Mailing Lists & Feeds
Current Activity Calendar
| May 25, 2007 - Current ActivityThis is an archived copy of current activity, if you would like to see the most recent version, please click here.Apple Releases Security Update to Address Multiple Vulnerabilities in Various Productsadded May 24, 2007 at 04:47 pm | updated May 25, 2007 at 01:59 pm
Apple has released Security Update 2007-005 to address multiple vulnerabilities in various products. The impacts of these vulnerabilities include denial of service, arbitrary code execution, information disclosure, and privilege escalation. Microsoft Office ActiveX Control Vulnerabilityadded May 23, 2007 at 08:46 pm | updated May 24, 2007 at 03:13 pmUS-CERT is aware of reports of a vulnerability in a Microsoft Office 2000 ActiveX control. Excessive data passed to the OUACTRL ActiveX control may result in a buffer overflow allowing arbitrary code execution or causing a denial-of-service condition. This vulnerability was fixed in the Microsoft UA Control Vulnerability update (released May 12, 2000), which is included in Microsoft Office 2000 SP3.US-CERT strongly encourages users to review the referenced documents and follow best-practice security policies to determine what updates should be applied. Cisco Releases Security Advisory to Address Multiple Vulnerabilities in Cisco IOSadded May 22, 2007 at 02:30 pmCisco has released Security Advisory cisco-sa-20070522-SSL to address multiple vulnerabilities in Cisco IOS. These vulnerabilities may lead to a sustained denial-of-service condition when processing malformed SSL messages. US-CERT recommends administrators apply the workarounds as described in Cisco Security Advisory cisco-sa-20070522-SSL. US-CERT will provide additional information as it becomes
available. Microsoft Releases Security Advisory to Announce Microsoft Office Enhancementsadded May 22, 2007 at 09:15 amMicrosoft has released the Microsoft Office Isolated Conversion Environment (MOICE) feature and File Block Functionality for Microsoft Office 2003 and 2007 Office system. More information regarding these enhancements can be found in Microsoft Security Advisory 937696. US-CERT strongly encourages users to review the Security Advisory and take the appropriate actions and implement these enhancements where pertinent. Symantec Norton Internet Security ActiveX Control Vulnerabilityadded May 16, 2007 at 02:42 pm
US-CERT is aware of a vulnerability in the Symantec Norton Internet Security 2004 ISAlertDataCOM ActiveX control. By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), an attacker may be able to execute arbitrary code with the privileges of the user or could cause the web browser to crash.
Samba Releases Update to Address Multiple Vulnerabilitiesadded May 14, 2007 at 02:30 pm | updated May 15, 2007 at 02:29 pm
Samba has released version 3.0.25 to address several vulnerabilities. The impacts of these vulnerabilities include remote code execution, remote command injection, and system privilege elevation.
Cisco Releases Security Advisory to Address Multiple Vulnerabilities in IOS FTP Serveradded May 10, 2007 at 02:40 pmCisco has released Security Advisory cisco-sa-20070509-iosftp to address multiple vulnerabilities in IOS FTP Server. These vulnerabilities may allow unauthorized, remote users to access the filesystem, cause a denial-of-service condition, or execute arbitrary code. |
|||||||||||||||||||||||||||||||||||||||||||||||||||
Information For
Sign Up
Reporting
DHS Threat Advisory
The threat level in the airline sector is High or Orange. Read more
Get Adobe Reader