Vulnerability Database
VIII. SOURCES
scip AG - Security is our Business (german)
http://www.scip.ch
scip AG - Vulnerability Database (german)
http://www.scip.ch/?vuldb.4143
computec.ch Document Database (german)
http://www.computec.ch
security advisory to provide vulnerable users with the details needed to
assess risk and devise their own mitigation mechanisms until official
fixed versions of the clients are made available.
*2007-09-19*: Email sent to AOL indicating that information about the
reported vulnerabilities is now part of Mitre CVE dictionary, the US
National Vulnerability Database [3], the Securityfocus.com vulnerability
Database [4] and the Secunia.com website [5], therefore Core considers
that any security-aware party (either good or bad intended) can now easily
figure out a remote exploitation method. In fact, several messages in
AOL's technical forums seem to indicate that users of AIM clients are
experiencing AIM "bugs" or "problems" related to the issues reported in
- - http://securityreason.com/key/Arciemowicz.Maksymilian.gpg
- - http://securityreason.com/key/sp3x.gpg
http://securityreason.com/
http://securityreason.com/exploit_alert/ - Exploit Database
http://securityreason.com/security_alert/ - Vulnerability Database
-----BEGIN PGP SIGNATURE-----
iEYEARECAAYFAktGcnsACgkQpiCeOKaYa9aRzgCgth+8HlRjOPmeJNGc+wCplmmC
xsAAoNsMatpwiW8k93sTbjMayHfPna1a
VIII. SOURCES
scip AG - Security is our Business (german)
http://www.scip.ch/
scip AG - Vulnerability Database (german)
http://www.scip.ch/?vuldb.4142
computec.ch Document Database (german)
http://www.computec.ch
VIII. SOURCES
scip AG - Security Consulting Information Process (german)
http://www.scip.ch/
scip AG - Vulnerability Database (german)
http://www.scip.ch/?vuldb.4021
computec.ch Document Database (german)
http://www.computec.ch/download.php
VIII. SOURCES
scip AG - Security Consulting Information Process (german)
http://www.scip.ch/
scip AG Vulnerability Database (german)
http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=3807
computec.ch document data base (german)
http://www.computec.ch/download.php
security advisory to provide vulnerable users with the details needed to
assess risk and devise their own mitigation mechanisms until official
fixed versions of the clients are made available.
*2007-09-19*: Email sent to AOL indicating that information about the
reported vulnerabilities is now part of Mitre CVE dictionary, the US
National Vulnerability Database [3], the Securityfocus.com vulnerability
Database [4] and the Secunia.com website [5], therefore Core considers
that any security-aware party (either good or bad intended) can now easily
figure out a remote exploitation method. In fact, several messages in
AOL's technical forums seem to indicate that users of AIM clients are
experiencing AIM "bugs" or "problems" related to the issues reported in
GPG:
- - http://securityreason.com/key/Arciemowicz.Maksymilian.gpg
http://securityreason.com/
http://securityreason.com/exploit_alert/ - Exploit Database
http://securityreason.com/security_alert/ - Vulnerability Database
-----BEGIN PGP SIGNATURE-----
iEYEARECAAYFAkv2dzwACgkQpiCeOKaYa9ZlZgCePDO6yzT92gv8BZWgVIzkRVz7
SHIAn2EeEKyQMPdGXWcEahv0lYzwizzy
=SXST
GPG:
- - http://securityreason.com/key/Arciemowicz.Maksymilian.gpg
http://securityreason.com/
http://securityreason.com/exploit_alert/ - Exploit Database
http://securityreason.com/security_alert/ - Vulnerability Database
-----BEGIN PGP SIGNATURE-----
iEYEARECAAYFAkv2dbQACgkQpiCeOKaYa9aN0QCgvsk4mNEx7yXRqAX/CHOZl53x
J2YAn1OnO769x8IN2evc3VMt79QTOp+O
GPG:
- - http://securityreason.com/key/Arciemowicz.Maksymilian.gpg
http://securityreason.com/
http://securityreason.com/exploit_alert/ - Exploit Database
http://securityreason.com/security_alert/ - Vulnerability Database
-----BEGIN PGP SIGNATURE-----
iEYEARECAAYFAkv2dacACgkQpiCeOKaYa9ZuwwCfcLbAFFQOpZ4+2j5sSOvNUa97
7HEAoJLTh6ygjroFhJuboBfgRuIhFEoh
=5zDe
VIII. SOURCES
scip AG - Security Consulting Information Process (german)
http://www.scip.ch/
scip AG Vulnerability Database (german)
http://www.scip.ch/?vuldb.4020
IX. DISCLOSURE TIMELINE
2009/09/04 Identification of the vulnerability, Vendor is being
VIII. SOURCES
scip AG - Security Consulting Information Process (german)
http://www.scip.ch/
scip AG Vulnerability Database (german)
http://www.scip.ch/?vuldb.4063
IX. DISCLOSURE TIMELINE
VIII. SOURCES
scip AG - Security Consulting Information Process (german)
http://www.scip.ch/
scip AG Vulnerability Database (german)
http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=3809
computec.ch document data base (german)
http://www.computec.ch/download.php
VIII. SOURCES
scip AG - Security Consulting Information Process (german)
http://www.scip.ch/
scip AG Vulnerability Database (german)
http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=3808
computec.ch document data base (german)
http://www.computec.ch/download.php
Google will begin accepting student applications on Monday, March 24,
2008! Please help spread the word and encourage all eligible students to
apply for one of the security related projects!
OSVDB: The Open Source Vulnerability Database:
http://osvdb.org/blog/?p=231
OSSIM: Open Source Security Information Management:
http://www.ossim.net/dokuwiki/doku.php?id=ideas
CVE-2007-4347 to the integer overflow DoS issues
These issues are candidates for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security issues.
SecurityFocus has assigned Bugtraq ID BID 26028 for the null pointer issue and BID 26029 for the integer overflow issues
for inclusion in the SecurityFocus vulnerability database.
Symantec strongly recommends using encrypted email for reporting vulnerability information to secure@symantec.com.
The Symantec Product Security PGP key can be obtained from http://www.symantec.com/security.
|
