Public Safety Canada Cyber Warnings

Public Safety Canada Cyber Warnings Public Safety Canada Cyber Warnings http://www.publicsafety.gc.ca/app_support/xml/ps_ccirc_e.xml COPYRIGHT en-ca Thu, 7 Jan 2010 18:24:46 -0500 web@ps.gc.ca Thu, 7 Jan 2010 18:20:41 -0500 1 web@ps.gc.ca FeedForAll v2.0 (2.0.2.9) http://www.feedforall.com AV09-052: Symantec VERITAS VRTSweb multiple vulnerabilities The purpose of this advisory is to bring attention to an input validation flaw in the VRTSweb component of many Symantec (Veritas) products. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-052-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-052-eng.aspx Fri, 11 Dec 2009 21:12:15 -0500 AV09-051: Multiple Vulnerabilities in Adobe Flash Player and AIR The purpose of this advisory is to bring attention to multiple code execution vulnerabilities in Adobe Flash Player and AIR. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-051-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-051-eng.aspx Wed, 9 Dec 2009 14:45:05 -0500 AV09-050: Microsoft Security Bulletin for the Month of December The purpose of this advisory is to bring attention to the following vulnerabilities (3 critical) in some Microsoft products. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-050-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-050-eng.aspx Tue, 8 Dec 2009 19:08:46 -0500 AV09-049: Vulnerabilities in the PDF distiller of the BlackBerry Attachment Service The purpose of this advisory is to bring attention to critical vulnerabilities in PDF distiller of some versions of the BlackBerry Attachment Service. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-049-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-049-eng.aspx Wed, 2 Dec 2009 20:08:16 -0500 AV09-048: VMware vCenter and ESX updates, and vMA patch release The purpose of this advisory is to bring attention to VMware vCenter and ESX update release, and vMA patch release, which address multiple security issues in third party components. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-048-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-048-eng.aspx Tue, 24 Nov 2009 16:22:10 -0500 AV09-047: HP Operations Manager Flaw Lets Remote Users Access the System The purpose of this advisory is to bring attention to the following vulnerability in HP Operations Manager. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-047-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-047-eng.aspx Mon, 23 Nov 2009 19:07:34 -0500 AV09-046: McAfee NSM cross-site scripting and security bypass vulnerabilities The purpose of this advisory is to bring attention to important vulnerabilities in McAfee Networking Security Manager (formally Intrushield Security Management) versions 5.1.7.7 and earlier. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-046-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-046-eng.aspx Fri, 13 Nov 2009 14:13:08 -0500 AV09-045: Microsoft Security Bulletin for the Month of November The purpose of this advisory is to bring attention to the following vulnerabilities (three critical and three important) in some Microsoft products. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-045-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-045-eng.aspx Wed, 11 Nov 2009 10:37:08 -0500 AV09-044: Adobe Shockwave Player Multiple Code Execution Vulnerabilities The purpose of this advisory is to bring attention to code execution vulnerabilities in the Adobe Shockwave Player and to provide updates for these vulnerabilities. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-044-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-044-eng.aspx Thu, 5 Nov 2009 12:56:58 -0500 AV09-043: BlackBerry Desktop Software Lotus Notes Intellisync Vulnerability The purpose of this advisory is to bring attention to a BlackBerry Desktop Software vulnerability in version 5.0 and earlier. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-043-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-043-eng.aspx Thu, 5 Nov 2009 12:56:29 -0500 AV09-042: Java SE Security Updates The purpose of this advisory is to bring attention to multiple vulnerabilities in Java Standard Edition (SE). http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-042-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-042-eng.aspx Thu, 5 Nov 2009 12:55:31 -0500 AV09-041: VMware Directory Traversal and Privilege Escalation The purpose of this advisory is to draw attention to several vulnerabilities in VMWare products that could result in directory traversal and privilege escalation attacks. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-041-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-041-eng.aspx Wed, 28 Oct 2009 19:43:17 -0400 AV09-038: Denial of Service and possible remote code execution in Apache Portable Runtime memory allocation functions The purpose of this advisory is to bring attention to vulnerabilities in IBM's IBM HTTP Server (IHS). http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-038-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-038-eng.aspx Wed, 21 Oct 2009 10:44:51 -0400 AV09-040: Oracle Critical Patch Update - October 2009 The purpose of this advisory is to bring attention to the quarterly Oracle Critical Patch Update for October 2009. A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required (because of interdependencies) by those security patches. This Critical Patch Update contains 38 new security fixes for multiple products. