CVE-2010-3915

Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government allows remote attackers to execute arbitrary code via a crafted document, a different vulnerability than CVE-2010-3916...

CVE-2010-3915

CVE-2010-3915 concerns JustSystems Ichitaro (2004–2010). Public sources describe multiple remote code execution vulnerabilities that can be triggered by opening a crafted document, enabling arbitrary code execution on affected hosts. The OpenVAS entries explicitly label multiple RCE vulnerabiliti...

CVE-2010-3916

Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government allows remote attackers to execute arbitrary code via a crafted document, a different vulnerability than CVE-2010-3915...

VulnCheck KEV: CVE-2010-3916

Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government allows remote attackers to execute arbitrary code via a crafted document, a different vulnerability than CVE-2010-3915...

VulnCheck KEV: CVE-2010-3915

Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government allows remote attackers to execute arbitrary code via a crafted document, a different vulnerability than CVE-2010-3916...

Massive Denial Of Service Attack Severs Myanmar From Internet

The nation of Myanmar, formerly known as Burma, found its access to the Internet severed by a massive denial of service attack, according to a report by Arbor Networks. The source or motivation of the attack isn’t known, but it is believed that the distributed denial of service DDoS attacks have...

Canada Aims to Strengthen Cyber Defense with $90 Million Security Plan

Canada released its Cybersecurity Strategy this month, emphasizing the immense challenge of protecting government and corporate computer systems. “There is no simple way to detect, identify, and recover from attackers who cannot be seen or heard, who leave no physical evidence behind them, and wh...

VUPEN Security Research - Microsoft Office Word Document Array Indexing Vulnerability (CVE-2010-2750)

VUPEN Security Research - Microsoft Office Word Document Array Indexing Vulnerability CVE-2010-2750 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- Microsoft Office Word, included in the Microsoft Office suite, is a powerful authoring program that gives the ability t...

VUPEN Security Research - Microsoft Office Excel Out-of-Bounds Memory Write Vulnerability (CVE-2010-3241)

VUPEN Security Research - Microsoft Office Excel Out-of-Bounds Memory Write Vulnerability CVE-2010-3241 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- Microsoft Office Excel is a powerful tool you can use to create and format spreadsheets, and analyze and share...

The Folly of Internet Wiretapping

The last 10 years have seen a great number of advancements in the sophistication and usability of strong encryption programs, and many people now use encrypted messaging services by default. This has made it much simpler for people to keep their private thoughts and data private and secure, and n...

Report: Reused, Third Party Code Major Sources of Insecurity

A new report out from security testing firm Veracode suggests that reused and third party code is a big source of application insecurity. Application security is a sore spot for many organizations, as attackers shift the battlefield from operating system and network attacks to application specifi...

NSA Director Says U.S. Has a Duty to Secure the Internet

WASHINGTON, D.C.–The United States has a responsibility to take a leadership role in securing the Internet against both internal and external attackers, a duty that the federal government takes very seriously, the country’s top military cybersecurity official said Tuesday. However, Gen. Keith...

DARPA Project CINDER Targets Insider Threats

The U.S. military is looking for new ways to identify malicious insiders and stop them from operating from within government and military networks, which it assumes have already been compromised. The Defense Advanced Research Projects Agency DARPAhttp://www.darpa.mil/ this week issued a call for...

U.S. Government Publishes List of Top IT Projects

HED: Security and data integration projects top list of top .GOV IT projects DEK: Stovepipe busting and data sharing are common themes as Uncle Sam details the top IT projects. The White House’s Office of Management and Budget OMB on Monday released its list of the top 26 government IT projects, ...

Microsoft Says No to Paying Bug Bounties

Microsoft has no plans to follow in the footsteps of Mozilla and Google and pay researchers cash rewards for the bugs that they find in Microsoft’s products. In the wake of both Mozilla and Google significantly increasing their bug bounties to the $3,000 range, there have been persistent rumors i...

White House Cybersecurity Meeting Produces Cautious Optimism

The meeting convened Wednesday at the White House by the country’s top cybersecurity official, Howard Schmidt, which included more than 100 security experts from the private sector and various government agencies, didn’t end with Schmidt revealing any new programs or initiatives, but some of the...

Caleb Sima on Armorize's Black Hat Talk Being Pulled

Dennis Fisher talks with Caleb Sima of Armorize about the company’s scheduled talk at Black Hat on China’s cyber army being canceled under pressure from the governments of China and Taiwan. Talk on Chinese Cyber Army Pulled From Black Hat Podcast audio courtesy of sykboy65 Subscribe to the Digita...

Talk on Chinese Cyber Army Pulled From Black Hat

A talk on China’s state-sponsored offensive security efforts scheduled for the Black Hat conference later this month has been pulled from the conference after concerns were raised by some people within the Chinese and Taiwanese government about the talk’s content. The presentation was to be...

VUPEN Security Research - Winamp Player FLV Data Processing Multiple Overflow Vulnerabilities

VUPEN Security Research - Winamp Player FLV Data Processing Multiple Overflow Vulnerabilities http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Winamp is a proprietary media player for Windows-based PCs, written by Nullsoft, now a subsidiary of AOL. It is...

Saint Corporation Cross Site Scripting / HTML Injection

SAINT Corporation XSS Defacement Vulnerability Management, Assessment, Penetration Testing SAINT Corporation provides network security tools to financial, government and educational institutions around the world SAINT customers. The SAINT® vulnerability assessment tools are recognized as industry...