[CERT-daily] Tageszusammenfassung - Mittwoch 23-10-2013

Daily end-of-shift report team at cert.at
Wed Oct 23 18:07:38 CEST 2013


=======================
= End-of-Shift report =
=======================

Timeframe:   Dienstag 22-10-2013 18:00 − Mittwoch 23-10-2013 18:00
Handler:     Stephan Richter
Co-Handler:  n/a



*** WellinTech KingView ActiveX Vulnerabilities ***
---------------------------------------------
OVERVIEW: This advisory is a follow-up to the alert titled ICS-ALERT-13-256-01 WellinTech KingView ActiveX Vulnerabilitiesa that was published September 13, 2013, on the NCCIC/ICS-CERT Web site.
---------------------------------------------
http://ics-cert.us-cert.gov/advisories/ICSA-13-295-01




*** Apache Fixes Information Disclosure Vulnerability in Shindig ***
---------------------------------------------
The Apache Software Foundation released a new version of Shindig, a framework for web applications, yesterday, fixing what the collective has deemed an important information disclosure vulnerability.
---------------------------------------------
http://threatpost.com/apache-fixes-information-disclosure-vulnerability-in-shindig/102650




*** Xerox WorkCentre and ColorQube Let Remote Users Gain Unauthorized Access ***
---------------------------------------------
A vulnerability was reported in Xerox WorkCentre and ColorQube. A remote user can gain unauthorized access.
---------------------------------------------
http://www.securitytracker.com/id/1029224




*** Security Bulletins: Vulnerability in XenDesktop 7.0 upgrade could result in policy bypass ***
---------------------------------------------
A vulnerability has been identified in Citrix XenDesktop 7.0 that could prevent policy rules from being correctly applied following an upgrade from earlier versions of Citrix XenDesktop.
---------------------------------------------
http://support.citrix.com/article/CTX138627




*** MantisBT 1.2.15 XSS vulnerability ***
---------------------------------------------
Topic: MantisBT 1.2.15 XSS vulnerability Risk: Low Text:Greetings Roland Becker (MantisBT developer) discovered and fixed [1] an XSS vulnerability issue affecting MantisBT releases...
---------------------------------------------
http://cxsecurity.com/issue/WLB-2013100159




*** Fixes from Apple (iOS 7.0.3, OS X Mavericks v10.9, Safari 6.1, Keynote 6.0, OS X Server 3.0, Remote Desktop, iTunes 11.1.2) ***
---------------------------------------------
http://prod.lists.apple.com/archives/security-announce/2013/Oct/msg00002.html
http://prod.lists.apple.com/archives/security-announce/2013/Oct/msg00003.html
http://prod.lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
http://prod.lists.apple.com/archives/security-announce/2013/Oct/msg00005.html
http://prod.lists.apple.com/archives/security-announce/2013/Oct/msg00006.html
http://prod.lists.apple.com/archives/security-announce/2013/Oct/msg00007.html
http://prod.lists.apple.com/archives/security-announce/2013/Oct/msg00008.html
http://prod.lists.apple.com/archives/security-announce/2013/Oct/msg00009.html


More information about the Daily mailing list