http://www.cert-ist.com/eng/ Cert-IST = Computer Emergency Response Team - Industry, Services and Tertiary. Cert-IST is a center for alert and reaction to computer attacks dedicated to French enterprises. The Cert-IST is a not for profit association, which goal is to provide to its adherents risk prevention services and assistance for incident handling. en Copyright © 1999-2005 Cert-IST webmaster@cert-ist.com http://www.cert-ist.com/images/site/logocert_144x78.jpg http://www.cert-ist.com/eng/ 144 78 The CERT for France Industry, Services and Tertiary sector https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2008.226 [low] Two vulnerabilities have been discovered in "Citrix Presentation Server". They allow a malicious person who has an account on a vulnerable Citrix server to illegally access to data or to establish ses ... https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2008.225 [medium] A vulnerability has been discovered in the optional Content Switching Module (CSM) and Content Switching Module with SSL (CSM-S) running on Cisco Catalyst switches. It allows a malicious person to dis ... https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2008.224 [medium] Several vulnerabilities have been discovered in some services of "Cisco Unified Communications Manager" (CUCM). They allow a malicious person to remotely crash a vulnerable device. ... https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2008.223 [medium] A Cross-Site Scripting (XSS) vulnerability has been discovered in Lotus Quickr 8.1. It allows a malicious person, through a web site or a crafted e-mail which uses a server running a vulnerable Lotus ... https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2008.222 [medium] A vulnerability has been discovered in SSL on Linux Debian and Ubuntu systems. It allows a malicious person to compromise cryptographic keys used for authentication and signatures. ... https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2008.221 [medium] Two vulnerabilities have been discovered in the malware protection engine ("Microsoft Malware Protection Engine") included in the Microsoft anti-virus and anti-spyware solutions (Windows Live OneCare, ... https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2008.220 [medium] A vulnerability has been discovered in Microsoft Publisher. It allows a remote malicious person, through a specially crafted publisher file (e.g. hosted on a website or sent by e-mail) to execute a ... https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2008.219 [medium] Two vulnerabilities have been discovered in Microsoft Word. They allow a malicious file to execute harmful actions on the vulnerable system. ... https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2008.204 [medium] Several vulnerabilities have been discovered in several optional extensions of TYPO3. They allow a malicious person to remotely perform "Cross-Site Scripting" attacks or to execute arbitrary Javascrip ... https://wws.cert-ist.com/fast-cgi/AV/Avis.cgi?ref=CERT-IST/AV-2008.134 [high] A vulnerability has been discovered in the "Microsoft Jet Database Engine" component on certain Microsoft Windows systems. It allows a malicious Word file to perform harmful actions on a vulnerable Wi ...