2016 Security and Informational Bulletins

Version 2

    2016 Security Bulletins

    1. [Important] ADV-2016-001 Security Advisory: Salesforce Canvas Adapter for Tableau Can Allow Unauthorized User Impersonation
      1. ADV-2016-001 Security Advisory: Salesforce Canvas Adapter for Tableau Can Allow Unauthorized User Impersonation
    2. [Important]  ADV-2016-002:  Tableau Statement on glibc Vulerability
    3. ADV-2016-003- Information Regarding: CVE-2016-2108
    4. [Important] ADV-2016-004- Information Regarding: CVE-2016-2107
    5. ADV-2016-005: Security Advisory: Information disclosure in Tableau Server
    6. [Important] ADV-2016-006: XSS Vulnerability in Tableau Server
    7. [Important] ADV-2016-007: Cross-User Information Disclosure in Tableau Server
    8. [Important] ADV-2016-008: Denial of Service Vulnerability in Tableau Server
    9. [Important] ADV-2016-009: Command Execution Vulnerability in Tableau Desktop
    10. [Important] ADV-2016-010: XXE in Tableau Server due to CVE-2013-6440
    11. [Important] ADV-2016-011: XXS Vulnerability in Tableau Server
    12. [Important] ADV-2016-012: JMX security Vulnerability (CVE-2016-3427)

     

    2016 Informational Bulletins

    1. [Informational] INF-2016-003 OpenSSL High-Severity Vulnerability - CVE-2016-0701
    2. [Informational] INF-2016-004: Invalid Signature Warning When Downloading Products
    3. [Informational] INF-2016-005: Installation Failed When Downloading Products on Mac
    4. [Informational] INF-2016-006: Tableau Software Products Unaffected by CVE-2016-0800 “DROWN”
    5. [Informational] INF-2016-007: May 3, 2016 Open SSL Vulnerabilities
    6. [Informational] INF-2016-008: Tableau Response to HTTPoxy (CVE-2016-5387)