You are here

Home » Office of the Chief Information Officer » JC3 Medium Impact Assessment Bulletins

JC3 Medium Impact Assessment Bulletins

May 21, 2013
V-160: Wireshark Multiple Bugs Let Remote Users Deny Service

Multiple vulnerabilities have been reported in Wireshark

May 20, 2013
V-159: RSA SecurID Agent Discloses Node Secret Encryption Key to Local Users

A vulnerability was reported in RSA SecurID Products.

May 15, 2013
V-156: Linux Kernel Array Bounds Checking Flaw Lets Local Users Gain Elevated Privileges

A vulnerability was reported in the Linux Kernel.

May 10, 2013
V-153: Symantec Brightmail Gateway Input Validation Flaw Permits Cross-Site Scripting Attacks

Symantec’s Brightmail Gateway management console is susceptible to stored cross-site scripting (XSS) issues found in some of the administrative interface pages.

May 9, 2013
V-152: Cisco Unified Customer Voice Portal (CVP) Multiple Vulnerabilities

Various components of Cisco Unified CVP are affected. These vulnerabilities can be exploited independently; however, more than one vulnerability could be exploited on the same device.

May 8, 2013
V-151: RSA Archer eGRC Bugs Let Remote Authenticated Users Upload Files and Let Remote Users Conduct Cross-Site Scripting Attacks

Several vulnerabilities were reported in RSA Archer eGRC.

May 7, 2013
V-150: Apache VCL Input Validation Flaw Lets Remote Authenticated Users Gain Elevated Privileges

A vulnerability was reported in Apache VCL.

May 6, 2013
V-149: Microsoft Internet Explorer Object Access Bug Lets Remote Users Execute Arbitrary Code

A vulnerability was reported in Microsoft Internet Explorer.

May 2, 2013
V-147: IBM Lotus Notes Mail Client Lets Remote Users Execute Java Applets

A remote user can cause Java applets to be executed on the target user's system

May 1, 2013
V-146: HP Service Manager Bugs Permit Cross-Site Scripting and Information Disclosure Attacks

Two vulnerabilities were reported in HP Service Manager