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-040-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-040-eng.aspx Wed, 21 Oct 2009 09:19:27 -0400 AV09-039: VMware ESX Security Update Fixes Multiple Code Execution Vulnerabilities The purpose of this advisory is to bring attention to the following updates for multiple code execution vulnerabilities in VMware ESX. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-039-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-039-eng.aspx Tue, 20 Oct 2009 23:15:32 -0400 AV09-037: IBM DB2 JDBC Applet Server Remote DoS Vulnerability The purpose of this advisory is to bring attention to a vulnerability in the IBM DB2 JBDC applet server. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-037-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-037-eng.aspx Tue, 20 Oct 2009 23:01:51 -0400 AV09-036: Microsoft Security Bulletin for the Month of October The purpose of this advisory is to bring attention to the following vulnerabilities (eight critical and five important) in some Microsoft products. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-036-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-036-eng.aspx Tue, 13 Oct 2009 22:29:15 -0400 AV09-035: Security Updates for Adobe Reader and Acrobat The purpose of this advisory is to draw attention to critical vulnerabilities that have been identified in Adobe Reader and Acrobat. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-035-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-035-eng.aspx Tue, 13 Oct 2009 22:07:52 -0400 AV09-034: BlackBerry devices - vulnerability in built-in browsers The purpose of this advisory is to bring attention to a security issue in BlackBerry devices which could result in a BlackBerry device user being deceived into connecting to a web site that is controlled by a malicious user. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-034-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-034-eng.aspx Wed, 7 Oct 2009 11:30:07 -0400 AV09-033: Snort Rule Set Reorganization on 2 October 2009 To bring attention to the reorganization of Snort Emerging Threats rule sets as of 2 October 2009. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-033-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-033-eng.aspx Tue, 29 Sep 2009 23:48:08 -0400 AV09-032: IBM WebSphere MQ Security Bulletin The purpose of this advisory is to bring attention to the following vulnerabilities in IBM WebSphere MQ service. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-032-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-032-eng.aspx Tue, 22 Sep 2009 18:39:11 -0400 AV09-031: Microsoft Security Bulletin for the Month of September The purpose of this advisory is to bring attention to the following vulnerabilities (all critical) in some Microsoft products. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-031-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-031-eng.aspx Tue, 8 Sep 2009 17:51:26 -0400 AV09-030: Active Exploitation of Adobe Reader Vulnerability The purpose of this advisory is to draw attention to reports of active exploitation of an Adobe Reader vulnerability. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-030-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-030-eng.aspx Thu, 27 Aug 2009 11:37:07 -0400 AV09-029: Microsoft security bulletins for the month of August The purpose of this advisory is to draw attention to multiple vulnerabilities (5 Critical) in some Microsoft products. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-029-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-029-eng.aspx Tue, 11 Aug 2009 19:51:30 -0400 AV09-028: Critical update for Adobe Flash Player Adobe has issued updated software that fixes a critical flaw in Adobe Flash Player. These vulnerabilities are currently being exploited through targeted attacks or via drive-by download from compromised legitimate websites. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-028-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-028-eng.aspx Fri, 31 Jul 2009 14:13:59 -0400 AV09-027: Denial of Service vulnerability in ISC BIND 9 The purpose of this advisory is to draw attention to a vulnerability in ISC BIND 9 that may allow a remote, unauthenticated attacker to create a denial-of-service condition. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-027-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-027-eng.aspx Wed, 29 Jul 2009 14:26:42 -0400 AV09-026: Out of Schedule Microsoft Security Bulletin - Critical Vulnerabilities The purpose of this advisory is to bring attention to an out-of-schedule Microsoft security bulletin that discloses critical vulnerabilities in the Microsoft Visual Studio product line, as well as defense-in-depth changes to Internet Explorer to mitigate future attacks related to the Visual Studio bulletin. