Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka “Internet Explorer vtable Use After Free Vulnerability.”
Monthly Archives: February 2013
CVE-2013-0073 (.net_framework)
The Windows Forms (aka WinForms) component in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly restrict the privileges of a callback function during object creation, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP) or (2) a crafted .NET Framework application, aka “WinForms Callback Elevation Vulnerability.”
CVE-2013-1453
plugins/system/highlight/highlight.php in Joomla! 3.0.x through 3.0.2 and 2.5.x through 2.5.8 allows attackers to unserialize arbitrary PHP objects to obtain sensitive information, delete arbitrary directories, conduct SQL injection attacks, and possibly have other impacts via the highlight parameter. Note: it was originally reported that this issue only allowed attackers to obtain sensitive information, but later analysis demonstrated that other attacks exist. (CVSS:5.0) (Last Update:2013-03-06)
CVE-2013-1454
Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to “Coding errors.” (CVSS:5.0) (Last Update:2013-03-26)
CVE-2013-1455
Joomla! 3.0.x through 3.0.2 allows attackers to obtain sensitive information via unspecified vectors related to an “Undefined variable.” (CVSS:5.0) (Last Update:2013-02-13)
New WatchGuard XTM Models Ride the Wave of Enterprise UTM Adoption
New Models Introduce Scalable Performance, Increased Security and Unparalleled Manageability
