Entire Site
DOE-CIRC
DOE-CIRC Home
DOE-CIRC Home
About CIRC
About CIRC
Incident Reporting
Incident Reporting
Scope
Reportable Incidents
Reporting Procedures
Report Content
Forms
Negative Reporting
Bulletins
Bulletins
Latest
Latest
High Risk
High Risk
Revised
Revised
Bulletin Archive
Bulletin Archive
Technical Bulletins
Technical Bulletins
Search
Search
C-Notes
C-Notes
Recent C-Notes
Recent C-Notes
C-Notes Archive
C-Notes Archive
Documents
and Publications
Documents and Publications
CIRC Documents
Other Publications
Conference Proceedings
Public Law
Tools
Tools
NID and SafePatch
DISA INFOSEC Tools
Multi-Platform Trusted Copy
IEBT v.1.01
Public Tools
-Windows
-Windows
-MAC
-MAC
-UNIX
-UNIX
Security Links
Security Links
Advanced Search
Advanced Search
Contact CIRC
Contact CIRC
Maintenance Schedule
The DOE-CIRC server will be unavailable during the following scheduled events:
Routine maintenance:
Every Thursday from 5:00 - 9:00pm (PST)
You are here:
DOE Home
>
CIO Home
>
CIRC Home
>
Bulletins
>
Archive
>
R Series
R Series Bulletins (FY 2007):
R-001: OpenSSL Security Advisory
R-002: HP-UX running SLP, Remote Unauthorized Access
R-003: HP-UX Running Ignite-UX Server
R-004: Mac OS X 10.4.8 Security Update
R-005: xfree86 Several Vulnerabilities
R-006: Python Security Update
R-007: Vulnerability in Windows Explorer
R-008: Vulnerabilities in Microsoft PowerPoint
R-009: Vulnerabilities in Microsoft Excel
R-010: Vulnerabilities in Microsoft Word
R-011: Vulnerabilities in Microsoft XML Core Services
R-012: Vulnerabilities in Microsoft Office
R-013: Vulnerability in ASP.NET 2.0
R-014: Vulnerability in Windows Object Packager
R-015: Patch available for ColdFusion MX 7
R-016: HP Version Control Agent
R-017: TrendMicro OfficeScan
R-018: Vulnerability in the Netscape Portable Runtime API
R-019: kdelibs Security Update
R-020: HTTP Header Injection Vulnerabilities in the Flash Player Plugin
R-021: HP Tru64 UNIX Running dtmail
R-022: ClamAV
R-023: Python2.4 Buffer Overflow
R-024: Symantec Device Driver Elevation of Privilege
R-025: Security Vulnerability in Webmail
R-026: Webmin Multiple Vulnerabilities
R-027: HP NonStop Server Running G06.29
R-028: HP-UX Local Increased Privilege
R-029: Vulnerability With Graphics Driver for Solaris 10 and Linux
R-030: PHP Security Update
R-031: Apache mod_tcl Module Contains a Format String Error
R-032: Firefox Crashes with Evidence of Memory Corruption
R-033: RSA Signature Forgery (variant)
R-034: Running Script can be recompiled
R-035: Multiple Vulnerabilities in Cisco Secure Desktop
R-036: phpmyadmin Several Vulnerabilities
R-037: Wireshark Security Update
R-038: HP Tru64 UNIX POSIX Threads
R-039: Vulnerabilities in Client Service for NetWare
R-040: Cumulative Security Update for Internet Explorer
R-041: Vulnerability in Microsoft Agent
R-042: Vulnerabilities in Macromedia Flash Player from Adobe
R-043: Vulnerability in Workstation Service
R-044: Vulnerability in Microsoft XML Core Services
R-045: WinZip FileView ActiveX Control
R-046: Elinks Security Update
R-047: Citrix Advanced Access Control
R-048: Citrix Access Gateway
R-049: HTTP Header Injection Vulnerabilities in Adobe Flash Player
R-050: OpenSSH Security Update
R-051: nss_ldap Security Update
R-052: NetGear WG111v2 Wireless Driver Long Beacon Overflow
R-053: gv
R-054: NaviCOPA Web Server Vulnerability
R-055: Linux-ftpd Programming Error
R-056: pstotext Insecure File Name Quoting
R-057: Apple Security Update 2006-007
R-058: Potential vulnerabilities in Adobe Reader and Acrobat
R-059: texinfo Buffer Overflow
R-060: libgsf Buffer Overflow
R-061: HTTP Requests in Sun Java System Server(s)
R-062: proftpd Several Vulnerabilities
