Advisories, Enterprise Technology Services (Security Office), Department of Administration, State of Alaska

Number	Date Issued	Subject
2009 Cyber Advisories
November 2009
2009-067	November 10, 2009	Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (MS09-068)
2009-066	November 10, 2009	Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution
2009-065	November 10, 2009	Vulnerabilities in Microsoft Windows Embedded OpenType Font Parsing Could allow for Remote Code Execution
2009-064	November 9, 2009	Vulnerability in TLS Protocol Session Renegotiation
2009-063	November 5, 2009	Multiple Vulnerabilities in Sun Java Products Could Allow Remote Code Execution
2009-062	November 5, 2009	BlackBerry ActiveX Remote Code Execution Vulnerability
October 2009
2009-061	October 14, 2009	Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (MS09-056)
2009-060	October 14, 2009	Vulnerabilities in Microsoft ActiveX Controls for Microsoft Office Could Allow Remote Code Execution (MS09-060)
2009-059	October 14, 2009	Security Update of ActiveX Kill Bits (MS09-055)
2009-058	October 14, 2009	Multiple Vulnerabilities in GDI+ Could Allow Remote Code Execution (MS09-062)
2009-057	October 13, 2009	Multiple Vulnerabilities in Adobe Products Could Allow Remote Code Execution
2009-056	October 13, 2009	Multiple Vulnerabilities in Internet Explorer Could Allow Remote Code Execution (MS09-054)
September 2009
2009-055	Sept. 10, 2009	Multiple Vulnerabilities in Apple QuickTime Player Could Allow for Remote Code Execution
2009-054	Sept. 8, 2009	Vulnerability in Microsoft DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (MS09-046)
2009-053	Sept. 8, 2009	Vulnerability in Microsoft DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (MS09-046)
2009-052	Sept. 8, 2009	Vulnerability in Microsoft JScript Scripting Engine Could Allow Remote Code Execution (MS09-045)
2009-051	Sept. 17, 2009	Vulnerability in Adobe Shockwave Player Could Allow Remote Code Execution
2009-050	Sept. 1, 2009	Vulnerability in Microsoft IIS Could Lead to Remote Code Execution
Aug 2009
2009-049	August 25, 2009	Vulnerability in IBM Lotus Notes client could lead to Remote Code Execution
2009-048	August 18, 2009	Multiple Vulnerabilities Discovered in Adobe Products
2009-047	August 12, 2009	Vulnerability in Windows Workstation Service Could Allow for Remote Code Execution
2009-046	August 11, 2009	Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution
2009-045	August 11, 2009	Multiple Vulnerabilities in Windows Internet Name Service (WINS) Could Allow Remote Code Execution
2009-044	August 11, 2009	Vulnerabilities in Microsoft Active Template Library Could Allow Remote Code Execution
2009-043	August 11, 2009	Vulnerabilities in Windows Media File Processing Could Allow Remote Code Execution
2009-042	August 4, 2009	Multiple Vulnerabilities in Mozilla Products
2009-041	August 4, 2009	IPhone OS 3.0.1 addresses SMS vulnerability
2009-040	August 3, 2009	Mozilla Releases Security Advisories for Firefox
July 2009
2009-039	July 29, 2009	Adobe Flash/Shockwave, ISC-BIND, Microsoft vulnerabilities
2009-038	July 28, 2009	Vulnerabilites in Internet Explorer Could Allow Remote Code Execution (MS09-034)
2009-037	July 23, 2009	Multiple Adobe Products are Prone to a Remote Code Execution Vulnerability
2009-036	July 23, 2009	Multiple Vulnerabilities in Mozilla Firefox Could Allow Remote Code Execution
2009-035	July 22, 2009	Adobe Reader, Acrobat and Flash Player Vulnerability
2009-034	July 14, 2009	Vulnerability in Mozilla Firefox Could Allow Remote Code Execution
2009-033	July 13, 2009	Vulnerability in Microsoft Office Web Components ActiveX Control Could Allow Remote Code Execution
2009-032	July 9, 2009	Multiple Authentication Bypass Vulnerabilities within IBM WebSphere Application Server
2009-031	July 6, 2009	Vulnerability in Microsoft Video ActiveX Could Allow Remote Code
2009-030	July 6, 2009	Vulnerability in FCKEditor Could Allow For Remote Code Execution
June 2009
2009-029	June 1, 2009	VMware Security Advisory
2009-028	June 1, 2009	Vulnerability in Microsoft DirectX Could Allow Remote Code Execution
May 2009
2009-027	May 14, 2009	Adobe Reader and Acrobat JavaScript Vulnerabilities
2009-026	May 12, 2009	Critical vulnerability in Microsoft Powerpoint
April 2009
2009-025	April 29, 2009	Symantec Alert Management System 2 multiple vulnerabilities
2009-024	April 16, 2009	Multiple Oracle Vulnerabilities
2009-023	April 14, 2009	Microsoft 03/2009 Security Bulletin Summary
2009-022	April 9, 2009	Multiple Vulnerabilities in Cisco PIX Firewalls and ASA Security Devices
2009-021	April 6, 2009	Multiple Vulnerabilities in VMware Products
2009-020	April 3, 2009	Vulnerability in Microsoft PowerPoint Could Allow for Remote Code Execution
March 2009
2009-019	March 31, 2009	April 1, 2009 – Conficker C Activation
2009-018	March 31, 2009	Vulnerability in Mozilla Firefox Could Allow for Remote Code Execution
