New Mac OS X adware Trojan spreading via browser plugin

Russian anti-virus company Doctor Web reports that a new Mac OS X adware Trojan spreading itself via crafted movie trailer pages that prompt users to install a browser plugin. Basically, an adware is any software package which automatically renders advertisements in order to generate revenue for...

New Mac OS X adware Trojan spreading via browser plugin

Russian anti-virus company Doctor Web reports that a new Mac OS X adware Trojan spreading itself via crafted movie trailer pages that prompt users to install a browser plugin. Basically, an adware is any software package which automatically renders advertisements in order to generate revenue for...

Another Java zero-day vulnerability being exploited in the wild

Do you still have Java installed? There is a bad news for you ! FireEye has detected yet another Java zero-day vulnerability being exploited in attacks in the wild. The vulnerability targets browsers that have the latest version of the Java plugin installed Java v1.6 Update 41 and Java v1.7 Updat...

Two new Java zero-day vulnerabilities reported to Oracle

A Polish security firm 'Security Explorations' reported two new Java zero-day vulnerabilities, as "issue 54" and "issue 55," with proof of concept code to Oracle. Oracle's security team is currently investigating the issue, but the status flaws not yet confirmed by Oracle. Less than a week after...

Two new Java zero-day vulnerabilities reported to Oracle

A Polish security firm 'Security Explorations' reported two new Java zero-day vulnerabilities, as “issue 54” and “issue 55,” with proof of concept code to Oracle. Oracle's security team is currently investigating the issue, but the status flaws not yet confirmed by Oracle. Less than a week after...

Flash Player <= 10.3.183.50 / 11.5.502.146 Multiple Vulnerabilities (APSB13-04)

According to its version, the instance of Flash Player installed on the remote Windows host is 11.x equal or prior to 11.5.502.146, or 10.x equal or prior to 10.3.183.50. It is, therefore, potentially affected by the following vulnerabilities : - An unspecified error exists that could allow a...

7: bypass of the security level setting in browser plugin (Deployment, SE-2012-01 Issue 53)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" security level of the Java Control Panel and...

RHEL 3 / 4 : flash-plugin (RHSA-2009:1658)

An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 3 Extras and 4 Extras. This update has been rated as having critical security impact by the Red Hat Security Response Team. The flash-plugin package contains a Mozilla Firefox...

Exploit Packs updated with New Java Zero-Day vulnerability

A new Java 0-day vulnerability has been discovered, already wind in use by an exploit pack, taking advantage of a fresh zero-day vulnerability in Java and potentially letting hackers take over users' machines. Java 7 Update 10 and earlier contain an unspecified vulnerability that can allow a...

Critical Vulnerability Identified in Foxit Reader

A vulnerability exists in the latest build of Foxit Reader, a PDF reader produced by the Foxit Corp., that could allow an attacker to inject malicious code into documents. Details of the exploit were disclosed on Monday by Andrea Micalizzi, an independent security researcher based in Italy...

Fedora Update for icedtea-web FEDORA-2012-17762

Check for the Version of icedtea-web OpenVAS Vulnerability Test Fedora Update for icedtea-web FEDORA-2012-17762 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

[SECURITY] Fedora 18 Update: icedtea-web-1.3.1-1.fc18

The IcedTea-Web project provides a Java web browser plugin, an implementati on of Java Web Start originally based on the Netx project and a settings too l to manage deployment settings for the aforementioned plugin and Web Start implementations...

Scientific Linux Security Update : icedtea-web on SL6.x i386/x86_64 (20121107)

This erratum also upgrades IcedTea-Web to version 1.2.2. Web browsers using the IcedTea-Web browser plug-in must be restarted for this update to take effect. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'deprecatednasllevel.inc';...

Apple Patches Java Flaws

Apple has released a patch that fixes a laundry list of vulnerabilities in Java after Oracle pushed out a fix for the technology for users of Windows and other platforms. The patch from Apple also completely disables the Java plugin in users’ browsers in order to prevent users from falling victim...

Analysis Shows Some URL Shorteners Often Point to Untrusted Websites

In an analysis of 1.7 billion shortened URLs, researchers at Web of Trust found that 8.7 percent of TinyURLs and five percent of Bit.ly URLs lead to sites that received poor ratings for ‘trustworthiness’ and ‘child protection.’ “Certainly the URL shortening services don’t intend to point people t...

Fedora Update for icedtea-web FEDORA-2012-14340

Check for the Version of icedtea-web OpenVAS Vulnerability Test Fedora Update for icedtea-web FEDORA-2012-14340 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

Heap overflow

Heap-based buffer overflow in npdjvu.dll in Caminova DjVu Browser Plug-in 6.1.4 Build 27351 and other versions before 6.1.4.27993 allows remote attackers to execute arbitrary code via a crafted Sjbz chunk in a djvu file...

Adobe Flash Player OpenType Font Integer Overflow

Added: 08/27/2012 CVE: CVE-2012-1535 BID: 55009 OSVDB: 84607 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem Adobe Flash Player 11.3.300.270 and earlier on Windows is vulnerable to remote code execution via an integer overflow...

FreeBSD : Several vulnerabilities found in IcedTea-Web (55b498e2-e56c-11e1-bbd5-001c25e46b1d)

The IcedTea project team reports : CVE-2012-3422: Use of uninitialized instance pointers An uninitialized pointer use flaw was found in IcedTea-Web web browser plugin. A malicious web page could use this flaw make IcedTea-Web browser plugin pass invalid pointer to a web browser. Depending on the...

CVE-2012-4177

The web browser plugin for Ubisoft Uplay PC before 2.0.4 allows remote attackers to execute arbitrary programs via the -orbitexepath command line argument...