The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them.
Each user customizes the list of software to track.
As soon as Vigil@nce publishes an alert for one of his software, the user receives a bulletin, containing an helpful explanation of the threat, its patches and workarounds.
The administrator then uses the online Vigil@nce diary in order to plan and track the security process.
Next page...
|
public vulnerabilities| 3 |
QuickTime: several vulnerabilities
Several QuickTime vulnerabilities can lead to code execution. |
| 2 |
Linux kernel: integer overflow via drm_mode_dirtyfb_ioctl
A local attacker can use the DRM_IOCTL_MODE_DIRTYFB ioctl, in order to generate an integer overflow, leading to a denial of service and possibly to code execution. |
| 1 |
PHP: denials of service
An attacker can use malicious PHP code, in order to create a denial of service. |
| 2 |
Linux kernel: buffer overflow via xfs_acl_from_disk
A local attacker, who is allowed to mount an XFS filesystem, can use a high or negative number of ACLs, in order to create an overflow, leading to a denial of service or to code execution. |
| 2 |
Wireshark: several vulnerabilities
Several vulnerabilities of Wireshark can be used by a remote attacker to create a denial of service or to execute code. |
| 2 |
Microsoft Anti-Cross Site Scripting: information disclosure
When an ASP.NET web site uses the Microsoft AntiXSS library, an attacker can use an HTML document containing script code which is not filtered, and which can read information. |
| 2 |
Windows: privilege elevation via CSRSS
On an Asian system, a local attacker can use malformed Unicode characters, in order to gain system privileges. |
| 2 |
Windows: bypassing SafeSEH
A local attacker can bypass the SafeSEH protection, in order to execute code with privileges of a vulnerable application. |
| 2 |
libvirt: creation of iptables rules
When libvirt is used to create a network with forward in bridge mode, useless iptables rules are added. |
| 3 |
Zope: vulnerability
A vulnerability was announced in Zope 2.12 and 2.13. |
|
|
recent vulnerabilities
| 2 |
Apache httpd: reading an HttpOnly cookie
An attacker can use a malformed HTTP query, in order to generate a code 400 error, which displays user's HttpOnly cookies, so JavaScript code can access them. |
| 2 |
Apache httpd: denial déni de service via mod_log_config
When mod_log_config logs cookies, an attacker can send a special cookie, in order to stop Apache httpd in threaded MPM. |
| 3 |
EMC NetWorker: code execution
A remote unauthenticated attacker can connect to EMC NetWorker Server, in order to create a buffer overflow, which leads to a denial of service or to code execution. |
| 3 |
Symantec pcAnywhere: code execution
A remote attacker can use several vulnerabilities of Symantec pcAnywhere, in order to execute privileged code on the system. |
| 3 |
Symantec pcAnywhere: code execution
A local or remote attacker can use two vulnerabilities of Symantec pcAnywhere, in order to execute privileged code on the system. |
| 2 |
Joomla: four vulnerabilities
An attacker can use several Joomla vulnerabilities, in order to obtain information or to create a Cross Site Scripting. |
| 1 |
as31: file corruption
A local attacker can create a symbolic link during the usage of as31, in order to corrupt a file with user's privileges. |
| 2 |
Opera: two vulnerabilities
An attacker can invite the victim to display a malicious site with Opera, in order to create a Cross Site Scripting or to detect if a file exists. |
| 2 |
SAP: several vulnerabilities
Several vulnerabilities were announced in SAP products. |
| 2 |
cURL: two vulnerabilities
An attacker can use two vulnerabilities of cURL, in order to inject IMAP/POP3/SMTP commands or to obtain HTTPS cookies. |
|
Vulnerabilities are discovered daily and published on thousands of internet information sources.
Vigil@nce describes these vulnerabilities and how to protect your system. This information is customized according to your environment, it is available on a web site and sent by e-mail alerts.
Your team secures and protects your networks based on Vigil@nce information and tools.
your environment
- a database describing more than 10000 vulnerabilities and their 20000 solutions
- a web space where each user defines his preferences
- alert and synthesis e-mails, to inform your teams
- a customized tracking of your software and systems
- a diary to plan solutions to install, and to monitor the security process of each computer
- a manager view, and customized reports
your benefits
- a customized watch on computer vulnerabilities and their solutions
- an experienced team at your service for more than 10 years
- a tool to monitor the security process of your networks and computers
- a CVE compatible solution
- a time saving for your team which concentrates on important tasks
|
|
