http://www.cert-ist.com/eng/ Cert-IST = Computer Emergency Response Team - Industry, Services and Tertiary. Cert-IST is a center for alert and reaction to computer attacks dedicated to French enterprises. The Cert-IST is a not for profit association, which goal is to provide to its adherents risk prevention services and assistance for incident handling. en Copyright © 1999-2005 Cert-IST webmaster@cert-ist.com http://www.cert-ist.com/images/site/logocert_144x78.jpg http://www.cert-ist.com/eng/ 144 78 The CERT for France Industry, Services and Tertiary sector https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2012.078 [not_rated] An undocumented vulnerability has been fixed in Skype for Windows. Up to now, the exact nature and the consequences of this vulnerability are unknown. This advisory will be updated when more informati ... https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2012.077 [medium] A vulnerability has been discovered in the TCP stack handling on IBM AIX. It allows a malicious person to remotely cause a denial of service on a vulnerable system. ... https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2012.071 [high] Several vulnerabilities (52) have been discovered in Mac OS X. They allow: a local unprivileged user or a user authenticated on a vulnerable service, to cause denials of service (application or system ... https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2012.076 [medium] A vulnerability has been discovered in the "libpng" library on Linux/Unix systems. It allows a malicious PNG image to cause an application using a vulnerable version of "libpng" to crash or to perform ... https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2012.075 [medium] Several vulnerabilities have been discovered in the Drupal content management system (CMS). They allow a remote malicious person: to conduct Cross-Site Request Forgery (CSRF) attacks potentially lea ... https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2012.074 [medium] A vulnerability has been discovered in PHP version 5.3.9. It allows a remote malicious person to perform a denial of service or to run harmful actions on a system running a vulnerable version of PHP. ... https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2012.073 [medium] Several vulnerabilities have been discovered in optional extensions of TYPO3. They allow a remote attacker: to illegally perform arbitrary SQL requests ("SQL Injection" attacks) on the database used b ... https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2012.072 [medium] A vulnerability has been discovered in EMC Documentum Content Server versions 6.0, 6.5 and 6.6. It allows a malicious user having an account on a vulnerable system to increase his privileges on this s ... https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2012.070 [high] Several vulnerabilities have been discovered in the Apache web server. They allow: a malicious person to perform a denial of service or to illegally access potentially sensitive data, an unprivileged ... https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2012.069 [medium] A vulnerability has been discovered in the Ubuntu "AccountsService" component. It allows a malicious person having an unprivileged account on a vulnerable system, to illegally alter arbitrary files on ...