All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
CVE-2011-3553 is a vulnerability in Oracle Java SE (the Java programming language and runtime environment) affecting versions JDK and JRE 7, 6 Update 27 and earlier, as well as JRockit R28.1.4 and earlier. The vulnerability is related to JAXWS (a Java component for web services) and allows remote authenticated users (those with login credentials) to compromise confidentiality (the secrecy of data). The exact details of the vulnerability are not publicly specified in this disclosure.
IBM WebSphere Application Server (WAS) versions 6.1 before 6.1.0.39 and 7.0 before 7.0.0.17 use a weak encryption algorithm in WS-Security (a security standard for XML-based web services). This weakness allows remote attackers to decrypt sensitive data from web service requests through a decryption attack, potentially exposing plaintext information.
CVE-2010-4470 is an unspecified vulnerability in Oracle Java SE and Java for Business version 6 Update 23 and earlier that allows remote attackers to cause availability problems (making systems unavailable or unresponsive) through unknown attack methods related to JAXP (Java API for XML Processing, a tool for handling XML files) and unspecified APIs (pre-built functions). The exact details of how the vulnerability works remain unclear.
A flaw in the Web Services Security component of IBM WebSphere Application Server (WAS) version 7.0 before 7.0.0.13 fails to properly implement JAX-WS (Java API for XML Web Services, a standard for building web services in Java). Remote attackers can exploit this by sending a specially crafted JAX-WS request to cause a denial of service attack (a disruption where the system becomes unavailable or corrupts data).
IBM WebSphere Application Server (WAS) versions 7.x before 7.0.0.13 and the Web Services Feature Pack versions 6.1.0.9 through 6.1.0.32 have a vulnerability in how they handle the IncludeTimestamp setting in WS-Security policy (a security standard for web services) when JAX-WS applications are used. This vulnerability can be exploited remotely, though the exact impact is not specified.
An integer overflow (a bug where a number gets too large for its storage space, causing unexpected behavior) in IOSurface (a system component that manages graphics memory) affects Apple iOS versions before 4.0.2 on iPhone and iPod touch, and before 3.2.2 on iPad. This vulnerability allows local users (those with access to the device) to gain elevated privileges (higher-level control) through IOSurface properties, as demonstrated by the JailbreakMe exploit.
InterSect Alliance Snare Agent and Snare Epilog software contain multiple CSRF vulnerabilities (cross-site request forgery, a type of attack where an attacker tricks a logged-in user into performing unwanted actions). These vulnerabilities in the web management interface allow attackers to hijack administrator authentication to change passwords or listening ports across multiple versions on different operating systems.
IBM WebSphere Application Server (WAS, a Java application server platform) versions 6.0, 6.1, and 7.0 contain a vulnerability in how they handle WebServices PKCS#7 and PKIPath tokens (digital security credentials used to verify identity). This flaw allows remote attackers (people accessing the system from the internet) to bypass access restrictions that should protect the system.
A SQL injection vulnerability (CWE-89, a weakness where attackers insert malicious SQL commands into user input) was found in the Real Estate Property component version 3.1.22-03 for Joomla! (a website building platform). Remote attackers could exploit this by sending specially crafted requests to the aid parameter in an agentlisting action, allowing them to execute arbitrary SQL commands on the server.
A SQL injection vulnerability (CWE-89, a flaw where attackers insert malicious SQL code into input fields) was found in the Jvehicles component versions 1.0, 2.0, and 2.1111 for Joomla, a website building platform. Attackers could exploit this by sending specially crafted input through the 'aid' parameter to execute arbitrary SQL commands (direct database instructions) on affected servers.
CVE-2010-0888 is an unspecified vulnerability in Sun Ray Server Software (a component of Oracle Sun Product Suite versions 4.0, 4.1, and 4.2) that allows remote attackers to compromise confidentiality (keeping data secret), integrity (keeping data accurate), and availability (keeping services running) through unknown methods related to Device Services. The vulnerability details are not fully documented, and a CVSS score (a 0-10 rating of how severe a vulnerability is) has not been assigned by NIST.
