Apache Libcloud versions 0.4.2 through 0.11.1 suffer from a possible man-in-the-middle condition. When establishing a secure (SSL / TLS) connection to a target server an invalid regular expression has been used for performing the hostname verification. Subset instead of the full target server hostname has been marked as an acceptable match for the given hostname.
9e708dbf4b24b26ef40d5b23c71eaa9fae3674a5663c7c3350ac8e0bede741fe
Many different AntiVirus products suffer from various file-parsing evasion vulnerabilities. Some of the affected pieces of software include AhnLab-V3 2011.01.18.00, BitDefender 7.2, CAT-QuickHeal 11.00, Command 5.2.11.5, Comodo 7424, eSafe 7.0.17.0, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, Kaspersky 7.0.0.125, Norman 6.06.12, Sophos 4.61.0, Symantec 20101.3.0.103, McAfee 5.400.0.1158, Norman 6.06.12, nProtect 2011-01-17.01, and Panda 10.0.
193275575de0eac59e8a98740fa704a8e2265457fd5a44adfa2b9f9c7719d0d6