Gong Da Exploit Kit Bundling Numerous Java Attacks

Don’t expect any relief from the current assault on Java. A new sandbox-escape exploit targeting a vulnerability in the Java Runtime Environment has been integrated into both the Black Hole and Gong Da exploit kits, setting the stage for additional attacks, researchers said. The exploit was...

Billions of Windows Users Affects with Java Vulnerability

Researchers at Security Explorations disclosed a new vulnerability in Java that could provide an attacker with control of a victim's computer. The researchers have confirmed that Java SE 5 – Update 22, Java SE 6 – Update 35, and Java SE 7 Update 7 running on fully patched Windows 7 32-bit operati...

Detecting and Removing Vulnerable Java Versions

As attacks on the new Java zero-day vulnerability continue and researchers look for ways to mitigate the flaw, they are encouraging users to disable Java in their browsers. There is now a site that users can visit that will detect whether their browser is running a vulnerable version of Java...

Apple Issues Update to Prevent Flashback Malware from Infecting Mac OS X Machines

Less than a day after reports began surfacing that the Flashback trojan was hitting Mac OS X machines, Apple today released a fix to stop the latest variant of the password-stealing malware. The update closes numerous vulnerabilities in Java 1.6.029, including a serious hole that allowed an...

libxml2 security update

2.7.6-4.0.1.el62.4 - Update doc/redhat.gif in tarball - Add libxml2-oracle-enterprise.patch and update logos in tarball 2.7.6-4.el62.4 - remove chunk in patch related to configure.in as it breaks rebuild - Resolves: rhbz788845 2.7.6-4.el62.3 - fix previous build to force compilation of...

wireshark security update

1.0.15-1.0.1.el56.4 - Added oracle-ocfs2-network.patch 1.0.15-1.4 - fix few security issues - Resolves: CVE -2011-0024 CVE-2011-0538 CVE-2011-1139 CVE-2011-1140 CVE-2011-1141 CVE-2011-1143 612240 1.0.15-1.3 - recompile with -fno-strict-aliasing 1.0.15-1.2 - fix buffer overflow in ENTTEC dissector...

Sun Java Runtime New Plugin docbase Buffer Overflow

This module exploits a flaw in the new plugin component of the Sun Java Runtime Environment before v6 Update 22. By specifying specific parameters to the new plugin, an attacker can cause a stack-based buffer overflow and execute arbitrary code. When the new plugin is invoked with a "launchjnlp"...

Solaris 10 (sparc) : 125100-10

SunOS 5.10: Kernel Update patch. Date this patch was last updated by Sun : Jun/26/07 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if !...

Solaris 9 (sparc) : 118829-04

Sun Management Center 3.5.1: Solaris 9 Oracle Patch. Date this patch was last updated by Sun : Jun/02/05 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc...

ASI Oracle Security Alert: Oracle Home Environment Variable Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oracle Home Environment Variable Buffer Overflow For additional details, the official advisories from Oracle Corporation can be downloaded from: http://otn.oracle.com/deploy/security/pdf/dbsmpalert.pdf Summary: By setting a long ORACLEHOME value more...