Sourcefire Vulnerability Research Team (VRT) Advisories

Localized pages:

3D System Snort VRT Snort Engine Snort Rules Snort Scholarship ClamAV	products Sourcefire VRT Advisories ! What You Should Know About Conficker July 01, 2009 Web-client, Web-misc, Chat, Netbios and Specific-threats Updates June 16, 2009 Spyware-PUT, Content-replace, Exploit, DoS Additions June 09, 2009 Multiple Vulnerabilities Affecting Microsoft Products May 29, 2009 Vulnerability Affecting Microsoft DirectShow [CVE-2009-1537] May 18, 2009 DCERPC Rule Modifications May 12, 2009 Multiple Vulnerabilities Affecting Microsoft PowerPoint [MS09-017] May 05, 2009 Multiple Vulnerabilities Affecting Adobe Reader April 21, 2009 Multiple Vulnerabilities Affecting Products from Adobe, Oracle and RealNetworks April 14, 2009 Multiple Vulnerabilities Affecting Microsoft Products April 10, 2009 Vulnerability Affecting Microsoft Powerpoint Code Execution (CVE-2009-0556) March 31, 2009 MySQL DoS, Firefox XML Overflow March 27, 2009 Microsoft GDI+, Firefox XSL Overflows March 17, 2009 Scada, Content-replace and Specfic-threats Additions and Modifications March 10, 2009 Multiple Vulnerabilities Affecting Microsoft Windows Systems (MS09-006, MS09-008) March 3, 2009 ActiveX, Spyware and Web-client Additions February 27, 2009 Microsoft Excel Vulnerability CVE-2009-0238 February 24, 2009 Adobe Acrobat and Reader Buffer Overflow Extra Coverage February 20, 2009 Adobe Acrobat and Reader Buffer Overflow February 10, 2009 Multiple Vulnerabilities Affecting Microsoft Internet Explorer, Exchange, SQL Server and Visio February 3, 2009 Web-activex, Specific-threats and Chat Additions, and Performance Enhancements for MS08-067 Rules January 27, 2009 Multiple Vulnerabilities Affecting Oracle Products January 20, 2009 Web-activex, Specific-threats, Web-client and Multimedia Additions January 13, 2009 Vulnerabilities Affecting Microsoft Products January 6, 2009 Rule Additions to Web-activex, Specific-threats, Policy, Chat, and Other Misc Coverage December 23, 2008 Web-activex, Web-client, Specific-threats, and Backdoor Additions December 16, 2008 Vulnerabilities Affecting Oracle and CUPS December 11, 2008 Microsoft Security Bulletins MS07-063, MS07-064, MS07-065, MS07-068 and MS07-069 December 9, 2008 Multiple Vulnerabilities Affecting Microsoft Products November 18, 2008 Vulnerabilities Affecting Microsoft Systems and Adobe Acrobat Reader November 11, 2008 Vulnerabilities Affecting Microsoft Systems and Adobe Acrobat Reader November 04, 2008 Vulnerabilities Affecting Novell eDirectory, IBM DB2 and Openwsman October 28, 2008 Web-Client and Exploit Additions October 23, 2008 Vulnerability Affecting Microsoft DCERPC October 20, 2008 Vulnerabilities Affecting the BEA WebLogic Product Suite October 14, 2008 Multiple Vulnerabilities Affecting Microsoft Products October 6, 2008 Netbios and Exploit Additions September 24, 2008 ActiveX Control and VoIP Additions September 18, 2008 ActiveX Control and Exploit Additions September 9, 2008 Multiple Vulnerabilities Affecting Microsoft Products and SCADA Systems August 26, 2008 Web-client and Exploit Additions August 19, 2008 Added Rules for Spyware-put, Web-client and SQL Additions August 12, 2008 Multiple Vulnerabilities Affecting Microsoft Products July 29, 2008 Sun Java Web Start, Oracle Database Server, DNS, Spyware and Backdoor Updates July 22, 2008 Vulnerabilities Affecting IBM Lotus Domino, Novell GroupWise, Adobe RoboHelp July 15, 2008 Vulnerabilities Affecting Apple QuickTime and IBM Lotus Sametime July 11, 2008 Microsoft Windows DNS, Spyware and Backdoor Additions July 8, 2008 Vulnerabilities Affecting Microsoft Products July 1, 2008 Spyware and Backdoor Additions June 24, 2008 Vulnerabilities with Adobe BMP Handling and HP Instant Support DataManager June 10, 2008 Vulnerabilities Affecting Microsoft Internet