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-026-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-026-eng.aspx Wed, 29 Jul 2009 12:15:18 -0400 AV09-025: Microsoft Security Bulletins for the Month of July The purpose of this advisory is to bring attention to the following vulnerabilities in some Microsoft products. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-025-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-025-eng.aspx Thu, 16 Jul 2009 15:12:51 -0400 AV09-024: Security Updates for Adobe Reader and Acrobat The purpose of this advisory is to draw attention to critical vulnerabilities that have been identified in Adobe Reader and Acrobat. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-024-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-024-eng.aspx Wed, 10 Jun 2009 15:05:53 -0400 AV09-023: Microsoft Security Bulletins for the Month of June The purpose of this advisory is to bring attention to the following vulnerabilities in some Microsoft products. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-023-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-023-eng.aspx Tue, 9 Jun 2009 21:39:49 -0400 AV09-022: Vulnerabilities in the PDF distiller of the BlackBerry Attachment Service The purpose of this advisory is to bring attention to critical vulnerabilities in PDF distiller of some versions of the BlackBerry Attachment Service. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-022-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-022-eng.aspx Thu, 28 May 2009 12:57:05 -0400 AV09-021: Update to address vulnerabilities in Adobe Reader and Acrobat The purpose of this advisory is to bring attention to a recent Adobe update to address a critical vulnerability in Adobe Reader and Adobe Acrobat. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-021-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-021-eng.aspx Wed, 13 May 2009 16:01:35 -0400 AV09-020: Microsoft Security Bulletin for the Month of May The purpose of this advisory is to bring attention to a critical vulnerability in various Microsoft products. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-020-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-020-eng.aspx Tue, 12 May 2009 18:48:15 -0400 AV09-019: Oracle Critical Patch Update - April 2009 The purpose of this advisory is to bring attention to the quarterly Oracle Critical Patch Update for April 2009. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-019-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-019-eng.aspx Wed, 15 Apr 2009 14:19:48 -0400 AV09-018: Microsoft Security Bulletins for the Month of April The purpose of this advisory is to bring attention to the following critical vulnerabilities in various Microsoft products. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-018-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-018-eng.aspx Tue, 14 Apr 2009 19:40:59 -0400 AV09-017: VMware Critical Updates and Vulnerabilities The purpose of this advisory is to bring attention to updates and recently disclosed vulnerabilities. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-017-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-017-eng.aspx Tue, 14 Apr 2009 16:05:29 -0400 AV09-016: Cisco Update - Bundled Release to Address Multiple vulnerabilities The purpose of this advisory is to bring attention to a recently released Cisco bundled update. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-016-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-016-eng.aspx Fri, 27 Mar 2009 14:30:31 -0400 AV09-015: Sun Java JDK/JRE Multiple Vulnerabilities The purpose of this advisory is to bring attention to recently discovered vulnerabilities in Sun Java. These vulnerabilities can lead to denial of service, escalation of privileges, system compromise, and/or the disclosure of sensitive information. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-015-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-015-eng.aspx Fri, 27 Mar 2009 12:48:06 -0400 AL09-003: Conficker Worm The purpose of this alert is to raise awareness that a new variant of the Conficker worm (“Conficker.C”) has drawn a lot of attention recently. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/al09-003-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/al09-003-eng.aspx Wed, 25 Mar 2009 20:50:28 -0400 AV09-014: Vulnerability in Adobe Reader 9 and Acrobat 9 and earlier versions The purpose of this advisory is to bring attention to a recently discovered vulnerability in Adobe Reader 9 and Acrobat 9 (and earlier versions), which could cause the application to crash and could potentially allow an attacker to take control of the affected system. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-014-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-014-eng.aspx Wed, 11 Mar 2009 15:25:03 -0400 AV09-013: Microsoft Security Bulletins for the Month of March The purpose of this advisory is to bring attention to three Microsoft security bulletins, which provide security updates to resolve vulnerabilities in some Microsoft products. