Author Archives: CIRT Team



CIRT Team

in Security Advisories & Alerts

Xen Security Advisory CVE-2017-10920 CVE-2017-10921 CVE-2017-10922 [grant table operations mishandle reference counts]

Description: The grant-table feature in Xen through 4.8.x does not ensure sufficient type counts for a GNTMAP_device_map and GNTMAP_host_map mapping, which allows guest OS users to cause a denial of service (count mismanagement and memory corruption) or obtain privileged host OS access, aka XSA-224 bug 2. Impact: For the worst...

Read more

0
17 Jul 2017
in Security Advisories & Alerts

Microsoft Exchange CVE-2017-8559 Cross-Site Scripting Vulnerability

Description: An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited this vulnerability could perform script/content injection attacks and attempt to trick the user into disclosing sensitive information. Impact:  Attackers can exploit this issue to gain...

Read more

0
16 Jul 2017
in Security Advisories & Alerts

Oracle July 2017 Critical Patch Update Multiple Vulnerabilities

Description: Oracle has released advance notification regarding the July 2017 Critical Patch Update (CPU) to be released on July 18, 2017. The update addresses 315 vulnerabilities affecting the following software:     Oracle Database Server, versions 11.2.0.4, 12.1.0.2, 12.2.0.1     Oracle REST Data Services, versions prior to 3.0.10.25.02.36     Oracle API...

Read more

0
16 Jul 2017
Page 82 of 100« First...102030...8081828384...90100...Last »