Explorer, Speech API, DirectX, WINS, Active Directory and the Windows Operating System June 05, 2008 Vulnerabilities with Mozilla Firefox and CA ARCserve Backup May 29, 2008 Adobe Flash Player Vulnerability May 27, 2008 Spyware and Backdoor Updates May 19, 2008 Vulnerabilities Affecting the Microsoft Malware Protection Engine May 13, 2008 Vulnerabilities Affecting Microsoft Word and the Microsoft Jet Database Engine April 30, 2008 CA BrightStor ARCServe Backup and Oracle Database Server Vulnerabilities April 22, 2008 HP OpenView and Asterisk Open Source Vulnerabilities April 8, 2008 Multiple Vulnerabilities Affecting Products from the Microsoft Corporation (MS08-019, MS08-020, MS08-021, MS08-022, MS08-023) April 2, 2008 Spyware and Web-Client Additions March 24, 2008 Microsoft Jet, Trend Micro OfficeScan and YaSSL March 11, 2008 Multiple Vulnerabilities Affecting Products from the Microsoft Corporation (MS08-019, MS08-020, MS08-021, MS08-022, MS08-023)MS08-014, MS08-015, MS08-016, MS08-017) March 4, 2008 Spyware and Web-client Updates February 26, 2008 Apple QuickTime and Citrix MetaFrame Vulnerabilities February 20, 2008 Adobe Acrobat and Reader CVE-2008-0655 February 12, 2008 MS08-004, MS08-008, MS08-009, MS08-010, MS08-011, MS08-012 February 5, 2008 Multiple ActiveX Control Vulnerabilities, Expanded Coverage for CVE-2007-2446 January 29, 2008 Vulnerabilities Affecting Cisco UCM and SAP MaxDB January 23, 2008 Vulnerabilities in Microsoft Windows Media Player and Adobe Flash Player January 10, 2008 Vulnerabilities in Samba, Skype and QuickTime January 8, 2008 Microsoft Security Bulletin MS08-001 December 18, 2007 Microsoft Security Bulletin MS07-068 update and Samba Heap Overflow December 11, 2007 Microsoft Security Bulletins MS07-063, MS07-064, MS07-065, MS07-068 and MS07-069 December 4, 2007 Spyware and Backdoor Rule Additions November 28, 2007 Apple QuickTime Content-Type Overflow November 13, 2007 Microsoft Security Bulletin MS07-061 Coverage November 6, 2007 Spyware-put and Backdoor Rule Updates and Additions October 23, 2007 Update for Microsoft Security Bulletin MS07-057 and CA BrightStor ARCServe October 16, 2007 Update for MS07-058 and ActiveX Rule Additions October 9, 2007 Vulnerabilities in Microsoft Internet Explorer, Kodak Image Viewer, Outlook Express, Windows Mail and SharePoint October 2, 2007 Vulnerabilities in Computer Associates BrightStor ARCserve Backup September 25, 2007 Vulnerabilities in Firefox, ClamAV and Apache September 17, 2007 New Rule Group Additions, VoIP and Content-Replace September 11, 2007 Vulnerabilities in Microsoft Agent, Visual Studio and MSN Messenger September 4, 2007 Vulnerability Affecting Apple mDNSresponder, Additions to Spyware-put, Netbios and Exploit Rules August 28, 2007 Vulnerabilities Affecting Trend Micro ServerProtect Additions to Spyware-put, Backdoor and Policy Rules August 21, 2007 Vulnerabilities Affecting Microsoft Products and the Apple iPhone August 14, 2007 Vulnerabilities Affecting Microsoft Internet Explorer, Windows Media Player, OLE, VML, XML Core Services, Excel and GDI August 7, 2007 Vulnerabilities Affecting Ipswitch IMail and Borland InterBase August 1, 2007 Vulnerability in Microsoft Excel. Spyware and Backdoor Rule Updates July 12, 2007 Vulnerabilities in Microsoft Windows Active Directory and Microsoft Excel July 10, 2007 Vulnerabilities in Microsoft IIS, Microsoft Windows Firewall and the Microsoft .NET Framework July 3, 2007 Vulnerabilities in Ingres Database and Kerberos kadmind June 26, 2007 Vulnerabilities in Firebird SQL and Internet Explorer June 13, 2007 Multiple Vulnerabilities in Microsoft Products June 12, 2007 Multiple Vulnerabilities in Microsoft Products May 24, 2007 Apple OS X UPnP Overflow May 14, 2007 Norton AntiVirus ActiveX COM Object Security Bypass May 8, 2007 Microsoft DNS, Exchange, CAPICOM, IE and Excel