Further Information

ASB-2013.0063 - [Apple iOS] Google Chrome: Reduced security - Unknown/unspecified - A number of vulnerabilities have been identified in Google Chrome for iOS. (02/05/2013)

ASB-2013.0062 - ALERT [Win][Virtual] McAfee ePolicy Orchestrator: Administrator compromise - Remote/unauthenticated - A number of vulnerabilities have been identified in McAfee ePolicy Orchestrator prior to versions 4.5.6, 4.6.5 and 5.0. (30/04/2013)

ASB-2013.0061 - [UNIX/Linux] ClamAV: Reduced security - Unknown/unspecified - A number of vulnerabilities have been identified in ClamAV prior to version 0.97.8. (30/04/2013)

ASB-2013.0060 - [Win][UNIX/Linux] Joomla!: Multiple vulnerabilities - A number of vulnerabilities have been identified in Joomla! prior to versions 3.1.0 and 2.5.10. (26/04/2013)

ASB-2013.0059 - [Win] Schneider Electric MiCOM S1 Studio Software: Administrator compromise - Existing account - A vulnerability has been identified in all versions of Schneider Electric MiCOM S1 Studio Software. (18/04/2013)

ASB-2013.0058 - ALERT [Win][UNIX/Linux] Oracle Java: Multiple vulnerabilities - Oracle have released updates to correct security vulnerabilities in the following Java products: JDK and JRE 7, JDK and JRE 6, JDK and JRE 5.0, and JavaFX 2.2.7 and earlier. (17/04/2013)

ASB-2013.0057 - ALERT [Win][UNIX/Linux] Oracle Products: Multiple vulnerabilities - Oracle have released updates which correct vulnerabilities in numerous products. (17/04/2013)

ASB-2013.0056 - ALERT [UNIX/Linux] Parallels Plesk Panel: Root compromise - Existing account - Two vulnerabilities have been identified in Parallels Plesk Panel versions 11.x, 10.x for Linux and 9.x for UNIX/Linux. (16/04/2013)

ASB-2013.0055 - [Win][Netware][RedHat][SUSE] Novell iManager: Cross-site request forgery - Remote with user interaction - A number of vulnerabilities have been identified in Novell iManager prior to version 2.7 SP6 Patch 1. (15/04/2013)

ASB-2013.0054 - [Win] TrendLink: Execute arbitrary code/commands - Existing account - A vulnerability has been identified in Canary lab's TrendLink versions 9.0.2.27051 and prior. (12/04/2013)

ASB-2013.0053 - [Win] Schneider Electric Modbus Serial Driver: Execute arbitrary code/commands - Remote/unauthenticated - A vulnerability has been identified in Schneider Electric's Modbus Serial driver. (11/04/2013)

ASB-2013.0052 - [Win] Rockwell Automation Factorytalk & RSLinx Enterprise: Denial of service - Remote/unauthenticated - Vulnerabilities have been identified in Rockwell's Automation Factorytalk and Rockwell's RSLinx Enterprise. (11/04/2013)

ASB-2013.0051 - [VMware ESX][Linux][FreeBSD][Solaris] Nvidia GPU Driver: Root compromise - Remote/unauthenticated - A vulnerability has been identified in Nvidia's drivers prior to versions 304.88, 310.44, 313.30. (11/04/2013)

ASB-2013.0050 - ALERT [Appliance] Sophos Web Appliance: Multiple vulnerabilities - A number of vulnerabilities have been identified in Sophos Web Appliance prior to version 3.7.8.2. (05/04/2013)

ASB-2013.0049 - [Win][UNIX/Linux] McAfee Virtual Technician: Increased privileges - Remote with user interaction - A vulnerability has been identified in McAfee Virtual Technician (MVT) prior to version 7.1. (03/04/2013)

ASB-2013.0048 - [Win][UNIX/Linux][Android] Mozilla Firefox, Thunderbird and SeaMonkey: Multiple vulnerabilities - A number of vulnerabilities have been identified in Mozilla Firefox prior to version 20.0, Firefox ESR prior to version 17.0.5, Thunderbird prior to version 17.0.5, Thunderbird ESR prior to version 17.0.5, and SeaMonkey prior to version 2.17. (03/04/2013)

ASB-2013.0047 - [Win][Linux][OSX] Google Chrome: Multiple vulnerabilities - A number of vulnerabilities have been identified in Google Chrome prior to version 26.0.1410.43 for Windows, Mac, Linux, and Chrome Frame. (27/03/2013)

