This bulletin summary lists seven re-released Microsoft security bulletins for December, 2012.
04d837d1d265cde30d477764982d763845d28215cf738b7a9636c0d7645e7fbb
This bulletin summary lists 7 released Microsoft security bulletins for December, 2012.
0dd5e142fdcf04a52a823850d4dd6cd748b2771de824de0f31fd48a7d0ce04e6
Axway suffers from a directory traversal vulnerability.
04f8c9608f7b081b5b9f36da218554d16571200bee8fe3757da362b47b6ab9b5
HP Security Bulletin HPSBOV02834 SSRT101055 - A potential security vulnerabilities have been identified with OpenVMS LOGIN or ACMELOGIN (when running ACME_SERVER process). The vulnerabilities could be remotely or locally exploited to cause a Denial of Service (DoS). Revision 1 of this advisory.
6e6dcc8b8e3984a056c85055edadd3e133ddb072405df1e030536f8179434170
A security vulnerability in Internet Explorer, versions 6 through 10, allows your mouse cursor to be tracked anywhere on the screen, even if the Internet Explorer window is inactive, unfocused or minimized. The vulnerability is notable because it compromises the security of virtual keyboards and virtual keypads.
9620aa1b047f609f033a379bbdd5599317f9e375d596dca4ac5843568aa76fa3
MyBB Profile Blogs plugin version 1.2 suffers from cross site scripting and remote SQL injection vulnerabilities.
99365166b379b24a1e62bdad682fab348042ecd9020dad7c86223aa0e2485bea
IrfanView version 4.33 suffers from a code execution vulnerability in IMXCF.DLL.
0a1f142ba76135c7bcf860c32266bf1a855ad2cd191192fcf8ec2176558f0b9c
MyBB Bank v3 plugin suffers from a remote SQL injection vulnerability.
8b7b4808b066772f9bf0187917fb4d6afe4c2c05f6c110e936183f8394da4506
Secunia Security Advisory - Two vulnerabilities have been reported in the JooProperty component for Joomla!, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
1714f93b1e39ae4393125163b235697d17ff0434387b9a4e60b8afc7cce845c4
Secunia Security Advisory - A security issue has been reported in Microsoft Windows, which can be exploited by malicious people to bypass certain security restrictions.
1e476c23bd81d9cc0e5dd8ddbda4c568e5138f425c93f7515cf361234821a424
Secunia Security Advisory - Blue Coat has acknowledged some vulnerabilities in IntelligenceCenter, which can be exploited by malicious people to potentially compromise a vulnerable system.
6845b6e429ee1bc07611a4d04eb006f716cfe22a6ab084fea07baa6f3ee66f1e
Secunia Security Advisory - Some vulnerabilities have been reported in Symantec Endpoint Protection, which can be exploited by malicious people to compromise a vulnerable system.
52549cd98fd8ef6cd8f0a66cb9f8cfa55d79f04ae18d5f25362fbb55b85414b1
Secunia Security Advisory - Blue Coat has acknowledged some vulnerabilities in ProxySG, which can be exploited by malicious people to potentially compromise a vulnerable system.
5b780914de66d9ff5704f3038294cd5fd5da1b60f908c662dd5536ac15f14e55
Secunia Security Advisory - Ubuntu has issued an update for mysql. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system.
7716381b201b6d97ddfd45b82aead516f8a8a49415c3d47dbc705dee750d72de
Secunia Security Advisory - Three vulnerabilities have been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.
0b017f9fe30a3b362b5340561260fca72a4513a72f40cc972a9f7e2fb964efd3
Secunia Security Advisory - Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
481ae16dd3e032bcb2c78a35c125d54a2860b1e709b7f5169c1d5b184172021d
Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
94a36d97dd88eddff8601b436ebed1474f2d25645538812ec81287ca039a380e
Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
b81ae1b3624df4fe5dd76fc6941bb899c5f9922cc85f9edde22c41d44c9997f3
Secunia Security Advisory - A vulnerability has been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.
9c0ef7ab62fbfa4d87df26d588834ed6b2d6558c7b8145c7519a12988d33b8eb
Secunia Security Advisory - Multiple vulnerabilities have been reported in Microsoft Exchange Server, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to compromise a vulnerable system.
72f207b6d36742a54536e13d71aab2a161d25822be985436b2293a93d727ce4b
Secunia Security Advisory - A vulnerability has been discovered in FreeVimager, which can be exploited by malicious people to compromise a user's system.
13b1e0932781d8927c437f0972fc5ac4c672aa4dc5c739bda475ca6bed413476
Secunia Security Advisory - Ubuntu has issued an update for gimp. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
ad433011e6aab8270fc8e6389c0bedf3ffdff632805b3a670ef5e4fb8cbc74b5
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
e6a88e969264ff23bd5837a47e5b60b8c4d36fc8a2326c6b377f8447ecf2adea
Snare for Linux ships with a web interface that can be used for viewing log data and configuring the agent. In the web interface at /remote, a user is able to set a password for remote configuration of the agent. The rendered page contains the field "RemotePassword" with its input type set to password which masks the password in the interface, however this is purely aesthetic. By inspecting the page source and examining the RemotePassword field, it is possible to retrieve the MD5 hash of the current password. Versions prior to 1.7.0 are affected.
cc018c1484894edb98027c4723ebd35f2a2e6b1cbc86beb51f1ce05213c941c0
Smartphone Pentest Framework (SPF) versions 0.1.3 and 0.1.4 suffer from an OS command injection vulnerability.
906c7eea1fe12f12b9b25999c7595434ecd7575528a011fedfc47fad23b37053