CVE-2010-1347 is a privilege escalation vulnerability (a security flaw that lets an attacker gain higher-level access to a system) in IBM Systems Director version 6.1 before 6.1.2.3 on AIX and Linux systems. The vulnerability exists because two scripts, diruninstall and opt/ibm/director/bin/wcitinst, have incorrect file permissions (settings that control who can access or run files), allowing local users to execute these scripts and gain elevated privileges.
CVE-2010-1043 is a directory traversal vulnerability (a flaw where attackers can navigate outside intended directories using sequences like "../") in jaxCMS 1.0 that allows remote attackers to include and execute arbitrary local files through the p parameter in index.php. This vulnerability has a CVSS score of 4.0 (a 0-10 rating of how severe a vulnerability is), indicating moderate severity.
ATutor version 1.6.4 has multiple XSS vulnerabilities (cross-site scripting, where an attacker injects malicious code into web pages). Users with Instructor privileges can inject arbitrary scripts or HTML through several input fields in different parts of the application, including polls, groups, and assignments.
Jax Guestbook version 3.5.0 has a vulnerability that allows attackers to skip authentication (the process of verifying who you are) and change administrator settings by directly accessing the admin/guestbook.admin.php file. This is classified as a CWE-287 weakness, meaning the software's authentication mechanism is broken.
Sun Ray Server Software 4.1 on Solaris 10 has a vulnerability where enabling Automatic Multi-Group Hotdesking (AMGH, a feature that automatically logs users back in after logout) causes users to be immediately logged in again after logging out. This makes it easier for an attacker who is physically near an unattended device to gain access to someone else's session.
Sun Ray Server Software versions 4.0 and 4.1 fail to create unique DSA private keys (cryptographic codes used to encrypt data) for each Sun Ray device, making it easier for attackers to predict these keys and decrypt network traffic they intercept. This vulnerability affects Sun Ray 1, 1g, 100, and 150 DTU (desktop terminal unit, a thin client device) models.
CVE-2009-4294 is a vulnerability in Sun Ray Server Software versions 4.0 and 4.1 that affects the Authentication Manager (a service called utauthd, which verifies user identities). Remote attackers could exploit this flaw through unknown methods to either run arbitrary code (commands they choose) on the affected system or crash it.
CVE-2008-7024 is a critical authentication bypass vulnerability in Arz Development The Gemini Portal version 4.7 and earlier. An attacker can gain administrator privileges by manipulating cookies (small files that store user information) and parameters, specifically by setting the user cookie to "admin" and the name parameter to "users." This allows unauthorized access to admin functions without needing a valid password.
Fix: Upgrade IBM WebSphere Application Server to version 6.1.0.39 or later (for version 6.1 users) or version 7.0.0.17 or later (for version 7.0 users).
NVD/CVE DatabaseFix: Oracle released patches in February 2011 and April 2011 CPU (critical patch updates, regular security fix packages). Users should update to patched versions available through Oracle's security advisories at http://www.oracle.com/technetwork/topics/security/javacpufeb2011-304611.html and http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html, or apply vendor-specific patches from distributors like Red Hat, Debian, Mandriva, Fedora, and Gentoo referenced in the source.
NVD/CVE DatabaseFix: Update IBM WebSphere Application Server 7.0 to version 7.0.0.13 or later.
NVD/CVE DatabaseA vulnerability existed in FreeType (a font-rendering library) where specially crafted CFF fonts (a type of compressed font format) embedded in PDF documents could cause stack-based buffer overflows (when data written to memory exceeds allocated space and corrupts adjacent data), potentially allowing attackers to run arbitrary code or crash systems. This affected Apple iOS devices before version 4.0.2 on iPhones and iPod touches, and before 3.2.2 on iPads.
Fix: Update FreeType to version 2.4.2 or later. Update Apple iOS to version 4.0.2 or later on iPhone and iPod touch, or version 3.2.2 or later on iPad.
NVD/CVE DatabaseFix: Update to iOS 4.0.2 or later on iPhone and iPod touch, or iOS 3.2.2 or later on iPad.
NVD/CVE DatabaseFix: Patches are available at http://sunsolve.sun.com/search/document.do?assetkey=1-21-139548-03-1 and http://sunsolve.sun.com/search/document.do?assetkey=1-66-268228-1.
NVD/CVE Database