29.08.2012 Detailed

6! EMC Cloud Tiering Appliance authentication bypass   Authentication bypass is possible. 6! libgc integer overflows   Multiple integer overflows in malloc / calloc implementations.   OpenOffice security vulnerabilities updated since 06.08.2012   Multiple buffer overflows.

27.08.2012 Detailed

8! HP Operations Agent for NonStop Server code execution   Code execution on TCP/7771 and TCP/8976 packets parsing.

8! Apple QuickTime multiple security vulnerabilities updated since 21.05.2012   Multiple vulnerabilities in TexML, H.264, MP4, MPEG, PNG, QTVR, JPEG2000, PICT and different audio and video formats parsing.

8! Apple WebKit (iTunes, iPhone, Safari, Google Chrome) multiple security vulnerabilities updated since 09.03.2012   >70 of different memory corruption vulnerabilities, crossite scripting, information leakage.

7! HP LeftHand Virtual SAN Appliance unauthorized access   TCP/13841 service authentication bypass

7! HP Intelligent Management code execution   img.exe code execution on TCP/8800 request parsing.

7! IBM Lotus Notes code execution   URI handler command injection.

6! Symantec Endpoint Protection code execution   Multiple security vulnerabilities on TCP/8433 https request parsing.

6! Novell eDirectory buffer overflow   Buffer overflow in RelativeToFullDN on LDAP request processing.

6! GE Proficy Real-Time Information Portal code execution   Code execution on TCP/5159 traffic parsing.

OpenLDAP DoS   assert() on attrsOnly search request.

HP Service Manager security vulnerabilities   DoS, crossite scriptings.

HP Fortify Software Security Center security vulnerabilities   Information leakage.

HP Integrity Server DoS

Lsoft ListServ crossite scripting   Crossite scripting via Web interface.

Xend DoS conditions   Different DoS conditions.

PostgreSQL privilege escalation   Privilege escalations via XML2 extension.

ImageMagic memory corruption   Memory corruption on PNG processing.

HP Serviceguard DoS

Nova security vulnerabilities updated since 09.07.2012   Privilege escalation, DoS.

Cisco AnyConnect Secure Mobility Client multiple security vulnerabilities updated since 25.06.2012   Code execution, protection bypass.

GIMP security vulnerabilities   Memory corruptions on KISS CEL and GIF parsing.

26.08.2012 Detailed

9! Microsoft Windows multiple security vulnerabilities updated since 11.07.2012   Microsoft XML Services memory corruption, ADO memory corruption, kernel drivers vulnerabilities, Window Shell command injection, TLS vulnerabilities 7! Microsoft Office multiple security vulnerabilities updated since 09.05.2012   Memory corruption on RTF parsing, multiple Excel memory corruptions, memory corruption in Visio Viewer. 6! EMC Autostart buffer overflow updated since 31.05.2012   Multiple buffer overflows

20.08.2012 Detailed

9! Microsoft Windows multiple security vulnerabilities   RDP user-after-free, Remote Administration Protocol multiple security vulnerabilities, Print Spooler Service format string vulnerability, user-after-free in win32k.sys. 8! Apple Mac OS X multiple security vulnerabilities   Multiple vulnerabilities in different subsystems. 8! Microsoft Internet Explorer multiple security vulnerabilities   Memory corruptions, integer overflow, function pointer corruption.

8! Oracle Java multiple security vulnerabilities updated since 15.02.2012   14 different vulnerabilities.

7! SAP Crystal Reports buffer overflow   Buffer overflow on network data parsing.

7! Microsoft Exchange Server WebReady Document Viewing multiple security vulnerabilities   Multiple vulnerabilities in embedded Oracle Outside In technology.

7! Microsoft Windows multiple security vulnerabilities updated since 13.06.2012   Code execution via .Net, kernel and different kernel drivers privilege escalation.

7! Apple QuickTime multiple security vulnerabilities updated since 31.10.2011   Multiple memory corruption on different multimedia formats parsing, crossite scripting.

6! libotr multiple buffer overflows   multiple heap overflows.

6! McAfee SmartFilter Administration Server code execution   Code excution via RMI services.

rssh restrictions bypass   It's possible to execute shell commands.

Cisco IOS XR DoS   Crash on received packet processing.

SAP Business Objects Financial Consolidation ActiveX buffer overflow   CtAppReg.dll buffer overflow.

Wireshark security vulnerabilities updated since 13.08.2012   Few different DoS conditions in NFS and PPP dissectors.

GIMP script-fu buffer overflow updated since 03.06.2012   Buffer overflow on message parsing, shell execution.

emacs protection bypass   "enable-local-variables" doesn't work.

Microsoft Visio buffer overflow   Buffer overflow on DXF files prasing.

13.08.2012 Detailed

9! Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities updated since 20.07.2012   Multiple memory corruptions, code execution, data spoofing, crossite scripting, information leakage. 9! Microsoft Windows multiple security vulnerabilities updated since 09.05.2012   TCP/IP privilege escalation, partition manager privilege escalation, multiple security vulnerabililities in .Net, Silverlight, font management, GDI+, window components, etc. 7! Linux kernel multiple security vulnerabilities   Multiple DoS conditions, privilege escalation.

6! Oracle Business Transaction Management Server directory traversal   FlashTunnelService allows arbitrary files deletion via SOAP interface.

6! Iomega StorCenter/EMC Lifeline unauthorized access   Remote unauthenticated access is possible under some conditions.

6! libxml integer overflows   Multiple integer overflows.

6! GE Intelligent Platforms Proficy Historian code execution   Multiple Data Archiver (TCP/14000) service memory corruptions.

OpenTTD DoS   Few DoS conditions against game server.

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)   PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Globus GridFTP privilege escalation   Insufficient validation on name lookup.

libtiff tiff2pdf code execution   Code exeucution on tiff parsing.

IBM Lotus iNotes / Quickr ActiveX code execution   dwa85W.cab / QP2.cab ActiveX buffer overflow

KOffice / Calligra code execution   Code execution on MS Word document parsing.

Oracle Sun Solaris Update Manager symbolic links vulnerability updated since 30.07.2012   Insecure temporary files creation.

HP Network Node Manager i crossite scripting updated since 09.07.2012

AOL Deskbar ActiveX code exeuction updated since 24.06.2012   AOL dnUpdater ActiveX uninitialized potiner.

06.08.2012 Detailed

6! MIT Kerberos 5 security vulnerabilities   Uninitialized pointer free, DoS.   libjpeg-turbo   Buffer overflow on JPEG decoding.   QEMU sumbolic links vulnerability   Symbolic links vulnerability on snapshot creation.