Monthly Archives: July 2016
GLSA 201607-06: CUPS: Buffer overflow
GLSA 201607-07: Chromium: Multiple vulnerabilities
GLSA 201607-05: Cacti: Multiple vulnerabilities
Vuln: IBM Java SDK CVE-2016-0376 Incomplete Fix Arbitrary Code Execution Vulnerability
IBM Java SDK CVE-2016-0376 Incomplete Fix Arbitrary Code Execution Vulnerability
Vuln: Oracle Java SE CVE-2016-3449 Remote Security Vulnerability
Oracle Java SE CVE-2016-3449 Remote Security Vulnerability
Vuln: IBM Java SDK Incomplete Fix Remote Code Execution Vulnerability
IBM Java SDK Incomplete Fix Remote Code Execution Vulnerability
Juniper Crypto Bug Let Attackers Eavesdrop on Router, Switch Traffic
Juniper patched a crypto security bug that could allow hackers to access the company’s routers, switches and security devices and eavesdrop on sensitive communications.
CVE-2015-1977 (security_directory_server, tivoli_directory_server)
Directory traversal vulnerability in the Web Administration tool in IBM Tivoli Directory Server (ITDS) before 6.1.0.74-ISS-ISDS-IF0074, 6.2.x before 6.2.0.50-ISS-ISDS-IF0050, and 6.3.x before 6.3.0.43-ISS-ISDS-IF0043 and IBM Security Directory Server (ISDS) before 6.3.1.18-ISS-ISDS-IF0018 and 6.4.x before 6.4.0.9-ISS-ISDS-IF0009 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL.
CVE-2016-0269 (bigfix_platform)
Cross-site scripting (XSS) vulnerability in IBM BigFix Platform 9.x before 9.1.8 and 9.2.x before 9.2.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.