Vulnerabilities April 27, 2007 IBM Lotus Domino and Novell Groupwise Overflow Detection April 17, 2007 Vulnerability in Microsoft DNS Server Service RPC Interface Update April 16, 2007 Vulnerability in Microsoft DNS Server Service RPC Interface Update April 13, 2007 Vulnerability in Microsoft DNS Server Service RPC Interface April 10, 2007 Vulnerabilities in Microsoft UPnP Service and Microsoft Agent April 3, 2007 Vulnerabilities in Real Networks Helix Server, IBM Lotus SameTime ActiveX Control and Rule Updates March 22, 2007 Vulnerabilities in Microsoft Windows Server Service Controller, McAfee ePolicy Orchestrator and Symantec SmartIssue March 8, 2007 Vulnerabilities in HP Mercury LoadRunner, Shockwave, Trend Micro OfficeScan, WordPress, More Spyware-put and Backdoor Rules February 20, 2007 Detection for Vulnerability in Snort DCE/RPC Pre-processor February 13, 2007 Multiple vulnerabilities in Microsoft Internet Explorer and Other Products February 12, 2007 Sun Solaris Telnet Authentication Bypass February 9, 2007 Squid Proxy DoS, Microsoft Windows IP DoS and Multiple Rule Modifications and Additions February 1, 2007 BrightStor ARCserve Buffer Overflows and Specific Threats Additions for the Peacomm Trojan and VoIP Telephones January 22, 2007 BrightStor ARCserve Buffer Overflows and Specific Threats Additions January 10, 2007 Microsoft Outlook and Internet Explorer Vulnerabilities January 9, 2007 Microsoft Outlook and Adobe Acrobat Reader Vulnerabilities January 4, 2007 Microsoft Outlook, Apple Quicktime, Symantec Veritas NetBackup, Yahoo Messenger and Realplayer Vulnerabilities December 12, 2006 Vulnerabilities in the Microsoft Operating System, SNMP, Remote Installation Service and Outlook Express December 7, 2006 Vulnerabilities in the Microsoft Operating Systemi, 3Com TFP Service and Rule Updates to Reduce False Positive Events November 14, 2006 Multiple Vulnerabilities in the Microsoft Operating System November 6, 2006 Vulnerabilities in the Microsoft Operating System and Rule Updates October 10, 2006 Vulnerabilities Affecting Microsoft Products October 4, 2006 Vulnerabilities Affecting OpenSSL and McAfee Products October 2, 2006 Vulnerabilities Affecting Microsoft Explorer September 21, 2006 Vulnerabilities in Microsoft VML and Office Filters September 19, 2006 Vulnerability in Microsoft Windows PGM Handling September 15, 2006 Vulnerabilities in Microsoft Web Client Service, Indexing Service, Publisher, IGMPv3 and DNS Client September 1, 2006 ActiveX, Spyware and Backdoor Rule Additions, Rule Improvements August 22, 2006 New and Updated Rules for Spyware and Backdoor Rule Sets August 11, 2006 Updated Rules for Vulnerabilities in Microsoft Windows Systems August 9, 2006 Multiple Vulnerabilities in Microsoft Windows Systems August 2, 2006 Vulnerabilities in Microsoft Windows DHCP Client Service and Microsoft Excel and Word July 25, 2006 OSSP Shiela Arbitrary Command Execution Vulnerability June 13, 2006 Vulnerabilites in Internet Explorer, Apple Quicktime, Novell eDirectory, Sophos Anti-Virus and Symantec Anti-Virus products May 25, 2006 Vulnerability Affecting Microsoft Word document format May 24, 2006 Vulnerability in RealVNC authentication, Spyware rule improvements May 10, 2006 Vulnerabilities in Microsoft systems, CVE-2006-1189 and CVE-2006-0034 May 5, 2006 New Spyware and Backdoor Rules April 12, 2006 MS06-013 and Vulnerabilities Affecting Veritas NetBackup March 29, 2006 Vulnerabilities Affecting Sendmail and Additional Attack Vectors for Microsoft HTML Help Workshop March 8, 2006 Vulnerabilities Affecting Microsoft Operating System February 17, 2006 Vulnerabilities Affecting Microsoft Operating System February 15, 2006 Vulnerabilities Affecting Hosts Using the Microsoft Operating System	Snort Links VRT Advisories Snort.org Snort User Groups email: Snort Groups

Sourcefire VRT Advisories