2009-017	March 26, 2009	Multiple vulnerabilities in Java JDK, SDK, and JRE Could Allow Remote Code Execution
2009-016	March 26, 2009	Vulnerabilities in Adobe Reader and Adobe Acrobat Could Allow Remote Code Execution
2009-015	March 10, 2009	Issue 1:Vulnerabilities in Windows Kernel Could Allow Remote Code Execution & Issue 2: Vulnerabilities in DNS and WINS Server Could Allow Spoofing MS09-008
February 2009
2009-014	February 25, 2009	Multiple Vulnerabilities Discovered in Adobe Flash Player
2009-013	February 24, 2009	A Vulnerability in Microsoft Excel Could Allow Remote Code Execution
2009-012	February 20, 2009	Vulnerability in Adobe Reader and Adobe Acrobat Could Allow Remote Code Execution
2009-011	February 11, 2009	Security Update of ActiveX Kill Bits
2009-010	February 10, 2009	New Microsoft Security Bulletins Issued February 10, 2009
2009-009	February 9, 2009	IRS Stimulus Package Phishing Scam
2009-008	February 9, 2009	HP Releases Security Bulletin to Address a Vulnerability in Multiple Printers
2009-007	February 4, 2009	VMWare ESX patches address an issue loading corrupt virtual disks and update Service Console packages
January 2009
2009-006	January 29, 2009	Phishing emails to State users
2009-005	January 26, 2009	Apple QuickTime Updates for Multiple Vulnerabilities
2009-004	January 26, 2009	Microsoft Windows Does Not Disable AutoRun Properly
2009-003	January 22, 2009	Subject: Vulnerabilities in Microsoft Server Message Block (SMB) Protocol Could Allow Remote Code Execution
2009-002	January 14, 2009	Cisco IOS Cross-Site Scripting Vulnerabilities
2009-001	January 13, 2009	Vulnerabilities in Microsoft Server Message Block (SMB) Protocol Could Allow Remote Code Execution
2008 Cyber Advisories
December 2008
2008-033	December 30, 2008	Microsoft Windows Media Player WAV/MID/MIDI/SND File Parsing Integer Overflow Vulnerability
2008-032	December 23, 2008	Vulnerability in SQL Server Could Allow Remote Code Execution
2008-031	December 18, 2008	Vulnerabilities in Mozilla Firefox could allow remote execution of malicious code
2008-030	December 12, 2008	Vulnerability in Microsoft Internet Explorer 7
2008-029	December 10, 2008	Vulnerability in WordPad Text Converter Could Allow Remote Code Execution
2008-028	December 9, 2008	Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution
2008-027	December 9, 2008	Vulnerabilities in Microsoft GDI Could Allow Remote Code Execution
2008-026	December 9, 2008	Vulnerabilities in Internet Explorer Could Allow Remote Code Execution
November 2008
2008-025	November 11, 2008	Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution
2008-024	November 6, 2008	Multiple Vulnerabilities Discovered in Adobe Flash Player
2008-023	November 6, 2008	Multiple Vulnerabilities Discovered in Adobe Reader and Adobe Acrobat
October 2008
2008-022	October 23, 2008	Vulnerability in Server Services Could Allow Remote Code Execution
2008-021	October 15, 2008	Vulnerability in Microsoft Server Message Block (SMB) Protocol Could Allow Remote Code Execution
2008-020	October 15, 2008	Vulnerability in Active Directory Could Allow Remote Code Execution
2008-019	October 14, 2008	Vulnerabilities in Internet Explorer Could Allow Remote Code Execution
July 2008
2008-018	July 8, 2008	Vulnerabilities in Multiple Vendors' DNS Implementations May Allow For Cache Poisoning
2008-017	July 8, 2008	Vulnerability in Snapshot Viewer for Microsoft Access May Allow Remote Compromise
2008-016	July 7, 2008	Novell eDirectory Integer Overflow Vulnerability
June 2008
2008-015	June 24, 2008	New Vulnerability in Adobe Acrobat and Adobe Reader That May Allow Remote Code Execution
May 2008
2008-014	May 28, 2008	Adobe Flash Player Code Execution Vulnerability
2008-013	May 15, 2008	Critical DEBIAN/UBUNTU Security Vulnerability
April 2008
2008-012	April 30, 2008	Novell GroupWise Buffer Overflow Vulnerability
2008-011	April 10, 2008	Security Update of ActiveX Kill Bits
2008-010	April 10, 2008	A Vulnerability in Adobe Flash Player Allows for Remote Code Execution
2008-009	April 10, 2008	Vulnerability in Microsoft Graphics Device Interface (GDI) Could Allow for Remote Code Execution
2008-008	April 8, 2008	Cumulative Internet Explorer Update Addresses Critical Data Stream Handling Vulnerability
March 2008
2008-007	March 7, 2008	Sun Java Runtime Environment Image Parsing Vulnerability
February 2008
2008-006	February 13, 2008	Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution
2008-005	February 13, 2008	Multiple Vulnerabilities in Adobe Reader and Adobe Acrobat Could Allow Remote Code Execution
2008-004	February 13, 2008	Multiple Vulnerabilities in Internet Explorer Could Allow Remote Code Execution
2008-003	February 12, 2008	Vulnerability in Novell Netware Client could allow Remote Code Execution
January 2008
2008-02	January 16, 2008	Microsoft Excel Vulnerability
2008-01	January 4, 2008	Shockwave Flash (SWF) files may contain cross-site scripting vulnerabilities