ASB-2013.0046 - [Win][UNIX/Linux] MySQL: Access confidential data - Remote/unauthenticated - Multiple vulnerabilities have been identified in MySQL v5.1.68, 5.5.30 and 5.6.11 and earlier. (22/03/2013)

ASB-2013.0045 - [UNIX/Linux] samba4: Modify arbitrary files - Existing account - A vulnerability has been identified in Samba versions 4.0.0rc6 to 4.0.3 (inclusive). (21/03/2013)

ASB-2013.0044 - [Win] Siemens WinCC (TIA Portal): Multiple Vulnerabilities - Multiple vulnerabilities have been identified in Siemens SIMATIC WinCC (TIA Portal) version 11. (20/03/2013)

ASB-2013.0043 - [Win] Siemens WinCC & SIMATIC PCS7: Multiple vulnerabilities - Multiple vulnerabilities have been identified in Siemens SIMATIC WinCC version 7.0 SP3 Update 1 and below. SIMATIC PCS 7 Web Server is also affected by these vulnerabilities (20/03/2013)

ASB-2013.0042 - [Win][UNIX/Linux] Ruby on Rails: Multiple vulnerabilities - Multiple vulnerabilities have been identified in Ruby on Rails prior to version 3.2.13, 3.1.12, and 2.3.18. (20/03/2013)

ASB-2013.0041 - [Win] McAfee Vulnerability Manager: Cross-site scripting - Remote with user interaction - A vulnerability has been identified in McAfee Vulnerability Manager versions 7.5.1 and 7.5.0. (19/03/2013)

ASB-2013.0040 - [Win] RealNetworks RealPlayer: Execute arbitrary code/commands - Remote with user interaction - A vulnerability has been identified in Windows RealPlayer prior to version 16.0.1.18. (19/03/2013)

ASB-2013.0039 - [Win][UNIX/Linux] ClamAV: Reduced security - Unknown/unspecified - Multiple vulnerabilities have been identified in ClamAV prior to version 0.97.7. (18/03/2013)

ASB-2013.0038 - [Win][UNIX/Linux][Android] Mozilla Firefox, Thunderbird and SeaMonkey: Execute arbitrary code/commands - Remote with user interaction - A vulnerability has been fixed in the latest versions of Mozilla Firefox, Thunderbird and SeaMonkey. (11/03/2013)

ASB-2013.0037 - [Win][Linux][OSX] Google Chrome: Execute arbitrary code/commands - Remote with user interaction - A vulnerability has been identified in Google Chrome prior to versions 25.0.1364.160 for Windows, Linux and Mac. (11/03/2013)

ASB-2013.0036 - [UNIX/Linux] Kerberos: Denial of service - Remote/unauthenticated - Vulnerabilities have been identified in MIT Kerberos 5. (06/03/2013)

ASB-2013.0035 - [Win][Linux][OSX] Google Chrome: Multiple vulnerabilities - A number of vulnerabilities have been identified in Google Chrome prior to versions 25.0.1364.152 for Windows, Linux and Mac. (05/03/2013)

ASB-2013.0034 - ALERT [Win][UNIX/Linux] Oracle Java: Execute arbitrary code/commands - Remote with user interaction - New vulnerabilities have been discovered in the Java Runtime Environment component of Oracle Java SE, which can result in arbitrary code execution in all previous versions of Java. (05/03/2013)

ASB-2013.0033 - [Win] McAfee VirusScan Enterprise: Increased privileges - Existing account - A vulnerability was discovered in a component of McAfee VirusScan Enterprise that allows for unauthorised privilege escalation. [1] (01/03/2013)

ASB-2013.0032 - [Win][Appliance] Dell SonicWALL Scrutinizer: Execute arbitrary code/commands - Remote/unauthenticated - Multiple high severity vulnerabilities were discovered in Dell SonicWALL Scrutinizer. (01/03/2013)

ASB-2013.0031 - [Win] Novell Identity Manager: Multiple vulnerabilities - A number of vulnerabilities have been identified in Novell Identity Manager prior to version 4.0.2 Field Patch B. (26/02/2013)

ASB-2013.0030 - [Win] Invensys Wonderware Intelligence Tableau Server: Multiple vulnerabilities - A number of vulnerabilities have been identified in Invensys Wonderware Intelligence Tableau Server up to version 1.5 SP1. (26/02/2013)

ASB-2013.0029 - [Win] 3S CODESYS Gateway-Server: Multiple vulnerabilities - A number of vulnerabilities have been identified in 3S CODESYS Gateway-Server prior to version 2.3.9.27. (25/02/2013)


1, 2, 3 ... 21, 22, 23  Next denotes AusCERT member only content.