---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: HP OpenVMS Secure Web Browser Multiple Vulnerabilities SECUNIA ADVISORY ID: SA16894 VERIFY ADVISORY: http://secunia.com/advisories/16894/ CRITICAL: Highly critical IMPACT: Security Bypass, Cross Site Scripting, Spoofing, System access WHERE: >From remote OPERATING SYSTEM: OpenVMS 6.x http://secunia.com/product/2172/ OpenVMS 7.x http://secunia.com/product/344/ DESCRIPTION: HP has acknowledged some vulnerabilities in OpenVMS running Secure Web Browser, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, spoof the contents of web sites, spoof dialog boxes, or compromise a user's system. For more information: SA16059 SA15601 SA15549 SA15489 The vulnerabilities have been reported in Secure Web Browser versions prior to V1.7-11 for HP OpenVMS Alpha and I64. SOLUTION: Update to Secure Web Browser version V1.7-11 (OpenVMS Alpha and I64): http://h71000.www7.hp.com/openvms/products/ips/cswb/cswb.html ORIGINAL ADVISORY: HP SSRT5999: http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBOV01229 OTHER REFERENCES: SA16059: http://secunia.com/advisories/16059/ SA15601: http://secunia.com/advisories/15601/ SA15549: http://secunia.com/advisories/15549/ SA15489: http://secunia.com/advisories/15489/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------