2007 Cyber Advisories
Number	Date Issued	Subject
December 2007
2007-027	December 19, 2007	Multiple Vulnerabilities in Adobe Flash Player Could Allow for Remote Code Execution
2007-026	December 11, 2007	Multiple Vulnerabilities in Internet Explorer Could Allow Remote Code Execution
November 2007
2007-025	November 28 , 2007	Apple QuickTime RTSP Response Header Remote Stack Based Buffer Overflow
2007-024	November 14 , 2007	New Vulnerability in Windows URI Handler Could Allow for Remote Code Execution
October 2007
2007-023	October 24 , 2007	IBM Lotus Notes Attachment Viewer Multiple Buffer Overflow Vulnerabilities
2007-022	October 24 , 2007	New Vulnerability in Windows URI Handler Could Allow for Remote Code Execution
September 2007

August 2007

July 2007
2007-021	July 18, 2007	Vulnerability in Adobe Flash Player Could Allow Remote Code Execution
2007-020	July 18, 2007	Sun Java Runtime Environment and Java Web Start Remote Code Execution Vulnerabilities
2007-019	July 11, 2007	Vulnerabilities in Microsoft .NET Framework Could Allow Remote Code Execution
2007-018	July 11, 2007	Firefox "firefoxurl" URI Handler Registration Vulnerability
June 2007
2007-017	June 27, 2007	Microsoft Internet Explorer 7 Product Key Phishing E-mail
2007-016	June 12, 2007	Multiple Remote Code Execution Vulnerabilities in Internet Explorer
2007-015	June 1, 2007	Mozilla Updates for Multiple Vulnerabilities
2007-014	June 1, 2007	Security Vulnerability in Novell GroupWise
May 2007
2007-013	May 8, 2007	Multiple Remote Code Execution Vulnerabilities in Internet Explorer
2007-012	May 8, 2007	Vulnerability in CAPICOM Could Allow Remote Code Execution
2007-011	May 8, 2007	Vulnerabilities in Microsoft Exchange Server
April 2007
2007-010	April 12, 2007	Microsoft Windows Domain Name System Service Remote Procedure Call Interface Vulnerability
March 2007
2007-009	March 30, 2007	New Vulnerability in Windows Animated Cursor Handling Could Allow Remote Code Execution
2007-008	March 30, 2007	Microsoft Internet Explorer 7 Phishing E-mail
Febuary 2007
2007-007	Febuary 16, 2007	Cisco Security Advisory: Multiple Vulnerabilities in Cisco PIX and ASA
2007-006	Febuary 15, 2007	Multiple Remote Code Execution Vulnerabilities Exploitable through Internet Explorer
2007-005	Febuary 13, 2007	Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution
2007-004	Febuary 12, 2007	Sun Solaris Telnet Remote Authentication Bypass Vulnerability
January 2007
2007-003	January 9, 2007	Vulnerability in Vector Markup Language Affecting Microsoft Window Platforms
2007-002	January 9, 2007	Vulnerability in Microsoft Outlook and Microsoft Exchange Could Allow Remote Control of System
2007-001	January 4, 2007	Adobe Acrobat Plugin Cross Site Scripting Vulnerability

Head Links