VMware released security updates this week to address a local privilegeescalation vulnerability in its VMware Identity Manager and vRealize Automation software, as well as a remote code execution vulnerability in the latter product.
Sun has patched for several vulnerabilities in its Java System Identity Manager. Rated "highly critical" by vulnerability tracking service Secunia, the flaws impact versions 7 and 8. The bugs could be exploited to allow for security bypass, cross-site scripting, data manipulation, information exposure, privilegeescalation and system access, according to Secunia. Sun advised users to install the pertinent patches, which were distributed Monday. — DK
Cisco has released software updates to address multiple flaws in its Unified MeetingPlace audio, video and web conferencing solution, according to an advisory released Wednesday. The vulnerabilities, which include an SQL injection bug, could result in information disclosure, denial of service, privilegeescalation and unauthorized account creation. Versions 5, 6 and 7 of the product are affected by at least one of the vulnerabilities. — DK