Threat Outbreak Alert: Fake Fax Message Notification Email Messages on April 1, 2014

Medium Alert ID: 33609 First Published: 2014 April 1 20:56 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a fax message notification for the recipient. The text in the email message attempts to convince the recipient to...

[SECURITY] [DSA 2887-1] ruby-actionmailer-3.2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2887-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 27, 2014 http://www.debian.org/security/faq -...

Threat Outbreak Alert: Fake Bill Payment Notification Email Messages on April 22, 2014

Medium Alert ID: 33025 First Published: 2014 February 25 20:37 GMT Last Updated: 2014 April 24 13:31 GMT Version: 2 Summary Cisco Security has detected significant activity related to German-language spam email messages that claim to contain bill payment notification for the recipient. The text i...

Cross site scripting

Cross-site scripting XSS vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird ESR 17.x through 17.0.10, and SeaMonkey before 2.20 allows user-assisted remote attackers to inject arbitrary web script or HTML via an e-mail message containing a data: URL in an IFRAME element, a...

Threat Outbreak Alert: Fake Account Transfer Notification Email Messages on February 12, 2014

Medium Alert ID: 32858 First Published: 2014 February 13 17:27 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a transfer and quote notice for the recipient. The text in the email message attempts to convince the recipie...

Threat Outbreak Alert: Fake Refund Form Notification Email Messages on February 11, 2014.

Medium Alert ID: 32820 First Published: 2014 February 13 17:08 GMT Version: 1 Summary Cisco Security has detected significant activity related to Italian-language spam email messages that claim to contain a refund form for the recipient. The text in the email message attempts to convince the...

Threat Outbreak Alert: Fake Package Delivery Failure Notification Email Messages on December 9, 2013

Medium Alert ID: 32095 First Published: 2013 December 9 20:07 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a package delivery failure notification for the recipient. The text in the email message attempts to convince...

MS13-094: Vulnerability in Outlook could allow information disclosure: November 12, 2013

Resolves a security vulnerability in Microsoft Outlook that could allow information disclosure when a specially crafted email message is opened or previewed.IntroductionThis update resolves a security vulnerability in Microsoft Outlook that could allow information disclosure when a specially...

Threat Outbreak Alert: Fake Product Sample Request Email Messages on November 7, 2013

Medium Alert ID: 31673 First Published: 2013 November 7 20:10 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a product request for the recipient. The text in the email message attempts to persuade the recipient to open...

Cross site scripting

Cross-site scripting XSS vulnerability in the Good for Enterprise app before 2.2.4.1659 for iOS allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail message...

OTRS Email Message XSS Vulnerability (OSA-2012-02)

Open Ticket Request System OTRS is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2012-6580

Best Practical Solutions RT 3.8.x before 3.8.15 and 4.0.x before 4.0.8, when GnuPG is enabled, does not ensure that the UI labels unencrypted messages as unencrypted, which might make it easier for remote attackers to spoof details of a message's origin or interfere with encryption-policy auditin...

Threat Outbreak Alert: Fake Business Complaint Notification Email Messages on January 28, 2014

Medium Alert ID: 30178 First Published: 2013 July 23 15:38 GMT Last Updated: 2014 January 29 13:51 GMT Version: 25 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a business complaint notification for the recipient. The text in the ema...

Threat Outbreak Alert: Fake German Payment Form Attachment Email Messages on June 25, 2014

Medium Alert ID: 30027 First Published: 2013 July 11 11:55 GMT Last Updated: 2014 June 26 11:57 GMT Version: 9 Summary Cisco Security has detected significant activity related to German-language spam email messages that claim to contain a payment form notification for the recipient. The text in t...

Threat Outbreak Alert: Fake Bank Transfer Notification Email Messages on June 24, 2013

Low Alert ID: 29760 First Published: 2013 June 24 14:51 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a bank transfer notification for the recipient. The text in the email message attempts to convince the recipient to...

Microsoft Windows OpenType Font Parsing Remote Code Execution (MS12-078; CVE-2012-2556)

A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to an error in the way the OpenType Font OTF driver handles objects in memory. A remote attacker can exploit this issue by enticing a target user to open a specially crafted web page or email...

CVE-2012-2586

Multiple cross-site scripting XSS vulnerabilities in Mailtraq 2.17.3.3150 allow remote attackers to inject arbitrary web script or HTML via an e-mail message subject with 1 a JavaScript alert function used in conjunction with the fromCharCode method or 2 a SCRIPT element; an e-mail message body...

Mandrake Linux Security Advisory : pine (MDKSA-2000:073-1)

By adding specific headers to messages, the pine mail reader could be made to exit with an error message when users attempted to manipulate mail folders containing those messages. Update : The previous announcement did not make mention of another vulnerability in pine 4.21 and previous in that it...

CVE-2012-3507

Cross-site scripting XSS vulnerability in program/steps/mail/func.inc in RoundCube Webmail before 0.8.0, when using the Larry skin, allows remote attackers to inject arbitrary web script or HTML via the email message subject...

Cross site scripting

Cross-site scripting XSS vulnerability in program/steps/mail/func.inc in RoundCube Webmail before 0.8.0, when using the Larry skin, allows remote attackers to inject arbitrary web script or HTML via the email message subject...