R-063: Vulnerability in Microsoft Word
R-064: GnuPG Security Update
R-065: Google Mini and Google Search Appliance Vulnerable
R-066: Adobe Download Manager Vulnerability
R-067: l2tpns Buffer Overflow
R-068: Microsoft Windows Media Player
R-069: IBM Tivoli Storage Manager
R-070: BrightStor ARCserve Backup
R-071: Cisco Security Agent Management Center LDAP Administrator Authentication Bypass
R-072: Security Vulnerabilities in Solaris ld.so.1(1)
R-073: Vulnerability in SNMP (926247)
R-074: Cumulative Security Update for Internet Explorer (925454)
R-075: Vulnerability in Visual Studio 2005 (925674)
R-076: Vulnerability in Windows Media Format (923689)
R-077: Vulnerability in Windows (926255)
R-078: Cumulative Security Update for Outlook Express (923694)
R-079: Vulnerability in Remote Installation Service (926121)
R-080: Symantec Veritas NetBackup
R-081: GNOME Foundation Display Manager gdmchooser
R-082: Clamav
R-083: NeoScale Systems CryptoStor 700 Series Appliances Vulnerability
R-084: CSS Cursor Image Buffer Overflow (Windows Only)
R-085: Privilege Escallation Using Watch Point
R-086: LiveConnect Crash Finalizing JS Objects
R-087: XSS by Setting img.src to JavaScript: URI
R-088: Mozilla SVG Processing Remote Code Execution
R-089: Mail Header Processing Heap Overflows
R-090: XSS Using Outer Window's Function Object
R-091: Tar Security Update
R-092: Novell NetWare Client for Windows Vulnerabilities
R-093: Security Vulnerabilities in the Java Runtime Environment
R-094: Mozilla Products Crash with Evidence of Memory Corruption
R-095: Apple QuickTime RTSP buffer overflow
R-096: PDF XSS vulnerability announced at CCC
R-097: Multiple Vulnerabilities in Cisco Clean Access
R-098: OpenOffice.org Security Update
R-099: Opera Web Browser Heap Corruption Vulnerability
R-100: Opera Web Browser Object Typecasting Vulnerability
R-101: Multiple Vulnerabilities in Cisco Secure Access Control Server
R-102: Vulnerability in Microsoft Outlook (925938)
R-103: Vulnerability in Vector Markup Language (929969)
R-104: Vulnerabilities in Microsoft Excel (927198)
R-105: XFree86 and xorg-x11 Security Update
R-106: libgsf Security Update
R-107: HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Execution of Arbitrary Code
R-108: Security Vulnerability in Processing GIF Images in the Java Runtime Environment
R-109: Security Vulnerabilities: Buffer Overrun in NetMail 3.52
R-110: eIQnetworks Enterprise Security Analyzer Syslog Server Buffer Overflow
R-111: Security Vulnerability in the Sun Ray Server Software Admin GUI
R-112: Crafted TCP Packet Can Cause Denial of Service
R-113: Crafted IP Option Vulnerability
R-114: IPv6 Routing Header Vulnerability
R-115: Oracle Critical Patch Update - January 2007
R-116: vlc -- Format String
R-117: Kernel Security Update
R-118: SIP Packet Reloads IOS Devices Not Configured for SIP
R-119: Vulnerability in PGP Desktop
R-120: BrightStor ARC server Backup for Laptops and Desktops
R-121: libgtop2
R-122: Samba Format String Bug
R-123: HP Mercury LoadRunner, Performance Center, Monitor over Firewall Agents Vulnerability
R-124: HP OpenView Storage Data Protector Vulnerability
R-125: Trend Micro Antivirus UPX Parsing Vulnerability
R-126: Trend Micro TmComm Vulnerability
R-127: Vulnerability in Microsoft OLE Dialog
R-128: Vulnerability in Microsoft Malware Protection Engine (932135)
R-129: Vulnerability in Microsoft Data Access Components (927779)
R-130: Vulnerability in HTML Help ActiveX Control (928843)
R-131: Vulnerabilities in Microsoft Office (932554)
R-132: Vulnerabilities in Microsoft Word (929434)
R-133: Vulnerability in Microsft RichEdit (918118)
