Threat Level: green Handler on Duty: Russell Eubanks

SANS ISC Diaries by Keyword


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
DateAuthorTitle

CVE 20122110

2012-04-19Kevin ShorttOpenSSL Security Advisory - CVE-2012-2110

CVE

2015-07-12/a>Guy BruneauPHP 5.x Security Updates
2015-06-16/a>John BambenekCVE-2014-4114 and an Interesting AV Bypass Technique
2015-04-15/a>Johannes UllrichMS15-034: HTTP.sys (IIS) DoS And Possible Remote Code Execution. PATCH NOW
2015-01-27/a>Johannes UllrichNew Critical GLibc Vulnerability CVE-2015-0235 (aka GHOST)
2014-09-25/a>Johannes UllrichUpdate on CVE-2014-6271: Vulnerability in bash (shellshock)
2014-09-24/a>Pedro BuenoAttention *NIX admins, time to patch!
2014-06-12/a>Guy BruneauBIND Security Update for CVE-2014-3859
2014-06-12/a>Johannes UllrichMetasploit now includes module to exploit CVE-2014-0195 (OpenSSL DTLS Fragment Vuln.)
2014-04-08/a>Guy BruneauOpenSSL CVE-2014-0160 Fixed
2014-03-24/a>Johannes UllrichNew Microsoft Advisory: Unpatched Word Flaw used in Targeted Attacks
2014-03-02/a>Stephen HallSymantec goes yellow
2013-10-01/a>John Bambenek*Metaspoit Releases Module to Exploit Unpatched IE Vuln CVE-2013-3893
2013-09-20/a>Russ McReeThreat Level Yellow: Protection recommendations regarding Internet Explorer exploits in the wild
2013-08-16/a>Kevin ListonCVE-2013-2251 Apache Struts 2.X OGNL Vulnerability
2013-06-01/a>Guy BruneauExploit Sample for Win32/CVE-2012-0158
2013-05-20/a>Guy BruneauSafe - Tools, Tactics and Techniques
2013-05-09/a>Johannes UllrichMicrosoft released a Fix-it for the Internet Explorer 8 Vulnerability http://support.microsoft.com/kb/2847140
2013-02-11/a>John BambenekOpenSSL 1.0.1e Released with Corrected fix for CVE-2013-1069, more here: http://www.openssl.org/
2013-01-19/a>Guy BruneauJava 7 Update 11 Still has a Flaw
2013-01-04/a>Guy Bruneau"FixIt" Patch for CVE-2012-4792 Bypassed
2012-09-23/a>Tony CarothersUpdate for CVE-2012-3132
2012-06-20/a>Raul SilesCVE-2012-0217 (from MS12-042) applies to other environments too
2012-06-18/a>Guy BruneauCVE-2012-1875 exploit is now available
2012-05-25/a>Guy BruneauTechnical Analysis of Flash Player CVE-2012-0779
2012-04-19/a>Kevin ShorttOpenSSL Security Advisory - CVE-2012-2110
2012-02-09/a>Richard PorterDNS Ghost Domains, How I loath you so!
2012-01-12/a>Rob VandenBrinkPHP 5.39 was release on the 10th, amongst other things, it addresses CVE-2011-4885 (prevents attacks based on hash collisions) and CVE-2011-4566 (integer overflow when parsing invalid exif header)
2011-10-06/a>Rob VandenBrinkApache HTTP Server mod_proxy reverse proxy issue
2011-05-27/a>Kevin ListonManaging CVE-0
2011-04-28/a>Chris MohanGathering and use of location information fears - or is it all a bit too late
2011-02-23/a>Manuel Humberto Santander PelaezBind DOS vulnerability (CVE-2011-0414)
2010-11-16/a>Guy Bruneau OpenSSL TLS Extension Parsing Race Condition
2010-10-30/a>Guy BruneauSecurity Update for Shockwave Player
2010-10-28/a>Manuel Humberto Santander PelaezCVE-2010-3654 - New dangerous 0-day authplay library adobe products vulnerability
2010-09-17/a>Robert DanfordCirca 2007 Linux Kernel Vulnerability Resurfaces (Was CVE-2007-4573, Now CVE-2010-3301)
2010-09-13/a>Manuel Humberto Santander PelaezAdobe SING table parsing exploit (CVE-2010-2883) in the wild
2010-09-12/a>Manuel Humberto Santander PelaezAdobe Acrobat pushstring Memory Corruption paper
2010-09-08/a>John BambenekAdobe Acrobat/Reader 0-day in Wild, Adobe Issues Advisory
2010-08-25/a>Pedro BuenoAdobe released security update for Shockwave player that fix several CVEs: APSB1020
2010-07-20/a>Manuel Humberto Santander PelaeziTunes buffer overflow vulnerability
2010-06-15/a>Manuel Humberto Santander PelaezMicrosoft Windows Help and Support Center vulnerability (CVE 2010-1885) exploit in the wild
2010-01-19/a>Jim ClausingThe IE saga continues, out-of-cycle patch coming soon
2010-01-15/a>Kevin ListonExploit code available for CVE-2010-0249
2010-01-12/a>Adrien de BeauprePoC for CVE-2009-0689 MacOS X 10.5/10.6 vulnerability
2010-01-04/a>Bojan ZdrnjaSophisticated, targeted malicious PDF documents exploiting CVE-2009-4324
2009-05-28/a>Stephen HallMicrosoft DirectShow vulnerability

20122110

2012-04-19/a>Kevin ShorttOpenSSL Security Advisory - CVE-2012-2110