 Views

RISK: Extremely High Risk

Oracle Java Multiple Vulnerabilities

Multiple vulnerabilities have been identifed in Oracle Java, which can be exploited by malicious local users to gain escalated privileges and by malicious people to disclose certain sensitive information, manipulate certain data, cause denial of service, and compromise a vulnerable system.

Last Update Date: 4 Feb 2013 Release Date: 3 Feb 2013 9466 Views

RISK: High Risk

VMware Products Multiple Vulnerabilities

Multiple vulnerabilities have been reported in various VMware products (including ESX/ESXi Server, vCenter Server and vSphere Client, etc.), which can be exploited by malicious people to disclose system information, cause denial of service, and potentially compromise a vulnerable system.

Last Update Date: 4 Feb 2013 10:26 Release Date: 4 Feb 2013 7522 Views

RISK: High Risk

Oracle Java Flaws Let Remote Execute Arbitrary Code Vulnerabilities

Multiple vulnerabilities have been identified in Oracle Java. which can be exploited by remote user to compromise a user's system. A remote user can create specially crafted Java content that, when loaded by the target user, will execute arbitrary code on the target user...

Last Update Date: 3 Feb 2013 Release Date: 21 Jan 2013 7085 Views