Google Begins Blocking Silent Extension Installations with Chrome 25

Google announced late last week it would begin halting the silent installation of extensions on its flagship Chrome browser. In a post on the company’s Chromium Blog, Chrome’s Product Manager Peter Ludwig described the problem that led to the change and two new features present on the latest...

TinyBrowser Upload Shell Vulnerability

Hello guys! I'll draw your attention to one exploit at 1337day.com and other their domains: http://1337day.com/exploit/19732. I've wrote to 1337day.com about it already at 19.11.2012. So it should concern every list, which posted that exploit from 1337day.com. This is AFU vulnerability in...

Fedora 17 : insight-7.4.50-4.20120403cvs.fc17 (2012-18311)

Thu Nov 15 2012 Patrick Monnerat 7.4.50-4.20120403cvs - Path 'objalloc' to fix libiberty security bug CVE-2012-3509. https://bugzilla.redhat.com/showbug.cgi?id=877014 - Enable Python to support STL extensions. https://bugzilla.redhat.com/showbug.cgi?id=865554 Note that Tenable Network Security...

Fedora 18 : insight-7.4.50-4.20120403cvs.fc18 (2012-18360)

Thu Nov 15 2012 Patrick Monnerat 7.4.50-4.20120403cvs - Path 'objalloc' to fix libiberty security bug CVE-2012-3509. https://bugzilla.redhat.com/showbug.cgi?id=877014 - Enable Python to support STL extensions. https://bugzilla.redhat.com/showbug.cgi?id=865554 Note that Tenable Network Security...

OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX...

JDK: unspecified vulnerability (JMX)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than...

OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX...

JDK: unspecified vulnerability (JMX)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than...

OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than...

OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX...

OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX...

OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than...

OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX...

OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX...

JDK: unspecified vulnerability (JMX)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than...

CVE-2012-3749

The extensions APIs in the kernel in Apple iOS before 6.0.1 provide kernel addresses in responses that contain an OSBundleMachOHeaders key, which makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted app...

Remotely controlled Malware as Browser extensions

"Browser extensions extend the functionality of the web browser. These extensions improve the appearance, functionality, security or other parts of the browser. Extensions were also developed with malicious intent, in order to generate revenue or just spread the code between more and more browser...

OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than...

OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX...

OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX...