September 04, 2009 - Current Activity

Apple Releases Java Updates for Mac OS X 10.5

Apple has released Java for Mac OS X 10.5 Update 5 to address multiple vulnerabilities in Java. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

US-CERT encourages users and administrators to review Apple article HT3851 and apply any necessary updates to help mitigate the risks.

Adobe Flash Vulnerability Affecting Apple Snow Leopard

US-CERT is aware that Apple's recently released version of Mac OS X, Snow Leopard, includes a version of the Flash Player that contains previously addressed vulnerabilities.

US-CERT encourages users and administrators to upgrade to the latest version of Flash Player. Users and administrators can determine their version of Flash using the Version test for Adobe Flash Player.

Microsoft Releases Advance Notification for September Security Bulletin

Microsoft has issued a Security Bulletin Advance Notification indicating that the September release cycle will contain five bulletins, all of which will have a severity rating of critical. The notification states that these critical bulletins are for Microsoft Windows.  Release of these bulletins is scheduled for Tuesday, September 8.

US-CERT will provide additional information as it becomes available.

Microsoft Internet Information Services (IIS) FTP Service Vulnerability

Microsoft Internet Information Services (IIS) FTP Service Vulnerability

US-CERT is aware of a public report of a vulnerability affecting the Microsoft Internet Information Services (IIS) FTP service. This vulnerability may allow a remote attacker to execute arbitrary code.

US-CERT encourages administrators to disable anonymous write access to the FTP server to help mitigate the vulnerability, although a proper impact analysis should be performed prior to taking defensive measures. Additional information regarding this vulnerability can be found in US-CERT Vulnerability Note VU#276653 and Microsoft Security Advisory 975191.

US-CERT will provide additional information as it becomes available.

Cisco Releases Security Advisory for Unified Communications Manager

Cisco has released a Security Advisory to address multiple vulnerabilities in Cisco Unified Communication Manager. These vulnerabilities may allow a remote attacker to cause a denial-of-service condition.

US-CERT encourages users and administrators to review Cisco Security Advisory cisco-sa-20090826-cucm and apply any necessary updates.

Autonomy KeyView SDK Vulnerability

US-CERT is aware of reports of a vulnerability in the way the Autonomy KeyView SDK parses Excel files. The Autonomy KeyView SDK is used by certain products, including Lotus Notes and Symantec Mail Security, to support the handling of a number of different file formats. By supplying a specially crafted Excel spreadsheet to an application using the affected Autonomy KeyView SDK library, a remote attacker may be able to execute arbitrary code in the context of that application.

US-CERT encourages users and administrators to do the following to help mitigate the risks:

• IBM Lotus Notes users should review the IBM Flash Alert and implement the listed fixes or workarounds.
• Symantec users should review Symantec Security Advisory SYM09-010 and implement the listed fixes or workarounds.
• The original reporters of the vulnerability state that users of other applications that use an affected version of the Autonomy KeyView SDK may wish to remove the xlssr.dll filter module or comment out the reference to xlssr.dll in the KeyView.ini file distributed with the affected application.
  

Libpurple Contains Remote Code Execution Vulnerability

Pidgin has released a security advisory to address a vulnerability affecting libpurple. This vulnerability is a buffer overflow that may allow an attacker to execute arbitrary code. Libpurple is used by multiple instant messenger (IM) programs including Adium and Pidgin.

IM applications that use libpurple may distribute it as a part of their security updates. Users are encouraged to update affected IM software as soon as possible. A partial listing of IM programs that implement libpurple can be found in the "What is libpurple?" webpage on the Pidgin website. Additional information may be found in the US-CERT Vulnerability Notes Database.

Adobe Releases Security Bulletin for Flex SDK

Adobe has released security bulletin APSB09-13 to address a vulnerability in Flex 3.3 SDK and earlier versions. This vulnerability may allow an attacker to conduct a cross-site scripting attack.

US-CERT encourages users and administrators to review Adobe security bulletin APSB09-13 and update to Flex 3.4 SDK to help mitigate the risks. Additionally, the bulletin indicates that this update includes the latest version of Adobe Flash Player.

Cisco Releases Security Advisory for Firewall Services Module Vulnerability

Cisco has released a security advisory to address a vulnerability in the Firewall Services Module (FWSM) for the Catalyst 6500 series switches and the 7600 series routers. By sending specially crafted ICMP messages to the Firewall Services Module, an attacker can cause a denial-of-service condition.

US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20090819-fwsm and apply any necessary updates or workarounds to help mitigate the risks.

Adobe Releases Hotfixes for ColdFusion and JRun Vulnerabilities

Adobe has released hotfixes to address multiple vulnerabilities in JRun 4.0 and ColdFusion 8.0.1 and earlier versions. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, or operate with escalated privileges.

US-CERT encourages users and administrators to review Adobe security bulletin APSB09-12 and apply any necessary hotfixes to help mitigate the risks.