R-134: Vulnerability in Microsoft MFC (924667)
R-135: Vulnerability in Windows Image Acquisition Service (927802)
R-136: Vulnerability in Windows Shell (928255)
R-137: Vulnerability in Step-by-Step Interactive Training (923723)
R-138: Cumulative Security Update for Internet Explorer (928090)
R-139: Security Vulnerability in the in.telnetd(1M) Daemon
R-140: Cisco Multiple IOS IPS Vulnerability
R-141: ImageMagick Security Update
R-142: HP ServiceGuard for Linux
R-143: LizardTech DjVu Browser Plug-in Vulnerability
R-144: Multiple Vulnerabilities in Cisco PIX and ASA Appliances
R-145: Aruba Mobility Controller Vulnerability
R-146: Vulnerability in Snort DCE/RPC Preprocessor
R-147: Multiple Vulnerabilities in Firewall Services Module
R-148: Apple Security Update 2007-002
R-149: Buffer Overflow in OfficeScan Clients
R-150: PHP Security Update
R-151: GnomeMeeting Security Update
R-152: KOffice Security Update
R-153: Cisco Unified IP Conference Station and IP Phone Vulnerabilities
R-154: Multiple Vulnerabilities in 802.1X Supplicant
R-156: Buffer Overflow in ServerProtect
R-157: Macrovision FLEXnet Connect / InstallShield Update Service Agent
R-158: VeriSign Managed PKI Configuration Checker
R-159: Macrovision / InstallShield InstallFromTheWeb
R-160: McAfee Virex Vulnerability
R-161: Stack Overflow in Third-Party ActiveX Controls
R-162: Mozilla Firefox has a Memory Corruption
R-163: Mozilla Crashes with Evidence of Memory Corruption
R-164: SeaMonkey Security Update
R-165: Firefox Security Update
R-166: Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability
R-167: Security Vulnerabilities in PostgreSQL
R-168: Vulnerability in Citrix Presentation Server Client for Windows
R-169: EMC NetWorker Management Console Vulnerability
R-170: Symantec Mail Security for SMTP Vulnerability
R-171: Apple QuickTime 7.1.5
R-172: GnuPG Security Update
R-173: NetMail 3.52E Update
R-174: HP-UX Java (JRE and JDK) Vulnerability
R-175: Security Vulnerability in the ipmitool(1m) Interface to Sun Fire
R-176: Apple Security Update 2007-003
R-177: Linux Kernel Vulnerable to DoS via ipv6_getsockopt_sticky() Function
R-178: Bind Security Update
R-179: Sun Java System Web Server Vulnerability
R-180: Kernel Security and Bug Fix Update
R-181: OpenBSD's IPV6 MBUFS Vulnerability
R-182: OPC Server Vulnerability
R-183: OpenAFS Vulnerability
R-184: libwpd Security Update
R-185: CA BrightStor ARCserve Backup Tape Engine and Portmapper Vulnerabilitites
R-186: Lookup-el
R-187: OpenOffice.org Security Update
R-188: InterActual Player SyscheckObject ActiveX Vulnerability
R-189: tcpdump Security Vulnerability
R-190: Network Audio System Vulnerabilties
R-191: Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities
R-192:
R-193: krb5 Security Update
R-194: XFree86 Security Update
R-195: xorg-x11-server Security Update
R-196: libXfont Security Update
R-197: Intel Centrino Wireless Driver Malformed Frame Vulnerability
R-198: Vulnerabilities in Microsoft Content Management Server
R-199: Vulnerability in Universal Plug and Play
R-200: Vulnerability in Microsoft Agent
R-201: Vulnerabilities in Windows Client/Server Run-time Subsystem (CSRSS)
R-202: Symantec Enterprise Security Manager Remote Upgrade Authentication Bypass
R-203: Vulnerability in Windows Kernel
R-204: Yahoo! ActiveX Audio Conferencing Update
R-205: Mercury Quality Center ActiveX
R-206: Multiple Vulnerabilities in the Cisco Wireless LAN Controller and Cisco Lightweight Access Points
R-207: Multiple Vulnerabilities in the Cisco Wireless Control System
R-208: Internet Pictures Corporation iPIX Image Well ActiveX
R-209: HP-UX ICMP Vulnerable to DoS via ICMP Path
R-210: mandb
R-211: XMMS
