Systems Affected
Microsoft Windows systems
Overview
A cross-domain vulnerability in Internet Explorer (IE) could allow an attacker to execute arbitrary code with the privileges of the user running IE.
Description
&nb…
SQL Injection Vulnerabilities in Oracle E-Business Suite
Systems Affected
Oracle Applications 11.0 (all releases)
Oracle E-Business Suite 11i, 11.5.1 through 11.5.8
Overview
A vulnerability in the Oracle’s E-Business Suite allows a remote
attacker to execute arbitrary script on a vulnerable database…
CVS Heap Overflow Vulnerability
Systems Affected
Concurrent Versions System (CVS) versions prior to 1.11.16
CVS Features versions prior to 1.12.8
Overview
A heap overflow vulnerability in the Concurrent Versions System (CVS) could allow a remote attacker to…
Cisco IOS SNMP Message Handling Vulnerability
Systems Affected
Cisco routers and switches running vulnerable versions of IOS.
Vulnerable IOS versions known to be affected include:
12.0(23)S4, 12.0(23)S5
12.0(24)S4, 12.0(24)S5
12.0(26)S1
12.0(27)S
12.0(27)SV, 12.0(27)SV1
12.1(20)E, 12.1(…
Vulnerabilities in TCP
Systems Affected
Systems that rely on persistent TCP connections, for example
routers supporting BGP
Overview
Most implementations of the Border Gateway Protocol (BGP) rely on the
Transmission Control Protocol (TCP) to maintain persistent
unau…
Summary of Windows Security Updates for April 2004
Systems Affected
Systems running Microsoft Windows
Overview
There are multiple vulnerabilities in Microsoft Windows that could allow attackers to take control of your computer.
Description
Microsoft has releas…
Multiple Vulnerabilities in Microsoft Products
Systems Affected
Microsoft Windows Operating Systems
Microsoft Windows Remote Procedure Call (RPC) and Distributed Component Object Model (DCOM) subsystems
Microsoft Windows MHTML Protocol Handler
Microsoft Jet Database Engine
Overvi…
Cross-Domain Vulnerability in Outlook Express MHTML Protocol Handler
Systems Affected
Microsoft Windows systems
Overview
A cross-domain vulnerability in the Outlook Express MIME Encapsulation of Aggregate HTML Documents (MHTML) protocol handler could allow an attacker to execute arbitrary code…
Continuing Threats to Home Users
Systems Affected
Continuing Threats to Home Users
View Previous Alerts
Alert (SA04-079A)
Continuing Threats to Home Users
Original Release date: March 19, 2004 | Last revised: —
Overview
There are a number of pieces of malicious co…
Multiple Vulnerabilities in OpenSSL
Systems Affected
Applications and systems that use the OpenSSL SSL/TLS library
Overview
Several vulnerabilities in the OpenSSL SSL/TLS library could allow an unauthenticated, remote attacker to cause a denial of service.
&nbs…