Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
we track for your security since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access

Vigil@nce team describes computer vulnerabilities impacting your systems, and offers solutions.

Each user customizes the list of products to track.

As soon as Vigil@nce publishes an alert for one of these products, the user receives a bulletin, containing an helpful explanation of the threat, its patches and workarounds.

The administrator then uses the online Vigil@nce diary in order to plan and track the security process.

Next page...
public vulnerabilities
2 WebSphere AS: vulnerability of JAX-WS
A vulnerability of Java API for XML Web Services (JAX-WS) runtime exists.
2 SSSD: connexion without password
An attacker can connect via SSSD and LDAP with an account without knowing the password.
2 HP-UX: privilege elevation using Software Distributor
A local attacker can elevate his privileges using Software Distributor.
2 AIX: buffer overflow of ftpd
An attacker can use NLST in order to execute code.
2 Cisco Unified Communications Manager: denials of service
An attacker can use SIP messages, in order to generate denials of service on Cisco Unified Communications Manager.
1 Linux kernel: memory disclosure via ioctl_standard_iw_point
An attacker can use ioctl SIOCxxx in order to read kernel data.
2 Windows: code execution via "DLL preload"
An attacker can use a malicious DLL in order to execute code in the context of the targeted application.
2 Quagga Routing Suite: two vulnerabilities
Two vulnerabilities in Quagga Routing Suite can be used by an attacker to create a denial of service or possibly to execute code.
1 Cisco IOS XR: BGP vulnerability
An attacker can send a BGP prefix with transitive attribute to generate a denial of service.
2 phpMyAdmin: Cross Site Scripting of setup.php
An attacker can use parameters of setup.php script in order to inject HTML code in phpMyAdmin.
   recent vulnerabilities
2 Zope: denial of service
A remote attacker can access a private page of a Plone website, in order to create a denial of service.
2 Linux kernel: denial of service via keyctl(KEYCTL_SESSION_TO_PARENT)
An attacker can use keyctl(KEYCTL_SESSION_TO_PARENT) in order to stop the kernel.
2 HP Operations Agent: two vulnerabilities
Two vulnerabilities of HP Operations Agent running on Windows can be used by an attacker to elevate his privileges or execute code.
3 TYPO3: vulnerabilities of extensions
An attacker can use several vulnerabilities of TYPO3 extensions in order to execute code, to generate a Cross Site Scripting or to inject SQL code.
3 QuickTime: several vulnerabilities
Several QuickTime vulnerabilities can lead to code execution.
2 phpMyAdmin: Cross Site Scripting via backtrace
An attacker can use backtrace features to generate a Cross Site Scripting in phpMyAdmin.
4 Adobe Flash, Reader: code execution via AVM2
An attacker can invite the victim to display a malicious Flash document, or a PDF document containing malicious Flash data, in order to execute code on his computer.
3 Apple QuickTime ActiveX: code execution via _Marshaled_pUnk parameter
An attacker can use the _Marshaled_pUnk parameter of QuickTime ActiveX in order to execute code.
2 Linux kernel: denial of service irda_bind
An attacker can use irda_bind() in order to stop the kernel.
2 NetWare 6.5: buffer overflow of SSHD.NLM
An authenticated attacker can generate a buffer overflow in the SSHD service of Netware, in order to create a denial of service, and possibly to execute code.


Vulnerabilities are discovered daily and published on thousands of internet information sources.
Vigil@nce describes these vulnerabilities and how to protect your system. This information is customized according to your environment and is available on a web site or sent by alert e-mails.
Your team secures and protects your networks based on information and advice from our team.

your security watch

  • a database containing over 8000 vulnerabilities and 16000 solutions
  • a web access, to read descriptive information and use advanced search features
  • alert and synthesis e-mails, to inform your teams
  • a customized tracking service addressing software and products of your information system
  • a work space where each user selects his preferences
  • a diary to plan and track the securization process of each platform
  • ten options in response to your specific needs

your benefits

  • a customized watch on computer vulnerabilities and their solutions
  • an experienced team at your service since 10 years
  • a tool to monitor the security process of your networks and computers
  • your team saves time in vulnerabilities research and concentrates on important tasks
  • a CVE compatible solution



















France Télécom Copyright 1999-2010 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française