R-212: Vulnerability in RPC on Windows DNS Server
R-213: Oracle Critical Patch Update - April 2007
R-214: PHP Security Update
R-215: Multiple Security Vulnerabilities in Mozilla Layout Engine
R-216: Apple Security Update 2007-004
R-217: CA BrightStor ARCserve Backup Media Server Vulnerabilities
R-218: Default Passwords in NetFlow Collection Engine
R-219: Security Vulnerability in PostgreSQL SECURITY DEFINER Funtions
R-220: ClamAV
R-221: HP-UX Running HP Power Manager Remote Agent (RA)
R-222: Security Vulnerability with Java Web Start
R-223: Cisco LDAP and VPN Vulnerabilities in PIX and ASA Appliances
R-224: Apple QuickTime 7.1.6
R-225: QEMU
R-226: LiveData Protocol Server Vulnerabitily
R-227: AXIS Communications CamImage ActiveX Update
R-228: Vulnerabilities in Microsoft Exchange (931832)
R-229: Vulnerability in Windows DNS RPC Interface (935966)
R-230: Vulnerabilities in Microsoft Excel (934233)
R-231: Vulnerabilities in Microsoft Word
R-232: Vulnerability in Microsoft Office
R-233: Cumulative Security Update for Internet Explorer
R-234: Vulnerability in CAPICOM
R-235: PHP Security Update
R-236: ldap-account-manager-- multiple vulnerabilities
R-237: Trend Micro ServerProtect EarthAgent Vulnerability
R-238: VIM Security Update
R-239: Multiple Vulnerabilities in the IOS FTP Server
R-240: Samba Security Update
R-241: CA Anti-Virus for the Enterprise Securitiy Notice
R-242: Security Vulnerability in Sun Remote Services (SRS) Net Connect Software
R-243: Tomcat Security Update
R-244: OPeNDAP Vulnerability
R-245: Vulnerability in Crypto Library
R-246: Multiple Vulnerabilities in Cisco IOS while Processing SSL Packets
R-247: Apple Security Update 2007-005
R-248: Security Vulnerabilities in the SOCKS Module of Sun Java System Web Proxy
R-249: Avast! Antivirus Vulnerability
R-250: File Security Update
R-251: Apple QuickTime 7.1.6 Security Update
R-252: Mozilla Layout Engine Vulnerable
R-253: SeaMonkey Security Update
R-254: Thunderbird Security Update
R-255: Firefox Security Update
R-256: Logitech VideoCall Vulnerabilities
R-257: Open Ticket Request System (OTRS) Vulnerability
R-258: FLEXnet Connect 6.0 Security Patch
R-259: Authentium Command Antivirus Vulnerability
R-260: Security Vulnerability in Sun Java System Web Server
R-261: Security Vulnerabilities in the Java Runtime Environment Image Parsing Code
R-262: CREDANT Mobile Guardian Shield Vulnerability
R-263: Security Vulnerability in the Logging Mechanism for Solaris Management Console (SMC)
R-264: Security Vulnerability in the Authentication Mechanism for Solaris Management Console (SMC)
R-265: HP Sysetm Management Homepage (SMH) Vulnerability
R-266: Security Vulnerability in How xscreensaver(1) Interacts with GNOME Assistive Technology
R-267: Security Notice for CA Products Implementing the Anti-Virus Engine
R-268: Vulnerability in Win 32 API (935839)
R-269: Cumulative Security Update for Outlook Express and Windows Mail (929123)
R-270: Cumulative Security Update for Internet Explorer (933566)
R-271: Vulnerability in the Windows Schannel Security Package (935840)
R-272: Vulnerabilities in Microsoft Visio (927051)
R-273: Vulnerability in Windows Vista (931213)
R-274: Mozilla Firefox Vulnerability
R-275: OpenOffice.org Heap Overflow
R-276: Kernel Security and Bug Fix Update
R-277: Security Vulnerability in Sun Java System Directory Server
R-278: Security Vulnerability in Solaris 10 NFS XDR Handling
R-279: Multiple Security Vulnerabilities in samba(7)
R-280: MPlayer Vulnerability
R-281: Apple Security Update 2007-006
R-282: libphp-phpmailer Security Vulnerability
R-283: HP Help and Support Center Running on HP Notebook Computers VUlnerability
