| |
 |
 |
 |
|
|
|
|
Date: 26 February 2010
Click here for printable version
Greetings,
Well another week has passed us by, and there has been no shortage of vulnerabilities discovered in all manner of packages. Of particular note this week are bulletins released by Adobe, Symantec, Asterisk and Computer Associates.
Symantec released three bulletins dealing with vulnerabilities in a number of different products such as Symantec Antivirus, Client Security and Endpoint Protection as well as Symantec IM Manager. The impact of the vulnerabilities in these packages include denial of service and cross-site scripting.
Adobe made the announcement that their proprietry download manager software, Adobe Download Manager, suffered from a vulnerability which could allow the execution of arbitrary code. This download manager is installed to facilitate the download and installation of updates and then remove itself, however it was found that in some cases it was not removing itself and could be used to download and execute malicious code.
Computer Associates released two bulletins dealing with vulnerabilities in their CA Service Desk packages and CA eHealth Performance Manager, which could allow cross-site scripting attacks to occur. Asterisk released their second bulletin for 2010 this week, relating to a vulnerability in Asterisk Open Source and Asterisk Business Edition which could allow the modification of arbtirary files.
For organisations who are already AusCERT members, this will not affect your existing subscription or services, however, we have released the following information regarding changes to the AusCERT National alerting service: https://www.auscert.org.au/12453
Have a great weekend!
Jonathan
|
|
|
|
 |
|
 |
|
|