openSUSE Security Update : java-1_6_0-sun (java-1_6_0-sun-1541)

The Sun Java 6 SDK/JRE was updated to u17 update fixing bugs and various security issues : CVE-2009-3866:The Java Web Start Installer in Sun Java SE in JDK and JRE 6 before Update 17 does not properly use security model permissions when removing installer extensions, which allows remote attackers...

CVE-2006-2479

The Update functionality in Bitrix Site Manager 4.1.x does not verify the authenticity of downloaded updates, which allows remote attackers to obtain sensitive information and ultimately execute arbitrary PHP code via DNS cache poisoning that redirects the user to a malicious site...

Design/Logic Flaw

The Update functionality in Bitrix Site Manager 4.1.x does not verify the authenticity of downloaded updates, which allows remote attackers to obtain sensitive information and ultimately execute arbitrary PHP code via DNS cache poisoning that redirects the user to a malicious site...

CVE-2006-2479

The Update functionality in Bitrix Site Manager 4.1.x does not verify the authenticity of downloaded updates, which allows remote attackers to obtain sensitive information and ultimately execute arbitrary PHP code via DNS cache poisoning that redirects the user to a malicious site...

CVE-2006-2479

Technical details about CVE-2006-2479 are not publicly provided in the supplied documents. Monitor for updates; current records summarize the issue at a high level without specifics on affected versions, vectors, or mitigations.

[Full-disclosure] Multiple Vulns in Bitrix CMS

Multiple Vulns in Bitrix CMS Vendor bitrix.com Version The latest one 4.1.x Severity Medium Patched: No Multiple vulnerabilities discovered in Bitrix CMS. A remote attacker can conduct XSS attacks and compromise vulnerable system. 1. A remote attacker can get information about version history and...