You are here

JC3 Medium Impact Assessment Bulletins

July 2, 2013
V-190: ASUS RT-N66U Router AiCloud Security Bypass Security Issue

A a security issue in ASUS RT-N66U Router has been reported

July 1, 2013
V-189: Oracle VirtualBox 'tracepath' Bug Lets Local Guest Users Deny Service on the Target Host

A vulnerability was reported in Oracle VirtualBox.

June 26, 2013
V-186: Drupal Login Security Module Security Bypass and Denial of Service Vulnerability

A security issue and a vulnerability have been reported in the Login Security module for Drupal

June 25, 2013
V-185: Apache OpenOffice SDK Oracle Java JavaDoc Spoofing Vulnerability

Apache has acknowledged a vulnerability in Apache OpenOffice SDK

June 24, 2013
V-184: Google Chrome Flash Plug-in Lets Remote Users Conduct Clickjacking Attacks

A vulnerability was reported in Google Chrome.

June 21, 2013
V-183: Cisco TelePresence TC and TE Bugs Let Remote Users Deny Service and Remote Adjacent Authenticated Users Gain Root Shell Access

Cisco TelePresence TC and TE Software contain two vulnerabilities in the implementation of the Session Initiation Protocol (SIP) that could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition. Additionally, Cisco TelePresence TC Software contain an adjacent root access vulnerability that could allow an attacker on the same physical or logical Layer-2 network as the affected system to gain an unauthenticated root shell.

June 20, 2013
V-182: Symantec Endpoint Protection Manager Buffer Overflow Vulnerability

Symantec was notified of a pre-authentication buffer overflow found in the Symantec Endpoint Protection Manager (SEPM) and Symantec Endpoint Protection Center (SPC)

June 18, 2013
V-180: IBM Application Manager For Smart Business Multiple Vulnerabilities

security issue and multiple vulnerabilities have been reported in IBM Application Manager For Smart Business

June 17, 2013
V-179: Blackberry Z10 Flaw Lets Physically Local Users Access the Device

A vulnerability was reported in Blackberry Z10 Smartphones.

June 13, 2013
V-177: VMware vCenter Chargeback Manager File Upload Handling Vulnerability

The vCenter Chargeback Manager contains a critical vulnerability that allows for remote code execution