Mailing Lists & Feeds
Current Activity Calendar
| June 07, 2007 - Current ActivityThis is an archived copy of current activity, if you would like to see the most recent version, please click here.Microsoft Releases Advance Notification for June Security Bulletinsadded June 7, 2007 at 03:23 pmMicrosoft has issued a Security Bulletin Advance Notification indicating that their June release cycle will contain six bulletins, four of which have a maximum severity rating of Critical. The notification further states that the four Critical bulletins are for Windows, Internet Explorer, and Outlook Express. There will also be two non-critical bulletins for Visio and Windows as well as an updated version of the Microsoft Windows Malicious Software Removal Tool. The release is scheduled for Tuesday, June 12, 2007. US-CERT will provide additional information as it becomes available. Computer Associates Release Security Notice for Anti-Virus Engineadded June 7, 2007 at 03:20 pmThe Computer Associates Anti-Virus engine fails to properly process CAB archives. These vulnerabilities may allow an unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition.
Sun Microsystems Releases Security Advisory for Java Runtime Environment Image Parsing Codeadded June 6, 2007 at 09:02 am | updated June 6, 2007 at 01:20 pmSun Microsystems released a Security Advisory for the Java Runtime Environment Image Parsing Code. This vulnerability may allow an applet to read and write local files or execute local applications. More information can be found in Vulnerability Note VU#138545 Microsoft Windows GDI+ ICO Vulnerabilityadded June 6, 2007 at 11:56 am | updated June 6, 2007 at 01:18 pmMicrosoft Windows Graphics Device Interface is vulnerable to an integer division-by-zero error. This vulnerability may lead to a denial-of-service condition due to the introduction of a specially crafted icon file. It may be possible for a malformed icon file to be embedded in an executable or other file. More information can be found in the following: PHP Vulnerabiltyadded June 5, 2007 at 03:33 pm | updated June 6, 2007 at 11:07 amUS-CERT is aware of a publicly reported vulnerability in PHP. PHP version 5.2.3 may be vulnerable to an integer overflow within the chunk_split() function. More information can be found in the following PHP Security Blog. US-CERT will provide additional information as it becomes available. Microsoft Internet Explorer and Mozilla Firefox Vulnerabilitiesadded June 4, 2007 at 03:25 pm | updated June 5, 2007 at 09:33 amUS-CERT is aware of a public report of multiple vulnerabilities in Mozilla Firefox and Microsoft Internet Explorer. US-CERT encourages users to follow the steps in the Securing Your Web Browser document. Apple Releases Update for Xserve Lights-Out Management Firmwareadded June 1, 2007 at 03:48 pm
Apple releases Firmware Update 1.0 to address a vulnerability in Xserve Lights-Out Management Firmware. The vulnerability lies in Apple's implementation of IPMI and may allow a remote, unprivileged ipmitool user to gain administrative privileges on a Xserve system. |
|||||||||||||||||||||||||||||||||||||||||||||||||||
Information For
Sign Up
Reporting
DHS Threat Advisory
The threat level in the airline sector is High or Orange. Read more
Get Adobe Reader