Jared Allar

Pesquisador deCarnegie Mellon University Software Engineering Institute
#8023de 53,635
34.3CVSS total
Vulnerabilidades · 4
Média
1
Alta
3
PT-2011-2291
10
2011-02-03
Cisco · Cisco Tandberg E/Ex Personal Video Units · CVE-2011-0354
**Name of the Vulnerable Software and Affected Versions** Cisco Tandberg C Series Endpoints versions prior to TC4.0.0 Cisco Tandberg E and EX Personal Video units versions prior to TC4.0.0 **Description** The issue concerns a default configuration that sets a blank password for the root account, making it easier for remote attackers to gain access. **Recommendations** For Cisco Tandberg C Series Endpoints versions prior to TC4.0.0, update to version TC4.0.0 or later to fix the issue. For Cisco Tandberg E and EX Personal Video units versions prior to TC4.0.0, update to version TC4.0.0 or later to fix the issue.
PT-2011-2375
10
2011-01-14
Google · Chrome Os · CVE-2011-0476
**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 8.0.552.237 Chrome OS versions prior to 8.0.552.344 **Description** The issue allows remote attackers to cause a denial of service or possibly have other unspecified impacts via a PDF document that triggers an out-of-memory error, leading to stack memory corruption. **Recommendations** For Google Chrome versions prior to 8.0.552.237, update to version 8.0.552.237 or later. For Chrome OS versions prior to 8.0.552.344, update to version 8.0.552.344 or later.
PT-2010-2019
5.0
2010-10-05
Isc · Isc Bind · CVE-2010-0218
**Name of the Vulnerable Software and Affected Versions** ISC BIND versions 9.7.2 through 9.7.2-P1 **Description** The issue allows remote attackers to obtain potentially sensitive information via a DNS query due to an incorrect ACL used to restrict the ability of Recursion Desired (RD) queries to access the cache. **Recommendations** For versions 9.7.2 through 9.7.2-P1, update to a version that correctly restricts access to the cache for RD queries.
PT-2010-1173
9.3
2010-09-09
Adobe · Reader · CVE-2010-2883
**Name of the Vulnerable Software and Affected Versions** Adobe Reader versions 8.x through 8.2.5 Adobe Reader versions 9.x through 9.3 **Description** The issue is related to a stack-based buffer overflow in CoolType.dll, allowing remote attackers to execute arbitrary code or cause a denial of service via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font. This issue has been exploited in the wild. **Recommendations** For Adobe Reader versions 8.x through 8.2.5, update to version 8.2.5 or later to resolve the issue. For Adobe Reader versions 9.x through 9.3, update to version 9.4 or later to resolve the issue. As a temporary workaround, consider avoiding the use of PDF documents with long fields in SING tables in TTF fonts until the issue is resolved.