9 matches found
Bug Hunter Finds 'Blended Threat' Targeting Yahoo Web Site
A Romanian bug hunter has discovered a “blended threat” targeting Yahoo’s Developer Network Web site that allows unauthorized access to Yahoo users’ emails and private profile data. At a security conference Sunday, Sergiu Dragos Bogdan demonstrated an abbreviated version of an attack using the YQ...
Akamai Download Manager Arbitrary Download / Execution
------------------------------------------------------------------------ Akamai Download Manager arbitrary file download & execution ------------------------------------------------------------------------ Yorick Koster, April 2009...
Apple Safari for Windows and Internet Explorer Combined Code Execution (CVE-2008-2540)
Microsoft Internet Explorer is the most widely used Internet browser. Safari is a web browsing application developed by Apple. A combination of the default download location in Safari and how the Windows desktop handles executables creates a blended threat in which files may be downloaded to a...
Adobe Reader 9.3.2 - 'CoolType.dll' Remote Memory Corruption / Denial of Service
/ Title: Adobe Reader 9.3.2 CoolType.dll Remote Memory Corruption / DoS Vulnerability Summary: Adobe Reader software is the global standard for electronic document sharing. It is the only PDF file viewer that can open and interact with all PDF documents. Use Adobe Reader to view, search, digitall...
Trojan Watch: Fake eBay Security Email
A new blended email threat appears to be a security alert from eBay, said researchers. The email message with the subject line “eBay Procedural Warning – Security Alert,” is addressed to “Dear eBay Member,” and warns recipients that the sender has “detected security issues on behalf of your...
Microsoft Internet Explorer Remote Code Execution Vulnerability (963027)
This host is missing a critical security update according to Microsoft Bulletin MS09-014. OpenVAS Vulnerability Test $Id: secpodms09-014.nasl 6527 2017-07-05 05:56:34Z cfischer $ Microsoft Internet Explorer Remote Code Execution Vulnerability 963027 Authors: Sharath S Updated By: Madhuri D on...
Microsoft plugs gaping holes in IE, Excel, Windows
Microsoft today released its April batch of security patches: 8 bulletins with patches for at least 20 documented holes in popular software products. The most serious of the flaws could lead to remote code execution attacks that give a malicious hacker complete ownership of a vulnerable machine...
CVE-2008-2540
Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the 1 Desktop directory on Windows or 2 Downloads directory on Mac OS X, and subsequently allows...
Privilege escalation
Apple Safari on Mac OS X, and before 3.1.2 on Windows, does not prompt the user before downloading an object that has an unrecognized content type, which allows remote attackers to place malware into the 1 Desktop directory on Windows or 2 Downloads directory on Mac OS X, and subsequently allows...