Centre for Critical Infrastructure Protection

Home | Vulnerabilities | Vulnerability Alert Archives | June 2006

June 2006

The following table includes the Vulnerability Alerts for the month.

Note: These links reference external sites. CCIP can not accept responsibility for outdated links or such links contents.

Reference	Description	Date
Apple	Apple iTunes Advanced Audio Coding File Handling Integer Overflow Vulnerability	30/06/06
Secunia	phpRaid SQL Injection and File Inclusion Vulnerabilities	30/06/06
Novell	Novell GroupWise 7 Windows Client Email Access Vulnerability	30/06/06
Novell	Novell GroupWise 6.5 Windows Client Email Access Vulnerability	30/06/06
Gentoo	Gentoo update for tikiwiki	30/06/06
Cisco	Access Point Web-Browser Interface Vulnerability	29/06/06
Cisco	Multiple Vulnerabilities in Wireless Control System	29/06/06
Mandriva	Mandriva update for tetex	29/06/06
IBM	Lotus Domino Malformed vCal Processing Denial of Service	29/06/06
F-Secure	F-Secure Antivirus Products Scanning Bypass Vulnerability	29/06/06
Mandriva	Mandriva update for libwmf	29/06/06
Apple	Mac OS X v10.4.7 release fixes several vulnerabilities	28/06/06
Microsoft	Re-release of software update for MS06-025	28/06/06
IBM	IBM WebSphere Application Server Two Vulnerabilities	28/06/06
SUSE	SUSE update for freetype2	28/06/06
rPath	rPath update for kernel	27/06/06
Helix	Helix DNA Server Heap Corruption Vulnerabilities	27/06/06
GnuPG	GnuPG "parse-packet.c" Denial of Service Vulnerability	26/06/06
Opera	Opera JPEG Processing Integer Overflow Vulnerability	26/06/06
SGI	SGI Advanced Linux Environment Multiple Updates	26/06/06
Cisco	RealVNC Remote Authentication Bypass Vulnerability	23/06/06
IBM	IBM HMC Sendmail and OpenSSH Vulnerabilities	23/06/06
IBM	WebSphere Application Server V6.0.2 Fix Pack 11 for Windows platforms	22/06/06
Clearswift	MAILsweeper for SMTP/Exchange Multiple Vulnerabilities	22/06/06
Hitachi	Vulnerability in the MDAC Function Could Allow Remote Code Execution	21/06/06
Linux Kernel	Linux Kernel "xt_sctp" Denial of Service Vulnerability	21/06/06
SuSE	awstats remote code execution	21/06/06
Gentoo	Typespeed: Remote execution of arbitrary code	21/06/06
Gentoo	Mozilla Thunderbird: Multiple vulnerabilities	21/06/06
Nullsoft	Nullsoft Winamp Midi File Header Handling Client-Side Buffer Overflow Vulnerability	20/06/06
Cisco	Cisco Secure ACS for UNIX Cross Site Scripting Vulnerability	19/06/06
US-CERT	Microsoft Excel Vulnerability	19/06/06
AusCERT	Malicious "National Bank bankrupt" email links to sites targeting multiple web browsers	16/06/06
Adobe	Adobe Reader Unspecified Vulnerabilities	16/06/06
Gentoo	Gentoo update for DokuWiki	16/06/06
Sendmail	Sendmail Multi-Part MIME Message Handling Denial of Service	16/06/06
Microsoft	Microsoft Security Bulletin Summary for June, 2006	14/06/06
MyBB	MyBB "domecode()" PHP Code Execution Vulnerability	13/06/06
Gentoo	Gentoo update for firefox	13/06/06
Gentoo	Gentoo update for mysql	13/06/06
Red Hat	Red Hat update for mysql	13/06/06
Trustix	Trustix updates for binutils / mysql / spamassassin	12/06/06
Ubuntu	Ubuntu update for binutils	12/06/06
Enterprise Payroll	Enterprise Payroll Systems "absolutepath" File Inclusion	12/06/06
Debian	Debian update for mysql-dfsg-4.1	12/06/06
Gentoo	Gentoo update for awstats	09/06/06
Gentoo	Gentoo update for tor	09/06/06
Ubuntu	Ubuntu update for tiff	09/06/06
Debian	Debian update for tiff	09/06/06
HP	HP Tru64 UNIX and HP Internet Express Sendmail Vulnerability	08/06/06
Coppermine	Coppermine Photo Gallery usermgr.php Unspecified Vulnerability	08/06/06
MediaWiki	MediaWiki Edit Form Script Insertion Vulnerability	07/06/06
SUSE	SUSE Updates for Multiple Packages	06/06/06
Debian	Debian update for lynx-cur	06/06/06
MySQL	MySQL Multibyte Encoding SQL Injection Vulnerability	06/06/06
Mozilla	New versions of Firefox and Thunderbird fix multiple vulnerabilities	04/06/06
F-Secure	Buffer overflow in Web console of F-Secure Anti-Virus for Microsoft Exchange and F-Secure Internet Gatekeeper	02/06/06
IBM	IBM DCE Two Kerberos Vulnerabilities	02/06/06
Snort	Possible Evasion in http_inspect	01/06/06
Symantec	Symantec Client Security and Symantec AntiVirus Elevation of Privilege	01/06/06
CERT/CC	Multiple security vulnerabilities in Secure Elements Class 5 AVR (EVM)	01/06/06
Secunia	phpMyDesktop\|arcade Local File Inclusion and Script Insertion	01/06/06
CERT/CC	WeOnlyDo! SFTP ActiveX control fails to properly restrict access to methods	01/06/06

Centre for Critical Infrastructure Protection (CCIP)

Centre for Critical Infrastructure Protection

June 2006