@RISK: The Consensus Security Alert - Part 1 http://www.sans.org/newsletters/risk/display.php All Updates From Part 1 of Vol: 9 - Issue: 10 en-us (C) SANS Institute 2010 webmaster@sans.org SANS RSS Feed http://www.sans.org/images/rss_logo.gif http://www.sans.org/newsletters/risk/display.php SANS 2009 http://www.sans.org/info/35964/ http://www.sans.org/info/35964/ More than 35 courses, SANS top instructors, all in one great place! SANS 2009 is being held in Orlando, FL on March 2-9. Register today! (1) HIGH: IBM Lotus iNotes ActiveX Control Buffer Overflow Vulnerability http://www.sans.org/newsletters/risk/display.php?v=9&i=10&rss=Y#widely1 http://www.sans.org/newsletters/risk/display.php?v=9&i=10&rss=Y#widely1 Category: Widely Deployed Software

Affected:

  • IBM Lotus iNotes versions prior to 8.5
  • IBM Lotus iNotes versions prior to 7.0.4

]]> (2) HIGH: IBM Informix Multiple Buffer Overflow Vulnerabilities http://www.sans.org/newsletters/risk/display.php?v=9&i=10&rss=Y#widely2 http://www.sans.org/newsletters/risk/display.php?v=9&i=10&rss=Y#widely2 Category: Widely Deployed Software

Affected:

  • IBM Informix IDS 11.10.xC2
  • IBM Informix IDS 11.10
  • IBM Informix IDS 10.00.xC8
  • IBM Informix IDS 10.00.xC7W1
  • IBM Informix IDS 10.00.xC11
  • IBM Informix IDS 10.0.xC4
  • IBM Informix IDS 10.0

]]> (3) HIGH: Multiple Vendor "librpc.dll" Signedness Error Code Execution Vulnerability http://www.sans.org/newsletters/risk/display.php?v=9&i=10&rss=Y#widely3 http://www.sans.org/newsletters/risk/display.php?v=9&i=10&rss=Y#widely3 Category: Widely Deployed Software

Affected:

  • IBM Informix IDS 9.40 .UC3
  • IBM Informix IDS 9.40 .UC2
  • IBM Informix IDS 9.40 .UC1
  • IBM Informix IDS 9.3
  • IBM Informix IDS 9.40 xC7
  • IBM Informix IDS 9.40 .xD8
  • IBM Informix IDS 9.40 .UC5
  • IBM Informix IDS 9.40 .TC5
  • IBM Informix IDS 9.4
  • IBM Informix IDS 7.31 .xD9
  • IBM Informix IDS 7.31 .xD8
  • IBM Informix IDS 7.3
  • IBM Informix IDS 11.10.xC4
  • IBM Informix IDS 11.10.xC2
  • IBM Informix IDS 11.10
  • IBM Informix IDS 10.00.xC8
  • IBM Informix IDS 10.00.xC7W1
  • IBM Informix IDS 10.00.xC11
  • IBM Informix IDS 10.0.xC4
  • IBM Informix IDS 10.0
  • IBM Informix IDS 10.0
  • EMC Legato Networker 7.3.2
  • EMC Legato Networker 7.2.1
  • EMC Legato Networker 7.2 build 172
  • EMC Legato Networker 7.2
  • EMC Legato Networker 7.1.3
  • EMC Legato Networker 7.0
  • EMC Legato Networker 6.0 x

]]> (4) MODERATE: Microsoft Internet Explorer VBScript Windows Help Code Execution Vulnerability http://www.sans.org/newsletters/risk/display.php?v=9&i=10&rss=Y#widely4 http://www.sans.org/newsletters/risk/display.php?v=9&i=10&rss=Y#widely4 Category: Widely Deployed Software

Affected:

  • Microsoft Windows 2000 Service Pack 4
  • Windows XP Service Pack 2, Windows XP Service Pack 3, and Windows XP
  • Professional x64 Edition Service Pack 2
  • Windows Server 2003 Service Pack 2, Windows Server 2003 with SP2 for
  • Itanium-based Systems, and Windows Server 2003 x64 Edition Service Pack 2

]]> (5) MODERATE: Modo 401 LXO Processing Integer Overflow Vulnerability http://www.sans.org/newsletters/risk/display.php?v=9&i=10&rss=Y#widely5 http://www.sans.org/newsletters/risk/display.php?v=9&i=10&rss=Y#widely5 Category: Widely Deployed Software

Affected:

  • Luxology Modo 401 - Windows

]]>