R-284: Cerulean Studios Trillian Instant Messenger Vulnerability
R-285: ClamAV
R-286: 602pro Lan Suite 2003 Vulnerability
R-287: kadmin Vulnerable
R-288: RealNetworks Players SMIL "Wallclock" Vulnerability
R-289: dtsession(1X) Contains a Buffer Overflow Vulnerability
R-290: cman Security Update
R-291: Evolution Data Server Vulnerability
R-292: gfax
R-293: HP Instant Support - Driver Check Running on Windows XP
R-294: Vulnerability in Windows Active Directory (926122)
R-295: Vulnerabilities in .NET Framework (931212)
R-296: Vulnerability in Microsoft Internet Information Services (939373)
R-297: Vulnerabilities in Microsoft Excel (936542)
R-298: Vulnerability in Windows Vista Firewall (935807)
R-299: Vulnerability in Microsoft Office Publisher 2007 (936548)
R-300: Flash Player Vulnerability
R-301: Security Vulnerability in the rcp(1) Command
R-302: Security Vulnerability in Java Web Start URL Parsing Code
R-303: VideoLan Vulnerability
R-304: Java Runtime Environment Vulnerability
R-305: Tomcat Security Update
R-306: Trillian Instant Messenger Client Vulnerability
R-307: Apple QuickTime 7.2
R-308: Oracle Critical Patch Update - July 2007
R-309: Mozilla Products Security Update
R-310: Gimp Security Vulnerabilities
R-311: FreeType Vulnerability
R-312: Apache Tomcat Vulnerability
R-313: Bind Security Update
R-314: gpdf Security Update
R-315: Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager
R-316: Vulnerability in Microsoft XML Core Services
R-317: Vulnerability in OLE Automation
R-318: Vulnerability in Microsoft Excel
R-319: Cumulative Security Update for Internet Explorer
R-320: Vulnerability in GDI
R-321: Vulnerabilities in Windows Media Player
R-322: Vulnerabilities in Windows Gadgets
R-323: Vulnerability in Virtual PC and Virtual Server
R-324: Vulnerability in Vector Markup Language
R-325: Information Leakage Using IPv6 Routing Header
R-326: tcpdump
R-327: Cisco IOS Secure Copy Authorization Bypass Vulnerability
R-328: Local Privilege Vulnerabilities in Cisco VPN Client
R-329: Trend Micro ServerProtect Agent Vulnerabilities
R-330: Asterisk Security Vulnerabilities
R-331: HP-UX Running the Ignite-UX or the DynRootDisk (DRD) get_system_info Command
R-332: MSN Messenger and Windows Live Messenger Webcam Vulnerability
R-333: BIND Version 8 Vulnerable
R-334: Oracle JInitiator Vulnerabilities
R-335: rsync Vulnerability
R-336: XSS and SQL Injection in Cisco CallManager/Unified Communications Manager Logon Page Vulnerabilities
R-337: HP OpenView Performance Manager (OVPM) Vulnerability
R-338: postfix-policy Vulnerability
R-339: Quiksoft EasyMail SMTP ActiveX Vulnerabilities
R-340: Vulnerability in Microsoft Agent
R-341: Vulnerability in Crystal Reports for Visual Studio
R-342: Cisco Video Surveillance IP Gateway and Services Platform Authentication Vulnerabilities
R-343: Vulnerability in MSN Messenger and Windows Live Messenger
R-344: Vulnerability in Windows Services for UNIX
R-345: ClamAV Vulnerabilities
R-346: krb5 Vulnerability
R-347: xorg-server Vulnerability
R-348: Kernel Security Update
R-349: Apple Quicktime Vulnerability
R-350: Qt Security Update
R-351: Denial of Service Vulnerabilities in Content Switching Module
R-352: The Cisco Adaptive Security Appliance Vulnerability
R-353: phpWiki Security Vulnerabilities
R-354: Earth Resources Mapping NCSView ActiveX Vulnerabilities
R-355: PHP Security Update
R-356: OpenOffice.org Security Update
R-357: HP-UX Running logins(1M) Vulnerability
R-358: kdebase Vulnerability
R-359: Tomcat Security Update
R-360: Kernel Security Update
U.S. Department of Energy | 1000 Independence Ave., SW | Washington, DC 20585
1-800-dial-DOE | f/202-586-4403
