ISC Diary

Open Office WMF Heap Overflow Patch available.

Published: 2007-01-04,
Last Updated: 2007-01-04 16:20:21 UTC
by Chris Carboni (Version: 1)

Juha-Matti alerted us to the availability of the patch for the Open Office WMF Heap Overflow reported here.

The vulnerability involves an overflow in the processor for WMF and EMF files that could cause arbitrary code to be executed if a victim opens a specially crafted WMF/EMF file.

According to Red Hat this is under review as CVE-2006-5870.

Keywords:

0 comment(s)

Top of page

Multiple Vulnerabilities in Cisco Clean Access

Published: 2007-01-04,
Last Updated: 2007-01-04 14:37:01 UTC
by Chris Carboni (Version: 1)

0 comment(s)

Fellow handler Jim Clausing (thanks Jim) let us know about new vulnerabilities in Cisco Clean Access (CCA).

Summary

Cisco Clean Access (CCA) is a software solution that can automatically detect, isolate, and clean infected or vulnerable devices that attempt to access your network. It consists of Cisco Clean Access Manager (CAM) and Cisco Clean Access Server (CAS) devices that work in tandem.

Cisco Clean Access is affected by the following vulnerabilities: