Security Hero Rotating Header Image

April, 2007:

PHP HTML Entity Encoder Heap Overflow Vulnerability in Multiple Web-Based Management Interfaces

PHP HTML Entity Encoder Heap Overflow Vulnerability in Multiple Web-Based Management Interfaces

This is a response to a Hardened-PHP Project advisory posted on November 3, 2006, entitled “PHP HTML Entity Encoder Heap Overflow Vulnerability.”

URL: http://www.cisco.com/en/US/products/products_security_response09186a008082c4fe.html

Cross-Site Scripting Vulnerability in Online Help System

Cross-Site Scripting Vulnerability in Online Help System

A cross-site scripting (XSS) vulnerability in the online help system distributed with several Cisco products has been independently reported to Cisco by Erwin Paternotte from Fox-IT and by Cassio Goldschmidt. The vulnerability would allow an attacker to execute arbitrary scripting code in a user’s web browser if the attacker is successful in enticing the user to follow a specially crafted, malicious URL.

URL: http://www.cisco.com/en/US/products/products_security_response09186a0080803fe4.html

Market Research Report Re-Affirms Infoblox Leadership in Growing DNS, DHCP and IPAM Appliance Market

Market Research Report Re-Affirms Infoblox Leadership in Growing DNS, DHCP and IPAM Appliance Market

Infoblox Inc., today announced that a recently published IDC report states that Infoblox is the DNS, DHCP and IPAM appliance market leader.

URL: http://feedproxy.google.com/~r/InfobloxNewsFeed/~3/nryQO_LqFuY/release.cfm

Vulnerability in Windows Animated Cursor Handling – 4/3/2007

Microsoft Security Advisory (935423): Vulnerability in Windows Animated Cursor Handling – 4/3/2007

Revision Note: Advisory updated to reflect publication of security bulletin. Advisory Summary:Microsoft has completed the investigation into a public report of attacks exploiting a vulnerability in the way Microsoft Windows handles animated cursor (.ani) files. We have issued MS07-017 to address this issue.

URL: http://www.microsoft.com/technet/security/advisory/935423.mspx