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-013-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-013-eng.aspx Tue, 10 Mar 2009 21:29:36 -0400 AV09-012: Adobe Flash Player Multiple Vulnerabilities The purpose of the advisory is to bring attention to multiple vulnerabilities identified in Adobe Flash Player. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-012-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-012-eng.aspx Wed, 25 Feb 2009 15:02:17 -0500 AL09-002: Unpatched Internet Explorer 7 vulnerable to active exploit The purpose of this alert is to make system owners aware of an active exploit targeting unpatched installations of Internet Explorer 7. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/al09-002-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/al09-002-eng.aspx Fri, 20 Feb 2009 15:13:02 -0500 AV09-011: DDoS DNS Amplification Attack The purpose of this advisory is to raise awareness and provide mitigation strategies for a recent variant of a distributed denial of service domain name system (DDoS DNS) amplification attack. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-011-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-011-eng.aspx Thu, 12 Feb 2009 18:21:48 -0500 AV09-009: Vulnerability in BlackBerry Application Web Loader ActiveX control The purpose of this advisory is to bring attention to a vulnerability in Research In Motion (RIM) BlackBerry Application Web Loader. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-009-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-009-eng.aspx Wed, 11 Feb 2009 14:21:04 -0500 AV09-010: Microsoft Security Bulletins for the Month of February The purpose of this advisory is to bring attention to four Microsoft security bulletins, which provide security updates to resolve vulnerabilities in some Microsoft products. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-010-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-010-eng.aspx Tue, 10 Feb 2009 18:46:16 -0500 AV09-008: AREVA e-terrahabitat SCADA System Vulnerabilities The purpose of this advisory is to raise awareness that AREVA has released a patch for vulnerabilities existing in their e-terrahabitat SCADA system. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-008-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-008-eng.aspx Fri, 6 Feb 2009 20:29:34 -0500 AV09-007: Emerging Virus threat The purpose of this advisory is to raise awareness for an emerging virus threat. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-007-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-007-eng.aspx Mon, 9 Feb 2009 08:40:59 -0500 AV09-005: Update: Novell Updates for GroupWise The purpose of this Advisory is to raise awareness that Novell has released updates for GroupWise 7 and 8 to address multiple vulnerabilities. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-005-eng.aspx 996F6024-F73C-4353-BC55-CAF69ED9D41C Wed, 4 Feb 2009 20:04:07 -0500 AV09-006: VMware Security Advisory The purpose of this advisory is to raise awareness that VMware has released updated ESX patches that address the issue of loading corrupt virtual disks and update Service Console packages. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-006-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-006-eng.aspx Tue, 3 Feb 2009 19:11:40 -0500 AV09-005: Novell Updates for GroupWise The purpose of this Advisory is to raise awareness that Novell has released updates for GroupWise 7 and 8 to address multiple vulnerabilities. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-005-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-005-eng.aspx Fri, 30 Jan 2009 19:10:26 -0500 AV09-004: Symantec AppStream Client LaunchObj ActiveX Vulnerability The purpose of this Advisory is to raise awareness of a critical vulnerability in Symantec AppStream Client. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-004-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-004-eng.aspx Fri, 16 Jan 2009 12:26:40 -0500 AV09-003: Oracle Critical Patch Update - January 2009 The purpose of this advisory is to bring attention to the quarterly Oracle Critical Patch Update for January 2009. A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required (because of interdependencies) by those security patches. This Critical Patch Update contains 41 new security fixes for multiple products. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-003-eng.aspx B349A763-947F-43F4-BEAB-7CE8B2F69E76 Wed, 14 Jan 2009 12:02:09 -0500 AV09-002: Microsoft Security Bulletins for the Month of January The purpose of this advisory is to bring attention to the following critical vulnerability in some Microsoft products. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-002-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-002-eng.aspx Tue, 13 Jan 2009 15:58:52 -0500 AV09-001: Vulnerabilities in the BlackBerry Enterprise Server PDF distiller The purpose of this Advisory is to raise awareness of a critical vulnerability in the PDF distiller of the BlackBerry Attachment Service for BlackBerry Enterprise Server. http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-001-eng.aspx http://www.publicsafety.gc.ca/prg/em/ccirc/2009/av09-001-eng.aspx Tue, 13 Jan 2009 22:07:59 -0500