@RISK: The Consensus Security Alert - Part 1 http://www.sans.org/newsletters/risk/display.php All Updates From Part 1 of Vol: 8 - Issue: 45 en-us (C) SANS Institute 2009 webmaster@sans.org SANS RSS Feed http://www.sans.org/images/rss_logo.gif http://www.sans.org/newsletters/risk/display.php SANS 2009 http://www.sans.org/info/35964/ http://www.sans.org/info/35964/ More than 35 courses, SANS top instructors, all in one great place! SANS 2009 is being held in Orlando, FL on March 2-9. Register today! (1) CRITICAL: Adobe Shockwave Player Multiple Vulnerabilities http://www.sans.org/newsletters/risk/display.php?v=8&i=45&rss=Y#widely3 http://www.sans.org/newsletters/risk/display.php?v=8&i=45&rss=Y#widely3 Category: Widely Deployed Software

Affected:

  • Adobe Shockwave Player versions 11.x

]]> (2) HIGH: BlackBerry Desktop Software Lotus Notes Intellisync ActiveX Control Vulnerability http://www.sans.org/newsletters/risk/display.php?v=8&i=45&rss=Y#widely4 http://www.sans.org/newsletters/risk/display.php?v=8&i=45&rss=Y#widely4 Category: Widely Deployed Software

Affected:

  • Research In Motion Blackberry Desktop Manager 4.2.2
  • Research In Motion Blackberry Desktop Manager 5.0
  • Research In Motion Blackberry Desktop Manager 4.7
  • Research In Motion Blackberry Desktop Manager

]]> (3) HIGH: Sun Java Runtime Environment Multiple Vulnerabilities http://www.sans.org/newsletters/risk/display.php?v=8&i=45&rss=Y#widely5 http://www.sans.org/newsletters/risk/display.php?v=8&i=45&rss=Y#widely5 Category: Widely Deployed Software

Affected:

  • JDK and JRE 6 Update 16 and earlier
  • JDK and JRE 5.0 Update 21 and earlier
  • SDK and JRE 1.4.2_23 and earlier
  • SDK and JRE 1.3.1_26 and earlier

]]> (4) HIGH: Symantec Altiris ConsoleUtilities ActiveX Control Buffer Overflow Vulnerability http://www.sans.org/newsletters/risk/display.php?v=8&i=45&rss=Y#widely6 http://www.sans.org/newsletters/risk/display.php?v=8&i=45&rss=Y#widely6 Category: Widely Deployed Software

Affected:

  • Symantec Management Platform 7.0 SP1
  • Symantec Management Platform 7.0
  • Symantec Altiris Notification Server 6.0 SP3 R7
  • Symantec Altiris Notification Server 6.0 SP3
  • Symantec Altiris Notification Server 6.0 SP2
  • Symantec Altiris Notification Server 6.0 SP1
  • Symantec Altiris Notification Server 6.0
  • Symantec Altiris Deployment Solution 6.9.355 SP1
  • Symantec Altiris Deployment Solution 6.9.355
  • Symantec Altiris Deployment Solution 6.9.176
  • Symantec Altiris Deployment Solution 6.9.164
  • Symantec Altiris Deployment Solution 6.9 SP3 Build 430
  • Symantec Altiris Deployment Solution 6.9 SP1
  • Symantec Altiris Deployment Solution 6.9

]]> (5) HIGH: IBM Tivoli Storage Manager Multiple Vulnerabilities http://www.sans.org/newsletters/risk/display.php?v=8&i=45&rss=Y#widely7 http://www.sans.org/newsletters/risk/display.php?v=8&i=45&rss=Y#widely7 Category: Widely Deployed Software

Affected:

  • IBM Tivoli Storage Manager versions 5.x
  • IBM Tivoli Storage Manager versions 6.x

]]> (6) HIGH: Multiple Vendor Hummingbird STR Service Buffer Overflow Vulnerability http://www.sans.org/newsletters/risk/display.php?v=8&i=45&rss=Y#widely8 http://www.sans.org/newsletters/risk/display.php?v=8&i=45&rss=Y#widely8 Category: Widely Deployed Software

Affected:

  • OpenText Search Server 6.x
  • EMC Documentum eRoom 7.4.1

]]> (7) HIGH: RhinoSoft Serv-U File Server Buffer Overflow Vulnerability http://www.sans.org/newsletters/risk/display.php?v=8&i=45&rss=Y#widely9 http://www.sans.org/newsletters/risk/display.php?v=8&i=45&rss=Y#widely9 Category: Widely Deployed Software

Affected:

  • Serv-U versions 9.x

]]>